peritus_private_pub 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 14270700def1ba2d17469debf6d2f34b84ee4112
+  data.tar.gz: a8416de63706b9c7b195aaf77b6c21179bde4914
+SHA512:
+  metadata.gz: 9c4517563e98fa99db8f1efe10297897b3f227ed7bca5b92838879ecedb15cc0506d792a82cbf4bad2b6bdd7243177d3bbdf0fb69596ddd8e64fc03b8229bfe7
+  data.tar.gz: 78726586e1a43e6ab3c5925415ffbb0e20ffa5de42c1bb505ed520859575312f22ad14e95672f5ca205ab1e0f7d00dd0b5873bff3635091b9c7cd61e274fcbab

data/CHANGELOG.md

@@ -0,0 +1,49 @@
+## 1.0.3 (August 20, 2012)
+
+* fixed Faye startup error (thanks gitt) - issue #40
+
+
+## 1.0.2 (August 20, 2012)
+
+* added HTTPS support (thanks vanne)
+
+
+## 1.0.1 (January 25, 2012)
+
+* Rails 3.2 compatibility with SecureRandom fix (thanks windigo) - issue #26
+
+
+## 1.0.0 (January 15, 2012)
+
+* setting config defaults to nil so everything must be set in `private_pub.yml`
+
+* Documentation improvements
+
+
+## 0.3.0 (January 14, 2012)
+
+* adding `PrivatePub.publish_to` method for publishing from anywhere - issue #15
+
+* rewriting `private_pub.js` so it is framework agnostic
+
+* Rails 3.1 compatibility (thanks BinaryMuse) - issue #25
+
+* adding faye gem dependency so it doesn't need to be installed separately
+
+* renaming `faye.ru` to `private_pub.ru`
+
+* truncate token for client for security (thanks jameshuynh) - issue #19
+
+
+## 0.2.0 (April 7, 2011)
+
+* switched to YAML file for config. BACKWARDS INCOMPATIBLE: you will need to remove config/initializers/private_pub.rb
+
+* moved view helpers into Railtie so helper file is no longer generated
+
+* error out when signature has expired
+
+
+## 0.1.0 (April 4, 2011)
+
+* initial release

data/Gemfile

@@ -0,0 +1,3 @@
+source "http://rubygems.org"
+
+gemspec

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Ryan Bates
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,143 @@
+# Private Pub
+
+Private Pub is a Ruby gem for use with Rails to publish and subscribe to messages through [Faye](http://faye.jcoglan.com/). It allows you to easily provide real-time updates through an open socket without tying up a Rails process. All channels are private so users can only listen to events you subscribe them to.
+
+Watch [RailsCasts Episode 316](http://railscasts.com/episodes/316-private-pub) for a demonstration of Private Pub.
+
+
+## Setup
+
+Add the gem to your Gemfile and run the `bundle` command to install it. You'll probably want to add "thin" to your Gemfile as well to serve Faye.
+
+```ruby
+gem "private_pub"
+gem "thin"
+```
+
+Run the generator to create the initial files.
+
+```
+rails g private_pub:install
+```
+
+Next, start up Faye using the rackup file that was generated.
+
+```
+rackup private_pub.ru -s thin -E production
+```
+
+**In Rails 3.1** add the JavaScript file to your application.js file manifest.
+
+```javascript
+//= require private_pub
+```
+
+**In Rails 3.0** add the generated private_pub.js file to your layout.
+
+```rhtml
+<%= javascript_include_tag "private_pub" %>
+```
+
+It's not necessary to include faye.js since that will be handled automatically for you.
+
+
+## Usage
+
+Use the `subscribe_to` helper method on any page to subscribe to a channel.
+
+```rhtml
+<%= subscribe_to "/messages/new" %>
+```
+
+Use the `publish_to` helper method to send JavaScript to that channel. This is usually done in a JavaScript AJAX template (such as a create.js.erb file).
+
+```rhtml
+<% publish_to "/messages/new" do %>
+  $("#chat").append("<%= j render(@messages) %>");
+<% end %>
+```
+
+This JavaScript will be immediately evaluated on all clients who have subscribed to that channel. In this example they will see the new chat message appear in real-time without reloading the browser.
+
+
+## Alternative Usage
+
+If you prefer to work through JSON instead of `.js.erb` templates, you can pass a hash to `publish_to` instead of a block and it will be converted `to_json` behind the scenes. This can be done anywhere (such as the controller).
+
+```ruby
+PrivatePub.publish_to "/messages/new", :chat_message => "Hello, world!"
+```
+
+And then handle this through JavaScript on the client side.
+
+```javascript
+PrivatePub.subscribe("/messages/new", function(data, channel) {
+  $("#chat").append(data.chat_message);
+});
+```
+
+The Ruby `subscribe_to` helper call is still necessary with this approach to grant the user access to the channel. The JavaScript is just a callback for any custom behavior.
+
+
+## Configuration
+
+The configuration is set separately for each environment in the generated `config/private_pub.yml` file. Here are the options.
+
+* `server`: The URL to use for the Faye server such as `http://localhost:9292/faye`.
+* `secret_token`: A secret hash to secure the server. Can be any string.
+* `signature_expiration`: The length of time in seconds before a subscription signature expires. If this is not set there is no expiration. Note: if Faye is on a separate server from the Rails app, the system clocks must be in sync for the expiration to work properly.
+
+
+## How It Works
+
+The `subscribe_to` helper will output the following script which subscribes the user to a specific channel and server.
+
+```html
+<script type="text/javascript">
+  PrivatePub.sign({
+    channel: "/messages/new",
+    timestamp: 1302306682972,
+    signature: "dc1c71d3e959ebb6f49aa6af0c86304a0740088d",
+    server: "http://localhost:9292/faye"
+  });
+</script>
+```
+
+The signature and timestamp checked on the Faye server to ensure users are only able to access channels you subscribe them to. The signature will automatically expire after the time specified in the configuration.
+
+The `publish_to` method will send a post request to the Faye server (using `Net::HTTP`) instructing it to send the given data back to the browser.
+
+
+## Serving Faye over HTTPS (with Thin)
+
+To server Faye over HTTPS you could create a thin configuration file `config/private_pub_thin.yml` similar to the following:
+
+```yaml
+---
+port: 4443
+ssl: true
+ssl_key_file: /path/to/server.pem
+ssl_cert_file: /path/to/certificate_chain.pem
+environment: production
+rackup: private_pub.ru
+```
+
+The `certificate_chain.pem` file should contain your signed certificate, followed by intermediate certificates (if any) and the root certificate of the CA that signed the key.
+
+Next reconfigure the URL in `config/private_pub.yml` to look like `https://your.hostname.com:4443/faye`
+
+Finally start up Thin from the project root.
+
+```
+thin -C config/private_pub_thin.yml start
+```
+
+
+##  Project Status
+
+Unfortunately I have not had time to actively work on this project recently. If you find a critical issue where it does not work as documented please [ping me on Twitter](http://twitter.com/rbates) and I'll take a look.
+
+
+## Development & Feedback
+
+Questions or comments? Please use the [issue tracker](https://github.com/ryanb/private_pub/issues). Tests can be run with `bundle` and `rake` commands.

