moguera-authentication 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: fc3dfe649673b10bebc29e516c4ce648b1dd04e1
-  data.tar.gz: 790de69338563c94b9a52eacef08b7c1d60297c1
+  metadata.gz: 4a415434847e3c2da2b68fb069c7d8f16c809c12
+  data.tar.gz: e2e77493353453c4dfa7e75a6a5fbebdb8a1624e
 SHA512:
-  metadata.gz: c3c1a8c8013d6e34740591ca912bb9bbdb8d72089f846b882d9b9dff569a94f6660c82c222a8471b0d3cebffe865a8d7bedbf14862b426a991175d60b0602416
-  data.tar.gz: ecc22756a412c60b51b0885f4e2a12c6bd43ea065da697b5baa320b730c211c338aea75a88d525ccfd3927854767667809cdcc4c6728f34e39e8261bdf5d0275
+  metadata.gz: c84d5bb23da6f68959d0b287837933a707a518cc28da365f5f72ed9f50d7694fef8d1b86b7d956d95b9f3f2c1f96d21384163027a7732613daae72df8a3f8b67
+  data.tar.gz: 5a042e0029fe21897f1b7094dec81dbc9a12f355263a312476b79b23bc70161e342bbddd1055548f11bceaedc4c417899ef90c4a324f2d6887d184628d0dddc8

data/.travis.yml

@@ -1,6 +1,6 @@
 language: ruby
 rvm:
- - 2.1.5
+ - 2.1
 gemfile:
  - Gemfile
 script:

data/Gemfile

@@ -10,6 +10,7 @@ group :test do
   gem 'simplecov'
   gem 'simplecov-rcov'
   gem 'coveralls'
+  gem 'rack-test'
 end
 
 group :development do

data/README.md

@@ -5,6 +5,9 @@ Simple REST API Authentication.
 [![Build Status](https://travis-ci.org/moguera/moguera-authentication.svg)](https://travis-ci.org/moguera/moguera-authentication)
 [![Coverage Status](https://coveralls.io/repos/moguera/moguera-authentication/badge.png?branch=master)](https://coveralls.io/r/moguera/moguera-authentication?branch=master)
 
+## Requirements
+
+Ruby 2.1+
 
 ## Installation
 
@@ -48,45 +51,73 @@ Server check
 ## Usage
 
 ### Server
-sinatra sample
+A Rack middleware inserts a Moguera Authentication.
+
+example config.ru
 
 ```ruby
-require 'sinatra'
-require 'moguera/authentication'
+require 'rack/moguera_authentication'
+require 'server'
+require 'json'
+
+map '/' do
+  run Public
+end
+
+map '/login' do
+  # Add Rack::MogueraAuthentication somewhere in your rack stack
+  use Rack::MogueraAuthentication do |request_access_key|
+
+    # Search a secret_access_key by a request_access_key
+    # # example credential.json
+    # #=> {"user01":"secret"}
+    file = File.join(File.expand_path(File.dirname(__FILE__)),'credential.json')
+    user = JSON.parse(File.open(file, &:read))
+    user[key]
+  end
+  
+  run Private
+end
+```
+
+example server.rb
+
+```ruby
+require 'sinatra/base'
+
+class Public < Sinatra::Base
+  post '/hello' do
+    [200, {"Content-Type"=>"text/plain"}, ["Hello World!"]]
+  end
+end
 
-post '/login' do
-  begin
-    request_token = Moguera::Authentication.new(request.env['HTTP_AUTHORIZATION'])
-    user = request_token.authenticate! do |key|
-      key_to_secret = 'secret'
-
-      Moguera::Authentication::Request.new(
-        access_key: key,
-        secret_access_key: key_to_secret,
-        request_path: request.env['REQUEST_PATH'],
-        content_type: request.content_type,
-        http_date: request.env['HTTP_DATE'],
-        request_method: request.request_method
-      )
+class Private < Sinatra::Base
+  post '/hello' do
+    validate_user!
+    [200, {"Content-Type"=>"text/plain"}, ["Hello #{env['moguera.user'].access_key}!"]]
+  end
+
+  private
+
+  def validate_user!
+    if e = env['moguera.error']
+      $stderr.puts e.message
+      case e
+        when Moguera::Authentication::ParameterInvalid
+          halt 400, "400 Bad Request: #{e.message}\n"
+        when Moguera::Authentication::AuthenticationError
+          halt 401, "401 Unauthorized: #{e.message}\n"
+        else
+          halt 500, "500 Internal Server Error\n"
+      end
     end
-    return user.access_key
-  rescue Moguera::Authentication::ParameterInvalid => e
-    halt 400, "400 Bad Request: #{e.message}\n"
-  rescue Moguera::Authentication::AuthenticationError => e
-    params = %w(
-      token access_key secret_access_key http_date
-      request_method request_path content_type
-    )
-    msg = ["request_tooken: #{e.request_token}"]
-    msg << params.map {|k| "server_#{k}: #{e.server_request.send(k)}" }
-    logger.error msg * "\n"
-    halt 401, "401 Unauthorized: #{e.message}\n"
   end
 end
 ```
 
