queue_it 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in queue_it.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Kasper Grubbe
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# QueueIt
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'queue_it'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install queue_it
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/app/views/queue_it/cheating_queue.html.erb

@@ -0,0 +1,3 @@
+<h1>Don't cheat!</h1>
+<p>It is rude to skip the line!</p>
+<%= link_to "Click here to get back in line", queue_it_url %>

data/app/views/queue_it/enter_queue.html.erb

@@ -0,0 +1,3 @@
+<h1>Hold the line!</h1>
+<p>Because of the demand for getting to this page, we have put a queue in place.</p>
+<%= link_to "Click here to enter the queue", queue_it_url %>

data/lib/queue_it/known_user_checker.rb

@@ -0,0 +1,60 @@
+require 'digest/md5'
+require "queue_it/url_builder"
+
+module QueueIt
+  class KnownUserChecker
+
+    attr_accessor :shared_event_key, :event_id, :customer_id
+
+    def initialize(shared_event_key, event_id, customer_id)
+      self.shared_event_key = shared_event_key
+      self.event_id         = event_id
+      self.customer_id      = customer_id
+    end
+
+    # This is bound to Rails!
+    def create_or_verify_queue_it_session!(url, params)
+      queue_id                  = params['q' ] # A QuID, the user’s queue ID
+      encrypted_place_in_queue  = params['p' ] # A text, an encrypted version of the user’s queue number
+      expected_hash             = params['h' ] # An integer calculated hash
+      timestamp                 = params['ts'] # An integer timestamp counting number of seconds since 1970-01-01 00:00:00 UTC
+
+      verify_request!(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
+    end
+
+    def verify_request!(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
+      if verify_md5_hash?(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
+        decrypted_place_in_queue(encrypted_place_in_queue)
+      else
+        raise QueueIt::NotAuthorized.new
+      end
+    end
+
+  private
+
+    # uses one char of each string at a given starting point
+    # given b852fe78-0d10-4254-823c-f8749c401153 should get 4212870
+    def decrypted_place_in_queue(encrypted_place_in_queue)
+      return encrypted_place_in_queue[ 30..30 ] + encrypted_place_in_queue[ 3..3 ] + encrypted_place_in_queue[ 11..11 ] +
+             encrypted_place_in_queue[ 20..20 ] + encrypted_place_in_queue[ 7..7 ] + encrypted_place_in_queue[ 26..26 ] +
+             encrypted_place_in_queue[ 9..9 ]
+    end
+
+    # TODO add timestamp check
+    def verify_md5_hash?(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
+      raise QueueIt::MissingArgsGiven.new if [ url, queue_id, encrypted_place_in_queue, timestamp, expected_hash ].any?( &:nil? )
+
+      url_no_hash = "#{ url[ 0..-33 ] }#{ shared_event_key }" # Remove hash value and add SharedEventKey
+      actual_hash = Digest::MD5.hexdigest( utf8_encode( url_no_hash ) )
+
+      return false unless expected_hash == actual_hash
+      true
+    end
+
+    def utf8_encode(s)
+      s.encode('UTF-8', 'UTF-8')
+      s
+    end
+
+  end
+end

data/lib/queue_it/queueable.rb

@@ -0,0 +1,49 @@
+module QueueIt
+  module Queueable
+    extend ActiveSupport::Concern
+
+    included do
+      def queue_it_queue_id(event_id)
+        session[queue_it_session_variable(event_id)].to_i
+      end
+
+      def destroy_all_queue_it_sessions
+        session_variable_prefix = queue_it_session_variable("")
+        session.reject!{ |session_key| session_key.start_with?(session_variable_prefix) }
+      end
+
+      def destroy_queue_it_session(event_id)
+        session.delete(queue_it_session_variable(event_id))
+      end
+
+      def create_or_verify_queue_it_session(secret_key, event_id, customer_id, request_url, params)
+        # If there exists a session, we return. This needs to be refactored when we start to look at the timestamp parameter
+        return if session[queue_it_session_variable(event_id)].present?
+
+        begin
+          user_checker                                 = QueueIt::KnownUserChecker.new(secret_key, event_id, customer_id)
+          session[queue_it_session_variable(event_id)] = user_checker.create_or_verify_queue_it_session!(request_url, params)
+
+          # If the request URL contains queue_it params we remove them and redirect
+          # this is done to mask the params we use to create and verify the queue_it session
+          if QueueIt::UrlBuilder.contains_queue_params?(request_url)
+            redirect_to QueueIt::UrlBuilder.clean_url(request_url) and return
+          end
+        rescue QueueIt::MissingArgsGiven
+          queue_url = QueueIt::UrlBuilder.build_queue_url(customer_id, event_id)
+          render("queue_it/enter_queue", layout: false, locals: { queue_it_url: queue_url }) and return
+        rescue QueueIt::NotAuthorized
+          queue_cancel_url = QueueIt::UrlBuilder.build_cancel_url(customer_id, event_id)
+          render("queue_it/cheating_queue", layout: false, locals: { queue_it_url: queue_cancel_url }) and return
+        end
+
+      end
+
+      def queue_it_session_variable(event_id)
+        "KnownQueueItUser-#{event_id}"
+      end
+
+    end
+
+  end
+end