data/Rakefile

@@ -0,0 +1,12 @@
+require 'rubygems'
+require 'rake'
+require 'rspec/core/rake_task'
+require 'jasmine'
+load 'jasmine/tasks/jasmine.rake'
+
+desc "Run RSpec"
+RSpec::Core::RakeTask.new do |t|
+  t.verbose = false
+end
+
+task :default => [:spec, "jasmine:ci"]

data/app/assets/javascripts/private_pub.js

@@ -0,0 +1,97 @@
+function buildPrivatePub(doc) {
+  var self = {
+    connecting: false,
+    fayeClient: null,
+    fayeCallbacks: [],
+    subscriptions: {},
+    subscriptionObjects: {},
+    subscriptionCallbacks: {},
+
+    faye: function(callback) {
+      if (self.fayeClient) {
+        callback(self.fayeClient);
+      } else {
+        self.fayeCallbacks.push(callback);
+        if (self.subscriptions.server && !self.connecting) {
+          self.connecting = true;
+          var script = doc.createElement("script");
+          script.type = "text/javascript";
+          script.src = self.subscriptions.server + ".js";
+          script.onload = self.connectToFaye;
+          doc.documentElement.appendChild(script);
+        }
+      }
+    },
+
+    connectToFaye: function() {
+      self.fayeClient = new Faye.Client(self.subscriptions.server);
+      self.fayeClient.addExtension(self.fayeExtension);
+      for (var i=0; i < self.fayeCallbacks.length; i++) {
+        self.fayeCallbacks[i](self.fayeClient);
+      };
+    },
+
+    fayeExtension: {
+      outgoing: function(message, callback) {
+        if (message.channel == "/meta/subscribe") {
+          // Attach the signature and timestamp to subscription messages
+          var subscription = self.subscriptions[message.subscription];
+          if (!message.ext) message.ext = {};
+          message.ext.private_pub_signature = subscription.signature;
+          message.ext.private_pub_timestamp = subscription.timestamp;
+        }
+        callback(message);
+      }
+    },
+
+    sign: function(options) {
+      if (!self.subscriptions.server) {
+        self.subscriptions.server = options.server;
+      }
+      self.subscriptions[options.channel] = options;
+      self.faye(function(faye) {
+        var sub = faye.subscribe(options.channel, self.handleResponse);
+        self.subscriptionObjects[options.channel] = sub;
+        if (options.subscription) {
+          options.subscription(sub);
+        }
+      });
+    },
+
+    handleResponse: function(message) {
+      if (message.eval) {
+        eval(message.eval);
+      }
+      if (callback = self.subscriptionCallbacks[message.channel]) {
+        callback(message.data, message.channel);
+      }
+    },
+
+    subscription: function(channel) {
+      return self.subscriptionObjects[channel];
+    },
+
+    unsubscribeAll: function() {
+      for (var i in self.subscriptionObjects) {
+        if ( self.subscriptionObjects.hasOwnProperty(i) ) {
+          self.unsubscribe(i);
+        }
+      }
+    },
+
+    unsubscribe: function(channel) {
+      var sub = self.subscription(channel);
+      if (sub) {
+        sub.cancel();
+        delete self.subscriptionObjects[channel];
+      }
+    },
+
+    subscribe: function(channel, callback) {
+      self.subscriptionCallbacks[channel] = callback;
+    }
+  };
+  return self;
+}
+
+var PrivatePub = buildPrivatePub(document);

