m2m_keygen 0.3.0 → 0.4.2

data/docs/M2mKeygen/Signature.html

@@ -646,7 +646,7 @@
       <pre class="code"><span class="info file"># File 'lib/m2m_keygen/signature.rb', line 46</span>
 
 <span class='kw'>def</span> <span class='id identifier rubyid_validate'>validate</span><span class='lparen'>(</span><span class='label'>params:</span><span class='comma'>,</span> <span class='label'>verb:</span><span class='comma'>,</span> <span class='label'>path:</span><span class='comma'>,</span> <span class='label'>signature:</span><span class='rparen'>)</span>
-  <span class='kw'>if</span> <span class='const'>OpenSSL</span><span class='period'>.</span><span class='id identifier rubyid_method_defined?'>method_defined?</span><span class='lparen'>(</span><span class='symbol'>:fixed_length_secure_compare</span><span class='rparen'>)</span>
+  <span class='kw'>if</span> <span class='const'>OpenSSL</span><span class='period'>.</span><span class='id identifier rubyid_methods'>methods</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='symbol'>:fixed_length_secure_compare</span><span class='rparen'>)</span>
     <span class='const'>OpenSSL</span><span class='period'>.</span><span class='id identifier rubyid_fixed_length_secure_compare'>fixed_length_secure_compare</span><span class='lparen'>(</span>
       <span class='id identifier rubyid_sign'>sign</span><span class='lparen'>(</span><span class='label'>params:</span> <span class='id identifier rubyid_params'>params</span><span class='comma'>,</span> <span class='label'>verb:</span> <span class='id identifier rubyid_verb'>verb</span><span class='comma'>,</span> <span class='label'>path:</span> <span class='id identifier rubyid_path'>path</span><span class='rparen'>)</span><span class='comma'>,</span>
       <span class='id identifier rubyid_signature'>signature</span>
@@ -670,7 +670,7 @@
 </div>
 
       <div id="footer">
-  Generated on Tue Aug 30 11:26:10 2022 by
+  Generated on Mon Sep  5 14:55:58 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/M2mKeygen/Types.html

@@ -137,7 +137,7 @@
 </div>
 
       <div id="footer">
-  Generated on Tue Aug 30 11:26:10 2022 by
+  Generated on Mon Sep  5 14:55:58 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/M2mKeygen.html

@@ -79,7 +79,7 @@
   <dl>
     <dt>Defined in:</dt>
     <dd>lib/m2m_keygen.rb<span class="defines">,<br />
-  lib/m2m_keygen/version.rb,<br /> lib/m2m_keygen/signature.rb,<br /> lib/m2m_keygen/params_encoder.rb,<br /> lib/m2m_keygen/types/params_type.rb</span>
+  lib/m2m_keygen/version.rb,<br /> lib/m2m_keygen/signature.rb,<br /> lib/m2m_keygen/params_encoder.rb,<br /> lib/m2m_keygen/rack_validator.rb,<br /> lib/m2m_keygen/types/params_type.rb</span>
 </dd>
   </dl>
   
@@ -104,7 +104,7 @@
     
   
     
-      <strong class="classes">Classes:</strong> <span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span>, <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span>, <span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span>
+      <strong class="classes">Classes:</strong> <span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span>, <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span>, <span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span>, <span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span>
     
   
 </p>
@@ -131,7 +131,7 @@
 
 </div>
         </dt>
-        <dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>0.3.0</span><span class='tstring_end'>&quot;</span></span></pre></dd>
+        <dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>0.4.2</span><span class='tstring_end'>&quot;</span></span></pre></dd>
       
     </dl>
   
@@ -147,7 +147,7 @@
 </div>
 
       <div id="footer">
-  Generated on Tue Aug 30 11:26:10 2022 by
+  Generated on Mon Sep  5 14:55:58 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/_index.html

@@ -119,6 +119,21 @@
         </ul>
       
         
+        <ul id="alpha_R" class="alpha">
+          <li class="letter">R</li>
+          <ul>
+            
+              <li>
+                <span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span>
+                
+                  <small>(M2mKeygen)</small>
+                
+              </li>
+            
+          </ul>
+        </ul>
+      
+        
         <ul id="alpha_S" class="alpha">
           <li class="letter">S</li>
           <ul>
@@ -157,7 +172,7 @@
 </div>
 
       <div id="footer">
-  Generated on Tue Aug 30 11:26:10 2022 by
+  Generated on Mon Sep  5 14:55:58 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/class_list.html

