m2m_keygen 0.4.9 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (174) hide show
  1. checksums.yaml +4 -4
  2. data/.overcommit.yml +4 -7
  3. data/.rubocop.yml +19 -16
  4. data/.ruby-version +1 -1
  5. data/.streerc +1 -0
  6. data/.tool-versions +1 -1
  7. data/CHANGELOG.md +70 -1
  8. data/Gemfile +2 -2
  9. data/Gemfile.lock +135 -158
  10. data/README.md +64 -78
  11. data/docs/MIGRATING.md +69 -0
  12. data/docs/SPEC.md +245 -0
  13. data/examples/nonce_store/postgres.rb +40 -0
  14. data/examples/nonce_store/redis.rb +23 -0
  15. data/gemfiles/rack_2.gemfile +5 -0
  16. data/gemfiles/rack_3.gemfile +5 -0
  17. data/lib/m2m_keygen/canonicalizer.rb +57 -0
  18. data/lib/m2m_keygen/nonce_store/disabled.rb +19 -0
  19. data/lib/m2m_keygen/nonce_store/memory.rb +64 -0
  20. data/lib/m2m_keygen/nonce_store.rb +18 -0
  21. data/lib/m2m_keygen/rack_validator.rb +86 -19
  22. data/lib/m2m_keygen/request_signer/signed_request.rb +10 -0
  23. data/lib/m2m_keygen/request_signer.rb +118 -0
  24. data/lib/m2m_keygen/signature.rb +41 -39
  25. data/lib/m2m_keygen/types/params_type.rb +6 -17
  26. data/lib/m2m_keygen/version.rb +1 -1
  27. data/lib/m2m_keygen.rb +6 -0
  28. data/m2m_keygen.gemspec +12 -14
  29. data/sorbet/config +1 -0
  30. data/sorbet/rbi/gems/.gitattributes +1 -0
  31. data/sorbet/rbi/gems/{ast@2.4.2.rbi → ast@2.4.3.rbi} +45 -79
  32. data/sorbet/rbi/gems/{benchmark@0.2.0.rbi → benchmark@0.5.0.rbi} +91 -58
  33. data/sorbet/rbi/gems/bundler-audit@0.9.3.rbi +397 -0
  34. data/sorbet/rbi/gems/byebug@13.0.0.rbi +3651 -0
  35. data/sorbet/rbi/gems/childprocess@5.1.0.rbi +336 -0
  36. data/sorbet/rbi/gems/concurrent-ruby@1.3.7.rbi +384 -0
  37. data/sorbet/rbi/gems/{diff-lcs@1.5.0.rbi → diff-lcs@1.6.2.rbi} +189 -199
  38. data/sorbet/rbi/gems/{docile@1.4.0.rbi → docile@1.4.1.rbi} +147 -147
  39. data/sorbet/rbi/gems/dotenv@3.2.0.rbi +267 -0
  40. data/sorbet/rbi/gems/erubi@1.13.1.rbi +155 -0
  41. data/sorbet/rbi/gems/{faker@2.22.0.rbi → faker@3.8.0.rbi} +8468 -3829
  42. data/sorbet/rbi/gems/{ffi@1.15.5.rbi → ffi@1.17.4.rbi} +1 -0
  43. data/sorbet/rbi/gems/{formatador@1.1.0.rbi → formatador@1.2.3.rbi} +1 -0
  44. data/sorbet/rbi/gems/{guard@2.18.0.rbi → guard@2.20.1.rbi} +1 -0
  45. data/sorbet/rbi/gems/{i18n@1.12.0.rbi → i18n@1.15.2.rbi} +687 -827
  46. data/sorbet/rbi/gems/io-console@0.8.2.rbi +9 -0
  47. data/sorbet/rbi/gems/{json@2.6.2.rbi → json@2.20.0.rbi} +994 -252
  48. data/sorbet/rbi/gems/language_server-protocol@3.17.0.5.rbi +9 -0
  49. data/sorbet/rbi/gems/lint_roller@1.1.0.rbi +189 -0
  50. data/sorbet/rbi/gems/listen@3.10.0.rbi +9 -0
  51. data/sorbet/rbi/gems/logger@1.7.0.rbi +896 -0
  52. data/sorbet/rbi/gems/{lumberjack@1.2.8.rbi → lumberjack@1.4.2.rbi} +1 -0
  53. data/sorbet/rbi/gems/{method_source@1.0.0.rbi → method_source@1.1.0.rbi} +111 -90
  54. data/sorbet/rbi/gems/{overcommit@0.59.1.rbi → overcommit@0.71.0.rbi} +503 -647
  55. data/sorbet/rbi/gems/parallel@2.1.0.rbi +321 -0
  56. data/sorbet/rbi/gems/parser@3.3.11.1.rbi +5229 -0
  57. data/sorbet/rbi/gems/prettier_print@1.2.1.rbi +878 -0
  58. data/sorbet/rbi/gems/prism@1.9.0.rbi +42224 -0
  59. data/sorbet/rbi/gems/pry-byebug@3.12.0.rbi +481 -0
