nexaas-throttle 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9cb1900d065141e8dc4b5384ff4b10c21dfdf043
+  data.tar.gz: 618e61a05861dadcd008de417c9dc2e849db9184
+SHA512:
+  metadata.gz: 97f5de60d31737b5ac144e9142933cc85717b4fc643ef8face97a2cc6c25245aec597f3a9483eac0705c4b032791dc1c5617200737d45946ec52bd1bb5fed11c
+  data.tar.gz: 1f2227b57f27d51ba9c2085a9f581a4bbe70b09b8b61ac7fff20e12878c95a46d17346dc989748592020a63aad444ea1999abdf53f6adab787ceb53f3ab93a29

data/.codeclimate.yml

@@ -0,0 +1,16 @@
+---
+engines:
+  duplication:
+    enabled: true
+    config:
+      languages:
+      - ruby
+  fixme:
+    enabled: true
+  rubocop:
+    enabled: true
+ratings:
+  paths:
+    - "**.rb"
+exclude_paths:
+  - spec/

data/.gitignore

@@ -0,0 +1,52 @@
+*.gem
+*.rbc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+# Used by dotenv library to load environment variables.
+# .env
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+*.bridgesupport
+build-iPhoneOS/
+build-iPhoneSimulator/
+
+## Specific to RubyMotion (use of CocoaPods):
+#
+# We recommend against adding the Pods directory to your .gitignore. However
+# you should judge for yourself, the pros and cons are mentioned at:
+# https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
+#
+# vendor/Pods/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+/Gemfile.lock
+/.ruby-version
+/.ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc
+*.log
+/log

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.rubocop.yml

@@ -0,0 +1,31 @@
+AllCops:
+  Exclude:
+    - "nexaas-throttle.gemspec"
+
+Metrics/LineLength:
+  StyleGuide: "https://github.com/bbatsov/ruby-style-guide#80-character-limits"
+  Max: 120
+
+Style/Alias:
+  EnforcedStyle: "prefer_alias_method"
+
+Style/AsciiComments:
+  StyleGuide: "https://github.com/bbatsov/ruby-style-guide#english-comments"
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/DotPosition:
+  EnforcedStyle: trailing
+
+Style/ParallelAssignment:
+  StyleGuide: "https://github.com/bbatsov/ruby-style-guide#parallel-assignment"
+  Enabled: false
+
+Style/SpaceAroundEqualsInParameterDefault:
+  EnforcedStyle: space
+
+Style/StringLiterals:
+  StyleGuide: "https://github.com/bbatsov/ruby-style-guide#consistent-string-literals"
+  EnforcedStyle: double_quotes

data/.travis.yml

@@ -0,0 +1,7 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.2.5
+  - 2.3.1
+before_install: gem install bundler -v 1.12.5
+script: bundle exec rake spec

