RubyGems - micro_service-signed_request-utils - Versions diffs - 0.0.1 - Mend

micro_service-signed_request-utils 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +7 -0
data/.gitignore +9 -0
data/.rspec +2 -0
data/.travis.yml +9 -0
data/Gemfile +4 -0
data/README.md +50 -0
data/Rakefile +6 -0
data/bin/console +14 -0
data/bin/setup +8 -0
data/lib/micro_service/signed_request/utils.rb +86 -0
data/lib/micro_service/signed_request/utils/version.rb +7 -0
data/micro_service-signed_request-utils.gemspec +27 -0
metadata +111 -0

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 36caeceb65c31ee0762b8456ccbf3ad0d14437ed
+  data.tar.gz: c504135e8a5c0e3cb303073486ab7ff2eb7f1c25
+SHA512:
+  metadata.gz: b939695c792771c96f7b65d28ecb0caf3ed72695ffbb9578927a8b0d4a22996721f8285742da15b2170bbef18424255de7762748bed7b6f4ff7f2f1a0f3fce53
+  data.tar.gz: a84e74e1eb026e22d461bf2b18154dd8bef7efabb23a80b1a1c4099d3384374862cf6822abcfce8de9db7e03b2f1ffe0ab04c7f48d4a56446dc481acfaf730f4

data/.gitignore ADDED

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec ADDED

	@@ -0,0 +1,2 @@
1	+ --format documentation
2	+ --color

data/.travis.yml ADDED

@@ -0,0 +1,9 @@
+language: ruby
+rvm:
+  - 2.2.0
+  - 2.1.1
+  - 2.0.0
+  - 1.9.3
+before_install: gem install bundler -v 1.11.2
+script:
+  - bundle exec rspec

data/Gemfile ADDED

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in micro_service-signed_request-utils.gemspec
+gemspec

data/README.md ADDED

@@ -0,0 +1,50 @@
+[![Gem Version](https://badge.fury.io/rb/micro_service-signed_request-utils.svg)](http://badge.fury.io/rb/micro_service-signed_request-utils)
+[![Build Status](https://travis-ci.org/butchmarshall/micro_service-signed_request-utils.svg?branch=master)](https://travis-ci.org/butchmarshall/micro_service-signed_request-utils)
+# MicroService::SignedRequest::Utils
+Utility functions to sign and validate signed request headers
+## Installation
+Add this line to your application's Gemfile:
+```ruby
+gem 'micro_service-signed_request-utils'
+```
+And then execute:
+    $ bundle
+Or install it yourself as:
+    $ gem install micro_service-signed_request-utils
+## Usage
+To check if an authentication header is valid
+```ruby
+require 'micro_service/signed_request/utils'
+MicroService::SignedRequest::Utils.authenticate("SignedRequest algorithm=...", "8bd2952b851747e8f2c937b340fed6e1.s")
+```
+To create a signature (not really useful except for unit testing)
+```ruby
+require 'micro_service/signed_request/utils'
+timestamp = Time.now.to_i*1000
+str = "algorithm=HmacSHA256&client_id=682a638ba74a4ff5fa6afa344b163e03.i&url=https%3A%2F%asdf%3A8443&tenant_id=b22e3911-28ef-480c-ae3b-ca791ba86952&timestamp=#{timestamp}";
+secret = "8bd2952b851747e8f2c937b340fed6e1.s";
+algorithm = "sha256";
+MicroService::SignedRequest::Utils.sign(str, secret, algorithm)
+```
+## Contributing
+Bug reports and pull requests are welcome on GitHub at https://github.com/butchmarshall/micro_service-signed_request-utils.

data/Rakefile ADDED

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec

data/bin/console ADDED

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+require "bundler/setup"
+require "micro_service/signed_request/utils"
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+require "irb"
+IRB.start

data/bin/setup ADDED

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+bundle install
+# Do any other automated setup that you need to do here

