oauth2_hmac_sign 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +9 -0
- data/.rspec +2 -0
- data/.travis.yml +6 -0
- data/Gemfile +4 -0
- data/README.md +69 -0
- data/Rakefile +17 -0
- data/bin/console +14 -0
- data/bin/setup +7 -0
- data/lib/oauth2_hmac_sign.rb +6 -0
- data/lib/oauth2_hmac_sign/signature.rb +148 -0
- data/lib/oauth2_hmac_sign/version.rb +3 -0
- data/oauth2_hmac_sign.gemspec +24 -0
- metadata +97 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 8b826b56d00266887e8fd5fbd2bd9123a3207192
|
4
|
+
data.tar.gz: 69b9552baa89bf622d3fb655a1d6d8125f72d9e4
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 774ecf670b4cde116f5f18bb633487e454ca31bf19bdbc2c9c4f41eccec92e47960f513ce5dd5badbecc6bb82077b96359b82e09d583376655f1d3168b43336d
|
7
|
+
data.tar.gz: 2a37e951394438c7a9cf29a8db14eae07c140beb4e7abab3e13841cdeb2b93533718689cbe2c0e5509f8df3fd5931d4979e1951a48f6b22155ed7ad2b0950c51
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/README.md
ADDED
@@ -0,0 +1,69 @@
|
|
1
|
+
# Oauth2HmacSign
|
2
|
+
[![Build Status](https://travis-ci.org/mustafaturan/oauth2_hmac_sign.png)](https://travis-ci.org/mustafaturan/oauth2_hmac_sign) [![Code Climate](https://codeclimate.com/github/mustafaturan/oauth2_hmac_sign.png)](https://codeclimate.com/github/mustafaturan/oauth2_hmac_sign)
|
3
|
+
|
4
|
+
A single signature generator and validator Oauth v2 HTTP message authentication code(MAC) authentication. It simply generates and verify signatures for Oauth v2 HTTP MAC authentication for 'SHA1' and 'SHA256' algorithms. Please visit https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01 for spec specifications.
|
5
|
+
|
6
|
+
## Installation
|
7
|
+
|
8
|
+
Add this line to your application's Gemfile:
|
9
|
+
|
10
|
+
```ruby
|
11
|
+
gem 'oauth2_hmac_sign'
|
12
|
+
```
|
13
|
+
|
14
|
+
And then execute:
|
15
|
+
|
16
|
+
$ bundle
|
17
|
+
|
18
|
+
Or install it yourself as:
|
19
|
+
|
20
|
+
$ gem install oauth2_hmac_sign
|
21
|
+
|
22
|
+
## Usage
|
23
|
+
|
24
|
+
### For generating
|
25
|
+
```ruby
|
26
|
+
algorithm = 'hmac-sha-256' # 'hmac-sha-256' or 'hmac-sha-1'
|
27
|
+
key = 'demo_key' # your key
|
28
|
+
method = 'post' # http method for request -> get, post, head, patch, ...
|
29
|
+
uri = '/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q' # request uri
|
30
|
+
host = 'example.com' # server host name
|
31
|
+
port = 443 # default is 443
|
32
|
+
ext = 'a,b,c' # can be nil
|
33
|
+
ts, nonce, ext, mac = Oauth2HmacSign::Signature.generate(
|
34
|
+
algorithm, key, method, uri, host, port, ext
|
35
|
+
)
|
36
|
+
|
37
|
+
# returns multiple information
|
38
|
+
# ts = timestamp
|
39
|
+
# nonce = unique string
|
40
|
+
# ext = if nil send as input than returns empty string else returns the same string as input
|
41
|
+
# mac = mac signature for the given parameters
|
42
|
+
```
|
43
|
+
|
44
|
+
### For verifying
|
45
|
+
```ruby
|
46
|
+
Oauth2HmacSign::Signature.is_valid?(
|
47
|
+
mac,
|
48
|
+
algorithm,
|
49
|
+
key,
|
50
|
+
ts,
|
51
|
+
nonce,
|
52
|
+
method,
|
53
|
+
uri,
|
54
|
+
host,
|
55
|
+
port,
|
56
|
+
ext
|
57
|
+
)
|
58
|
+
|
59
|
+
# returns
|
60
|
+
# true for valid
|
61
|
+
# false for invalid
|
62
|
+
```
|
63
|
+
## Contributing
|
64
|
+
|
65
|
+
1. Fork it ( https://github.com/mustafaturan/oauth2_hmac_sign/fork )
|
66
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
67
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
68
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
69
|
+
5. Create a new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'bundler/gem_tasks'
|
2
|
+
require 'rake'
|
3
|
+
require 'rspec/core/rake_task'
|
4
|
+
|
5
|
+
desc "Default Task"
|
6
|
+
task :default => :spec
|
7
|
+
|
8
|
+
# Make a console for testing purposes
|
9
|
+
desc "Generate a test console"
|
10
|
+
task :console do
|
11
|
+
verbose( false ) { sh "irb -I lib/ -r 'oauth2_hmac_sign'" }
|
12
|
+
end
|
13
|
+
|
14
|
+
RSpec::Core::RakeTask.new('spec') do |t|
|
15
|
+
t.rspec_opts = ['-c', '-r ./spec/spec_helper.rb']
|
16
|
+
t.pattern = 'spec/**/*_spec.rb'
|
17
|
+
end
|
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "oauth2_hmac_sign"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
# require "pry"
|
11
|
+
# Pry.start
|
12
|
+
|
13
|
+
require "irb"
|
14
|
+
IRB.start
|
data/bin/setup
ADDED
@@ -0,0 +1,148 @@
|
|
1
|
+
require 'base64'
|
2
|
+
require 'openssl'
|
3
|
+
require 'securerandom'