data/Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in throttle.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Myfreecomm
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,148 @@
+# Nexaas::Throttle
+
+[![Build Status](https://travis-ci.org/myfreecomm/nexaas-throttle.svg?branch=master)](https://travis-ci.org/myfreecomm/nexaas-throttle)
+[![Test Coverage](https://codeclimate.com/github/myfreecomm/nexaas-throttle/badges/coverage.svg)](https://codeclimate.com/github/myfreecomm/nexaas-throttle/coverage)
+[![Code Climate](https://codeclimate.com/github/myfreecomm/nexaas-throttle/badges/gpa.svg)](https://codeclimate.com/github/myfreecomm/nexaas-throttle)
+
+A configurable Rails engine that provides a common way of reducing API abuse, throttling consumers' requests and blocking undesired pentesters and robots.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'nexaas-throttle'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install nexaas-throttle
+
+## Usage
+
+In a Rails initializer file such as `config/initializers/nexaas_throttle.rb`, put something like this:
+
+```ruby
+require "nexaas/throttle"
+
+Nexaas::Throttle.configure do |config|
+  config.throttle = true
+  config.track = true
+  config.period = 1.minute
+  config.limit = 2
+  config.request_identifier = MyRequestIdentifier
+  config.redis_options = {
+    host: "localhost",
+    port: 6379,
+    db: 0,
+    namespace: "nexaas:throttle"
+  }
+end
+```
+
+### Configuration
+
+<table>
+  <tr>
+    <th>Option</th>
+    <th>Description</th>
+    <th>Default</th>
+  </tr>
+  <tr>
+    <td><code>throttle</code></td>
+    <td>Whether or not requests are throttled.</td>
+    <td><code>true</code></td>
+  </tr>
+  <tr>
+    <td><code>track</code></td>
+    <td>Whether or not requests are tracked.</td>
+    <td><code>true</code></td>
+  </tr>
+  <tr>
+    <td><code>period</code></td>
+    <td>The size of the throttle window.</td>
+    <td><code>1 minute</code></td>
+  </tr>
+  <tr>
+    <td><code>limit</code></td>
+    <td>How many requests a consumer can do during a window until he starts being throttled.</td>
+    <td><code>60 requests</code></td>
+  </tr>
+  <tr>
+    <td><code>request_identifier</code></td>
+    <td>The class that will handle request identification. See <a href="#request-identification">Request Identification</a> for more details.</td>
+    <td><code>nil</code></td>
+  </tr>
+  <tr>
+    <td><code>redis_options</code></td>
+    <td>Redis hash configuration where requests counters are persisted.</td>
+    <td>
+      <pre>
+{
+  host: "localhost",
+  port: 6379,
+  db: 0,
+  namespace: "nexaas:throttle"
+}
+      </pre>
+    </td>
+  </tr>
+</table>
+
+### Request Identification
+
+`Nexaas::Throttle` doesn't know how to identify a consumer. Some applications might rely on request IP, others on an API TOKEN. You must provide a way of getting an unique token
+that identify a request consumer.
+
+`Nexaas::Throttle` do this by providing a configuration `request_identifier`, a class where your application would keep the logic that identifies a consumer. This class must have the following
+interface:
+
+```ruby
+class MyRequestIdentifier
+  def initialize(request)
+    @request = request
+  end
+
+  def token
+    @request.ip
+    # or @request.env["HTTP_AUTHORIZATION"]
+    # or User.find_by(token: @request.params[:token])
+    # or Cache.read(@request.params[:token])
+  end
+end
+```
+
+### Tracking requests
+
+In order to track your requests, you must subscribe to a event triggered by `Rack::Attack` gem as below:
+
+```ruby
+ActiveSupport::Notifications.subscribe("rack.attack") do |name, start, finish, request_id, request|
+  if request.env["rack.attack.matched"] == "nexaas/track" && request.env["rack.attack.match_type"] == :track
+    # Put your tracking logic here
+    # You can use request.env["nexaas.token"] to obtain the token provided by your request_identifier
+  end
+end
+```
+
+If you want, you can access the request token by inspecting `request.env["nexaas.token"]`. This is the token your `request_identifier` provided after evaluating the request.
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/myfreecomm/nexaas-throttle.
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/bin/console

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "rails/all"
+require "nexaas/throttle"
+
+require_relative "../spec/support/dummy_app"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/nexaas/throttle.rb

@@ -0,0 +1,17 @@
+require "nexaas/throttle/version"
+require "nexaas/throttle/configuration"
+require "nexaas/throttle/engine"
+require "nexaas/throttle/guardian"
+
+module Nexaas
+  module Throttle
+    def self.configure
+      yield(configuration) if block_given?
+      configuration.check!
+    end
+
+    def self.configuration
+      @configuration ||= Configuration.new
+    end
+  end
+end

