monk-id 1.0.0

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.yardopts

@@ -0,0 +1 @@
+lib/**/*.rb

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in monk-id.gemspec
+gemspec

data/README.md

@@ -0,0 +1,40 @@
+Monk ID Ruby
+============
+
+Full API docs: http://monkdev.github.io/monk-id-ruby/Monk/Id.html
+
+Add to your `Gemfile`:
+
+```ruby
+gem 'monk-id', :github => 'MonkDev/monk-id-ruby', :branch => 'next'
+```
+
+For Rails and Sinatra, copy `config/monk_id.sample.yml` in this repository to
+`config/monkid.yml` in your app. This will be loaded automatically. All other
+apps need to load their config explicitly:
+
+```ruby
+Monk::Id.load_config('/path/to/monk_id.yml', 'development')
+```
+
+Next, load the payload:
+
+```ruby
+Monk::Id.load_payload(params[:monk_id_payload])
+```
+
+Or, if using the `cookie` option, simply pass in a hash-like cookies object:
+
+```ruby
+Monk::Id.load_payload(cookies)
+```
+
+Then you can access the user's ID and email:
+
+```ruby
+Monk::Id.user_id
+Monk::Id.user_email
+```
+
+`nil` is returned if the user isn't signed in or the payload can't be decoded
+and verified.

data/Rakefile

@@ -0,0 +1 @@
+require 'bundler/gem_tasks'

data/config/monk_id.sample.yml

@@ -0,0 +1,11 @@
+development:
+  app_id: YOUR_APP_ID
+  app_secret: YOUR_APP_SECRET
+
+staging:
+  app_id: YOUR_APP_ID
+  app_secret: YOUR_APP_SECRET
+
+production:
+  app_id: YOUR_APP_ID
+  app_secret: YOUR_APP_SECRET

