orthrus-ssh 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (33) hide show
  1. data/.autotest +23 -0
  2. data/.gemtest +0 -0
  3. data/History.txt +6 -0
  4. data/Manifest.txt +31 -0
  5. data/README.txt +61 -0
  6. data/Rakefile +12 -0
  7. data/bin/orthrus +16 -0
  8. data/lib/orthrus.rb +2 -0
  9. data/lib/orthrus/key.rb +12 -0
  10. data/lib/orthrus/key_holder.rb +15 -0
  11. data/lib/orthrus/ssh.rb +50 -0
  12. data/lib/orthrus/ssh/agent.rb +176 -0
  13. data/lib/orthrus/ssh/buffer.rb +343 -0
  14. data/lib/orthrus/ssh/dsa.rb +88 -0
  15. data/lib/orthrus/ssh/http_agent.rb +83 -0
  16. data/lib/orthrus/ssh/key.rb +50 -0
  17. data/lib/orthrus/ssh/public_key_set.rb +30 -0
  18. data/lib/orthrus/ssh/rack_app.rb +62 -0
  19. data/lib/orthrus/ssh/rsa.rb +51 -0
  20. data/lib/orthrus/ssh/utils.rb +26 -0
  21. data/test/data/authorized_keys +2 -0
  22. data/test/data/id_dsa +12 -0
  23. data/test/data/id_dsa.pub +1 -0
  24. data/test/data/id_rsa +27 -0
  25. data/test/data/id_rsa.pub +1 -0
  26. data/test/sessions.rb +28 -0
  27. data/test/test_orthrus_ssh_agent.rb +31 -0
  28. data/test/test_orthrus_ssh_dsa.rb +46 -0
  29. data/test/test_orthrus_ssh_http_agent.rb +71 -0
  30. data/test/test_orthrus_ssh_public_key_set.rb +29 -0
  31. data/test/test_orthrus_ssh_rackapp.rb +84 -0
  32. data/test/test_orthrus_ssh_rsa.rb +46 -0
  33. metadata +149 -0
data/test/data/id_rsa.pub ADDED
@@ -0,0 +1 @@
1
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDgYlt6gUVZUZE4xgW2TRvi8HjVgrWZ5e6Av76/H3PzvZpsgHSZyDiU1rgVsgwfb1NmJiwflNpILLprSmp3RRqdOEKzEPgxdscQY1sJtTQcmdlWeIvN6KvmImPwV9krqtN8vji7Zqr0N3mcDmdK1MbQ56Cjx5l6/y9rYGLmIZvoLOLDVe3olOHjpapHQLHrQL3c/2Il5y+9aXR1c/gKFeEwwhRL6hcSIufBnanXqVGa5QNrfzw4si8oAIWDNfXDGRdFkxrnGxHOguj8hFeYXNtz6OHu2UPbvum9sUNHXdDHBYSTPqUJfdLvo49ZMqShcEgNrlBe8rx7ooPdDas40mH evan@aero.local
data/test/sessions.rb ADDED
@@ -0,0 +1,28 @@
1
+ class OrthrusTestSessions
2
+ def initialize
3
+ @keys = Hash.new { |h,k| h[k] = {} }
4
+ end
5
+
6
+ def add_key(user, key)
7
+ @keys[user][key.public_identity] = key
8
+ end
9
+
10
+ def find_key(user, id)
11
+ @keys[user][id]
12
+ end
13
+
14
+ def new_session(user, pub)
15
+ @user = user
16
+ @pub = pub
17
+ [1, "secret"]
18
+ end
19
+
20
+ def find_session(id)
21
+ ["secret", @pub]
22
+ end
23
+
24
+ def access_token
25
+ 1
26
+ end
27
+ end
28
+
data/test/test_orthrus_ssh_agent.rb ADDED
@@ -0,0 +1,31 @@
1
+ require 'minitest/unit'
2
+
3
+ require 'orthrus/ssh/agent'
4
+
5
+ class TestOrthrusSSHAgent < MiniTest::Unit::TestCase
6
+ def setup
7
+ @agent = nil
8
+ skip unless Orthrus::SSH::Agent.available?