data/lib/micro_service/signed_request/utils.rb ADDED

@@ -0,0 +1,86 @@
+require "micro_service/signed_request/utils/version"
+require "base64"
+require "openssl"
+require "cgi"
+require "cgi/query_string"
+require "time"
+module MicroService # :nodoc:
+	module SignedRequest # :nodoc:
+		module Utils # :nodoc:
+			module_function
+			# Sign a string with a secret
+			#
+			# Sign a string with a secret and get the signature
+			#
+			# * *Args*    :
+			#   - +string+ -> the string to sign
+			#   - +secret+ -> the secret to use
+			# * *Returns* :
+			#   - the signature
+			# * *Raises* :
+			#   - +ArgumentError+ -> if no algorithm passed and algorithm could not be derived from the string
+			#
+			def sign(string, secret, algorithm = nil)
+				plain = ::Base64.decode64(secret.gsub(/\.s$/,''))
+				# if no override algorithm passed try and extract from string
+				if algorithm.nil?
+					paramMap = ::CGI.parse string
+					if !paramMap.has_key?("algorithm")
+						raise ArgumentError, "missing algorithm"
+					end
+					algorithm = paramMap["algorithm"].first.gsub(/^hmac/i,'')
+				end
+				hmac = ::OpenSSL::HMAC.digest(algorithm, plain, string)
+				Base64::encode64(hmac).gsub(/\n$/,'')
+			end
+			# Validates an authorization header
+			#
+			# Validates that an authorization header sent by a signed request microservice
+			#
+			# * *Args*    :
+			#   - +authorization_header+ -> the entire Authorization header sent
+			#   - +client_secret+ -> the client secret to authenticate the header with
+			# * *Returns* :
+			#   - the signature
+			# * *Raises* :
+			#   - +ArgumentError+ -> if the authorization_header does not contain header_prefix
+			#   - +ArgumentError+ -> if the heauthorization_header does not contain all the required parameters
+			#   - +ArgumentError+ -> if the heauthorization_header has expired (more than 5 minutes old)
+			#
+			def validate(authorization_header, client_secret, header_prefix = "SignedRequest")
+				# Validate header_prefix part of header
+				if !authorization_header.match(/^#{header_prefix}/)
+					raise ArgumentError, "authorization header is not properly formatted, must start with #{header_prefix}"
+				end
+				paramMap = ::CGI.parse authorization_header.gsub(/^#{header_prefix}\s/,'')
+				# Validate all parameters are passed from header
+				if !paramMap.has_key?("algorithm") ||
+					!paramMap.has_key?("client_id") ||
+					!paramMap.has_key?("service_url") ||
+					!paramMap.has_key?("timestamp") ||
+					!paramMap.has_key?("signature")
+					raise ArgumentError, "authorization header is partial"
+				end
+				# Validate timestamp is still valid
+				timestamp = Time.at(paramMap["timestamp"].first.to_i/1000)
+				secondsPassed = Time.now - timestamp
+				if secondsPassed < 0 || secondsPassed > (5*60)
+					raise ArgumentError, "authorization is rejected since it's #{ secondsPassed } seconds old (max. allowed is 5 minutes)"
+				end
+				self.sign(authorization_header.gsub(/^#{header_prefix}\s/,'').gsub(/\&signature[^$]+/,''), client_secret) === paramMap["signature"].first
+			end
+		end
+	end
+end

data/lib/micro_service/signed_request/utils/version.rb ADDED

@@ -0,0 +1,7 @@
+module MicroService
+	module SignedRequest
+		module Utils
+			VERSION = "0.0.1"
+		end
+	end
+end

data/micro_service-signed_request-utils.gemspec ADDED

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'micro_service/signed_request/utils/version'
+Gem::Specification.new do |spec|
+	spec.name          = "micro_service-signed_request-utils"
+	spec.version       = MicroService::SignedRequest::Utils::VERSION
+	spec.authors       = ["Butch Marshall"]
+	spec.email         = ["butch.a.marshall@gmail.com"]
+	spec.summary       = "Utility functions for handling signed requests in the Microservice gem"
+	spec.description   = "Utility functions for handling signed requests in the Microservice gem"
+	spec.homepage      = "https://github.com/butchmarshall/ruby-microservice-signed_request-utils"
+	spec.license       = "MIT"
+	spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+	spec.bindir        = "exe"
+	spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+	spec.require_paths = ["lib"]
+	spec.add_dependency "cgi-query_string", "~> 0.1.0"
+	spec.add_development_dependency "bundler", ">= 1"
+	spec.add_development_dependency "rake", "~> 10.0"
+	spec.add_development_dependency "rspec"
+end

metadata ADDED

@@ -0,0 +1,111 @@
+--- !ruby/object:Gem::Specification
+name: micro_service-signed_request-utils
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Butch Marshall
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2016-04-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: cgi-query_string
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Utility functions for handling signed requests in the Microservice gem
+email:
+- butch.a.marshall@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/micro_service/signed_request/utils.rb
+- lib/micro_service/signed_request/utils/version.rb
+- micro_service-signed_request-utils.gemspec
+homepage: https://github.com/butchmarshall/ruby-microservice-signed_request-utils
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.6
+signing_key:
+specification_version: 4
+summary: Utility functions for handling signed requests in the Microservice gem
+test_files: []