m2m_keygen 0.4.9 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.overcommit.yml +4 -7
- data/.rubocop.yml +19 -16
- data/.ruby-version +1 -1
- data/.streerc +1 -0
- data/.tool-versions +1 -1
- data/CHANGELOG.md +60 -1
- data/Gemfile +2 -2
- data/Gemfile.lock +135 -158
- data/README.md +64 -78
- data/docs/MIGRATING.md +69 -0
- data/docs/SPEC.md +245 -0
- data/examples/nonce_store/postgres.rb +40 -0
- data/examples/nonce_store/redis.rb +23 -0
- data/gemfiles/rack_2.gemfile +5 -0
- data/gemfiles/rack_3.gemfile +5 -0
- data/lib/m2m_keygen/canonicalizer.rb +57 -0
- data/lib/m2m_keygen/nonce_store/disabled.rb +19 -0
- data/lib/m2m_keygen/nonce_store/memory.rb +64 -0
- data/lib/m2m_keygen/nonce_store.rb +18 -0
- data/lib/m2m_keygen/rack_validator.rb +72 -19
- data/lib/m2m_keygen/request_signer/signed_request.rb +10 -0
- data/lib/m2m_keygen/request_signer.rb +118 -0
- data/lib/m2m_keygen/signature.rb +41 -39
- data/lib/m2m_keygen/types/params_type.rb +6 -17
- data/lib/m2m_keygen/version.rb +1 -1
- data/lib/m2m_keygen.rb +6 -0
- data/m2m_keygen.gemspec +12 -14
- data/sorbet/config +1 -0
- data/sorbet/rbi/gems/.gitattributes +1 -0
- data/sorbet/rbi/gems/{ast@2.4.2.rbi → ast@2.4.3.rbi} +45 -79
- data/sorbet/rbi/gems/{benchmark@0.2.0.rbi → benchmark@0.5.0.rbi} +91 -58
- data/sorbet/rbi/gems/bundler-audit@0.9.3.rbi +397 -0
- data/sorbet/rbi/gems/byebug@13.0.0.rbi +3651 -0
- data/sorbet/rbi/gems/childprocess@5.1.0.rbi +336 -0
- data/sorbet/rbi/gems/concurrent-ruby@1.3.7.rbi +384 -0
- data/sorbet/rbi/gems/{diff-lcs@1.5.0.rbi → diff-lcs@1.6.2.rbi} +189 -199
- data/sorbet/rbi/gems/{docile@1.4.0.rbi → docile@1.4.1.rbi} +147 -147
- data/sorbet/rbi/gems/dotenv@3.2.0.rbi +267 -0
- data/sorbet/rbi/gems/erubi@1.13.1.rbi +155 -0
- data/sorbet/rbi/gems/{faker@2.22.0.rbi → faker@3.8.0.rbi} +8468 -3829
- data/sorbet/rbi/gems/{ffi@1.15.5.rbi → ffi@1.17.4.rbi} +1 -0
- data/sorbet/rbi/gems/{formatador@1.1.0.rbi → formatador@1.2.3.rbi} +1 -0
- data/sorbet/rbi/gems/{guard@2.18.0.rbi → guard@2.20.1.rbi} +1 -0
- data/sorbet/rbi/gems/{i18n@1.12.0.rbi → i18n@1.15.2.rbi} +687 -827
- data/sorbet/rbi/gems/io-console@0.8.2.rbi +9 -0
- data/sorbet/rbi/gems/{json@2.6.2.rbi → json@2.20.0.rbi} +994 -252
- data/sorbet/rbi/gems/language_server-protocol@3.17.0.5.rbi +9 -0
- data/sorbet/rbi/gems/lint_roller@1.1.0.rbi +189 -0
- data/sorbet/rbi/gems/listen@3.10.0.rbi +9 -0
- data/sorbet/rbi/gems/logger@1.7.0.rbi +896 -0
- data/sorbet/rbi/gems/{lumberjack@1.2.8.rbi → lumberjack@1.4.2.rbi} +1 -0
- data/sorbet/rbi/gems/{method_source@1.0.0.rbi → method_source@1.1.0.rbi} +111 -90
- data/sorbet/rbi/gems/{overcommit@0.59.1.rbi → overcommit@0.71.0.rbi} +503 -647
- data/sorbet/rbi/gems/parallel@2.1.0.rbi +321 -0
- data/sorbet/rbi/gems/parser@3.3.11.1.rbi +5229 -0
- data/sorbet/rbi/gems/prettier_print@1.2.1.rbi +878 -0
- data/sorbet/rbi/gems/prism@1.9.0.rbi +42224 -0
- data/sorbet/rbi/gems/pry-byebug@3.12.0.rbi +481 -0
- data/sorbet/rbi/gems/{pry@0.14.1.rbi → pry@0.16.0.rbi} +2567 -3550
- data/sorbet/rbi/gems/{racc@1.6.0.rbi → racc@1.8.1.rbi} +54 -40
- data/sorbet/rbi/gems/rack@3.2.6.rbi +4653 -0
- data/sorbet/rbi/gems/{rake@13.0.6.rbi → rake@13.4.2.rbi} +963 -732
- data/sorbet/rbi/gems/{rb-inotify@0.10.1.rbi → rb-inotify@0.11.1.rbi} +1 -0
- data/sorbet/rbi/gems/rbi@0.3.14.rbi +5519 -0