data/lib/nexaas/throttle/configuration.rb

@@ -0,0 +1,79 @@
+module Nexaas
+  module Throttle
+    class Configuration
+      # Whether or not requests are throttled.
+      # @return [Boolean]
+      attr_accessor :throttle
+
+      # Whether or not requests are tracked.
+      # @return [Boolean]
+      attr_accessor :track
+
+      # The size of the throttle window.
+      # Example: 1.minute, 1.hour, 60(s)
+      # @return [Integer]
+      attr_accessor :period
+
+      # How many requests a consumer can do during a window until he starts being throttled.
+      # Example: 60
+      # @return [Integer]
+      attr_accessor :limit
+
+      # The class that will handle request identification.
+      # Each application handle with different domains on identifying a request,
+      # so they have to provide information on who is the requester based on their domain.
+      # This class MUST have the following interface:
+      # MyRequestIdentifier#initialize(request)
+      # MyRequestIdentifier#token
+      # Where MyRequestIdentifier#token must be a UNIQUE identifier from the requester.
+      # @return [Class]
+      attr_accessor :request_identifier
+
+      # Redis hash configuration with the following default values:
+      #   - host      => localhost
+      #   - port      => 6379
+      #   - db        => 0
+      #   - namespace => nexaas:throttle
+      # @return [Hash]
+      attr_reader :redis_options
+
+      alias_method :throttleable?, :throttle
+      alias_method :trackable?, :track
+
+      def initialize
+        @throttle = true
+        @track = true
+        @period = 1.minute
+        @limit = 60
+        @request_identifier = nil
+        @redis_options = default_redis_options
+      end
+
+      def check!
+        required_options.each do |option|
+          raise ArgumentError, "You must provide a `#{option}` configuration." if send(option).blank?
+        end
+      end
+
+      def redis_options=(options)
+        options ||= {}
+        @redis_options = default_redis_options.merge(options)
+      end
+
+      private
+
+      def required_options
+        %w(period limit request_identifier redis_options)
+      end
+
+      def default_redis_options
+        {
+          host: "localhost",
+          port: 6379,
+          db: 0,
+          namespace: "nexaas:throttle"
+        }
+      end
+    end
+  end
+end

data/lib/nexaas/throttle/engine.rb

@@ -0,0 +1,10 @@
+module Nexaas
+  module Throttle
+    class Engine < ::Rails::Engine
+      initializer "nexaas.throttle.insert_middleware", before: "initialize_cache" do |app|
+        require "nexaas/throttle/middleware"
+        app.middleware.use Nexaas::Throttle::Middleware
+      end
+    end
+  end
+end

data/lib/nexaas/throttle/guardian.rb

@@ -0,0 +1,47 @@
+require "base64"
+
+module Nexaas
+  module Throttle
+    class Guardian
+      def initialize(request, request_identifier)
+        @request = request
+        @token = request_identifier.new(request).token
+      end
+
+      def throttle!
+        validate { token }
+      end
+
+      def track!
+        validate { true }
+      end
+
+      private
+
+      attr_reader :request, :token
+
+      def validate
+        return if assets? || !api? || token.blank?
+        request.env["nexaas.token"] = token
+        yield if block_given?
+      end
+
+      def assets?
+        path = request.path
+        path.match(/\/assets/).present? || path.match(extensions_regexp).present?
+      end
+
+      def api?
+        content_type = (request.media_type || request.env["Content-Type"]).to_s
+        %w(application/json application/xml).include?(content_type)
+      end
+
+      def extensions_regexp
+        @assets_extensions ||= begin
+          extensions = %w(css js png jpg gif)
+          /\.(#{extensions.join("|")})/
+        end
+      end
+    end
+  end
+end