|
4
|
+
|
5
|
+
# A single signature generator and validator Oauth2 HTTP MAC token.
|
6
|
+
# https://tools.ietf.org/html/rfc2616
|
7
|
+
module Oauth2HmacSign
|
8
|
+
class Signature
|
9
|
+
attr_reader :ts, :nonce, :method, :uri, :host, :port, :ext
|
10
|
+
attr_reader :mac
|
11
|
+
|
12
|
+
class << self
|
13
|
+
|
14
|
+
# Generate oauth2 hmac signature with required and optional vars
|
15
|
+
#
|
16
|
+
# == Parameters:
|
17
|
+
# algorithm::
|
18
|
+
# Name of the algorithm valid vars are hmac-sha256, hmac-sha1
|
19
|
+
# key::
|
20
|
+
# Key for hmac algorithm
|
21
|
+
# method::
|
22
|
+
# The HTTP request method in upper case. For example: "HEAD", "GET", "POST", etc.
|
23
|
+
# uri::
|
24
|
+
# The HTTP request-URI as defined by https://tools.ietf.org/html/rfc2616#section-5.1.2
|
25
|
+
# host::
|
26
|
+
# The hostname included in the HTTP request using the "Host" request header field in lower case.
|
27
|
+
# port::
|
28
|
+
# The port as included in the HTTP request using the "Host" request
|
29
|
+
# header field. If the header field does not include a port, the
|
30
|
+
# default value for the scheme MUST be used (e.g. 80 for HTTP and
|
31
|
+
# 443 for HTTPS).
|
32
|
+
# ext::
|
33
|
+
# The value of the "ext" "Authorization" request header field
|
34
|
+
# attribute if one was included in the request, otherwise, an empty
|
35
|
+
# string.
|
36
|
+
#
|
37
|
+
# == Returns:
|
38
|
+
# Returns the generated signature and required variables to verify it.
|
39
|
+
# ts::
|
40
|
+
# The timestamp value calculated for the signature.
|
41
|
+
# nonce::
|
42
|
+
# The nonce value generated for the signature.
|
43
|
+
# ext::
|
44
|
+
# The value of passed or assigned for ext
|
45
|
+
# mac::
|
46
|
+
# The signature
|
47
|
+
#
|
48
|
+
def generate(algorithm, key, method, uri, host, port = 443, ext = '')
|
49
|
+
@ts = Time.now.to_i
|
50
|
+
@nonce = generate_nonce
|
51
|
+
@method = method
|
52
|
+
@uri = uri
|
53
|
+
@host = host
|
54
|
+
@port = port
|
55
|
+
@ext = ext
|
56
|
+
@mac = calculate(
|
57
|
+
algorithm_constructor(algorithm),
|
58
|
+
key,
|
59
|
+
normalized_request_string
|
60
|
+
)