@@ -43,7 +43,7 @@
 
       <ul id="full_list" class="class">
         <li id="object_" class="odd"><div class="item" style="padding-left:30px"><span class='object_link'><a href="top-level-namespace.html" title="Top Level Namespace (root)">Top Level Namespace</a></span></div></li>
-<li id='object_M2mKeygen' class='even'><div class='item' style='padding-left:30px'><a class='toggle'></a> <span class='object_link'><a href="M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span><small class='search_info'>Top Level Namespace</small></div><ul><li id='object_M2mKeygen::Error' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span> &lt; StandardError<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::ParamsEncoder' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span> &lt; Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Signature' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span> &lt; Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Types' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span><small class='search_info'>M2mKeygen</small></div></li></ul></li>
+<li id='object_M2mKeygen' class='even'><div class='item' style='padding-left:30px'><a class='toggle'></a> <span class='object_link'><a href="M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span><small class='search_info'>Top Level Namespace</small></div><ul><li id='object_M2mKeygen::Error' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span> &lt; StandardError<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::ParamsEncoder' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span> &lt; Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::RackValidator' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span> &lt; Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Signature' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span> &lt; Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Types' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span><small class='search_info'>M2mKeygen</small></div></li></ul></li>
 
       </ul>
     </div>

data/docs/file.README.html

@@ -146,6 +146,38 @@ AuthSignature.validate(
 
 <p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
 
+<h3 id="rackvalidator">RackValidator</h3>
+
+<p>This module is here for directly validate Rack requests.</p>
+
+<p>It will validate :</p>
+
+<ul>
+  <li>Signature matching</li>
+  <li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
+</ul>
+
+<h4 id="initialization-1">Initialization</h4>
+
+<p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
+
+<p><code>ruby
+RackSignatureValidator =
+  M2mKeygen::RackValidator.new(
+    "secret",
+    algorithm: "sha512", # Default value
+    header_name: "X-Signature" # Default value
+  )
+</code></p>
+
+<h4 id="validation">Validation</h4>
+
+<p>You can then validate a Rack::Request or a Rails Request directly:</p>
+
+<p><code>ruby
+RackSignatureValidator.validate(request) # =&gt; true or false
+</code></p>
+
 <h2 id="how-does-it-works">How does it works</h2>
 
 <p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
@@ -188,7 +220,7 @@ The receiver will generate the same signature from the HTTP request it has recei
 </div></div>
 
       <div id="footer">
-  Generated on Tue Aug 30 11:26:10 2022 by
+  Generated on Mon Sep  5 14:55:58 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/index.html

@@ -146,6 +146,38 @@ AuthSignature.validate(
 
 <p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
 
+<h3 id="rackvalidator">RackValidator</h3>
+
+<p>This module is here for directly validate Rack requests.</p>
+
+<p>It will validate :</p>
+
+<ul>
+  <li>Signature matching</li>
+  <li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
+</ul>
+
+<h4 id="initialization-1">Initialization</h4>
+
+<p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
+
+<p><code>ruby
+RackSignatureValidator =
+  M2mKeygen::RackValidator.new(
+    "secret",
+    algorithm: "sha512", # Default value
+    header_name: "X-Signature" # Default value
+  )
+</code></p>
+
+<h4 id="validation">Validation</h4>
+
+<p>You can then validate a Rack::Request or a Rails Request directly:</p>
+
+<p><code>ruby
+RackSignatureValidator.validate(request) # =&gt; true or false
+</code></p>
+
 <h2 id="how-does-it-works">How does it works</h2>
 
 <p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
@@ -188,7 +220,7 @@ The receiver will generate the same signature from the HTTP request it has recei
 </div></div>
 
       <div id="footer">
-  Generated on Tue Aug 30 11:26:10 2022 by
+  Generated on Mon Sep  5 14:55:58 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/method_list.html

@@ -61,6 +61,14 @@
   
 
   <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/RackValidator.html#header_name-instance_method" title="M2mKeygen::RackValidator#header_name (method)">#header_name</a></span>
+      <small>M2mKeygen::RackValidator</small>
+    </div>
+  </li>
+  
+
+  <li class="even ">
     <div class="item">
       <span class='object_link'><a href="M2mKeygen/Signature.html#initialize-instance_method" title="M2mKeygen::Signature#initialize (method)">#initialize</a></span>
       <small>M2mKeygen::Signature</small>
@@ -68,6 +76,14 @@
   </li>
   