- data/sorbet/rbi/gems/rbs@4.0.3.rbi +6908 -0
- data/sorbet/rbi/gems/regexp_parser@2.12.0.rbi +3398 -0
- data/sorbet/rbi/gems/reline@0.6.3.rbi +2446 -0
- data/sorbet/rbi/gems/require-hooks@0.4.0.rbi +152 -0
- data/sorbet/rbi/gems/{rexml@3.2.5.rbi → rexml@3.4.4.rbi} +1085 -894
- data/sorbet/rbi/gems/rspec-core@3.13.6.rbi +9475 -0
- data/sorbet/rbi/gems/rspec-expectations@3.13.5.rbi +6108 -0
- data/sorbet/rbi/gems/rspec-mocks@3.13.8.rbi +4787 -0
- data/sorbet/rbi/gems/rspec-support@3.13.7.rbi +1274 -0
- data/sorbet/rbi/gems/rspec@3.13.2.rbi +15 -0
- data/sorbet/rbi/gems/rspec_in_context@1.2.2.rbi +294 -0
- data/sorbet/rbi/gems/rubocop-ast@1.49.1.rbi +7140 -0
- data/sorbet/rbi/gems/rubocop-faker@1.3.0.rbi +88 -0
- data/sorbet/rbi/gems/rubocop-performance@1.26.1.rbi +3403 -0
- data/sorbet/rbi/gems/rubocop-sorbet@0.12.0.rbi +2448 -0
- data/sorbet/rbi/gems/rubocop@1.88.1.rbi +63103 -0
- data/sorbet/rbi/gems/ruby-lsp@0.26.9.rbi +28 -0
- data/sorbet/rbi/gems/ruby-progressbar@1.13.0.rbi +988 -0
- data/sorbet/rbi/gems/rubydex@0.2.7.rbi +836 -0
- data/sorbet/rbi/gems/simplecov-html@0.13.2.rbi +90 -0
- data/sorbet/rbi/gems/{simplecov@0.21.2.rbi → simplecov@0.22.0.rbi} +438 -578
- data/sorbet/rbi/gems/spoom@1.8.2.rbi +6691 -0
- data/sorbet/rbi/gems/syntax_tree@6.3.0.rbi +22090 -0
- data/sorbet/rbi/gems/tapioca@0.19.2.rbi +3597 -0
- data/sorbet/rbi/gems/{thor@1.2.1.rbi → thor@1.5.0.rbi} +1085 -1171
- data/sorbet/rbi/gems/tsort@0.2.0.rbi +389 -0
- data/sorbet/rbi/gems/unicode-display_width@3.2.0.rbi +130 -0
- data/sorbet/rbi/gems/unicode-emoji@4.2.0.rbi +332 -0
- data/sorbet/rbi/gems/{yard-sorbet@0.7.0.rbi → yard-sorbet@0.9.0.rbi} +142 -99
- data/sorbet/rbi/gems/{yard@0.9.28.rbi → yard@0.9.44.rbi} +5350 -6316
- data/sorbet/rbi/gems/zeitwerk@2.8.2.rbi +1178 -0
- metadata +105 -111
- data/.prettierrc.js +0 -4
- data/docs/M2mKeygen/Error.html +0 -135
- data/docs/M2mKeygen/ParamsEncoder.html +0 -321
- data/docs/M2mKeygen/RackValidator.html +0 -533
- data/docs/M2mKeygen/Signature.html +0 -680
- data/docs/M2mKeygen/Types.html +0 -147
- data/docs/M2mKeygen.html +0 -157
- data/docs/_index.html +0 -182
- data/docs/class_list.html +0 -51
- data/docs/css/common.css +0 -1
- data/docs/css/full_list.css +0 -58
- data/docs/css/style.css +0 -497
- data/docs/file.README.html +0 -230
- data/docs/file_list.html +0 -56
- data/docs/frames.html +0 -17
- data/docs/index.html +0 -230
- data/docs/js/app.js +0 -314
- data/docs/js/full_list.js +0 -216
- data/docs/js/jquery.js +0 -4
- data/docs/method_list.html +0 -139
- data/docs/top-level-namespace.html +0 -110
- data/lib/m2m_keygen/params_encoder.rb +0 -56
- data/package.json +0 -12
- data/sig/m2m_keygen.rbs +0 -4
- data/sorbet/rbi/gems/activesupport@7.0.3.1.rbi +0 -18608
- data/sorbet/rbi/gems/backport@1.2.0.rbi +0 -522
- data/sorbet/rbi/gems/bundler-audit@0.9.1.rbi +0 -308
- data/sorbet/rbi/gems/byebug@11.1.3.rbi +0 -3603
- data/sorbet/rbi/gems/childprocess@4.1.0.rbi +0 -401
- data/sorbet/rbi/gems/concurrent-ruby@1.1.10.rbi +0 -11581
- data/sorbet/rbi/gems/dotenv@2.8.1.rbi +0 -234
- data/sorbet/rbi/gems/e2mmap@0.1.0.rbi +0 -8
- data/sorbet/rbi/gems/haml@5.2.2.rbi +0 -3190
- data/sorbet/rbi/gems/jaro_winkler@1.5.4.rbi +0 -19
- data/sorbet/rbi/gems/kramdown-parser-gfm@1.1.0.rbi +0 -133
- data/sorbet/rbi/gems/kramdown@2.4.0.rbi +0 -3261