data/lib/monk/id.rb

@@ -0,0 +1,186 @@
+require 'base64'
+require 'json'
+require 'openssl'
+require 'yaml'
+
+# Global Monk namespace.
+module Monk
+  # Integrate Monk ID on the server-side by accessing payloads from the
+  # client-side JavaScript.
+  #
+  # @author Monk Development, Inc.
+  module Id
+    # Expected path of config file in Rails and Sinatra relative to the app's
+    # root directory.
+    CONFIG_FILE = 'config/monk_id.yml'.freeze
+
+    # Name of the cookie that (optionally) stores the payload.
+    COOKIE_NAME = '_monkIdPayload'.freeze
+
+    class << self
+      # Load a YAML config file for a specific environment. Rails and Sinatra
+      # apps don't need to call this method if the config file is stored at
+      # {CONFIG_FILE}, as it's loaded automatically.
+      #
+      # @param  path [String] Path of YAML config file to load. Leave `nil` to
+      #         read from environment's `MONK_ID_CONFIG` value.
+      # @param  environment [String] Environment section to use. Leave `nil` to
+      #         read from environment's `MONK_ID_ENV` value. Defaults to
+      #         `development`.
+      # @raise  [StandardError] If the file doesn't exist or can't be read.
+      # @return [Hash<String>] Loaded config values.
+      def load_config(path = nil, environment = nil)
+        if defined? Rails
+          path ||= File.join(Rails.root, CONFIG_FILE)
+          environment ||= Rails.env
+        elsif defined? Sinatra
+          path ||= File.join(Sinatra::Application.settings.root, CONFIG_FILE)
+          environment ||= Sinatra::Application.settings.environment.to_s
+        else
+          path ||= ENV['MONK_ID_CONFIG']
+          environment ||= ENV['MONK_ID_ENV'] || 'development'
+        end
+
+        config = YAML.load_file(path)[environment]
+
+        verify_config(config)
+
+        @@config = config
+      end
+
+      # Get a config value. Attempts to load the config if it hasn't already
+      # been loaded.
+      #
+      # @param  key [String] Name of config value.
+      # @raise  [StandardError] If the config can't be loaded.
+      # @return [*] Config value.
+      def config(key)
+        load_config unless @@config
+
+        @@config[key]
+      end
+
+      # Load a payload from the client-side.
+      #
+      # @param  encoded_payload [String, #[]] Encoded payload or Hash-like
+      #         cookies object to automatically load the payload from.
+      # @return [Hash<Symbol>] Decoded and verified payload. Empty if there's no
+      #         payload or it fails verification.
+      def load_payload(encoded_payload = nil)
+        if encoded_payload.is_a? String
+          payload = encoded_payload
+        elsif encoded_payload.respond_to? :[]
+          payload = encoded_payload[COOKIE_NAME]
+        end
+
+        return @@payload = {} unless payload
+
+        begin
+          payload = decode_payload(payload)
+          verified = verify_payload(payload)
+        rescue
+          verified = false
+        end
+
+        @@payload = verified ? payload : {}
+      end
+
+      # Get the signed in user's UUID.
+      #
+      # @return [String] If signed in user.
+      # @return [nil] If no signed in user.
+      def user_id
+        payload_user :id
+      end
+
+      # Get the signed in user's email address.
+      #
+      # @return [String] If signed in user.
+      # @return [nil] If no signed in user.
+      def user_email
+        payload_user :email
+      end
+
+      # Check whether there's a signed in user.
+      #
+      # @return [Boolean] Whether there's a signed in user.
+      def signed_in?
+        !!user_id
+      end
+
+    protected
+
+      # Loaded config values.
+      @@config = nil
+
+      # Loaded payload.
+      @@payload = nil
+
+      # Verify that a config has all the required values.
+      #
+      # @param  config [Hash<String>] Config values.
+      # @raise  [RuntimeError] If invalid.
+      # @return [true] If valid.
+      def verify_config(config)
+        raise 'no config loaded' unless config
+        raise 'no `app_id` config value' unless config['app_id']
+        raise 'no `app_secret` config value' unless config['app_secret']
+
+        true
+      end
+
+      # Decode a payload from the client-side.
+      #
+      # @param  encoded_payload [String] Encoded payload.
+      # @raise  [JSON::ParserError] If invalid JSON.
+      # @return [Hash<Symbol>] Decoded payload.
+      def decode_payload(encoded_payload)
+        JSON.parse(Base64.decode64(encoded_payload), :symbolize_names => true)
+      end
+
+      # Generate the expected signature of a payload using the app's secret.
+      #
+      # @param  payload [Hash<Symbol>] Decoded payload.
+      # @return [String] Expected signature of the payload.
+      def expected_signature(payload)
+        payload_clone = payload.clone
+        payload_clone[:user].delete(:signature)
+
+        OpenSSL::HMAC.digest(OpenSSL::Digest::SHA512.new, config('app_secret'), JSON.generate(payload_clone[:user]))
+      end
+
+      # Verify that a payload hasn't been tampered with or faked by comparing
+      # signatures.
+      #
+      # @param  payload [Hash<Symbol>] Decoded payload.
+      # @return [Boolean] Whether the payload is legit.
+      def verify_payload(payload)
+        signature = Base64.decode64(payload[:user][:signature])
+
+        signature == expected_signature(payload)
+      end
+
+      # Get the loaded payload.
+      #
+      # @return [Hash<Symbol>] Loaded payload. Empty if there's no payload or it
+      #         failed verification.
+      def payload
+        @@payload || load_payload
+      end
+
+      # Get a value from the `user` hash of the loaded payload.
+      #
+      # @param  key [Symbol] Name of value.
+      # @return [*] Requested value or `nil` if not set.
+      def payload_user(key)
+        payload = self.payload
+
+        if payload.key?(:user)
+          payload[:user][key]
+        else
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/monk/id/version.rb

@@ -0,0 +1,6 @@
+module Monk
+  module Id
+    # Current version of the library.
+    VERSION = '1.0.0'.freeze
+  end
+end

data/monk-id.gemspec

@@ -0,0 +1,24 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'monk/id/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'monk-id'
+  spec.version       = Monk::Id::VERSION.dup
+  spec.authors       = ['Monk Development, Inc.']
+  spec.email         = ['support@monkdevelopment.com']
+  spec.description   = 'Integrate Monk ID on the server-side by accessing payloads from the client-side JavaScript.'
+  spec.summary       = spec.description
+  spec.homepage      = 'https://github.com/MonkDev/monk-id-ruby'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'yard'
+end

metadata

@@ -0,0 +1,106 @@
+--- !ruby/object:Gem::Specification
+name: monk-id
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+  prerelease: 
+platform: ruby
+authors:
+- Monk Development, Inc.
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-02-11 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Integrate Monk ID on the server-side by accessing payloads from the client-side
+  JavaScript.
+email:
+- support@monkdevelopment.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .yardopts
+- Gemfile
+- README.md
+- Rakefile
+- config/monk_id.sample.yml
+- lib/monk/id.rb
+- lib/monk/id/version.rb
+- monk-id.gemspec
+homepage: https://github.com/MonkDev/monk-id-ruby
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: Integrate Monk ID on the server-side by accessing payloads from the client-side
+  JavaScript.
+test_files: []
+has_rdoc: