mach 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +3 -0
- data/examples/client.rb +89 -13
- data/examples/validating_server.ru +0 -1
- data/lib/mach/configuration.rb +11 -1
- data/lib/mach/validation/request_validator.rb +10 -0
- data/lib/mach/version.rb +1 -1
- metadata +6 -9
data/.gitignore
CHANGED
data/examples/client.rb
CHANGED
@@ -1,36 +1,112 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
require 'bundler/setup'
|
3
3
|
require 'mach'
|
4
|
-
require 'base64'
|
5
4
|
require 'multi_json'
|
5
|
+
require 'optparse'
|
6
|
+
require 'date'
|
6
7
|
|
7
|
-
def
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
8
|
+
def credentials
|
9
|
+
@credentials ||= (
|
10
|
+
env_credentials ||
|
11
|
+
lambda {
|
12
|
+
connection = Faraday.new(:url => creds_server) do |c|
|
13
|
+
c.adapter Faraday.default_adapter
|
14
|
+
end
|
15
|
+
credentials_response = connection.post { |req| req.url "/credentials" } # first request is to store the client delta
|
16
|
+
MultiJson.decode(credentials_response.body)
|
17
|
+
}.call
|
18
|
+
).tap { |credentials| puts "Using credentials: #{credentials.inspect}" }
|
19
|
+
end
|
20
|
+
|
21
|
+
def env_credentials
|
22
|
+
@env_credentials ||= ENV['CREDENTIALS'] && Hash[%w{id secret}.zip(ENV['CREDENTIALS'].split(":"))]
|
23
|
+
end
|
24
|
+
|
25
|
+
def creds_server
|
26
|
+
@creds_server ||= ENV['CREDS_SERVER'] || "http://localhost:9090"
|
27
|
+
end
|
28
|
+
|
29
|
+
def validating_server
|
30
|
+
@validating_server ||= ENV['VALIDATING_SERVER'] || "http://localhost:9494"
|
31
|
+
end
|
32
|
+
|
33
|
+
def env_resource
|
34
|
+
@env_resource ||= ENV['RESOURCE'] || '/'
|
13
35
|
end
|
14
36
|
|
15
37
|
def make_request(id, secret)
|
16
38
|
#make a request using those credentials
|
17
|
-
connection = Faraday.new(:url =>
|
39
|
+
connection = Faraday.new(:url => validating_server) do |c|
|
18
40
|
c.request :hmac_authentication, id, secret
|
19
41
|
c.adapter Faraday.default_adapter
|
20
42
|
end
|
21
|
-
res = connection.get { |req| req.url
|
43
|
+
res = connection.get { |req| req.url env_resource }
|
22
44
|
[res.status, res.body]
|
23
45
|
end
|
24
46
|
|
25
47
|
def make_valid_request
|
26
|
-
credentials = get_credentials
|
27
48
|
make_request(credentials["id"], credentials["secret"])
|
28
49
|
end
|
29
50
|
|
30
51
|
def make_invalid_request
|
31
|
-
credentials = get_credentials
|
32
52
|
make_request(credentials["id"], "XXX")
|
33
53
|
end
|
34
54
|
|
35
|
-
|
36
|
-
|
55
|
+
def make_request_with_given_credentials(url, id, secret)
|
56
|
+
connection = Faraday.new(:url => url) do |c|
|
57
|
+
c.request :hmac_authentication, id, secret
|
58
|
+
c.adapter Faraday.default_adapter
|
59
|
+
end
|
60
|
+
res = connection.get
|
61
|
+
p [res.status, res.body]
|
62
|
+
[res.status, res.body]
|
63
|
+
end
|
64
|
+
|
65
|
+
options = {:id => "x", :secret => "y"}
|
66
|
+
#options = {:id => "GnW4HUDf1zJ8YFcJbSQYm6sgDmzKVbuY", :secret => "Yi1z+//6qfsa6FXvPRraRc4YjPhfopLaq1O0U2x8ZyU="}
|
67
|
+
options = {:id => "qsa96BTnxLCQB8JcML1QxW4LKswGyiY7", :secret => 'zcXzUmZmqLifHVtXmgo8ro13ZfN1ZpN1zRhez+sYh+c='}
|
68
|
+
options = {:id => "test_id", :secret => 'secret'}
|
69
|
+
|
70
|
+
opt_parser = OptionParser.new do |opt|
|
71
|
+
opt.banner = "Usage: client [OPTIONS]"
|
72
|
+
opt.separator ""
|
73
|
+
opt.separator "Options"
|
74
|
+
|
75
|
+
opt.on("-i ID", "--id ID", String, "the mac id") do |id|
|
76
|
+
options[:id] = id
|
77
|
+
end
|
78
|
+
|
79
|
+
opt.on("-d SECRET","--secret SECRET", String, "the mac secret") do |secret|
|
80
|
+
options[:secret] = secret
|
81
|
+
end
|
82
|
+
|
83
|
+
opt.on("-u URL","--url URL", String, "the url to hit") do |url|
|
84
|
+
options[:url] = url
|
85
|
+
end
|
86
|
+
|
87
|
+
opt.on("-g", "--good", "a valid request getting credentials from the credential store") do
|
88
|
+
options[:good] = true
|
89
|
+
end
|
90
|
+
|
91
|
+
opt.on("-b", "--bad", "an invalid request getting credentials from the credential store") do
|
92
|
+
options[:bad] = true
|
93
|
+
end
|
94
|
+
|
95
|
+
opt.on_tail("-h","--help","help") do
|
96
|
+
puts opt_parser
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
opt_parser.parse!