- data/sorbet/rbi/gems/listen@3.7.1.rbi +0 -1181
- data/sorbet/rbi/gems/minitest@5.16.3.rbi +0 -1459
- data/sorbet/rbi/gems/nokogiri@1.13.8.rbi +0 -6514
- data/sorbet/rbi/gems/parallel@1.22.1.rbi +0 -277
- data/sorbet/rbi/gems/parser@3.1.2.1.rbi +0 -6826
- data/sorbet/rbi/gems/prettier@3.2.0.rbi +0 -22
- data/sorbet/rbi/gems/prettier_print@0.1.0.rbi +0 -8
- data/sorbet/rbi/gems/pry-byebug@3.10.1.rbi +0 -1222
- data/sorbet/rbi/gems/rack@2.2.4.rbi +0 -5630
- data/sorbet/rbi/gems/rbi@0.0.15.rbi +0 -3007
- data/sorbet/rbi/gems/rbs@2.6.0.rbi +0 -8
- data/sorbet/rbi/gems/regexp_parser@2.5.0.rbi +0 -3366
- data/sorbet/rbi/gems/reverse_markdown@2.1.1.rbi +0 -389
- data/sorbet/rbi/gems/rspec-core@3.11.0.rbi +0 -10786
- data/sorbet/rbi/gems/rspec-expectations@3.11.0.rbi +0 -8170
- data/sorbet/rbi/gems/rspec-mocks@3.11.1.rbi +0 -5385
- data/sorbet/rbi/gems/rspec-support@3.11.0.rbi +0 -1746
- data/sorbet/rbi/gems/rspec@3.11.0.rbi +0 -187
- data/sorbet/rbi/gems/rspec_in_context@1.1.0.3.rbi +0 -1113
- data/sorbet/rbi/gems/rubocop-ast@1.21.0.rbi +0 -7044
- data/sorbet/rbi/gems/rubocop-faker@1.1.0.rbi +0 -106
- data/sorbet/rbi/gems/rubocop-performance@1.14.3.rbi +0 -2982
- data/sorbet/rbi/gems/rubocop-sorbet@0.6.11.rbi +0 -990
- data/sorbet/rbi/gems/rubocop@1.35.1.rbi +0 -52002
- data/sorbet/rbi/gems/ruby-progressbar@1.11.0.rbi +0 -1239
- data/sorbet/rbi/gems/simplecov-html@0.12.3.rbi +0 -219
- data/sorbet/rbi/gems/solargraph@0.46.0.rbi +0 -9075
- data/sorbet/rbi/gems/spoom@1.1.12.rbi +0 -2369
- data/sorbet/rbi/gems/syntax_tree-haml@1.3.1.rbi +0 -8
- data/sorbet/rbi/gems/syntax_tree-rbs@0.5.0.rbi +0 -8
- data/sorbet/rbi/gems/syntax_tree@3.5.0.rbi +0 -8
- data/sorbet/rbi/gems/tapioca@0.9.4.rbi +0 -2946
- data/sorbet/rbi/gems/temple@0.8.2.rbi +0 -1712
- data/sorbet/rbi/gems/tilt@2.0.11.rbi +0 -742
- data/sorbet/rbi/gems/tzinfo@2.0.5.rbi +0 -5914
- data/sorbet/rbi/gems/unicode-display_width@2.2.0.rbi +0 -48
- data/sorbet/rbi/gems/unparser@0.6.5.rbi +0 -4529
- data/sorbet/rbi/gems/webrick@1.7.0.rbi +0 -2553
- data/sorbet/rbi/gems/zeitwerk@2.6.0.rbi +0 -867
- data/sorbet/rbi/manual.rbi +0 -7
- data/yarn.lock +0 -20
data/docs/file.README.html
DELETED
|
@@ -1,230 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html>
|
|
2
|
-
<html>
|
|
3
|
-
<head>
|
|
4
|
-
<meta charset="UTF-8">
|
|
5
|
-
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
6
|
-
<title>
|
|
7
|
-
File: README
|
|
8
|
-
|
|
9
|
-
— Documentation by YARD 0.9.34
|
|
10
|
-
|
|
11
|
-
</title>
|
|
12
|
-
|
|
13
|
-
<link rel="stylesheet" href="css/style.css" type="text/css" />
|
|
14
|
-
|
|
15
|
-
<link rel="stylesheet" href="css/common.css" type="text/css" />
|
|
16
|
-
|
|
17
|
-
<script type="text/javascript">
|
|
18
|
-
pathId = "README";
|
|
19
|
-
relpath = '';
|
|
20
|
-
</script>
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
|
24
|
-
|
|
25
|
-
<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
</head>
|
|
29
|
-
<body>
|
|
30
|
-
<div class="nav_wrap">
|
|
31
|
-
<iframe id="nav" src="file_list.html?1"></iframe>
|
|
32
|
-
<div id="resizer"></div>
|
|
33
|
-
</div>
|
|
34
|
-
|
|
35
|
-
<div id="main" tabindex="-1">
|
|
36
|
-
<div id="header">
|
|
37
|
-
<div id="menu">
|
|
38
|
-
|
|
39
|
-
<a href="_index.html">Index</a> »
|
|
40
|
-
<span class="title">File: README</span>
|
|
41
|
-
|
|
42
|