data/lib/generators/private_pub/install_generator.rb

@@ -0,0 +1,17 @@
+module PrivatePub
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      def self.source_root
+        File.dirname(__FILE__) + "/templates"
+      end
+
+      def copy_files
+        template "private_pub.yml", "config/private_pub.yml"
+        if ::Rails.version < "3.1"
+          copy_file "../../../../app/assets/javascripts/private_pub.js", "public/javascripts/private_pub.js"
+        end
+        copy_file "private_pub.ru", "private_pub.ru"
+      end
+    end
+  end
+end

data/lib/generators/private_pub/templates/private_pub.ru

@@ -0,0 +1,10 @@
+# Run with: rackup private_pub.ru -s thin -E production
+require "bundler/setup"
+require "yaml"
+require "faye"
+require "private_pub"
+
+Faye::WebSocket.load_adapter('thin')
+
+PrivatePub.load_config(File.expand_path("../config/private_pub.yml", __FILE__), ENV["RAILS_ENV"] || "development")
+run PrivatePub.faye_app

data/lib/generators/private_pub/templates/private_pub.yml

@@ -0,0 +1,10 @@
+development:
+  server: "http://dev:9292/faye"
+  secret_token: "secret"
+test:
+  server: "http://test:9292/faye"
+  secret_token: "secret"
+production:
+  server: "http://example.com/faye"
+  secret_token: "<%= defined?(SecureRandom) ? SecureRandom.hex(32) : ActiveSupport::SecureRandom.hex(32) %>"
+  signature_expiration: 3600 # one hour

data/lib/private_pub.rb

@@ -0,0 +1,79 @@
+require "digest/sha1"
+require "net/http"
+require "net/https"
+require "erb"
+
+require "private_pub/faye_extension"
+require "private_pub/engine" if defined? Rails
+
+module PrivatePub
+  class Error < StandardError; end
+
+  class << self
+    attr_reader :config
+
+    # Resets the configuration to the default (empty hash)
+    def reset_config
+      @config = {}
+    end
+
+    # Loads the  configuration from a given YAML file and environment (such as production)
+    def load_config(filename, environment)
+      yaml = YAML.load(ERB.new(File.read(filename)).result)[environment.to_s]
+      raise ArgumentError, "The #{environment} environment does not exist in #{filename}" if yaml.nil?
+      yaml.each { |k, v| config[k.to_sym] = v }
+    end
+
+    # Publish the given data to a specific channel. This ends up sending
+    # a Net::HTTP POST request to the Faye server.
+    def publish_to(channel, data)
+      publish_message(message(channel, data))
+    end
+
+    # Sends the given message hash to the Faye server using Net::HTTP.
+    def publish_message(message)
+      raise Error, "No server specified, ensure private_pub.yml was loaded properly." unless config[:server]
+      url = URI.parse(config[:server])
+
+      form = Net::HTTP::Post.new(url.path.empty? ? '/' : url.path)
+      form.set_form_data(:message => message.to_json)
+
+      http = Net::HTTP.new(url.host, url.port)
+      http.use_ssl = url.scheme == "https"
+      http.start {|h| h.request(form)}
+    end
+
+    # Returns a message hash for sending to Faye
+    def message(channel, data)
+      message = {:channel => channel, :data => {:channel => channel}, :ext => {:private_pub_token => config[:secret_token]}}
+      if data.kind_of? String
+        message[:data][:eval] = data
+      else
+        message[:data][:data] = data
+      end
+      message
+    end
+
+    # Returns a subscription hash to pass to the PrivatePub.sign call in JavaScript.
+    # Any options passed are merged to the hash.
+    def subscription(options = {})
+      sub = {:server => config[:server], :timestamp => (Time.now.to_f * 1000).round}.merge(options)
+      sub[:signature] = Digest::SHA1.hexdigest([config[:secret_token], sub[:channel], sub[:timestamp]].join)
+      sub
+    end
+
+    # Determine if the signature has expired given a timestamp.
+    def signature_expired?(timestamp)
+      timestamp < ((Time.now.to_f - config[:signature_expiration])*1000).round if config[:signature_expiration]
+    end
+
+    # Returns the Faye Rack application.
+    # Any options given are passed to the Faye::RackAdapter.
+    def faye_app(options = {})
+      options = {:mount => "/faye", :timeout => 45, :extensions => [FayeExtension.new]}.merge(options)
+      Faye::RackAdapter.new(options)
+    end
+  end
+
+  reset_config
+end