 
+  <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/RackValidator.html#initialize-instance_method" title="M2mKeygen::RackValidator#initialize (method)">#initialize</a></span>
+      <small>M2mKeygen::RackValidator</small>
+    </div>
+  </li>
+  
+
   <li class="even ">
     <div class="item">
       <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html#initialize-instance_method" title="M2mKeygen::ParamsEncoder#initialize (method)">#initialize</a></span>
@@ -93,6 +109,14 @@
   
 
   <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/RackValidator.html#signature-instance_method" title="M2mKeygen::RackValidator#signature (method)">#signature</a></span>
+      <small>M2mKeygen::RackValidator</small>
+    </div>
+  </li>
+  
+
+  <li class="even ">
     <div class="item">
       <span class='object_link'><a href="M2mKeygen/Signature.html#validate-instance_method" title="M2mKeygen::Signature#validate (method)">#validate</a></span>
       <small>M2mKeygen::Signature</small>
@@ -100,6 +124,14 @@
   </li>
   
 
+  <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/RackValidator.html#validate-instance_method" title="M2mKeygen::RackValidator#validate (method)">#validate</a></span>
+      <small>M2mKeygen::RackValidator</small>
+    </div>
+  </li>
+  
+
 
       </ul>
     </div>

data/docs/top-level-namespace.html

@@ -100,7 +100,7 @@
 </div>
 
       <div id="footer">
-  Generated on Tue Aug 30 11:26:10 2022 by
+  Generated on Mon Sep  5 14:55:58 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/lib/m2m_keygen/rack_validator.rb

@@ -0,0 +1,34 @@
+# typed: strict
+
+require "rack"
+
+module M2mKeygen
+  class RackValidator
+    extend T::Sig
+
+    sig { returns(Signature) }
+    attr_reader :signature
+
+    sig { returns(String) }
+    attr_reader :header_name
+
+    sig { params(secret: String, algorithm: String, header_name: String).void }
+    def initialize(secret, algorithm: "sha512", header_name: "X-Signature")
+      @header_name = T.let("HTTP_#{header_name.tr("-", "_").upcase}", String)
+      @signature = T.let(Signature.new(secret, algorithm: algorithm), Signature)
+    end
+
+    sig { params(req: T.untyped).returns(T::Boolean) }
+    def validate(req)
+      # This will cover the case when Rails is used.
+      req = Rack::Request.new(req.env)
+      @signature.validate(
+        params: req.params || {},
+        verb: req.request_method || "get",
+        path: req.path || "/",
+        signature: req.env["HTTP_X_SIGNATURE"] || ""
+      ) && req.params["expiry"] && req.params["expiry"].to_i > Time.now.to_i &&
+        req.params["expiry"].to_i < Time.now.to_i + 120
+    end
+  end
+end

data/lib/m2m_keygen/signature.rb

@@ -44,7 +44,7 @@ module M2mKeygen
       ).returns(T::Boolean)
     end
     def validate(params:, verb:, path:, signature:)
-      if OpenSSL.method_defined?(:fixed_length_secure_compare)
+      if OpenSSL.methods.include?(:fixed_length_secure_compare)
         OpenSSL.fixed_length_secure_compare(
           sign(params: params, verb: verb, path: path),
           signature

data/lib/m2m_keygen/version.rb

@@ -3,5 +3,5 @@
 
 module M2mKeygen
   # Gem version
-  VERSION = "0.3.0"
+  VERSION = "0.4.2"
 end

data/m2m_keygen.gemspec

@@ -41,6 +41,7 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  spec.add_dependency "rack"
   spec.add_dependency "sorbet-runtime"
   spec.add_dependency "zeitwerk", "~> 2.6"
 end

data/sorbet/rbi/gems/activesupport@7.0.3.1.rbi

@@ -1534,6 +1534,30 @@ class ActiveSupport::Cache::Strategy::LocalCache::LocalStore
   def write_entry(key, entry); end
 end
 
+# --
+# This class wraps up local storage for middlewares. Only the middleware method should
+# construct them.
+#
+# source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:13
+class ActiveSupport::Cache::Strategy::LocalCache::Middleware
+  # @return [Middleware] a new instance of Middleware
+  #
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:16
+  def initialize(name, local_cache_key); end
+
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:27
+  def call(env); end
+
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:14
+  def local_cache_key; end
+
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:14
+  def name; end
+
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:22
+  def new(app); end
+end
+
 # These options mean something to all cache implementations. Individual cache
 # implementations may support additional options.
 #