9
+ @agent = Orthrus::SSH::Agent.connect
10
+ end
11
+
12
+ def teardown
13
+ @agent.close if @agent
14
+ end
15
+
16
+ def test_identities
17
+ assert_kind_of Array, @agent.identities
18
+ end
19
+
20
+ def test_sign
21
+ id = @agent.identities.first
22
+
23
+ data = "hello"
24
+
25
+ type, sign = @agent.sign id, data
26
+
27
+ assert id.verify(sign, data)
28
+ end
29
+
30
+
31
+ end
data/test/test_orthrus_ssh_dsa.rb ADDED
@@ -0,0 +1,46 @@
1
+ require 'minitest/autorun'
2
+ require 'minitest/unit'
3
+
4
+ require 'orthrus/ssh'
5
+
6
+ class TestOrthrusSSHDSA < MiniTest::Unit::TestCase
7
+ DATA_PATH = File.expand_path "../data", __FILE__
8
+
9
+ def setup
10
+ @id_dsa = File.join DATA_PATH, "id_dsa"
11
+ @id_dsa_pub = File.join DATA_PATH, "id_dsa.pub"
12
+ end
13
+
14
+ def pub_key
15
+ Orthrus::SSH.load_public @id_dsa_pub
16
+ end
17
+
18
+ def priv_key
19
+ Orthrus::SSH.load_private @id_dsa
20
+ end
21
+
22
+ def test_load_private
23
+ s = Orthrus::SSH.load_private @id_dsa
24
+ assert_kind_of Orthrus::SSH::PrivateKey, s
25
+ assert s.dsa?, "key not dsa"
26
+ end
27
+
28
+ def test_load_public
29
+ s = Orthrus::SSH.load_public @id_dsa_pub
30
+ assert_kind_of Orthrus::SSH::PublicKey, s
31
+ assert s.dsa?, "key not dsa"
32
+ end
33
+
34
+ def test_sign_and_verify
35
+ data = "hello"
36
+
37
+ assert pub_key.verify(priv_key.sign(data), data)
38
+ end
39
+
40
+ def test_public_identity
41
+ s = Orthrus::SSH.load_private @id_dsa
42
+ check = File.read(@id_dsa_pub).split(" ")[1]
43
+
44
+ assert_equal check, s.public_identity
45
+ end
46
+ end
data/test/test_orthrus_ssh_http_agent.rb ADDED
@@ -0,0 +1,71 @@
1
+ require 'minitest/unit'
2
+ require 'minitest/autorun'
3
+
4
+ require 'orthrus/ssh/rack_app'
5
+ require 'orthrus/ssh/http_agent'
6
+
7
+ require 'stringio'
8
+
9
+ require 'sessions'
10
+
11
+ class TestOrthrusSSHHTTPAgent < MiniTest::Unit::TestCase
12
+ DATA_PATH = File.expand_path "../data", __FILE__
13
+
14
+ def setup
15
+ @@app ||= Orthrus::SSH::RackApp.new OrthrusTestSessions.new
16
+ @app = @@app
17
+ @@server ||= begin
18
+ s = Rack::Server.new :app => @app, :Port => 8787
19
+ Thread.new { s.start }
20
+ s
21
+ end
22
+
23
+ @old_stderr = $stderr
24
+ $stderr = StringIO.new
25
+
26
+ sleep 1
27
+
28
+ @id_rsa = File.join DATA_PATH, "id_rsa"
29
+ @rsa = Orthrus::SSH.load_private @id_rsa
30
+
31
+ @rsa_pub = Orthrus::SSH.load_public File.join(DATA_PATH, "id_rsa.pub")
32
+ @app.sessions.add_key "evan", @rsa_pub
33
+ end
34
+
35
+ def teardown
36
+ # @thread.kill
37
+ $stderr = @old_stderr
38
+ end
39
+
40
+ def test_access_token
41
+ url = URI.parse "http://127.0.0.1:8787/"
42
+ h = Orthrus::SSH::HTTPAgent.new url
43
+
44
+ h.add_key @id_rsa
45
+
46
+ h.start "evan"
47
+
48
+ assert_equal "1", h.access_token
49
+ end
50
+
51
+ def test_access_token_from_agent
52
+ skip unless Orthrus::SSH::Agent.available?