data/lib/queue_it/railtie.rb

@@ -0,0 +1,7 @@
+module QueueIt
+  module Rails
+    class Engine < ::Rails::Engine
+      # auto wire
+    end
+  end
+end

data/lib/queue_it/url_builder.rb

@@ -0,0 +1,45 @@
+require 'addressable/uri'
+
+module QueueIt
+  class UrlBuilder
+    def self.build_queue_url(customer_id, event_id)
+      "http://q.queue-it.net/?c=#{customer_id}&e=#{event_id}"
+    end
+
+    def self.build_cancel_url(customer_id, event_id, queue_id = nil)
+      "http://q.queue-it.net/cancel.aspx?c=#{customer_id}&e=#{event_id}&q=#{queue_id}"
+    end
+
+    # Removes all queue_it params from URL
+    # eg.:
+    # http://billetto.com/events/distortion/tickets?q=3d2d5097-c7e1-40e3-8d55-4bb721819324&p=56d0f360-4201-4e47-90d9-333872063976&ts=1393411468&c=billettodk&e=rainmaking&rt=Queue&h=0931dc67562c9a25c7a37bad33a6b46a
+    # to:
+    # http://billetto.com/events/distortion/tickets
+    def self.clean_url(request_url)
+      uri = Addressable::URI.parse(request_url)
+
+      params = uri.query_values
+      queue_it_params.each do |param|
+        params.delete(param)
+      end
+
+      uri.query_values = params
+      uri.to_s
+    end
+
+    def self.contains_queue_params?(request_url)
+      uri = Addressable::URI.parse(request_url)
+      request_params = uri.query_values
+
+      # Check if request_params contains any queue_it_params
+      !(queue_it_params & request_params.keys).empty?
+    end
+
+   private
+    def self.queue_it_params
+      ['q', 'p', 'h', 'ts', 'e', 'rt', 'c']
+    end
+  end
+end
+
+

data/lib/queue_it/version.rb

@@ -0,0 +1,3 @@
+module QueueIt
+  VERSION = "0.0.1"
+end

data/lib/queue_it.rb

@@ -0,0 +1,10 @@
+require "queue_it/version"
+require "queue_it/known_user_checker"
+
+module QueueIt
+  class NotAuthorized    < StandardError; end
+  class MissingArgsGiven < StandardError; end
+end
+
+require "queue_it/queueable" if defined?(::Rails)
+require "queue_it/railtie"   if defined?(::Rails)

data/queue_it.gemspec

@@ -0,0 +1,23 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'queue_it/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "queue_it"
+  spec.version       = QueueIt::VERSION
+  spec.authors       = ["Kasper Grubbe"]
+  spec.email         = ["kawsper@gmail.com"]
+  spec.description   = %q{Gem to handle the implementation of http://queue-it.net!}
+  spec.summary       = %q{Gem to handle the implementation of http://queue-it.net}
+  spec.homepage      = "https://github.com/gfish/queue_it"
+  spec.license       = "GNU/GPLv3"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+end

metadata

@@ -0,0 +1,92 @@
+--- !ruby/object:Gem::Specification
+name: queue_it
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Kasper Grubbe
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-03-06 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Gem to handle the implementation of http://queue-it.net!
+email:
+- kawsper@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- app/views/queue_it/cheating_queue.html.erb
+- app/views/queue_it/enter_queue.html.erb
+- lib/queue_it.rb
+- lib/queue_it/known_user_checker.rb
+- lib/queue_it/queueable.rb
+- lib/queue_it/railtie.rb
+- lib/queue_it/url_builder.rb
+- lib/queue_it/version.rb
+- queue_it.gemspec
+homepage: https://github.com/gfish/queue_it
+licenses:
+- GNU/GPLv3
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: Gem to handle the implementation of http://queue-it.net
+test_files: []