data/lib/private_pub/engine.rb

@@ -0,0 +1,16 @@
+require "private_pub/view_helpers"
+
+module PrivatePub
+  class Engine < Rails::Engine
+    # Loads the private_pub.yml file if it exists.
+    initializer "private_pub.config" do
+      path = Rails.root.join("config/private_pub.yml")
+      PrivatePub.load_config(path, Rails.env) if path.exist?
+    end
+
+    # Adds the ViewHelpers into ActionView::Base
+    initializer "private_pub.view_helpers" do
+      ActionView::Base.send :include, ViewHelpers
+    end
+  end
+end

data/lib/private_pub/faye_extension.rb

@@ -0,0 +1,39 @@
+module PrivatePub
+  # This class is an extension for the Faye::RackAdapter.
+  # It is used inside of PrivatePub.faye_app.
+  class FayeExtension
+    # Callback to handle incoming Faye messages. This authenticates both
+    # subscribe and publish calls.
+    def incoming(message, callback)
+      if message["channel"] == "/meta/subscribe"
+        authenticate_subscribe(message)
+      elsif message["channel"] !~ %r{^/meta/}
+        authenticate_publish(message)
+      end
+      callback.call(message)
+    end
+
+  private
+
+    # Ensure the subscription signature is correct and that it has not expired.
+    def authenticate_subscribe(message)
+      subscription = PrivatePub.subscription(:channel => message["subscription"], :timestamp => message["ext"]["private_pub_timestamp"])
+      if message["ext"]["private_pub_signature"] != subscription[:signature]
+        message["error"] = "Incorrect signature."
+      elsif PrivatePub.signature_expired? message["ext"]["private_pub_timestamp"].to_i
+        message["error"] = "Signature has expired."
+      end
+    end
+
+    # Ensures the secret token is correct before publishing.
+    def authenticate_publish(message)
+      if PrivatePub.config[:secret_token].nil?
+        raise Error, "No secret_token config set, ensure private_pub.yml is loaded properly."
+      elsif message["ext"]["private_pub_token"] != PrivatePub.config[:secret_token]
+        message["error"] = "Incorrect token."
+      else
+        message["ext"]["private_pub_token"] = nil
+      end
+    end
+  end
+end

data/lib/private_pub/view_helpers.rb

@@ -0,0 +1,22 @@
+module PrivatePub
+  module ViewHelpers
+    # Publish the given data or block to the client by sending
+    # a Net::HTTP POST request to the Faye server. If a block
+    # or string is passed in, it is evaluated as JavaScript
+    # on the client. Otherwise it will be converted to JSON
+    # for use in a JavaScript callback.
+    def publish_to(channel, data = nil, &block)
+      PrivatePub.publish_to(channel, data || capture(&block))
+    end
+
+    # Subscribe the client to the given channel. This generates
+    # some JavaScript calling PrivatePub.sign with the subscription
+    # options.
+    def subscribe_to(channel)
+      subscription = PrivatePub.subscription(:channel => channel)
+      content_tag "script", :type => "text/javascript" do
+        raw("PrivatePub.sign(#{subscription.to_json});")
+      end
+    end
+  end
+end

data/peritus_private_pub.gemspec

@@ -0,0 +1,21 @@
+Gem::Specification.new do |s|
+  s.name        = "peritus_private_pub"
+  s.version     = "1.0.0"
+  s.author      = "Tyler DeWitt"
+  s.email       = "tdewitt@peritus.com"
+  s.homepage    = "https://github.com/PeritusSolutions/peritus_private_pub"
+  s.summary     = "Private pub/sub messaging in Rails."
+  s.description = "Private pub/sub messaging in Rails through Faye."
+
+  s.files        = Dir["{app,lib,spec}/**/*", "[A-Z]*", "init.rb"] - ["Gemfile.lock"]
+  s.require_path = "lib"
+
+  s.add_dependency 'faye'
+
+  s.add_development_dependency 'rake'
+  s.add_development_dependency 'rspec', '~> 2.8.0'
+  s.add_development_dependency 'jasmine', '>= 1.1.1'
+
+  s.rubyforge_project = s.name
+  s.required_rubygems_version = ">= 1.3.4"
+end

data/spec/fixtures/private_pub.yml

@@ -0,0 +1,8 @@
+development:
+  server: http://dev.local:9292/faye
+  secret_token: DEVELOPMENT_SECRET_TOKEN
+  signature_expiration: 600
+production:
+  server: http://example.com/faye
+  secret_token: PRODUCTION_SECRET_TOKEN
+  signature_expiration: 600

data/spec/javascripts/private_pub_spec.js

@@ -0,0 +1,165 @@
+describe("PrivatePub", function() {
+  var pub, doc;
+  beforeEach(function() {
+    Faye = {}; // To simulate global Faye object
+    doc = {};
+    pub = buildPrivatePub(doc);
+  });
+
+  it("adds a subscription callback", function() {
+    pub.subscribe("hello", "callback");
+    expect(pub.subscriptionCallbacks["hello"]).toEqual("callback");
+  });
+
+  it("has a fayeExtension which adds matching subscription signature and timestamp to outgoing message", function() {
+    var called = false;
+    var message = {channel: "/meta/subscribe", subscription: "hello"}
+    pub.subscriptions["hello"] = {signature: "abcd", timestamp: "1234"}
+    pub.fayeExtension.outgoing(message, function(message) {
+      expect(message.ext.private_pub_signature).toEqual("abcd");
+      expect(message.ext.private_pub_timestamp).toEqual("1234");
+      called = true;
+    });
+    expect(called).toBeTruthy();
+  });
+
+  it("evaluates javascript in message response", function() {
+    pub.handleResponse({eval: 'self.subscriptions.foo = "bar"'});
+    expect(pub.subscriptions.foo).toEqual("bar");
+  });
+
+  it("triggers callback matching message channel in response", function() {
+    var called = false;
+    pub.subscribe("test", function(data, channel) {
+      expect(data).toEqual("abcd");
+      expect(channel).toEqual("test");
+      called = true;
+    });
+    pub.handleResponse({channel: "test", data: "abcd"});
+    expect(called).toBeTruthy();
+  });
+
+  it("adds a faye subscription with response handler when signing", function() {
+    var faye = {subscribe: jasmine.createSpy()};
+    spyOn(pub, 'faye').andCallFake(function(callback) {
+      callback(faye);
+    });
+    var options = {server: "server", channel: "somechannel"};
+    pub.sign(options);
+    expect(faye.subscribe).toHaveBeenCalledWith("somechannel", pub.handleResponse);
+    expect(pub.subscriptions.server).toEqual("server");
+    expect(pub.subscriptions.somechannel).toEqual(options);
+  });
+
+  it("adds a faye subscription with response handler when signing", function() {
+    var faye = {subscribe: jasmine.createSpy()};
+    spyOn(pub, 'faye').andCallFake(function(callback) {
+      callback(faye);
+    });
+    var options = {server: "server", channel: "somechannel"};
+    pub.sign(options);
+    expect(faye.subscribe).toHaveBeenCalledWith("somechannel", pub.handleResponse);
+    expect(pub.subscriptions.server).toEqual("server");
+    expect(pub.subscriptions.somechannel).toEqual(options);
+  });
+
+  it("takes a callback for subscription object when signing", function(){
+    var faye = {subscribe: function(){ return "subscription"; }};
+    spyOn(pub, 'faye').andCallFake(function(callback) {
+      callback(faye);
+    });
+    var options = { server: "server", channel: "somechannel" };
+    options.subscription = jasmine.createSpy();
+    pub.sign(options);
+    expect(options.subscription).toHaveBeenCalledWith("subscription");
+  });
+
+  it("returns the subscription object for a subscribed channel", function(){
+    var faye = {subscribe: function(){ return "subscription"; }};
+    spyOn(pub, 'faye').andCallFake(function(callback) {
+      callback(faye);
+    });
+    var options = { server: "server", channel: "somechannel" };
+    pub.sign(options);
+    expect(pub.subscription("somechannel")).toEqual("subscription")
+  });
+
+  it("unsubscribes a channel by name", function(){
+    var sub = { cancel: jasmine.createSpy() };
+    var faye = {subscribe: function(){ return sub; }};
+    spyOn(pub, 'faye').andCallFake(function(callback) {
+      callback(faye);
+    });
+    var options = { server: "server", channel: "somechannel" };
+    pub.sign(options);
+    expect(pub.subscription("somechannel")).toEqual(sub);
+    pub.unsubscribe("somechannel");
+    expect(sub.cancel).toHaveBeenCalled();
+    expect(pub.subscription("somechannel")).toBeFalsy();
+  });
+
+  it("unsubscribes all channels", function(){
+    var created = 0;
+    var sub = function() {
+      created ++;
+      var sub = { cancel: function(){ created --; } };
+      return sub;
+    };
+    var faye = { subscribe: function(){ return sub(); }};
+    spyOn(pub, 'faye').andCallFake(function(callback) {
+      callback(faye);
+    });
+    pub.sign({server: "server", channel: "firstchannel"});
+    pub.sign({server: "server", channel: "secondchannel"});
+    expect(created).toEqual(2);
+    expect(pub.subscription("firstchannel")).toBeTruthy();
+    expect(pub.subscription("secondchannel")).toBeTruthy();
+    pub.unsubscribeAll()
+    expect(created).toEqual(0);
+    expect(pub.subscription("firstchannel")).toBeFalsy();
+    expect(pub.subscription("secondchannel")).toBeFalsy();
+  });
+
+  it("triggers faye callback function immediately when fayeClient is available", function() {
+    var called = false;
+    pub.fayeClient = "faye";
+    pub.faye(function(faye) {
+      expect(faye).toEqual("faye");
+      called = true;
+    });
+    expect(called).toBeTruthy();
+  });
+
+  it("adds fayeCallback when client and server aren't available", function() {
+    pub.faye("callback");
+    expect(pub.fayeCallbacks[0]).toEqual("callback");
+  });
+
+  it("adds a script tag loading faye js when the server is present", function() {
+    script = {};
+    doc.createElement = function() { return script; };
+    doc.documentElement = {appendChild: jasmine.createSpy()};
+    pub.subscriptions.server = "path/to/faye";
+    pub.faye("callback");
+    expect(pub.fayeCallbacks[0]).toEqual("callback");
+    expect(script.type).toEqual("text/javascript");
+    expect(script.src).toEqual("path/to/faye.js");
+    expect(script.onload).toEqual(pub.connectToFaye);
+    expect(doc.documentElement.appendChild).toHaveBeenCalledWith(script);
+  });
+
+  it("connects to faye server, adds extension, and executes callbacks", function() {
+    callback = jasmine.createSpy();
+    client = {addExtension: jasmine.createSpy()};
+    Faye.Client = function(server) {
+      expect(server).toEqual("server")
+      return client;
+    };
+    pub.subscriptions.server = "server";
+    pub.fayeCallbacks.push(callback);
+    pub.connectToFaye();
+    expect(pub.fayeClient).toEqual(client);
+    expect(client.addExtension).toHaveBeenCalledWith(pub.fayeExtension);
+    expect(callback).toHaveBeenCalledWith(client);
+  });
+});

data/spec/javascripts/support/jasmine.yml

@@ -0,0 +1,73 @@
+# src_files
+#
+# Return an array of filepaths relative to src_dir to include before jasmine specs.
+# Default: []
+#
+# EXAMPLE:
+#
+# src_files:
+#   - lib/source1.js
+#   - lib/source2.js
+#   - dist/**/*.js
+#
+src_files:
+  - app/assets/javascripts/private_pub.js
+
+# stylesheets
+#
+# Return an array of stylesheet filepaths relative to src_dir to include before jasmine specs.
+# Default: []
+#
+# EXAMPLE:
+#
+# stylesheets:
+#   - css/style.css
+#   - stylesheets/*.css
+#
+stylesheets:
+
+# helpers
+#
+# Return an array of filepaths relative to spec_dir to include before jasmine specs.
+# Default: ["helpers/**/*.js"]
+#
+# EXAMPLE:
+#
+# helpers:
+#   - helpers/**/*.js
+#
+helpers:
+
+# spec_files
+#
+#  Return an array of filepaths relative to spec_dir to include.
+# Default: ["**/*[sS]pec.js"]
+#
+# EXAMPLE:
+#
+# spec_files:
+#   - **/*[sS]pec.js
+#
+spec_files:
+
+# src_dir
+#
+# Source directory path. Your src_files must be returned relative to this path. Will use root if left blank.
+# Default: project root
+#
+# EXAMPLE:
+#
+# src_dir: public
+#
+src_dir:
+
+# spec_dir
+#
+# Spec directory path. Your spec_files must be returned relative to this path.
+# Default: spec/javascripts
+#
+# EXAMPLE:
+#
+# spec_dir: spec/javascripts
+#
+spec_dir:

data/spec/javascripts/support/jasmine_config.rb

@@ -0,0 +1,23 @@
+module Jasmine
+  class Config
+
+    # Add your overrides or custom config code here
+
+  end
+end
+
+
+# Note - this is necessary for rspec2, which has removed the backtrace
+module Jasmine
+  class SpecBuilder
+    def declare_spec(parent, spec)
+      me = self
+      example_name = spec["name"]
+      @spec_ids << spec["id"]
+      backtrace = @example_locations[parent.description + " " + example_name]
+      parent.it example_name, {} do
+        me.report_spec(spec["id"])
+      end
+    end
+  end
+end

data/spec/javascripts/support/jasmine_runner.rb

@@ -0,0 +1,32 @@
+$:.unshift(ENV['JASMINE_GEM_PATH']) if ENV['JASMINE_GEM_PATH'] # for gem testing purposes
+
+require 'rubygems'
+require 'jasmine'
+jasmine_config_overrides = File.expand_path(File.join(File.dirname(__FILE__), 'jasmine_config.rb'))
+require jasmine_config_overrides if File.exist?(jasmine_config_overrides)
+if Jasmine::Dependencies.rspec2?
+  require 'rspec'
+else
+  require 'spec'
+end
+
+jasmine_config = Jasmine::Config.new
+spec_builder = Jasmine::SpecBuilder.new(jasmine_config)
+
+should_stop = false
+
+if Jasmine::Dependencies.rspec2?
+  RSpec.configuration.after(:suite) do
+    spec_builder.stop if should_stop
+  end
+else
+  Spec::Runner.configure do |config|
+    config.after(:suite) do
+      spec_builder.stop if should_stop
+    end
+  end
+end
+
+spec_builder.start
+should_stop = true
+spec_builder.declare_suites

data/spec/private_pub/faye_extension_spec.rb

@@ -0,0 +1,67 @@
+require "spec_helper"
+
+describe PrivatePub::FayeExtension do
+  before(:each) do
+    PrivatePub.reset_config
+    @faye = PrivatePub::FayeExtension.new
+    @message = {"channel" => "/meta/subscribe", "ext" => {}}
+  end
+
+  it "adds an error on an incoming subscription with a bad signature" do
+    @message["subscription"] = "hello"
+    @message["ext"]["private_pub_signature"] = "bad"
+    @message["ext"]["private_pub_timestamp"] = "123"
+    message = @faye.incoming(@message, lambda { |m| m })
+    message["error"].should eq("Incorrect signature.")
+  end
+
+  it "has no error when the signature matches the subscription" do
+    sub = PrivatePub.subscription(:channel => "hello")
+    @message["subscription"] = sub[:channel]
+    @message["ext"]["private_pub_signature"] = sub[:signature]
+    @message["ext"]["private_pub_timestamp"] = sub[:timestamp]
+    message = @faye.incoming(@message, lambda { |m| m })
+    message["error"].should be_nil
+  end
+
+  it "has an error when signature just expired" do
+    PrivatePub.config[:signature_expiration] = 1
+    sub = PrivatePub.subscription(:timestamp => 123, :channel => "hello")
+    @message["subscription"] = sub[:channel]
+    @message["ext"]["private_pub_signature"] = sub[:signature]
+    @message["ext"]["private_pub_timestamp"] = sub[:timestamp]
+    message = @faye.incoming(@message, lambda { |m| m })
+    message["error"].should eq("Signature has expired.")
+  end
+
+  it "has an error when trying to publish to a custom channel with a bad token" do
+    PrivatePub.config[:secret_token] = "good"
+    @message["channel"] = "/custom/channel"
+    @message["ext"]["private_pub_token"] = "bad"
+    message = @faye.incoming(@message, lambda { |m| m })
+    message["error"].should eq("Incorrect token.")
+  end
+
+  it "raises an exception when attempting to call a custom channel without a secret_token set" do
+    @message["channel"] = "/custom/channel"
+    @message["ext"]["private_pub_token"] = "bad"
+    lambda {
+      message = @faye.incoming(@message, lambda { |m| m })
+    }.should raise_error("No secret_token config set, ensure private_pub.yml is loaded properly.")
+  end
+
+  it "has no error on other meta calls" do
+    @message["channel"] = "/meta/connect"
+    message = @faye.incoming(@message, lambda { |m| m })
+    message["error"].should be_nil
+  end
+
+  it "should not let message carry the private pub token after server's validation" do
+    PrivatePub.config[:secret_token] = "good"
+    @message["channel"] = "/custom/channel"
+    @message["ext"]["private_pub_token"] = PrivatePub.config[:secret_token]
+    message = @faye.incoming(@message, lambda { |m| m })
+    message['ext']["private_pub_token"].should be_nil
+  end
+
+end