53
+
54
+ begin
55
+ `ssh-add #{@id_rsa} 2>&1`
56
+
57
+ assert Orthrus::SSH::Agent.connect.identities.any? { |id|
58
+ id.public_identity == @rsa_pub.public_identity
59
+ }
60
+
61
+ url = URI.parse "http://127.0.0.1:8787/"
62
+ h = Orthrus::SSH::HTTPAgent.new url
63
+
64
+ h.start "evan"
65
+
66
+ assert_equal "1", h.access_token
67
+ ensure
68
+ `ssh-add -d #{@id_rsa} 2>&1`
69
+ end
70
+ end
71
+ end
data/test/test_orthrus_ssh_public_key_set.rb ADDED
@@ -0,0 +1,29 @@
1
+ require 'minitest/autorun'
2
+ require 'minitest/unit'
3
+
4
+ require 'orthrus/ssh/public_key_set'
5
+
6
+ class TestOrthrusSSHPublicKeySet < MiniTest::Unit::TestCase
7
+ DATA_PATH = File.expand_path "../data", __FILE__
8
+
9
+ def setup
10
+ @auth_keys = File.join DATA_PATH, "authorized_keys"
11
+ @id_dsa = File.join DATA_PATH, "id_dsa"
12
+ @id_rsa = File.join DATA_PATH, "id_rsa"
13
+ end
14
+
15
+ def test_load_authorized_keys
16
+ s = Orthrus::SSH::PublicKeySet.load_file @auth_keys
17
+ assert_equal 2, s.num_keys
18
+ end
19
+
20
+ def test_find
21
+ s = Orthrus::SSH::PublicKeySet.load_file @auth_keys
22
+ k = Orthrus::SSH.load_private @id_rsa
23
+
24
+ j = s.find(k.public_identity)
25
+
26
+ assert_kind_of Orthrus::SSH::RSAPublicKey, j
27
+ end
28
+
29
+ end
data/test/test_orthrus_ssh_rackapp.rb ADDED
@@ -0,0 +1,84 @@
1
+ require 'minitest/unit'
2
+ require 'minitest/autorun'
3
+
4
+ require 'orthrus/ssh'
5
+ require 'orthrus/ssh/rack_app'
6
+
7
+ require 'stringio'
8
+
9
+ require 'sessions'
10
+
11
+ class TestOrthrusSSHRackApp < MiniTest::Unit::TestCase
12
+ DATA_PATH = File.expand_path "../data", __FILE__
13
+
14
+ def setup
15
+ @id_rsa = File.join DATA_PATH, "id_rsa"
16
+ @rsa = Orthrus::SSH.load_private @id_rsa
17
+
18
+ @id_rsa_pub = File.join DATA_PATH, "id_rsa.pub"
19
+ @rsa_pub = Orthrus::SSH.load_public @id_rsa_pub
20
+
21
+ @app = Orthrus::SSH::RackApp.new OrthrusTestSessions.new
22
+ end
23
+
24
+ def test_call_unable_to_find_identity
25
+ id = @rsa.public_identity
26
+
27
+ env = {
28
+ "rack.input" => StringIO.new,
29
+ "QUERY_STRING" => "state=find&user=evan&id=#{Rack::Utils.escape(id)}"
30
+ }
31
+
32
+ code, headers, body = @app.call(env)
33
+
34
+ assert_equal "application/x-www-form-urlencoded",
35
+ headers["Content-Type"]
36
+
37
+ assert_equal "code=unknown", body[0]
38
+ end
39
+
40
+ def test_call_requests_signature
41
+ id = @rsa.public_identity
42
+ @app.sessions.add_key "evan", @rsa_pub
43
+
44
+ env = {
45
+ "rack.input" => StringIO.new,
46
+ "QUERY_STRING" => "state=find&user=evan&id=#{Rack::Utils.escape(id)}"
47
+ }
48
+
49
+ code, headers, body = @app.call(env)
50
+
51
+ assert_equal "application/x-www-form-urlencoded",
52
+ headers["Content-Type"]
53
+
54
+ params = Rack::Utils.parse_query body.first
55
+
56
+ assert_equal "check", params['code']
57
+ assert_equal "1", params["session_id"]
58
+ refute params["nonce"].empty?
59
+ end
60
+
61
+ def test_call_verifies_signature
62
+ id = @rsa.public_identity
63
+ @app.sessions.add_key "evan", @rsa_pub
64
+
65
+ env = {
66
+ "rack.input" => StringIO.new,
67
+ "QUERY_STRING" => "state=find&user=evan&id=#{Rack::Utils.escape(id)}"
68
+ }
69
+
70
+ code, headers, body = @app.call(env)
71
+
72
+ params = Rack::Utils.parse_query(body.first)
73
+
74
+ data = params['nonce']
75
+
76
+ sig = Rack::Utils.escape @rsa.hexsign(data)
77
+
78
+ env["QUERY_STRING"] = "state=signed&sig=#{sig}&session_id=1"
79
+
80
+ code, headers, body = @app.call(env)
81
+
82
+ assert_equal ["code=verified&access_token=1"], body
83
+ end
84
+ end
data/test/test_orthrus_ssh_rsa.rb ADDED
@@ -0,0 +1,46 @@
1
+ require 'minitest/autorun'
2
+ require 'minitest/unit'
3
+
4
+ require 'orthrus/ssh'
5
+
6
+ class TestOrthrusSSHRSA < MiniTest::Unit::TestCase
7
+ DATA_PATH = File.expand_path "../data", __FILE__
8
+
9
+ def setup
10
+ @id_rsa = File.join DATA_PATH, "id_rsa"
11
+ @id_rsa_pub = File.join DATA_PATH, "id_rsa.pub"
12
+ end
13
+
14
+ def pub_key
15
+ Orthrus::SSH.load_public @id_rsa_pub
16
+ end
17
+
18
+ def priv_key
19
+ Orthrus::SSH.load_private @id_rsa
20
+ end
21
+
22
+ def test_load_private
23
+ s = Orthrus::SSH.load_private @id_rsa
24
+ assert_kind_of Orthrus::SSH::PrivateKey, s
25
+ assert s.rsa?, "key not RSA"
26
+ end
27
+
28
+ def test_load_public
29
+ s = Orthrus::SSH.load_public @id_rsa_pub
30
+ assert_kind_of Orthrus::SSH::PublicKey, s
31
+ assert s.rsa?, "key not RSA"
32
+ end
33
+
34
+ def test_sign_and_verify
35
+ data = "hello"
36
+
37
+ assert pub_key.verify(priv_key.sign(data), data)
38
+ end
39
+
40
+ def test_public_identity
41
+ s = Orthrus::SSH.load_private @id_rsa
42
+ check = File.read(@id_rsa_pub).split(" ")[1]
43
+
44
+ assert_equal check, s.public_identity
45
+ end
46
+ end
metadata ADDED
@@ -0,0 +1,149 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: orthrus-ssh
3
+ version: !ruby/object:Gem::Version
4
+ hash: 11
5
+ prerelease:
6
+ segments:
7
+ - 0
8
+ - 5
9
+ - 0
10
+ version: 0.5.0
11
+ platform: ruby
12
+ authors:
13
+ - Evan Phoenix
14
+ autorequire:
15
+ bindir: bin
16
+ cert_chain: []
17
+
18
+ date: 2012-03-25 00:00:00 Z
19
+ dependencies:
20
+ - !ruby/object:Gem::Dependency
21
+ name: minitest
22
+ prerelease: false
23
+ requirement: &id001 !ruby/object:Gem::Requirement
24
+ none: false
25
+ requirements:
26
+ - - ~>
27
+ - !ruby/object:Gem::Version
28
+ hash: 21
29
+ segments:
30
+ - 2
31
+ - 11
32
+ version: "2.11"
33
+ type: :development
34
+ version_requirements: *id001
35
+ - !ruby/object:Gem::Dependency
36
+ name: rdoc
37
+ prerelease: false
38
+ requirement: &id002 !ruby/object:Gem::Requirement
39
+ none: false
40
+ requirements:
41
+ - - ~>
42