|
61
|
+
return @ts, @nonce, @ext, @mac
|
62
|
+
end
|
63
|
+
|
64
|
+
# Validate oauth2 hmac signature with required and optional vars
|
65
|
+
#
|
66
|
+
# == Parameters:
|
67
|
+
# mac::
|
68
|
+
# Signature for validation
|
69
|
+
# algorithm::
|
70
|
+
# Name of the algorithm valid vars are hmac-sha256, hmac-sha1
|
71
|
+
# key::
|
72
|
+
# Key for hmac algorithm
|
73
|
+
# ts::
|
74
|
+
# The timestamp value calculated for the request.
|
75
|
+
# nonce::
|
76
|
+
# The nonce value generated for the request.
|
77
|
+
# method::
|
78
|
+
# The HTTP request method in upper case. For example: "HEAD", "GET", "POST", etc.
|
79
|
+
# uri::
|
80
|
+
# The HTTP request-URI as defined by https://tools.ietf.org/html/rfc2616#section-5.1.2
|
81
|
+
# host::
|
82
|
+
# The hostname included in the HTTP request using the "Host" request header field in lower case.
|
83
|
+
# port::
|
84
|
+
# The port as included in the HTTP request using the "Host" request
|
85
|
+
# header field. If the header field does not include a port, the
|
86
|
+
# default value for the scheme MUST be used (e.g. 80 for HTTP and
|
87
|
+
# 443 for HTTPS).
|
88
|
+
# ext::
|
89
|
+
# The value of the "ext" "Authorization" request header field
|
90
|
+
# attribute if one was included in the request, otherwise, an empty
|
91
|
+
# string.
|
92
|
+
#
|
93
|
+
# == Returns:
|
94
|
+
# Boolean: true for succesfully verified mac signature and false for invalid mac signature
|
95
|
+
#
|
96
|
+
def is_valid?(mac, algorithm, key, ts, nonce, method, uri, host, port, ext)
|
97
|
+
@ts = ts
|
98
|
+
@nonce = nonce
|
99
|
+
@method = method
|
100
|
+
@uri = uri
|
101
|
+
@host = host
|
102
|
+
@port = port
|
103
|
+
@ext = ext
|
104
|
+
mac.eql?(calculate(
|
105
|
+
algorithm_constructor(algorithm),
|
106
|
+
key,
|
107
|
+
normalized_request_string
|
108
|
+
)
|
109
|
+
)
|
110
|
+
end
|
111
|
+
|
112
|
+
private
|
113
|
+
# nodoc
|
114
|
+
def calculate(algorithm, key, text)
|
115
|
+
Base64.urlsafe_encode64(
|
116
|
+
OpenSSL::HMAC.digest(
|
117
|
+
algorithm,
|
118
|
+
key,
|
119
|
+
text
|
120
|
+
)
|
121
|
+
)
|
122
|
+
end
|
123
|
+
|
124
|
+
# nodoc
|
125
|
+
def generate_nonce
|
126
|
+
"#{@ts}:#{SecureRandom.hex(4)}"
|
127
|
+
end
|
128
|
+
|
129
|
+
# nodoc
|
130
|
+
# https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01#section-3.2.1
|
131
|
+
def normalized_request_string
|
132
|
+
"#{@ts}\n#{@nonce}\n#{@method.to_s.upcase}\n#{@uri}\n#{@host.to_s.downcase}\n#{@port}\n#{@ext}\n"
|
133
|
+
end
|
134
|
+
|
135
|
+
# nodoc
|
136
|
+
def algorithm_constructor(algorithm)
|
137
|
+
case algorithm
|
138
|
+
when 'hmac-sha-256'
|
139
|
+
OpenSSL::Digest::SHA256.new
|
140
|
+
when 'hmac-sha-1'
|
141
|
+
OpenSSL::Digest::SHA1.new
|
142
|
+
else
|
143
|
+
raise 'Unregistered algorithm!'
|
144
|
+
end
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
148
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'oauth2_hmac_sign/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "oauth2_hmac_sign"
|
8
|
+
spec.version = Oauth2HmacSign::VERSION
|
9
|
+
spec.authors = ["Mustafa TURAN"]
|
10
|
+
spec.email = ["mustafaturan.net@gmail.com"]
|
11
|
+
|
12
|
+
spec.summary = %q{A single signature generator and validator Oauth v2 HTTP MAC authentication.}
|
13
|
+
spec.description = %q{Generate and verify signatures for oauth v2 http mac authentication}
|
14
|
+
spec.homepage = "https://github.com/mustafaturan/oauth2_hmac_sign"
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
17
|
+
spec.bindir = "exe"
|
18
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_development_dependency "bundler", "~> 1.7"
|
22
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
23
|
+
spec.add_development_dependency "rspec"
|
24
|
+
end
|
metadata
ADDED
@@ -0,0 +1,97 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: oauth2_hmac_sign
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Mustafa TURAN
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-08-01 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.7'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.7'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '10.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '10.0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
description: Generate and verify signatures for oauth v2 http mac authentication
|
56
|
+
email:
|
57
|
+
- mustafaturan.net@gmail.com
|
58
|
+
executables: []
|
59
|
+
extensions: []
|
60
|
+
extra_rdoc_files: []
|
61
|
+
files:
|
62
|
+
- ".gitignore"
|
63
|
+
- ".rspec"
|
64
|
+
- ".travis.yml"
|
65
|
+
- Gemfile
|
66
|
+
- README.md
|
67
|
+
- Rakefile
|
68
|
+
- bin/console
|
69
|
+
- bin/setup
|
70
|
+
- lib/oauth2_hmac_sign.rb
|
71
|
+
- lib/oauth2_hmac_sign/signature.rb
|
72
|
+
- lib/oauth2_hmac_sign/version.rb
|
73
|
+
- oauth2_hmac_sign.gemspec
|
74
|
+
homepage: https://github.com/mustafaturan/oauth2_hmac_sign
|
75
|
+
licenses: []
|
76
|
+
metadata: {}
|
77
|
+
post_install_message:
|
78
|
+
rdoc_options: []
|
79
|
+
require_paths:
|
80
|
+
- lib
|
81
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
82
|
+
requirements:
|
83
|
+
- - ">="
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
version: '0'
|
86
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
requirements: []
|
92
|
+
rubyforge_project:
|
93
|
+
rubygems_version: 2.4.5
|
94
|
+
signing_key:
|
95
|
+
specification_version: 4
|
96
|
+
summary: A single signature generator and validator Oauth v2 HTTP MAC authentication.
|
97
|
+
test_files: []
|