|
101
|
+
|
102
|
+
if options[:good]
|
103
|
+
p make_valid_request
|
104
|
+
elsif options[:bad]
|
105
|
+
p make_invalid_request
|
106
|
+
else
|
107
|
+
raise "You need to supply an id and a secret" unless options[:id] && options[:secret]
|
108
|
+
raise "You need to supply a url to hit" unless options[:url]
|
109
|
+
options[:secret] = Base64.strict_encode64(options[:secret])
|
110
|
+
p options
|
111
|
+
make_request_with_given_credentials(options[:url], options[:id], options[:secret])
|
112
|
+
end
|
data/lib/mach/configuration.rb
CHANGED
@@ -5,12 +5,14 @@ require 'base64'
|
|
5
5
|
module Mach
|
6
6
|
class Configuration
|
7
7
|
|
8
|
-
attr_reader :credential_store, :data_store, :stale_request_window
|
8
|
+
attr_reader :credential_store, :data_store, :stale_request_window, :ignore_validation_failure, :logger
|
9
9
|
|
10
10
|
def initialize
|
11
11
|
@stale_request_window = 10
|
12
12
|
@data_store = Mach::Persistence::InMemoryStore.configure({})
|
13
13
|
@credential_store = Hash.new
|
14
|
+
@ignore_validation_failure = false
|
15
|
+
@logger = Logger.new(STDOUT)
|
14
16
|
end
|
15
17
|
|
16
18
|
def with_credential_store(store, options = {})
|
@@ -30,6 +32,14 @@ module Mach
|
|
30
32
|
@stale_request_window = num_seconds
|
31
33
|
end
|
32
34
|
|
35
|
+
def with_logger(logger)
|
36
|
+
@logger = logger
|
37
|
+
end
|
38
|
+
|
39
|
+
def ignore_validation_failure!
|
40
|
+
@ignore_validation_failure = true
|
41
|
+
end
|
42
|
+
|
33
43
|
private
|
34
44
|
def camelize(string)
|
35
45
|
string.split(/[^a-z0-9]/i).map{|w| w.capitalize}.join
|
@@ -16,8 +16,18 @@ module Mach
|
|
16
16
|
Mach::Validation::SignatureValidator.valid?(hmac_request)
|
17
17
|
#need to make sure we store the nonce
|
18
18
|
Nonce.persist(hmac_request.mac_id, hmac_request.mac_nonce, hmac_request.mac_timestamp.to_i) if valid
|
19
|
+
|
20
|
+
logger.warn("WARNING: Request Validation failed") unless valid
|
21
|
+
if !valid && Mach.configuration.ignore_validation_failure
|
22
|
+
logger.warn("WARNING: Ignoring Request Validation failure, Are you sure you want to do it?")
|
23
|
+
return true
|
24
|
+
end
|
19
25
|
valid
|
20
26
|
end
|
27
|
+
|
28
|
+
def logger
|
29
|
+
Mach.config.logger
|
30
|
+
end
|
21
31
|
end
|
22
32
|
end
|
23
33
|
end
|
data/lib/mach/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mach
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-
|
12
|
+
date: 2012-09-07 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: faraday
|
@@ -179,22 +179,19 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
179
179
|
- - ! '>='
|
180
180
|
- !ruby/object:Gem::Version
|
181
181
|
version: '0'
|
182
|
-
segments:
|
183
|
-
- 0
|
184
|
-
hash: 1737604513296395942
|
185
182
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
186
183
|
none: false
|
187
184
|
requirements:
|
188
185
|
- - ! '>='
|
189
186
|
- !ruby/object:Gem::Version
|
190
187
|
version: '0'
|
191
|
-
segments:
|
192
|
-
- 0
|
193
|
-
hash: 1737604513296395942
|
194
188
|
requirements: []
|
195
189
|
rubyforge_project: mach
|
196
190
|
rubygems_version: 1.8.24
|
197
191
|
signing_key:
|
198
192
|
specification_version: 3
|
199
193
|
summary: HMAC authentication stuff
|
200
|
-
test_files:
|
194
|
+
test_files:
|
195
|
+
- spec/normalized_string_spec.rb
|
196
|
+
- spec/signature_spec.rb
|
197
|
+
- spec/spec_helper.rb
|