  60. data/sorbet/rbi/gems/{pry@0.14.1.rbi → pry@0.16.0.rbi} +2567 -3550
  61. data/sorbet/rbi/gems/{racc@1.6.0.rbi → racc@1.8.1.rbi} +54 -40
  62. data/sorbet/rbi/gems/rack@3.2.6.rbi +4653 -0
  63. data/sorbet/rbi/gems/{rake@13.0.6.rbi → rake@13.4.2.rbi} +963 -732
  64. data/sorbet/rbi/gems/{rb-inotify@0.10.1.rbi → rb-inotify@0.11.1.rbi} +1 -0
  65. data/sorbet/rbi/gems/rbi@0.3.14.rbi +5519 -0
  66. data/sorbet/rbi/gems/rbs@4.0.3.rbi +6908 -0
  67. data/sorbet/rbi/gems/regexp_parser@2.12.0.rbi +3398 -0
  68. data/sorbet/rbi/gems/reline@0.6.3.rbi +2446 -0
  69. data/sorbet/rbi/gems/require-hooks@0.4.0.rbi +152 -0
  70. data/sorbet/rbi/gems/{rexml@3.2.5.rbi → rexml@3.4.4.rbi} +1085 -894
  71. data/sorbet/rbi/gems/rspec-core@3.13.6.rbi +9475 -0
  72. data/sorbet/rbi/gems/rspec-expectations@3.13.5.rbi +6108 -0
  73. data/sorbet/rbi/gems/rspec-mocks@3.13.8.rbi +4787 -0
  74. data/sorbet/rbi/gems/rspec-support@3.13.7.rbi +1274 -0
  75. data/sorbet/rbi/gems/rspec@3.13.2.rbi +15 -0
  76. data/sorbet/rbi/gems/rspec_in_context@1.2.2.rbi +294 -0
  77. data/sorbet/rbi/gems/rubocop-ast@1.49.1.rbi +7140 -0
  78. data/sorbet/rbi/gems/rubocop-faker@1.3.0.rbi +88 -0
  79. data/sorbet/rbi/gems/rubocop-performance@1.26.1.rbi +3403 -0
  80. data/sorbet/rbi/gems/rubocop-sorbet@0.12.0.rbi +2448 -0
  81. data/sorbet/rbi/gems/rubocop@1.88.1.rbi +63103 -0
  82. data/sorbet/rbi/gems/ruby-lsp@0.26.9.rbi +28 -0
  83. data/sorbet/rbi/gems/ruby-progressbar@1.13.0.rbi +988 -0
  84. data/sorbet/rbi/gems/rubydex@0.2.7.rbi +836 -0
  85. data/sorbet/rbi/gems/simplecov-html@0.13.2.rbi +90 -0
  86. data/sorbet/rbi/gems/{simplecov@0.21.2.rbi → simplecov@0.22.0.rbi} +438 -578
  87. data/sorbet/rbi/gems/spoom@1.8.2.rbi +6691 -0
  88. data/sorbet/rbi/gems/syntax_tree@6.3.0.rbi +22090 -0
  89. data/sorbet/rbi/gems/tapioca@0.19.2.rbi +3597 -0
  90. data/sorbet/rbi/gems/{thor@1.2.1.rbi → thor@1.5.0.rbi} +1085 -1171
  91. data/sorbet/rbi/gems/tsort@0.2.0.rbi +389 -0
  92. data/sorbet/rbi/gems/unicode-display_width@3.2.0.rbi +130 -0
  93. data/sorbet/rbi/gems/unicode-emoji@4.2.0.rbi +332 -0
  94. data/sorbet/rbi/gems/{yard-sorbet@0.7.0.rbi → yard-sorbet@0.9.0.rbi} +142 -99
  95. data/sorbet/rbi/gems/{yard@0.9.28.rbi → yard@0.9.44.rbi} +5350 -6316
  96. data/sorbet/rbi/gems/zeitwerk@2.8.2.rbi +1178 -0
  97. metadata +105 -111
  98. data/.prettierrc.js +0 -4
  99. data/docs/M2mKeygen/Error.html +0 -135
  100. data/docs/M2mKeygen/ParamsEncoder.html +0 -321
  101. data/docs/M2mKeygen/RackValidator.html +0 -533
  102. data/docs/M2mKeygen/Signature.html +0 -680
  103. data/docs/M2mKeygen/Types.html +0 -147
  104. data/docs/M2mKeygen.html +0 -157
  105. data/docs/_index.html +0 -182
  106. data/docs/class_list.html +0 -51
  107. data/docs/css/common.css +0 -1
  108. data/docs/css/full_list.css +0 -58
  109. data/docs/css/style.css +0 -497
  110. data/docs/file.README.html +0 -230
  111. data/docs/file_list.html +0 -56
  112. data/docs/frames.html +0 -17
  113. data/docs/index.html +0 -230
  114. data/docs/js/app.js +0 -314
  115. data/docs/js/full_list.js +0 -216
  116. data/docs/js/jquery.js +0 -4
  117. data/docs/method_list.html +0 -139
  118. data/docs/top-level-namespace.html +0 -110
  119. data/lib/m2m_keygen/params_encoder.rb +0 -56
