orthrus-ssh 0.5.0

data/test/data/id_rsa.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDgYlt6gUVZUZE4xgW2TRvi8HjVgrWZ5e6Av76/H3PzvZpsgHSZyDiU1rgVsgwfb1NmJiwflNpILLprSmp3RRqdOEKzEPgxdscQY1sJtTQcmdlWeIvN6KvmImPwV9krqtN8vji7Zqr0N3mcDmdK1MbQ56Cjx5l6/y9rYGLmIZvoLOLDVe3olOHjpapHQLHrQL3c/2Il5y+9aXR1c/gKFeEwwhRL6hcSIufBnanXqVGa5QNrfzw4si8oAIWDNfXDGRdFkxrnGxHOguj8hFeYXNtz6OHu2UPbvum9sUNHXdDHBYSTPqUJfdLvo49ZMqShcEgNrlBe8rx7ooPdDas40mH evan@aero.local

data/test/sessions.rb

@@ -0,0 +1,28 @@
+class OrthrusTestSessions
+  def initialize
+    @keys = Hash.new { |h,k| h[k] = {} }
+  end
+
+  def add_key(user, key)
+    @keys[user][key.public_identity] = key
+  end
+
+  def find_key(user, id)
+    @keys[user][id]
+  end
+
+  def new_session(user, pub)
+    @user = user
+    @pub = pub
+    [1, "secret"]
+  end
+
+  def find_session(id)
+    ["secret", @pub]
+  end
+
+  def access_token
+    1
+  end
+end
+

data/test/test_orthrus_ssh_agent.rb

@@ -0,0 +1,31 @@
+require 'minitest/unit'
+
+require 'orthrus/ssh/agent'
+
+class TestOrthrusSSHAgent < MiniTest::Unit::TestCase
+  def setup
+    @agent = nil
+    skip unless Orthrus::SSH::Agent.available?
+    @agent = Orthrus::SSH::Agent.connect
+  end
+
+  def teardown
+    @agent.close if @agent
+  end
+
+  def test_identities
+    assert_kind_of Array, @agent.identities
+  end
+
+  def test_sign
+    id = @agent.identities.first
+
+    data = "hello"
+
+    type, sign = @agent.sign id, data
+
+    assert id.verify(sign, data)
+  end
+
+
+end

data/test/test_orthrus_ssh_dsa.rb

@@ -0,0 +1,46 @@
+require 'minitest/autorun'
+require 'minitest/unit'
+
+require 'orthrus/ssh'
+
+class TestOrthrusSSHDSA < MiniTest::Unit::TestCase
+  DATA_PATH = File.expand_path "../data", __FILE__
+
+  def setup
+    @id_dsa = File.join DATA_PATH, "id_dsa"
+    @id_dsa_pub = File.join DATA_PATH, "id_dsa.pub"
+  end
+
+  def pub_key
+    Orthrus::SSH.load_public @id_dsa_pub
+  end
+
+  def priv_key
+    Orthrus::SSH.load_private @id_dsa
+  end
+
+  def test_load_private
+    s = Orthrus::SSH.load_private @id_dsa
+    assert_kind_of Orthrus::SSH::PrivateKey, s
+    assert s.dsa?, "key not dsa"
+  end
+
+  def test_load_public
+    s = Orthrus::SSH.load_public @id_dsa_pub
+    assert_kind_of Orthrus::SSH::PublicKey, s
+    assert s.dsa?, "key not dsa"
+  end
+
+  def test_sign_and_verify
+    data = "hello"
+
+    assert pub_key.verify(priv_key.sign(data), data)
+  end
+
+  def test_public_identity
+    s = Orthrus::SSH.load_private @id_dsa
+    check = File.read(@id_dsa_pub).split(" ")[1]
+
+    assert_equal check, s.public_identity
+  end
+end