+ - !ruby/object:Gem::Version
43
+ hash: 19
44
+ segments:
45
+ - 3
46
+ - 10
47
+ version: "3.10"
48
+ type: :development
49
+ version_requirements: *id002
50
+ - !ruby/object:Gem::Dependency
51
+ name: hoe
52
+ prerelease: false
53
+ requirement: &id003 !ruby/object:Gem::Requirement
54
+ none: false
55
+ requirements:
56
+ - - ~>
57
+ - !ruby/object:Gem::Version
58
+ hash: 31
59
+ segments:
60
+ - 2
61
+ - 14
62
+ version: "2.14"
63
+ type: :development
64
+ version_requirements: *id003
65
+ description: A user authentication system built on SSH's key
66
+ email:
67
+ - evan@phx.io
68
+ executables:
69
+ - orthrus
70
+ extensions: []
71
+
72
+ extra_rdoc_files:
73
+ - History.txt
74
+ - Manifest.txt
75
+ - README.txt
76
+ files:
77
+ - .autotest
78
+ - History.txt
79
+ - Manifest.txt
80
+ - README.txt
81
+ - Rakefile
82
+ - bin/orthrus
83
+ - lib/orthrus.rb
84
+ - lib/orthrus/key.rb
85
+ - lib/orthrus/key_holder.rb
86
+ - lib/orthrus/ssh.rb
87
+ - lib/orthrus/ssh/agent.rb
88
+ - lib/orthrus/ssh/buffer.rb
89
+ - lib/orthrus/ssh/dsa.rb
90
+ - lib/orthrus/ssh/http_agent.rb
91
+ - lib/orthrus/ssh/key.rb
92
+ - lib/orthrus/ssh/public_key_set.rb
93
+ - lib/orthrus/ssh/rack_app.rb
94
+ - lib/orthrus/ssh/rsa.rb
95
+ - lib/orthrus/ssh/utils.rb
96
+ - test/data/authorized_keys
97
+ - test/data/id_dsa
98
+ - test/data/id_dsa.pub
99
+ - test/data/id_rsa
100
+ - test/data/id_rsa.pub
101
+ - test/sessions.rb
102
+ - test/test_orthrus_ssh_agent.rb
103
+ - test/test_orthrus_ssh_dsa.rb
104
+ - test/test_orthrus_ssh_http_agent.rb
105
+ - test/test_orthrus_ssh_public_key_set.rb
106
+ - test/test_orthrus_ssh_rackapp.rb
107
+ - test/test_orthrus_ssh_rsa.rb
108
+ - .gemtest
109
+ homepage: http://github.com/evanphx/orthrus
110
+ licenses: []
111
+
112
+ post_install_message:
113
+ rdoc_options:
114
+ - --main
115
+ - README.txt
116
+ require_paths:
117
+ - lib
118
+ required_ruby_version: !ruby/object:Gem::Requirement
119
+ none: false
120
+ requirements:
121
+ - - ">="
122
+ - !ruby/object:Gem::Version
123
+ hash: 3
124
+ segments:
125
+ - 0
126
+ version: "0"
127
+ required_rubygems_version: !ruby/object:Gem::Requirement
128
+ none: false
129
+ requirements:
130
+ - - ">="
131
+ - !ruby/object:Gem::Version
132
+ hash: 3
133
+ segments:
134
+ - 0
135
+ version: "0"
136
+ requirements: []
137
+
138
+ rubyforge_project: orthrus-ssh
139
+ rubygems_version: 1.8.18
140
+ signing_key:
141
+ specification_version: 3
142
+ summary: A user authentication system built on SSH's key
143
+ test_files:
144
+ - test/test_orthrus_ssh_agent.rb
145
+ - test/test_orthrus_ssh_dsa.rb
146
+ - test/test_orthrus_ssh_http_agent.rb
147
+ - test/test_orthrus_ssh_public_key_set.rb
148
+ - test/test_orthrus_ssh_rackapp.rb
149
+ - test/test_orthrus_ssh_rsa.rb