  120. data/package.json +0 -12
  121. data/sig/m2m_keygen.rbs +0 -4
  122. data/sorbet/rbi/gems/activesupport@7.0.3.1.rbi +0 -18608
  123. data/sorbet/rbi/gems/backport@1.2.0.rbi +0 -522
  124. data/sorbet/rbi/gems/bundler-audit@0.9.1.rbi +0 -308
  125. data/sorbet/rbi/gems/byebug@11.1.3.rbi +0 -3603
  126. data/sorbet/rbi/gems/childprocess@4.1.0.rbi +0 -401
  127. data/sorbet/rbi/gems/concurrent-ruby@1.1.10.rbi +0 -11581
  128. data/sorbet/rbi/gems/dotenv@2.8.1.rbi +0 -234
  129. data/sorbet/rbi/gems/e2mmap@0.1.0.rbi +0 -8
  130. data/sorbet/rbi/gems/haml@5.2.2.rbi +0 -3190
  131. data/sorbet/rbi/gems/jaro_winkler@1.5.4.rbi +0 -19
  132. data/sorbet/rbi/gems/kramdown-parser-gfm@1.1.0.rbi +0 -133
  133. data/sorbet/rbi/gems/kramdown@2.4.0.rbi +0 -3261
  134. data/sorbet/rbi/gems/listen@3.7.1.rbi +0 -1181
  135. data/sorbet/rbi/gems/minitest@5.16.3.rbi +0 -1459
  136. data/sorbet/rbi/gems/nokogiri@1.13.8.rbi +0 -6514
  137. data/sorbet/rbi/gems/parallel@1.22.1.rbi +0 -277
  138. data/sorbet/rbi/gems/parser@3.1.2.1.rbi +0 -6826
  139. data/sorbet/rbi/gems/prettier@3.2.0.rbi +0 -22
  140. data/sorbet/rbi/gems/prettier_print@0.1.0.rbi +0 -8
  141. data/sorbet/rbi/gems/pry-byebug@3.10.1.rbi +0 -1222
  142. data/sorbet/rbi/gems/rack@2.2.4.rbi +0 -5630
  143. data/sorbet/rbi/gems/rbi@0.0.15.rbi +0 -3007
  144. data/sorbet/rbi/gems/rbs@2.6.0.rbi +0 -8
  145. data/sorbet/rbi/gems/regexp_parser@2.5.0.rbi +0 -3366
  146. data/sorbet/rbi/gems/reverse_markdown@2.1.1.rbi +0 -389
  147. data/sorbet/rbi/gems/rspec-core@3.11.0.rbi +0 -10786
  148. data/sorbet/rbi/gems/rspec-expectations@3.11.0.rbi +0 -8170
  149. data/sorbet/rbi/gems/rspec-mocks@3.11.1.rbi +0 -5385
  150. data/sorbet/rbi/gems/rspec-support@3.11.0.rbi +0 -1746
  151. data/sorbet/rbi/gems/rspec@3.11.0.rbi +0 -187
  152. data/sorbet/rbi/gems/rspec_in_context@1.1.0.3.rbi +0 -1113
  153. data/sorbet/rbi/gems/rubocop-ast@1.21.0.rbi +0 -7044
  154. data/sorbet/rbi/gems/rubocop-faker@1.1.0.rbi +0 -106
  155. data/sorbet/rbi/gems/rubocop-performance@1.14.3.rbi +0 -2982
  156. data/sorbet/rbi/gems/rubocop-sorbet@0.6.11.rbi +0 -990
  157. data/sorbet/rbi/gems/rubocop@1.35.1.rbi +0 -52002
  158. data/sorbet/rbi/gems/ruby-progressbar@1.11.0.rbi +0 -1239
  159. data/sorbet/rbi/gems/simplecov-html@0.12.3.rbi +0 -219
  160. data/sorbet/rbi/gems/solargraph@0.46.0.rbi +0 -9075
  161. data/sorbet/rbi/gems/spoom@1.1.12.rbi +0 -2369
  162. data/sorbet/rbi/gems/syntax_tree-haml@1.3.1.rbi +0 -8
  163. data/sorbet/rbi/gems/syntax_tree-rbs@0.5.0.rbi +0 -8
  164. data/sorbet/rbi/gems/syntax_tree@3.5.0.rbi +0 -8
  165. data/sorbet/rbi/gems/tapioca@0.9.4.rbi +0 -2946
  166. data/sorbet/rbi/gems/temple@0.8.2.rbi +0 -1712
  167. data/sorbet/rbi/gems/tilt@2.0.11.rbi +0 -742
  168. data/sorbet/rbi/gems/tzinfo@2.0.5.rbi +0 -5914
  169. data/sorbet/rbi/gems/unicode-display_width@2.2.0.rbi +0 -48
  170. data/sorbet/rbi/gems/unparser@0.6.5.rbi +0 -4529
  171. data/sorbet/rbi/gems/webrick@1.7.0.rbi +0 -2553
  172. data/sorbet/rbi/gems/zeitwerk@2.6.0.rbi +0 -867
  173. data/sorbet/rbi/manual.rbi +0 -7
  174. data/yarn.lock +0 -20
@@ -1,230 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <meta charset="UTF-8">
5