data/spec/private_pub_spec.rb

@@ -0,0 +1,141 @@
+require "spec_helper"
+
+describe PrivatePub do
+  before(:each) do
+    PrivatePub.reset_config
+  end
+
+  it "defaults server to nil" do
+    PrivatePub.config[:server].should be_nil
+  end
+
+  it "defaults signature_expiration to nil" do
+    PrivatePub.config[:signature_expiration].should be_nil
+  end
+
+  it "defaults subscription timestamp to current time in milliseconds" do
+    time = Time.now
+    Time.stub!(:now).and_return(time)
+    PrivatePub.subscription[:timestamp].should eq((time.to_f * 1000).round)
+  end
+
+  it "loads a simple configuration file via load_config" do
+    PrivatePub.load_config("spec/fixtures/private_pub.yml", "production")
+    PrivatePub.config[:server].should eq("http://example.com/faye")
+    PrivatePub.config[:secret_token].should eq("PRODUCTION_SECRET_TOKEN")
+    PrivatePub.config[:signature_expiration].should eq(600)
+  end
+
+  it "raises an exception if an invalid environment is passed to load_config" do
+    lambda {
+      PrivatePub.load_config("spec/fixtures/private_pub.yml", :test)
+    }.should raise_error ArgumentError
+  end
+
+  it "includes channel, server, and custom time in subscription" do
+    PrivatePub.config[:server] = "server"
+    subscription = PrivatePub.subscription(:timestamp => 123, :channel => "hello")
+    subscription[:timestamp].should eq(123)
+    subscription[:channel].should eq("hello")
+    subscription[:server].should eq("server")
+  end
+
+  it "does a sha1 digest of channel, timestamp, and secret token" do
+    PrivatePub.config[:secret_token] = "token"
+    subscription = PrivatePub.subscription(:timestamp => 123, :channel => "channel")
+    subscription[:signature].should eq(Digest::SHA1.hexdigest("tokenchannel123"))
+  end
+
+  it "formats a message hash given a channel and a string for eval" do
+    PrivatePub.config[:secret_token] = "token"
+    PrivatePub.message("chan", "foo").should eq(
+      :ext => {:private_pub_token => "token"},
+      :channel => "chan",
+      :data => {
+        :channel => "chan",
+        :eval => "foo"
+      }
+    )
+  end
+
+  it "formats a message hash given a channel and a hash" do
+    PrivatePub.config[:secret_token] = "token"
+    PrivatePub.message("chan", :foo => "bar").should eq(
+      :ext => {:private_pub_token => "token"},
+      :channel => "chan",
+      :data => {
+        :channel => "chan",
+        :data => {:foo => "bar"}
+      }
+    )
+  end
+
+  it "publish message as json to server using Net::HTTP" do
+    PrivatePub.config[:server] = "http://localhost"
+    message = 'foo'
+    form = mock(:post).as_null_object
+    http = mock(:http).as_null_object
+
+    Net::HTTP::Post.should_receive(:new).with('/').and_return(form)
+    form.should_receive(:set_form_data).with(message: 'foo'.to_json)
+
+    Net::HTTP.should_receive(:new).with('localhost', 80).and_return(http)
+    http.should_receive(:start).and_yield(http)
+    http.should_receive(:request).with(form).and_return(:result)
+
+    PrivatePub.publish_message(message).should eq(:result)
+  end
+
+  it "it should use HTTPS if the server URL says so" do
+    PrivatePub.config[:server] = "https://localhost"
+    http = mock(:http).as_null_object
+
+    Net::HTTP.should_receive(:new).and_return(http)
+    http.should_receive(:use_ssl=).with(true)
+
+    PrivatePub.publish_message('foo')
+  end
+
+  it "it should not use HTTPS if the server URL says not to" do
+    PrivatePub.config[:server] = "http://localhost"
+    http = mock(:http).as_null_object
+
+    Net::HTTP.should_receive(:new).and_return(http)
+    http.should_receive(:use_ssl=).with(false)
+
+    PrivatePub.publish_message('foo')
+  end
+
+  it "raises an exception if no server is specified when calling publish_message" do
+    lambda {
+      PrivatePub.publish_message("foo")
+    }.should raise_error(PrivatePub::Error)
+  end
+
+  it "publish_to passes message to publish_message call" do
+    PrivatePub.should_receive(:message).with("chan", "foo").and_return("message")
+    PrivatePub.should_receive(:publish_message).with("message").and_return(:result)
+    PrivatePub.publish_to("chan", "foo").should eq(:result)
+  end
+
+  it "has a Faye rack app instance" do
+    PrivatePub.faye_app.should be_kind_of(Faye::RackAdapter)
+  end
+
+  it "says signature has expired when time passed in is greater than expiration" do
+    PrivatePub.config[:signature_expiration] = 30*60
+    time = PrivatePub.subscription[:timestamp] - 31*60*1000
+    PrivatePub.signature_expired?(time).should be_true
+  end
+
+  it "says signature has not expired when time passed in is less than expiration" do
+    PrivatePub.config[:signature_expiration] = 30*60
+    time = PrivatePub.subscription[:timestamp] - 29*60*1000
+    PrivatePub.signature_expired?(time).should be_false
+  end
+
+  it "says signature has not expired when expiration is nil" do
+    PrivatePub.config[:signature_expiration] = nil
+    PrivatePub.signature_expired?(0).should be_false
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+require 'rubygems'
+require 'bundler/setup'
+require 'json'
+require 'faye'
+Bundler.require(:default)
+
+RSpec.configure do |config|
+end

metadata

@@ -0,0 +1,120 @@
+--- !ruby/object:Gem::Specification
+name: peritus_private_pub
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Tyler DeWitt
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-04-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: faye
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.8.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.8.0
+- !ruby/object:Gem::Dependency
+  name: jasmine
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.1.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.1.1
+description: Private pub/sub messaging in Rails through Faye.
+email: tdewitt@peritus.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- app/assets/javascripts/private_pub.js
+- lib/generators/private_pub/install_generator.rb
+- lib/generators/private_pub/templates/private_pub.ru
+- lib/generators/private_pub/templates/private_pub.yml
+- lib/private_pub.rb
+- lib/private_pub/engine.rb
+- lib/private_pub/faye_extension.rb
+- lib/private_pub/view_helpers.rb
+- peritus_private_pub.gemspec
+- spec/fixtures/private_pub.yml
+- spec/javascripts/private_pub_spec.js
+- spec/javascripts/support/jasmine.yml
+- spec/javascripts/support/jasmine_config.rb
+- spec/javascripts/support/jasmine_runner.rb
+- spec/private_pub/faye_extension_spec.rb
+- spec/private_pub_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/PeritusSolutions/peritus_private_pub
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.3.4
+requirements: []
+rubyforge_project: peritus_private_pub
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Private pub/sub messaging in Rails.
+test_files: []