data/test/test_orthrus_ssh_http_agent.rb

@@ -0,0 +1,71 @@
+require 'minitest/unit'
+require 'minitest/autorun'
+
+require 'orthrus/ssh/rack_app'
+require 'orthrus/ssh/http_agent'
+
+require 'stringio'
+
+require 'sessions'
+
+class TestOrthrusSSHHTTPAgent < MiniTest::Unit::TestCase
+  DATA_PATH = File.expand_path "../data", __FILE__
+
+  def setup
+    @@app ||= Orthrus::SSH::RackApp.new OrthrusTestSessions.new
+    @app = @@app
+    @@server ||= begin
+                   s = Rack::Server.new :app => @app, :Port => 8787
+                   Thread.new { s.start }
+                   s
+                 end
+
+    @old_stderr = $stderr
+    $stderr = StringIO.new
+
+    sleep 1
+
+    @id_rsa = File.join DATA_PATH, "id_rsa"
+    @rsa = Orthrus::SSH.load_private @id_rsa
+
+    @rsa_pub = Orthrus::SSH.load_public File.join(DATA_PATH, "id_rsa.pub")
+    @app.sessions.add_key "evan", @rsa_pub
+  end
+
+  def teardown
+    # @thread.kill
+    $stderr = @old_stderr
+  end
+
+  def test_access_token
+    url = URI.parse "http://127.0.0.1:8787/"
+    h = Orthrus::SSH::HTTPAgent.new url
+
+    h.add_key @id_rsa
+
+    h.start "evan"
+
+    assert_equal "1", h.access_token
+  end
+
+  def test_access_token_from_agent
+    skip unless Orthrus::SSH::Agent.available?
+
+    begin
+      `ssh-add #{@id_rsa} 2>&1`
+
+      assert Orthrus::SSH::Agent.connect.identities.any? { |id|
+               id.public_identity == @rsa_pub.public_identity
+             }
+
+      url = URI.parse "http://127.0.0.1:8787/"
+      h = Orthrus::SSH::HTTPAgent.new url
+
+      h.start "evan"
+
+      assert_equal "1", h.access_token
+    ensure
+      `ssh-add -d #{@id_rsa} 2>&1`
+    end
+  end
+end

data/test/test_orthrus_ssh_public_key_set.rb

@@ -0,0 +1,29 @@
+require 'minitest/autorun'
+require 'minitest/unit'
+
+require 'orthrus/ssh/public_key_set'
+
+class TestOrthrusSSHPublicKeySet < MiniTest::Unit::TestCase
+  DATA_PATH = File.expand_path "../data", __FILE__
+
+  def setup
+    @auth_keys = File.join DATA_PATH, "authorized_keys"
+    @id_dsa = File.join DATA_PATH, "id_dsa"
+    @id_rsa = File.join DATA_PATH, "id_rsa"
+  end
+
+  def test_load_authorized_keys
+    s = Orthrus::SSH::PublicKeySet.load_file @auth_keys
+    assert_equal 2, s.num_keys
+  end
+
+  def test_find
+    s = Orthrus::SSH::PublicKeySet.load_file @auth_keys
+    k = Orthrus::SSH.load_private @id_rsa
+
+    j = s.find(k.public_identity)
+
+    assert_kind_of Orthrus::SSH::RSAPublicKey, j
+  end
+
+end

data/test/test_orthrus_ssh_rackapp.rb

@@ -0,0 +1,84 @@
+require 'minitest/unit'
+require 'minitest/autorun'
+
+require 'orthrus/ssh'
+require 'orthrus/ssh/rack_app'
+
+require 'stringio'
+
+require 'sessions'
+
+class TestOrthrusSSHRackApp < MiniTest::Unit::TestCase
+  DATA_PATH = File.expand_path "../data", __FILE__
+
+  def setup
+    @id_rsa = File.join DATA_PATH, "id_rsa"
+    @rsa = Orthrus::SSH.load_private @id_rsa
+
+    @id_rsa_pub = File.join DATA_PATH, "id_rsa.pub"
+    @rsa_pub = Orthrus::SSH.load_public @id_rsa_pub
+
+    @app = Orthrus::SSH::RackApp.new OrthrusTestSessions.new
+  end
+
+  def test_call_unable_to_find_identity
+    id = @rsa.public_identity
+
+    env = {
+      "rack.input" => StringIO.new,
+      "QUERY_STRING" => "state=find&user=evan&id=#{Rack::Utils.escape(id)}"
+    }
+
+    code, headers, body = @app.call(env)
+
+    assert_equal "application/x-www-form-urlencoded",
+                 headers["Content-Type"]
+
+    assert_equal "code=unknown", body[0]
+  end
+
+  def test_call_requests_signature
+    id = @rsa.public_identity
+    @app.sessions.add_key "evan", @rsa_pub
+
+    env = {
+      "rack.input" => StringIO.new,
+      "QUERY_STRING" => "state=find&user=evan&id=#{Rack::Utils.escape(id)}"
+    }
+
+    code, headers, body = @app.call(env)
+
+    assert_equal "application/x-www-form-urlencoded",
+                 headers["Content-Type"]
+
+    params = Rack::Utils.parse_query body.first
+
+    assert_equal "check", params['code']
+    assert_equal "1", params["session_id"]
+    refute params["nonce"].empty?
+  end
+
+  def test_call_verifies_signature
+    id = @rsa.public_identity
+    @app.sessions.add_key "evan", @rsa_pub
+
+    env = {
+      "rack.input" => StringIO.new,
+      "QUERY_STRING" => "state=find&user=evan&id=#{Rack::Utils.escape(id)}"
+    }
+
+    code, headers, body = @app.call(env)
+
+    params = Rack::Utils.parse_query(body.first)
+
+    data = params['nonce']
+
+    sig = Rack::Utils.escape @rsa.hexsign(data)
+
+    env["QUERY_STRING"] = "state=signed&sig=#{sig}&session_id=1"
+
+    code, headers, body = @app.call(env)
+
+    assert_equal ["code=verified&access_token=1"], body
+  end
+end