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
6
- <title>
7
- File: README
8
-
9
- &mdash; Documentation by YARD 0.9.34
10
-
11
- </title>
12
-
13
- <link rel="stylesheet" href="css/style.css" type="text/css" />
14
-
15
- <link rel="stylesheet" href="css/common.css" type="text/css" />
16
-
17
- <script type="text/javascript">
18
- pathId = "README";
19
- relpath = '';
20
- </script>
21
-
22
-
23
- <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
24
-
25
- <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
26
-
27
-
28
- </head>
29
- <body>
30
- <div class="nav_wrap">
31
- <iframe id="nav" src="file_list.html?1"></iframe>
32
- <div id="resizer"></div>
33
- </div>
34
-
35
- <div id="main" tabindex="-1">
36
- <div id="header">
37
- <div id="menu">
38
-
39
- <a href="_index.html">Index</a> &raquo;
40
- <span class="title">File: README</span>
41
-
42
- </div>
43
-
44
- <div id="search">
45
-
46
- <a class="full_list_link" id="class_list_link"
47
- href="class_list.html">
48
-
49
- <svg width="24" height="24">
50
- <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
51
- <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
52
- <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
53
- </svg>
54
- </a>
55
-
56
- </div>
57
- <div class="clear"></div>
58
- </div>
59
-
60
- <div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
61
-
62
- <p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
63
-
64
- <h2 id="installation">Installation</h2>
65
-
66
- <p>Install the gem and add to the application’s Gemfile by executing:</p>
67
-
68
- <pre class="code ruby"><code class="ruby">$ bundle add m2m_keygen
69
- </code></pre>
70
-
71
- <p>If bundler is not being used to manage dependencies, install the gem by executing:</p>
72
-
73
- <pre class="code ruby"><code class="ruby">$ gem install m2m_keygen
74
- </code></pre>
75
-
76
- <h2 id="usage">Usage</h2>
77
-
78
- <h3 id="signature">Signature</h3>
79
-
80
- <p>This gem provides a module for signing and checking signature for HTTP requests</p>
81
-
82
- <h4 id="initialization">Initialization</h4>
83
-
84
- <p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
85
-
86
- <p>```ruby
87
- AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
88
-
89
- <p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # =&gt; Will default algorithm to sha512
90
- ```</p>
91
-
92
- <h4 id="signing">Signing</h4>
93
-
94
- <p>Use the <code>sign</code> method to generate a new signature.</p>
95
-
96
- <ul>
97
- <li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
98
- <li><code>verb</code> is the http verb</li>
99
- <li><code>path</code> is the path for the request</li>
100
- </ul>
101
-
102
- <p><code>ruby
103
- AuthSignature.sign(
104
- params: {
105
- "a" =&gt; "test",
106
- :b =&gt; 1,
107
- "d" =&gt; %w[a b],
108
- "c" =&gt; {
109
- "e" =&gt; 45
110
- }
111
- },
112
- verb: "get",
113
- path: "/path"
114
- ) # =&gt; "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
115
- </code></p>
116
-
117
- <p>After generating the signature send it alongside your request for verification on the receiver side.</p>
118
-
119
- <h4 id="verifying">Verifying</h4>
120
-
121
- <p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
122
-
123
- <ul>