 ### Cilent
-rest-client sample
+
+example rest-client
 
 ```ruby
 require 'moguera/authentication'
@@ -99,18 +130,20 @@ url = ARGV[0]
 abort "Usage: ruby #{__FILE__} http://localhost:4567/login" unless url
 
 request_path = URI.parse(url).path
-request_method = 'POST'
+request_path = '/' if request_path.empty?
 http_date = Time.now.httpdate
 content_type = 'application/json'
 
-request = Moguera::Authentication::Request.new(
-    access_key: 'apikey',
+params = {
+    access_key: 'user01',
     secret_access_key: 'secret',
     request_path: request_path,
-    request_method: request_method,
-    http_date: http_date,
-    content_type: content_type
-)
+    request_method: 'POST',
+    content_type: content_type,
+    http_date: http_date
+}
+
+request = Moguera::Authentication::Request.new(params)
 
 headers = {
     Authorization: request.token,
@@ -118,17 +151,32 @@ headers = {
     Date: http_date
 }
 
-payload = { key: 'value' }.to_json
-
 begin
-  res = RestClient.post(url, payload, headers)
-  puts res.code
+  res = RestClient.post(url, {key:'value'}.to_json, headers)
   puts res.body
 rescue => e
-  abort e.response
+  puts e.message
 end
 ```
 
+### Quick Run
+
+server
+
+```
+$ rackup sample/config.ru
+```
+
+client
+
+```
+$ sample/client.rb http://localhost:9292/hello
+Hello World!
+
+$ sample/client.rb http://localhost:9292/login/hello
+Hello user01!
+```
+
 ## Contributing
 
 1. Fork it ( https://github.com/[my-github-username]/moguera-authentication/fork )

data/lib/moguera/authentication/version.rb

@@ -1,5 +1,5 @@
 module Moguera
   class Authentication
-    VERSION = "0.0.1"
+    VERSION = "0.1.0"
   end
 end

data/lib/rack/moguera_authentication.rb

@@ -0,0 +1,50 @@
+require 'moguera/authentication'
+
+module Rack
+  # A Rack middleware inserts a Moguera Authentication.
+  #
+  # @example config.ru
+  #   # Add Rack::MogueraAuthentication somewhere in your rack stack
+  #   use Rack::MogueraAuthentication do |request_access_key|
+  #
+  #     # Search a secret_access_key by a request_access_key
+  #     key_to_secret(request_access_key)
+  #   end
+  class MogueraAuthentication
+    def initialize(app, &block)
+      @app = app
+      @secret_block = block
+    end
+
+    def call(env)
+      begin
+        request_token = Moguera::Authentication.new(env['HTTP_AUTHORIZATION'])
+        user = request_token.authenticate! do |key|
+          secret = @secret_block.call(key)
+          params = build_parameter(key, secret, env)
+
+          Moguera::Authentication::Request.new(params)
+        end
+
+        env['moguera.user'] = user
+      rescue => e
+        env['moguera.error'] = e
+      end
+
+      @app.call(env)
+    end
+
+    private
+
+    def build_parameter(key, secret, env)
+      {
+          access_key: key,
+          secret_access_key: secret,
+          request_path: env['PATH_INFO'],
+          request_method: env['REQUEST_METHOD'],
+          content_type: env['CONTENT_TYPE'],
+          http_date: env['HTTP_DATE']
+      }
+    end
+  end
+end

data/moguera-authentication.gemspec

@@ -21,4 +21,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", "~> 1.7"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.1.0"
+  spec.add_development_dependency "rack", "~> 1.5"
 end

data/sample/client.rb

@@ -13,18 +13,20 @@ url = ARGV[0]
 abort "Usage: ruby #{__FILE__} http://localhost:4567/login" unless url
 
 request_path = URI.parse(url).path
-request_method = 'POST'
+request_path = '/' if request_path.empty?
 http_date = Time.now.httpdate
 content_type = 'application/json'
 
-request = Moguera::Authentication::Request.new(
-    access_key: 'apikey',
+params = {
+    access_key: 'user01',
     secret_access_key: 'secret',
     request_path: request_path,
-    request_method: request_method,
-    http_date: http_date,
-    content_type: content_type
-)
+    request_method: 'POST',
+    content_type: content_type,
+    http_date: http_date
+}
+
+request = Moguera::Authentication::Request.new(params)
 
 headers = {
     Authorization: request.token,
@@ -32,12 +34,9 @@ headers = {
     Date: http_date
 }
 