data/test/test_orthrus_ssh_rsa.rb

@@ -0,0 +1,46 @@
+require 'minitest/autorun'
+require 'minitest/unit'
+
+require 'orthrus/ssh'
+
+class TestOrthrusSSHRSA < MiniTest::Unit::TestCase
+  DATA_PATH = File.expand_path "../data", __FILE__
+
+  def setup
+    @id_rsa = File.join DATA_PATH, "id_rsa"
+    @id_rsa_pub = File.join DATA_PATH, "id_rsa.pub"
+  end
+
+  def pub_key
+    Orthrus::SSH.load_public @id_rsa_pub
+  end
+
+  def priv_key
+    Orthrus::SSH.load_private @id_rsa
+  end
+
+  def test_load_private
+    s = Orthrus::SSH.load_private @id_rsa
+    assert_kind_of Orthrus::SSH::PrivateKey, s
+    assert s.rsa?, "key not RSA"
+  end
+
+  def test_load_public
+    s = Orthrus::SSH.load_public @id_rsa_pub
+    assert_kind_of Orthrus::SSH::PublicKey, s
+    assert s.rsa?, "key not RSA"
+  end
+
+  def test_sign_and_verify
+    data = "hello"
+
+    assert pub_key.verify(priv_key.sign(data), data)
+  end
+
+  def test_public_identity
+    s = Orthrus::SSH.load_private @id_rsa
+    check = File.read(@id_rsa_pub).split(" ")[1]
+
+    assert_equal check, s.public_identity
+  end
+end

metadata

@@ -0,0 +1,149 @@
+--- !ruby/object:Gem::Specification 
+name: orthrus-ssh
+version: !ruby/object:Gem::Version 
+  hash: 11
+  prerelease: 
+  segments: 
+  - 0
+  - 5
+  - 0
+  version: 0.5.0
+platform: ruby
+authors: 
+- Evan Phoenix
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2012-03-25 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: minitest
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 21
+        segments: 
+        - 2
+        - 11
+        version: "2.11"
+  type: :development
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: rdoc
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 19
+        segments: 
+        - 3
+        - 10
+        version: "3.10"
+  type: :development
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 31
+        segments: 
+        - 2
+        - 14
+        version: "2.14"
+  type: :development
+  version_requirements: *id003
+description: A user authentication system built on SSH's key
+email: 
+- evan@phx.io
+executables: 
+- orthrus
+extensions: []
+
+extra_rdoc_files: 
+- History.txt
+- Manifest.txt
+- README.txt
+files: 
+- .autotest
+- History.txt
+- Manifest.txt
+- README.txt
+- Rakefile
+- bin/orthrus
+- lib/orthrus.rb
+- lib/orthrus/key.rb
+- lib/orthrus/key_holder.rb
+- lib/orthrus/ssh.rb
+- lib/orthrus/ssh/agent.rb
+- lib/orthrus/ssh/buffer.rb
+- lib/orthrus/ssh/dsa.rb
+- lib/orthrus/ssh/http_agent.rb
+- lib/orthrus/ssh/key.rb
+- lib/orthrus/ssh/public_key_set.rb
+- lib/orthrus/ssh/rack_app.rb
+- lib/orthrus/ssh/rsa.rb
+- lib/orthrus/ssh/utils.rb
+- test/data/authorized_keys
+- test/data/id_dsa
+- test/data/id_dsa.pub
+- test/data/id_rsa
+- test/data/id_rsa.pub
+- test/sessions.rb
+- test/test_orthrus_ssh_agent.rb
+- test/test_orthrus_ssh_dsa.rb
+- test/test_orthrus_ssh_http_agent.rb
+- test/test_orthrus_ssh_public_key_set.rb
+- test/test_orthrus_ssh_rackapp.rb
+- test/test_orthrus_ssh_rsa.rb
+- .gemtest
+homepage: http://github.com/evanphx/orthrus
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --main
+- README.txt
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: orthrus-ssh
+rubygems_version: 1.8.18
+signing_key: 
+specification_version: 3
+summary: A user authentication system built on SSH's key
+test_files: 
+- test/test_orthrus_ssh_agent.rb
+- test/test_orthrus_ssh_dsa.rb
+- test/test_orthrus_ssh_http_agent.rb
+- test/test_orthrus_ssh_public_key_set.rb
+- test/test_orthrus_ssh_rackapp.rb
+- test/test_orthrus_ssh_rsa.rb