124
- <li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
125
- <li><code>verb</code> is the http verb</li>
126
- <li><code>path</code> is the path for the request</li>
127
- <li><code>signature</code> is the received signature</li>
128
- </ul>
129
-
130
- <p><code>ruby
131
- AuthSignature.validate(
132
- params: {
133
- "a" =&gt; "test",
134
- :b =&gt; 1,
135
- "d" =&gt; %w[a b],
136
- "c" =&gt; {
137
- "e" =&gt; 45
138
- }
139
- },
140
- verb: "get",
141
- path: "/path",
142
- signature:
143
- "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
144
- ) #=&gt; true
145
- </code></p>
146
-
147
- <p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
148
-
149
- <h3 id="rackvalidator">RackValidator</h3>
150
-
151
- <p>This module is here for directly validate Rack requests.</p>
152
-
153
- <p>It will validate :</p>
154
-
155
- <ul>
156
- <li>Signature matching</li>
157
- <li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
158
- </ul>
159
-
160
- <h4 id="initialization-1">Initialization</h4>
161
-
162
- <p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
163
-
164
- <p><code>ruby
165
- RackSignatureValidator =
166
- M2mKeygen::RackValidator.new(
167
- "secret",
168
- algorithm: "sha512", # Default value
169
- header_name: "X-Signature" # Default value
170
- )
171
- </code></p>
172
-
173
- <h4 id="validation">Validation</h4>
174
-
175
- <p>You can then validate a Rack::Request or a Rails Request directly:</p>
176
-
177
- <p><code>ruby
178
- RackSignatureValidator.validate(request) # =&gt; true or false
179
- </code></p>
180
-
181
- <h2 id="how-does-it-works">How does it works</h2>
182
-
183
- <p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
184
-
185
- <p>Both server will have the same secret key.
186
- The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
187
- The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
188
-
189
- <p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
190
-
191
- <h2 id="development">Development</h2>
192
-
193
- <p>After checking out the repo, run <code>bin/setup</code> to install dependencies. Then, run <code>rake spec</code> to run the tests. You can also run <code>bin/console</code> for an interactive prompt that will allow you to experiment.</p>
194
-
195
- <p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
196
-
197
- <p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
198
-
199
- <p>Tool used in dev:</p>
200
-
201
- <ul>
202
- <li>Rubocop</li>
203
- <li>Prettier</li>
204
- <li>Yard</li>
205
- <li>Sorbet</li>
206
- <li>RSpec</li>
207
- </ul>
208
-
209
- <h2 id="contributing">Contributing</h2>
210
-
211
- <p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
212
-
213
- <h2 id="license">License</h2>
214
-
215
- <p>The gem is available as open source under the terms of the <a href="https://opensource.org/licenses/MIT">MIT License</a>.</p>
216
-
217
- <h2 id="code-of-conduct">Code of Conduct</h2>
218
-
219
- <p>Everyone interacting in the M2mKeygen project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
220
- </div></div>
221
-
222
- <div id="footer">
223
- Generated on Wed Oct 4 16:28:22 2023 by
224
- <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
225
- 0.9.34 (ruby-3.2.2).