-
</div>
|
|
43
|
-
|
|
44
|
-
<div id="search">
|
|
45
|
-
|
|
46
|
-
<a class="full_list_link" id="class_list_link"
|
|
47
|
-
href="class_list.html">
|
|
48
|
-
|
|
49
|
-
<svg width="24" height="24">
|
|
50
|
-
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
|
|
51
|
-
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
|
|
52
|
-
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
|
|
53
|
-
</svg>
|
|
54
|
-
</a>
|
|
55
|
-
|
|
56
|
-
</div>
|
|
57
|
-
<div class="clear"></div>
|
|
58
|
-
</div>
|
|
59
|
-
|
|
60
|
-
<div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
|
|
61
|
-
|
|
62
|
-
<p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
|
|
63
|
-
|
|
64
|
-
<h2 id="installation">Installation</h2>
|
|
65
|
-
|
|
66
|
-
<p>Install the gem and add to the application’s Gemfile by executing:</p>
|
|
67
|
-
|
|
68
|
-
<pre class="code ruby"><code class="ruby">$ bundle add m2m_keygen
|
|
69
|
-
</code></pre>
|
|
70
|
-
|
|
71
|
-
<p>If bundler is not being used to manage dependencies, install the gem by executing:</p>
|
|
72
|
-
|
|
73
|
-
<pre class="code ruby"><code class="ruby">$ gem install m2m_keygen
|
|
74
|
-
</code></pre>
|
|
75
|
-
|
|
76
|
-
<h2 id="usage">Usage</h2>
|
|
77
|
-
|
|
78
|
-
<h3 id="signature">Signature</h3>
|
|
79
|
-
|
|
80
|
-
<p>This gem provides a module for signing and checking signature for HTTP requests</p>
|
|
81
|
-
|
|
82
|
-
<h4 id="initialization">Initialization</h4>
|
|
83
|
-
|
|
84
|
-
<p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
|
|
85
|
-
|
|
86
|
-
<p>```ruby
|
|
87
|
-
AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
|
|
88
|
-
|
|
89
|
-
<p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # => Will default algorithm to sha512
|
|
90
|
-
```</p>
|
|
91
|
-
|
|
92
|
-
<h4 id="signing">Signing</h4>
|
|
93
|
-
|
|
94
|
-
<p>Use the <code>sign</code> method to generate a new signature.</p>
|
|
95
|
-
|
|
96
|
-
<ul>
|
|
97
|
-
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
|
98
|
-
<li><code>verb</code> is the http verb</li>
|
|
99
|
-
<li><code>path</code> is the path for the request</li>
|
|
100
|
-
</ul>
|
|
101
|
-
|
|
102
|
-
<p><code>ruby
|
|
103
|
-
AuthSignature.sign(
|
|
104
|
-
params: {
|
|
105
|
-
"a" => "test",
|
|
106
|
-
:b => 1,
|
|
107
|
-
"d" => %w[a b],
|
|
108
|
-
"c" => {
|
|
109
|
-
"e" => 45
|
|
110
|
-
}
|
|
111
|
-
},
|
|
112
|
-
verb: "get",
|
|
113
|
-
path: "/path"
|
|
114
|
-
) # => "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
|
115
|
-
</code></p>
|
|
116
|
-
|
|
117
|
-
<p>After generating the signature send it alongside your request for verification on the receiver side.</p>
|
|
118
|
-
|
|
119
|
-
<h4 id="verifying">Verifying</h4>
|
|
120
|
-
|
|
121
|
-
<p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
|
|
122
|
-
|
|
123
|
-
<ul>
|
|
124
|
-
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
|
125
|
-
<li><code>verb</code> is the http verb</li>
|
|
126
|
-
<li><code>path</code> is the path for the request</li>
|
|
127
|
-
<li><code>signature</code> is the received signature</li>
|
|
128
|
-
</ul>
|
|
129
|
-
|
|
130
|
-
<p><code>ruby
|
|
131
|
-
AuthSignature.validate(
|
|
132
|
-
params: {
|
|
133
|
-
"a" => "test",
|
|
134
|
-
:b => 1,
|
|
135
|
-
"d" => %w[a b],
|
|
136
|
-
"c" => {
|
|
137
|
-
"e" => 45
|
|
138
|
-
}
|
|
139
|
-
},
|
|
140
|
-
verb: "get",
|
|
141
|
-
path: "/path",
|
|
142
|
-
signature:
|
|
143
|
-
"a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
|
144
|
-
) #=> true
|
|
145
|
-
</code></p>
|
|
146
|
-
|
|
147
|
-
<p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
|
|
148
|
-
|
|
149
|
-
<h3 id="rackvalidator">RackValidator</h3>
|
|
150
|
-
|
|
151
|
-
<p>This module is here for directly validate Rack requests.</p>
|
|
152
|
-
|
|
153
|
-
<p>It will validate :</p>
|
|
154
|
-
|
|
155
|
-
<ul>
|
|
156
|
-
<li>Signature matching</li>
|
|
157
|
-
<li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
|
|
158
|
-
</ul>
|
|
159
|
-
|
|
160
|
-
<h4 id="initialization-1">Initialization</h4>
|
|
161
|
-
|
|
162
|
-
<p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
|
|
163
|
-
|
|
164
|
-
<p><code>ruby
|
|
165
|
-
RackSignatureValidator =
|
|
166
|
-
M2mKeygen::RackValidator.new(
|
|
167
|
-
"secret",
|
|
168
|
-
algorithm: "sha512", # Default value
|
|
169
|
-
header_name: "X-Signature" # Default value
|
|
170
|
-
)
|
|
171
|
-
</code></p>
|
|
172
|
-
|
|
173
|
-
<h4 id="validation">Validation</h4>
|
|
174
|
-
|
|
175
|
-
<p>You can then validate a Rack::Request or a Rails Request directly:</p>
|
|
176
|
-
|
|
177
|
-
<p><code>ruby
|
|
178
|
-
RackSignatureValidator.validate(request) # => true or false
|
|
179
|
-
</code></p>
|
|
180
|
-
|
|
181
|
-
<h2 id="how-does-it-works">How does it works</h2>
|
|
182
|
-
|
|
183
|
-
<p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
|
|
184
|
-
|
|
185
|
-
<p>Both server will have the same secret key.
|
|
186
|
-
The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
|
|
187
|
-
The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
|
|
188
|
-
|
|
189
|
-
<p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
|
|
190
|
-
|
|
191
|
-
<h2 id="development">Development</h2>
|
|
192
|
-
|
|
193
|
-
<p>After checking out the repo, run <code>bin/setup</code> to install dependencies. Then, run <code>rake spec</code> to run the tests. You can also run <code>bin/console</code> for an interactive prompt that will allow you to experiment.</p>
|
|
194
|
-
|
|
195
|
-
<p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
|
|
196
|
-
|
|
197
|
-
<p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
|
|
198
|
-
|
|
199
|
-
<p>Tool used in dev:</p>
|
|
200
|
-
|
|
201
|
-
<ul>
|
|
202
|
-
<li>Rubocop</li>
|
|
203
|
-
<li>Prettier</li>
|
|
204
|
-
<li>Yard</li>
|
|
205
|
-
<li>Sorbet</li>
|
|
206
|
-
<li>RSpec</li>
|
|
207
|
-
</ul>
|
|
208
|
-
|
|
209
|
-
<h2 id="contributing">Contributing</h2>
|
|
210
|
-
|
|
211
|
-
<p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
|
|
212
|
-
|
|
213
|
-
<h2 id="license">License</h2>
|
|
214
|
-
|
|
215
|
-
<p>The gem is available as open source under the terms of the <a href="https://opensource.org/licenses/MIT">MIT License</a>.</p>
|
|
216
|
-
|
|
217
|
-
<h2 id="code-of-conduct">Code of Conduct</h2>
|
|
218
|
-
|
|
219
|
-
<p>Everyone interacting in the M2mKeygen project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
|
|
220
|
-
</div></div>
|
|
221
|
-
|
|
222
|
-
<div id="footer">
|
|
223
|
-
Generated on Wed Oct 4 16:28:22 2023 by
|
|
224
|
-
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
|
225
|
-
0.9.34 (ruby-3.2.2).