data/lib/nexaas/throttle/middleware.rb

@@ -0,0 +1,97 @@
+require "redis-activesupport"
+require "rack/attack"
+
+module Rack
+  class Attack
+    def self.configuration
+      @configuration ||= Nexaas::Throttle.configuration
+    end
+
+    def self.guardian(request)
+      Nexaas::Throttle::Guardian.new(request, configuration.request_identifier)
+    end
+
+    def self.throttled?(req)
+      throttled = throttles.any? do |name, throttle|
+        throttle[req]
+      end
+
+      throttled && configuration.throttleable?
+    end
+
+    self.cache.store = ActiveSupport::Cache::RedisStore.new(configuration.redis_options)
+    self.throttled_response = lambda do |env|
+      headers = {
+        "Content-Type" => (env["CONTENT_TYPE"] || env["Content-Type"]).to_s,
+        "Retry-After" => (env["rack.attack.match_data"] || {})[:period].to_s
+      }
+
+      [429, headers, ["Retry later\n"]]
+    end
+
+    throttle("nexaas/throttle", limit: configuration.limit, period: configuration.period) do |request|
+      guardian(request).throttle!
+    end
+
+    track("nexaas/track") do |request|
+      guardian(request).track! if configuration.trackable?
+    end
+  end
+end
+
+module Nexaas
+  module Throttle
+    class Middleware
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        status, headers, body = Rack::Attack.new(@app).call(env)
+        headers.merge!(rate_limit_headers(env)) if rate_limit_available?(env)
+        [status, headers, body]
+      end
+
+      private
+
+      def rack_attack_key
+        "rack.attack.throttle_data"
+      end
+
+      def rate_limit_available?(env)
+        env.key?(rack_attack_key) && env[rack_attack_key].key?("nexaas/throttle")
+      end
+
+      def rate_limit_headers(env)
+        data = limit_data(env)
+        return {} if data[:period].nil?
+
+        {
+          "X-RateLimit-Limit" => limit(data),
+          "X-RateLimit-Reset" => reset(data),
+          "X-RateLimit-Remaining" => remaining(data)
+        }
+      end
+
+      def limit_data(env)
+        data = env["rack.attack.match_data"]
+        data ||= (env["rack.attack.throttle_data"] || {})["nexaas/throttle"]
+        data || {}
+      end
+
+      def limit(limit_data)
+        limit_data[:limit].to_s
+      end
+
+      def reset(limit_data)
+        now = Time.now.utc
+        period = limit_data[:period]
+        (now + (period - now.to_i % period)).iso8601.to_s
+      end
+
+      def remaining(limit_data)
+        (limit_data[:limit].to_i - limit_data[:count].to_i).to_s
+      end
+    end
+  end
+end

data/lib/nexaas/throttle/version.rb

@@ -0,0 +1,5 @@
+module Nexaas
+  module Throttle
+    VERSION = "0.1.0".freeze
+  end
+end

data/nexaas-throttle.gemspec

@@ -0,0 +1,40 @@
+# coding: utf-8
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "nexaas/throttle/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "nexaas-throttle"
+  spec.version       = Nexaas::Throttle::VERSION
+  spec.authors       = ["Wanderson Policarpo"]
+  spec.email         = ["wanderson.policarpo@myfreecomm.com.br"]
+
+  spec.summary       = %q{A tiny engine to allow throttling and blacklisting requests.}
+  spec.description   = %q{A tiny engine to allow throttling and blacklisting requests.}
+  spec.homepage      = "https://nexaas.com"
+  spec.license       = "MIT"
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the "allowed_push_host"
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  if spec.respond_to?(:metadata)
+    spec.metadata["allowed_push_host"] = "https://rubygems.org"
+  else
+    raise "RubyGems 2.0 or newer is required to protect against public gem pushes."
+  end
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.12"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec-rails", "~> 3.5"
+  spec.add_development_dependency "rails"
+  spec.add_development_dependency "fakeredis"
+  spec.add_development_dependency "codeclimate-test-reporter", "~> 0.6"
+  spec.add_development_dependency "simplecov", "~> 0.12"
+
+  spec.add_dependency "rack-attack", "~> 4.4"
+  spec.add_dependency "redis-activesupport", "~> 5.0"
+end

metadata

@@ -0,0 +1,189 @@
+--- !ruby/object:Gem::Specification
+name: nexaas-throttle
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Wanderson Policarpo
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-08-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: fakeredis
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.12'
+- !ruby/object:Gem::Dependency
+  name: rack-attack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.4'
+- !ruby/object:Gem::Dependency
+  name: redis-activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+description: A tiny engine to allow throttling and blacklisting requests.
+email:
+- wanderson.policarpo@myfreecomm.com.br
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".codeclimate.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/nexaas/throttle.rb
+- lib/nexaas/throttle/configuration.rb
+- lib/nexaas/throttle/engine.rb
+- lib/nexaas/throttle/guardian.rb
+- lib/nexaas/throttle/middleware.rb
+- lib/nexaas/throttle/version.rb
+- nexaas-throttle.gemspec
+homepage: https://nexaas.com
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: A tiny engine to allow throttling and blacklisting requests.
+test_files: []