226
- </div>
227
-
228
- </div>
229
- </body>
230
- </html>
data/docs/file_list.html DELETED
@@ -1,56 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
5
- <meta charset="utf-8" />
6
-
7
- <link rel="stylesheet" href="css/full_list.css" type="text/css" media="screen" />
8
-
9
- <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" />
10
-
11
-
12
-
13
- <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
14
-
15
- <script type="text/javascript" charset="utf-8" src="js/full_list.js"></script>
16
-
17
-
18
- <title>File List</title>
19
- <base id="base_target" target="_parent" />
20
- </head>
21
- <body>
22
- <div id="content">
23
- <div class="fixed_header">
24
- <h1 id="full_list_header">File List</h1>
25
- <div id="full_list_nav">
26
-
27
- <span><a target="_self" href="class_list.html">
28
- Classes
29
- </a></span>
30
-
31
- <span><a target="_self" href="method_list.html">
32
- Methods
33
- </a></span>
34
-
35
- <span><a target="_self" href="file_list.html">
36
- Files
37
- </a></span>
38
-
39
- </div>
40
-
41
- <div id="search">Search: <input type="text" /></div>
42
- </div>
43
-
44
- <ul id="full_list" class="file">
45
-
46
-
47
- <li id="object_README" class="odd">
48
- <div class="item"><span class="object_link"><a href="index.html" title="README">README</a></span></div>
49
- </li>
50
-
51
-
52
-
53
- </ul>
54
- </div>
55
- </body>
56
- </html>
data/docs/frames.html DELETED
@@ -1,17 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <meta charset="utf-8">
5
- <title>Documentation by YARD 0.9.34</title>
6
- </head>
7
- <script type="text/javascript">
8
- var match = unescape(window.location.hash).match(/^#!(.+)/);
9
- var name = match ? match[1] : 'index.html';
10
- name = name.replace(/^(\w+):\/\//, '').replace(/^\/\//, '');
11
- window.top.location = name;
12
- </script>
13
- <noscript>
14
- <h1>Oops!</h1>
15
- <h2>YARD requires JavaScript!</h2>
16
- </noscript>
17
- </html>
data/docs/index.html DELETED
@@ -1,230 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <meta charset="UTF-8">
5
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
6
- <title>
7
- File: README
8
-
9
- &mdash; Documentation by YARD 0.9.34
10
-
11
- </title>
12
-
13
- <link rel="stylesheet" href="css/style.css" type="text/css" />
14
-
15
- <link rel="stylesheet" href="css/common.css" type="text/css" />
16
-
17
- <script type="text/javascript">
18
- pathId = "README";
19
- relpath = '';
20
- </script>
21
-
22
-
23
- <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
24
-
25
- <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
26
-
27
-
28
- </head>
29
- <body>
30
- <div class="nav_wrap">
31
- <iframe id="nav" src="class_list.html?1"></iframe>
32
- <div id="resizer"></div>
33
- </div>
34
-
35
- <div id="main" tabindex="-1">
36
- <div id="header">
37
- <div id="menu">
38
-
39
- <a href="_index.html">Index</a> &raquo;
40
- <span class="title">File: README</span>
41
-
42
- </div>
43
-
44
- <div id="search">
45
-
46
- <a class="full_list_link" id="class_list_link"
47
- href="class_list.html">
48
-
49
- <svg width="24" height="24">
50
- <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
51
- <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
52
- <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
53
- </svg>
54
- </a>
55
-
56
- </div>
57
- <div class="clear"></div>
58
- </div>
59
-
60
- <div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
61
-
62
- <p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
63
-
64
- <h2 id="installation">Installation</h2>
65
-
66
- <p>Install the gem and add to the application’s Gemfile by executing:</p>
67
-
68
- <pre class="code ruby"><code class="ruby">$ bundle add m2m_keygen
69
- </code></pre>
70
-
71
- <p>If bundler is not being used to manage dependencies, install the gem by executing:</p>
72
-
73
- <pre class="code ruby"><code class="ruby">$ gem install m2m_keygen
74
- </code></pre>
75
-
76
- <h2 id="usage">Usage</h2>
77
-
78
- <h3 id="signature">Signature</h3>
79
-
80
- <p>This gem provides a module for signing and checking signature for HTTP requests</p>
81
-
82
- <h4 id="initialization">Initialization</h4>
83
-
84
- <p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
85
-
86
- <p>```ruby
87
- AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