|
|
226
|
-
</div>
|
|
227
|
-
|
|
228
|
-
</div>
|
|
229
|
-
</body>
|
|
230
|
-
</html>
|
data/docs/file_list.html
DELETED
|
@@ -1,56 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html>
|
|
2
|
-
<html>
|
|
3
|
-
<head>
|
|
4
|
-
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
5
|
-
<meta charset="utf-8" />
|
|
6
|
-
|
|
7
|
-
<link rel="stylesheet" href="css/full_list.css" type="text/css" media="screen" />
|
|
8
|
-
|
|
9
|
-
<link rel="stylesheet" href="css/common.css" type="text/css" media="screen" />
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
|
14
|
-
|
|
15
|
-
<script type="text/javascript" charset="utf-8" src="js/full_list.js"></script>
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
<title>File List</title>
|
|
19
|
-
<base id="base_target" target="_parent" />
|
|
20
|
-
</head>
|
|
21
|
-
<body>
|
|
22
|
-
<div id="content">
|
|
23
|
-
<div class="fixed_header">
|
|
24
|
-
<h1 id="full_list_header">File List</h1>
|
|
25
|
-
<div id="full_list_nav">
|
|
26
|
-
|
|
27
|
-
<span><a target="_self" href="class_list.html">
|
|
28
|
-
Classes
|
|
29
|
-
</a></span>
|
|
30
|
-
|
|
31
|
-
<span><a target="_self" href="method_list.html">
|
|
32
|
-
Methods
|
|
33
|
-
</a></span>
|
|
34
|
-
|
|
35
|
-
<span><a target="_self" href="file_list.html">
|
|
36
|
-
Files
|
|
37
|
-
</a></span>
|
|
38
|
-
|
|
39
|
-
</div>
|
|
40
|
-
|
|
41
|
-
<div id="search">Search: <input type="text" /></div>
|
|
42
|
-
</div>
|
|
43
|
-
|
|
44
|
-
<ul id="full_list" class="file">
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
<li id="object_README" class="odd">
|
|
48
|
-
<div class="item"><span class="object_link"><a href="index.html" title="README">README</a></span></div>
|
|
49
|
-
</li>
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
</ul>
|
|
54
|
-
</div>
|
|
55
|
-
</body>
|
|
56
|
-
</html>
|
data/docs/frames.html
DELETED
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html>
|
|
2
|
-
<html>
|
|
3
|
-
<head>
|
|
4
|
-
<meta charset="utf-8">
|
|
5
|
-
<title>Documentation by YARD 0.9.34</title>
|
|
6
|
-
</head>
|
|
7
|
-
<script type="text/javascript">
|
|
8
|
-
var match = unescape(window.location.hash).match(/^#!(.+)/);
|
|
9
|
-
var name = match ? match[1] : 'index.html';
|
|
10
|
-
name = name.replace(/^(\w+):\/\//, '').replace(/^\/\//, '');
|
|
11
|
-
window.top.location = name;
|
|
12
|
-
</script>
|
|
13
|
-
<noscript>
|
|
14
|
-
<h1>Oops!</h1>
|
|
15
|
-
<h2>YARD requires JavaScript!</h2>
|
|
16
|
-
</noscript>
|
|
17
|
-
</html>
|
data/docs/index.html
DELETED
|
@@ -1,230 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html>
|
|
2
|
-
<html>
|
|
3
|
-
<head>
|
|
4
|
-
<meta charset="UTF-8">
|
|
5
|
-
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
6
|
-
<title>
|
|
7
|
-
File: README
|
|
8
|
-
|
|
9
|
-
— Documentation by YARD 0.9.34
|
|
10
|
-
|
|
11
|
-
</title>
|
|
12
|
-
|
|
13
|
-
<link rel="stylesheet" href="css/style.css" type="text/css" />
|
|
14
|
-
|
|
15
|
-
<link rel="stylesheet" href="css/common.css" type="text/css" />
|
|
16
|
-
|
|
17
|
-
<script type="text/javascript">
|
|
18
|
-
pathId = "README";
|
|
19
|
-
relpath = '';
|
|
20
|
-
</script>
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
|
24
|
-
|
|
25
|
-
<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
</head>
|
|
29
|
-
<body>
|
|
30
|
-
<div class="nav_wrap">
|
|
31
|
-
<iframe id="nav" src="class_list.html?1"></iframe>
|
|
32
|
-
<div id="resizer"></div>
|
|
33
|
-
</div>