-payload = { key: 'value' }.to_json
-
 begin
-  res = RestClient.post(url, payload, headers)
-  puts res.code
+  res = RestClient.post(url, {key:'value'}.to_json, headers)
   puts res.body
 rescue => e
-  abort e.response
+  puts e.response
 end

data/sample/config.ru

@@ -0,0 +1,20 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), %w(.. lib)))
+
+require 'rack/moguera_authentication'
+require 'server'
+require 'json'
+
+map '/' do
+  run Public
+end
+
+map '/login' do
+  use Rack::MogueraAuthentication do |key|
+    file = File.join(File.expand_path(File.dirname(__FILE__)), 'credential.json')
+    user = JSON.parse(File.open(file, &:read))
+    user[key]
+  end
+
+  run Private
+end

data/sample/credential.json

@@ -0,0 +1,3 @@
+{
+  "user01": "secret"
+}

data/sample/server.rb

@@ -1,56 +1,30 @@
-#!/usr/bin/env ruby
-#
-$LOAD_PATH.unshift(File.dirname(__FILE__))
-$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), %w(.. lib)))
+require 'sinatra/base'
 
-require 'sinatra'
-require 'moguera/authentication'
-
-post '/login' do
-  begin
-    request_token = Moguera::Authentication.new(request.env['HTTP_AUTHORIZATION'])
-    user = request_token.authenticate! do |key|
-      key_to_secret = 'secret'
-
-      Moguera::Authentication::Request.new(
-        access_key: key,
-        secret_access_key: key_to_secret,
-        request_path: request.env['REQUEST_PATH'],
-        content_type: request.content_type,
-        http_date: request.env['HTTP_DATE'],
-        request_method: request.request_method
-      )
-    end
-    return user.access_key
-  rescue Moguera::Authentication::ParameterInvalid => e
-    halt 400, "400 Bad Request: #{e.message}\n"
-  rescue Moguera::Authentication::AuthenticationError => e
-    params = %w(
-      token access_key secret_access_key http_date
-      request_method request_path content_type
-    )
-    msg = ["request_tooken: #{e.request_token}"]
-    msg << params.map {|k| "server_#{k}: #{e.server_request.send(k)}" }
-    logger.error msg * "\n"
-    halt 401, "401 Unauthorized: #{e.message}\n"
+class Public < Sinatra::Base
+  post '/hello' do
+    [200, {"Content-Type"=>"text/plain"}, ["Hello World!"]]
   end
 end
 
-post '/login2' do
-    request_token = Moguera::Authentication.new(request.env['HTTP_AUTHORIZATION'])
-    user = request_token.authenticate do |key|
-      key_to_secret = 'secret'
+class Private < Sinatra::Base
+  post '/hello' do
+    validate_user!
+    [200, {"Content-Type"=>"text/plain"}, ["Hello #{env['moguera.user'].access_key}!"]]
+  end
 
-      Moguera::Authentication::Request.new(
-        access_key: key,
-        secret_access_key: key_to_secret,
-        request_path: request.env['REQUEST_PATH'],
-        content_type: request.content_type,
-        http_date: request.env['HTTP_DATE'],
-        request_method: request.request_method
-      )
-    end
+  private
 
-    halt 401, "401 Unauthorized" unless user
-    return user.access_key
+  def validate_user!
+    if e = env['moguera.error']
+      $stderr.puts e.message
+      case e
+        when Moguera::Authentication::ParameterInvalid
+          halt 400, "400 Bad Request: #{e.message}\n"
+        when Moguera::Authentication::AuthenticationError
+          halt 401, "401 Unauthorized: #{e.message}\n"
+        else
+          halt 500, "500 Internal Server Error\n"
+      end
+    end
+  end
 end

data/spec/rack/moguera_authentication_spec.rb

@@ -0,0 +1,70 @@
+require 'spec_helper'
+
+describe Rack::MogueraAuthentication do
+  include_context "prepare_auth"
+
+  include TestApplicationHelper
+  include Rack::Test::Methods
+
+  let(:test_app) { TestApplicationHelper::TestApplication.new }
+  let(:header) {
+    {
+        'HTTP_AUTHORIZATION' => request_token,
+        'CONTENT_TYPE' => content_type,
+        'HTTP_DATE' => http_date
+    }
+  }
+
+  describe "POST /path" do
+    let(:app) { Rack::MogueraAuthentication.new(test_app) { 'secret' } }
+
+    it 'should be return 200 OK' do
+      post request_path, {}, header
+
+      expect(last_response.status).to eq 200
+      expect(last_response.body).to eq 'test'
+
+      expect(last_request.env['moguera.user'].token).to eq request_token
+      expect(last_request.env['moguera.user'].token_prefix).to eq 'MOGUERA'
+      expect(last_request.env['moguera.user'].access_key).to eq access_key
+      expect(last_request.env['moguera.user'].secret_access_key).to eq secret_access_key
+      expect(last_request.env['moguera.user'].http_date).to eq http_date
+      expect(last_request.env['moguera.user'].request_method).to eq request_method
+      expect(last_request.env['moguera.user'].request_path).to eq request_path
+      expect(last_request.env['moguera.user'].content_type).to eq content_type
+
+    end
+
+    describe 'Invalid secret_access_key' do
+      let(:app) { Rack::MogueraAuthentication.new(test_app) { 'invalid' } }
+
+      it "should be exists AuthenticationError in env['moguera.error']" do
+        post request_path, {}, header
+
+        expect(last_response.status).to eq 200
+        expect(last_response.body).to eq 'test'
+
+        expect(last_request.env['moguera.error'].class).to eq Moguera::Authentication::AuthenticationError
+        expect(last_request.env['moguera.error'].message).to eq 'Mismatch token.'
+        expect(last_request.env['moguera.error'].request_token).to eq request_token
+        expect(last_request.env['moguera.error'].server_request.access_key).to eq access_key
+        expect(last_request.env['moguera.error'].server_request.secret_access_key).to eq 'invalid'
+      end
+    end
+
+    describe 'Invalid header parameter' do
+      let(:app) { Rack::MogueraAuthentication.new(test_app) { 'invalid' } }
+
+      it "should be exists ParameterInvalid in env['moguera.error']" do
+        header.delete('HTTP_DATE')
+        post request_path, {}, header
+
+        expect(last_response.status).to eq 200
+        expect(last_response.body).to eq 'test'
+
+        expect(last_request.env['moguera.error'].class).to eq Moguera::Authentication::ParameterInvalid
+        expect(last_request.env['moguera.error'].message).to eq 'Missing: Date Header'
+      end
+    end
+  end
+end

data/spec/shared_context.rb

@@ -1,7 +1,7 @@
 RSpec.shared_context 'prepare_auth' do
   let(:access_key) { 'apikey' }
   let(:secret_access_key) { 'secret' }
-  let(:request_path) { 'path' }
+  let(:request_path) { '/path' }
   let(:request_method) { 'POST' }
   let(:content_type) { 'application/json' }
   let(:now) { Timecop.freeze(Time.now) }

data/spec/spec_helper.rb

@@ -11,30 +11,16 @@ SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
 ]
 SimpleCov.start { add_filter 'spec' }
 
-RSpec.configure do |config|
+require 'rack/moguera_authentication'
+require 'moguera/authentication'
+require 'shared_context'
 
-  # Captures the output for analysis later
-  #
-  # @example Capture `$stderr`
-  #
-  # output = capture(:stderr) { $stderr.puts "this is captured" }
-  #
-  # @param [Symbol] stream `:stdout` or `:stderr`
-  # @yield The block to capture stdout/stderr for.
-  # @return [String] The contents of $stdout or $stderr
-  def capture(stream)
-    begin
-      stream = stream.to_s
-      eval "$#{stream} = StringIO.new"
-      yield
-      result = eval("$#{stream}").string
-    ensure
-      eval("$#{stream} = #{stream.upcase}")
-    end
+module TestApplicationHelper
+  extend self
 
-    result
+  class TestApplication
+    def call(env)
+      [200, {"Content-Type" => "text/plain"}, ["test"]]
+    end
   end
 end
-
-require 'moguera/authentication'
-require 'shared_context'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: moguera-authentication
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - hiro-su
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-23 00:00:00.000000000 Z
+date: 2014-11-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,6 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 3.1.0
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
 description: Simple REST API Authentication.
 email:
 - h.sugipon@gmail.com
@@ -71,11 +85,15 @@ files:
 - lib/moguera/authentication/exception.rb
 - lib/moguera/authentication/request.rb
 - lib/moguera/authentication/version.rb
+- lib/rack/moguera_authentication.rb
 - moguera-authentication.gemspec
 - sample/client.rb
+- sample/config.ru
+- sample/credential.json
 - sample/server.rb
+- spec/authentication/authentication_spec.rb
 - spec/authentication/request_spec.rb
-- spec/authentication_spec.rb
+- spec/rack/moguera_authentication_spec.rb
 - spec/shared_context.rb
 - spec/spec_helper.rb
 homepage: https://github.com/moguera/moguera-authentication
@@ -103,7 +121,8 @@ signing_key:
 specification_version: 4
 summary: Simple REST API Authentication.
 test_files:
+- spec/authentication/authentication_spec.rb
 - spec/authentication/request_spec.rb
-- spec/authentication_spec.rb
+- spec/rack/moguera_authentication_spec.rb
 - spec/shared_context.rb
 - spec/spec_helper.rb