88
-
89
- <p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # =&gt; Will default algorithm to sha512
90
- ```</p>
91
-
92
- <h4 id="signing">Signing</h4>
93
-
94
- <p>Use the <code>sign</code> method to generate a new signature.</p>
95
-
96
- <ul>
97
- <li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
98
- <li><code>verb</code> is the http verb</li>
99
- <li><code>path</code> is the path for the request</li>
100
- </ul>
101
-
102
- <p><code>ruby
103
- AuthSignature.sign(
104
- params: {
105
- "a" =&gt; "test",
106
- :b =&gt; 1,
107
- "d" =&gt; %w[a b],
108
- "c" =&gt; {
109
- "e" =&gt; 45
110
- }
111
- },
112
- verb: "get",
113
- path: "/path"
114
- ) # =&gt; "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
115
- </code></p>
116
-
117
- <p>After generating the signature send it alongside your request for verification on the receiver side.</p>
118
-
119
- <h4 id="verifying">Verifying</h4>
120
-
121
- <p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
122
-
123
- <ul>
124
- <li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
125
- <li><code>verb</code> is the http verb</li>
126
- <li><code>path</code> is the path for the request</li>
127
- <li><code>signature</code> is the received signature</li>
128
- </ul>
129
-
130
- <p><code>ruby
131
- AuthSignature.validate(
132
- params: {
133
- "a" =&gt; "test",
134
- :b =&gt; 1,
135
- "d" =&gt; %w[a b],
136
- "c" =&gt; {
137
- "e" =&gt; 45
138
- }
139
- },
140
- verb: "get",
141
- path: "/path",
142
- signature:
143
- "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
144
- ) #=&gt; true
145
- </code></p>
146
-
147
- <p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
148
-
149
- <h3 id="rackvalidator">RackValidator</h3>
150
-
151
- <p>This module is here for directly validate Rack requests.</p>
152
-
153
- <p>It will validate :</p>
154
-
155
- <ul>
156
- <li>Signature matching</li>
157
- <li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
158
- </ul>
159
-
160
- <h4 id="initialization-1">Initialization</h4>
161
-
162
- <p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
163
-
164
- <p><code>ruby
165
- RackSignatureValidator =
166
- M2mKeygen::RackValidator.new(
167
- "secret",
168
- algorithm: "sha512", # Default value
169
- header_name: "X-Signature" # Default value
170
- )
171
- </code></p>
172
-
173
- <h4 id="validation">Validation</h4>
174
-
175
- <p>You can then validate a Rack::Request or a Rails Request directly:</p>
176
-
177
- <p><code>ruby
178
- RackSignatureValidator.validate(request) # =&gt; true or false
179
- </code></p>
180
-
181
- <h2 id="how-does-it-works">How does it works</h2>
182
-
183
- <p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
184
-
185
- <p>Both server will have the same secret key.
186
- The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
187
- The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
188
-
189
- <p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
190
-
191
- <h2 id="development">Development</h2>
192
-
193
- <p>After checking out the repo, run <code>bin/setup</code> to install dependencies. Then, run <code>rake spec</code> to run the tests. You can also run <code>bin/console</code> for an interactive prompt that will allow you to experiment.</p>
194
-
195
- <p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
196
-
197
- <p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
198
-
199
- <p>Tool used in dev:</p>
200
-
201
- <ul>
202
- <li>Rubocop</li>
203
- <li>Prettier</li>
204
- <li>Yard</li>
205
- <li>Sorbet</li>
206
- <li>RSpec</li>
207
- </ul>
208
-
209
- <h2 id="contributing">Contributing</h2>
210
-
211
- <p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
212
-
213
- <h2 id="license">License</h2>
214
-
215
- <p>The gem is available as open source under the terms of the <a href="https://opensource.org/licenses/MIT">MIT License</a>.</p>
216
-
217
- <h2 id="code-of-conduct">Code of Conduct</h2>
218
-
219
- <p>Everyone interacting in the M2mKeygen project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
220
- </div></div>
221
-
222
- <div id="footer">
223
- Generated on Wed Oct 4 16:28:22 2023 by
224
- <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
225
- 0.9.34 (ruby-3.2.2).
226
- </div>
227
-
228
- </div>
229
- </body>
230
- </html>