|
|
34
|
-
|
|
35
|
-
<div id="main" tabindex="-1">
|
|
36
|
-
<div id="header">
|
|
37
|
-
<div id="menu">
|
|
38
|
-
|
|
39
|
-
<a href="_index.html">Index</a> »
|
|
40
|
-
<span class="title">File: README</span>
|
|
41
|
-
|
|
42
|
-
</div>
|
|
43
|
-
|
|
44
|
-
<div id="search">
|
|
45
|
-
|
|
46
|
-
<a class="full_list_link" id="class_list_link"
|
|
47
|
-
href="class_list.html">
|
|
48
|
-
|
|
49
|
-
<svg width="24" height="24">
|
|
50
|
-
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
|
|
51
|
-
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
|
|
52
|
-
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
|
|
53
|
-
</svg>
|
|
54
|
-
</a>
|
|
55
|
-
|
|
56
|
-
</div>
|
|
57
|
-
<div class="clear"></div>
|
|
58
|
-
</div>
|
|
59
|
-
|
|
60
|
-
<div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
|
|
61
|
-
|
|
62
|
-
<p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
|
|
63
|
-
|
|
64
|
-
<h2 id="installation">Installation</h2>
|
|
65
|
-
|
|
66
|
-
<p>Install the gem and add to the application’s Gemfile by executing:</p>
|
|
67
|
-
|
|
68
|
-
<pre class="code ruby"><code class="ruby">$ bundle add m2m_keygen
|
|
69
|
-
</code></pre>
|
|
70
|
-
|
|
71
|
-
<p>If bundler is not being used to manage dependencies, install the gem by executing:</p>
|
|
72
|
-
|
|
73
|
-
<pre class="code ruby"><code class="ruby">$ gem install m2m_keygen
|
|
74
|
-
</code></pre>
|
|
75
|
-
|
|
76
|
-
<h2 id="usage">Usage</h2>
|
|
77
|
-
|
|
78
|
-
<h3 id="signature">Signature</h3>
|
|
79
|
-
|
|
80
|
-
<p>This gem provides a module for signing and checking signature for HTTP requests</p>
|
|
81
|
-
|
|
82
|
-
<h4 id="initialization">Initialization</h4>
|
|
83
|
-
|
|
84
|
-
<p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
|
|
85
|
-
|
|
86
|
-
<p>```ruby
|
|
87
|
-
AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
|
|
88
|
-
|
|
89
|
-
<p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # => Will default algorithm to sha512
|
|
90
|
-
```</p>
|
|
91
|
-
|
|
92
|
-
<h4 id="signing">Signing</h4>
|
|
93
|
-
|
|
94
|
-
<p>Use the <code>sign</code> method to generate a new signature.</p>
|
|
95
|
-
|
|
96
|
-
<ul>
|
|
97
|
-
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
|
98
|
-
<li><code>verb</code> is the http verb</li>
|
|
99
|
-
<li><code>path</code> is the path for the request</li>
|
|
100
|
-
</ul>
|
|
101
|
-
|
|
102
|
-
<p><code>ruby
|
|
103
|
-
AuthSignature.sign(
|
|
104
|
-
params: {
|
|
105
|
-
"a" => "test",
|
|
106
|
-
:b => 1,
|
|
107
|
-
"d" => %w[a b],
|
|
108
|
-
"c" => {
|
|
109
|
-
"e" => 45
|
|
110
|
-
}
|
|
111
|
-
},
|
|
112
|
-
verb: "get",
|
|
113
|
-
path: "/path"
|
|
114
|
-
) # => "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
|
115
|
-
</code></p>
|
|
116
|
-
|
|
117
|
-
<p>After generating the signature send it alongside your request for verification on the receiver side.</p>
|
|
118
|
-
|
|
119
|
-
<h4 id="verifying">Verifying</h4>
|
|
120
|
-
|
|
121
|
-
<p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
|
|
122
|
-
|
|
123
|
-
<ul>
|
|
124
|
-
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
|
125
|
-
<li><code>verb</code> is the http verb</li>
|
|
126
|
-
<li><code>path</code> is the path for the request</li>
|
|
127
|
-
<li><code>signature</code> is the received signature</li>
|
|
128
|
-
</ul>
|
|
129
|
-
|
|
130
|
-
<p><code>ruby
|
|
131
|
-
AuthSignature.validate(
|
|
132
|
-
params: {
|
|
133
|
-
"a" => "test",
|
|
134
|
-
:b => 1,
|
|
135
|
-
"d" => %w[a b],
|
|
136
|
-
"c" => {
|
|
137
|
-
"e" => 45
|
|
138
|
-
}
|
|
139
|
-
},
|
|
140
|
-
verb: "get",
|
|
141
|
-
path: "/path",
|
|
142
|
-
signature:
|
|
143
|
-
"a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
|
144
|
-
) #=> true
|
|
145
|
-
</code></p>
|
|
146
|
-
|
|
147
|
-
<p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
|
|
148
|
-
|
|
149
|
-
<h3 id="rackvalidator">RackValidator</h3>
|
|
150
|
-
|
|
151
|
-
<p>This module is here for directly validate Rack requests.</p>
|
|
152
|
-
|
|
153
|
-
<p>It will validate :</p>
|
|
154
|
-
|
|
155
|
-
<ul>
|
|
156
|
-
<li>Signature matching</li>
|
|
157
|
-
<li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
|
|
158
|
-
</ul>
|
|
159
|
-
|
|
160
|
-
<h4 id="initialization-1">Initialization</h4>
|
|
161
|
-
|
|
162
|
-
<p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
|
|
163
|
-
|
|
164
|
-
<p><code>ruby
|
|
165
|
-
RackSignatureValidator =
|
|
166
|
-
M2mKeygen::RackValidator.new(
|
|
167
|
-
"secret",
|
|
168
|
-
algorithm: "sha512", # Default value
|
|
169
|
-
header_name: "X-Signature" # Default value
|
|
170
|
-
)
|
|
171
|
-
</code></p>
|
|
172
|
-
|
|
173
|
-
<h4 id="validation">Validation</h4>
|
|
174
|
-
|
|
175
|
-
<p>You can then validate a Rack::Request or a Rails Request directly:</p>
|
|
176
|
-
|
|
177
|
-
<p><code>ruby
|
|
178
|
-
RackSignatureValidator.validate(request) # => true or false
|
|
179
|
-
</code></p>
|
|
180
|
-
|
|
181
|
-
<h2 id="how-does-it-works">How does it works</h2>
|
|
182
|
-
|
|
183
|
-
<p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
|
|
184
|
-
|
|
185
|
-
<p>Both server will have the same secret key.
|
|
186
|
-
The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
|
|
187
|
-
The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
|
|
188
|
-
|
|
189
|
-
<p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
|
|
190
|
-
|
|
191
|
-
<h2 id="development">Development</h2>
|
|
192
|
-
|
|
193
|
-
<p>After checking out the repo, run <code>bin/setup</code> to install dependencies. Then, run <code>rake spec</code> to run the tests. You can also run <code>bin/console</code> for an interactive prompt that will allow you to experiment.</p>
|
|
194
|
-
|
|
195
|
-
<p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
|
|
196
|
-
|
|
197
|
-
<p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
|
|
198
|
-
|
|
199
|
-
<p>Tool used in dev:</p>
|
|
200
|
-
|
|
201
|
-
<ul>
|
|
202
|
-
<li>Rubocop</li>
|
|
203
|
-
<li>Prettier</li>
|
|
204
|
-
<li>Yard</li>
|
|
205
|
-
<li>Sorbet</li>
|
|
206
|
-
<li>RSpec</li>
|
|
207
|
-
</ul>
|
|
208
|
-
|
|
209
|
-
<h2 id="contributing">Contributing</h2>
|
|
210
|
-
|
|
211
|
-
<p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
|
|
212
|
-
|
|
213
|
-
<h2 id="license">License</h2>
|
|
214
|
-
|
|
215
|
-
<p>The gem is available as open source under the terms of the <a href="https://opensource.org/licenses/MIT">MIT License</a>.</p>
|
|
216
|
-
|
|
217
|
-
<h2 id="code-of-conduct">Code of Conduct</h2>
|
|
218
|
-
|
|
219
|
-
<p>Everyone interacting in the M2mKeygen project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
|
|
220
|
-
</div></div>
|
|
221
|
-
|
|
222
|
-
<div id="footer">
|
|
223
|
-
Generated on Wed Oct 4 16:28:22 2023 by
|
|
224
|
-
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
|
225
|
-
0.9.34 (ruby-3.2.2).
|
|
226
|
-
</div>
|
|
227
|
-
|
|
228
|
-
</div>
|
|
229
|
-
</body>
|
|
230
|
-
</html>
|