rack-auth-cookie 0.7.2 → 0.7.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/rack/auth/cookie.rb +39 -8
- data/rack-auth-cookie.gemspec +1 -1
- data/test/test_rack_auth_cookie.rb +1 -1
- metadata +27 -10
data/lib/rack/auth/cookie.rb
CHANGED
|
@@ -6,7 +6,7 @@ module Rack
|
|
|
6
6
|
module Auth
|
|
7
7
|
class Cookie
|
|
8
8
|
# The version of the rack-auth-cookie library.
|
|
9
|
-
VERSION = '0.7.
|
|
9
|
+
VERSION = '0.7.3'
|
|
10
10
|
|
|
11
11
|
# Creates a new Rack::Auth::Cookie object.
|
|
12
12
|
#
|
|
@@ -14,16 +14,28 @@ module Rack
|
|
|
14
14
|
# name of the cookie used to authenticate the requestor. The default is
|
|
15
15
|
# 'auth_token'.
|
|
16
16
|
#
|
|
17
|
-
# The +
|
|
18
|
-
#
|
|
19
|
-
#
|
|
20
|
-
# request
|
|
17
|
+
# The +domain_tree_depth+ param is useful for associating a cookie with
|
|
18
|
+
# an ancestor of the domain where an application is currently hosted. The
|
|
19
|
+
# value indicates the number of domain components to strip off the left side
|
|
20
|
+
# of the fully qualified domain associated with each request when determining
|
|
21
|
+
# the domain to use for the cookie.
|
|
22
|
+
#
|
|
23
|
+
# The +share_cookie_with_subdomains+ param will result in a "." appended to
|
|
24
|
+
# the left side of the domain value sent in Set-Cookie response headers. Per
|
|
25
|
+
# RFC 2965, this should cause user agents to include the cookie in requests
|
|
26
|
+
# not only to the associated domain but also to all its subdomains.
|
|
27
|
+
#
|
|
28
|
+
# For instance, if an application is hosted at "blog.example.com", setting
|
|
29
|
+
# domain_tree_depth to 1 and share_cookie_with_subdomains to true will result
|
|
30
|
+
# in a domain value of ".example.com" in Set-Cookie headers, meaning "use a
|
|
31
|
+
# cookie that will be visible to example.com and all subdomains of example.com"
|
|
21
32
|
#
|
|
22
33
|
def initialize(app, options = {})
|
|
23
34
|
@app = app
|
|
24
35
|
@@secret = options[:secret]
|
|
25
36
|
@@cookie_name = options[:cookie_name] || "auth_token"
|
|
26
|
-
@@
|
|
37
|
+
@@domain_tree_depth = options[:domain_tree_depth] || nil
|
|
38
|
+
@@share_with_subdomains = options[:share_with_subdomains] || false
|
|
27
39
|
@@idle_timeout = options[:idle_timeout] || 3600
|
|
28
40
|
@@max_lifetime = options[:max_lifetime] || 36000
|
|
29
41
|
@@env = {}
|
|
@@ -190,7 +202,7 @@ module Rack
|
|
|
190
202
|
def self.create_auth_cookie(env)
|
|
191
203
|
cookie_value = create_auth_token(env)
|
|
192
204
|
cookie = "#{@@cookie_name}=#{URI.escape(cookie_value)}; "
|
|
193
|
-
cookie += "domain=.#{
|
|
205
|
+
cookie += "domain=.#{top_level_domain(env)}; " if @@cookie_domain
|
|
194
206
|
cookie += "path=/; "
|
|
195
207
|
cookie += "HttpOnly; "
|
|
196
208
|
end
|
|
@@ -198,7 +210,7 @@ module Rack
|
|
|
198
210
|
def self.create_clear_cookie(env)
|
|
199
211
|
cookie_value = ""
|
|
200
212
|
cookie = "#{@@cookie_name}=; "
|
|
201
|
-
cookie += "domain=.#{
|
|
213
|
+
cookie += "domain=.#{top_level_domain(env)}; " if @@cookie_domain
|
|
202
214
|
cookie += "path=/; "
|
|
203
215
|
cookie += "expires=Thu, 01-Jan-1970 00:00:00 GMT; "
|
|
204
216
|
cookie += "HttpOnly; "
|
|
@@ -207,6 +219,25 @@ module Rack
|
|
|
207
219
|
def self.generate_hmac(data)
|
|
208
220
|
OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, @@secret, data)
|
|
209
221
|
end
|
|
222
|
+
|
|
223
|
+
def self.raw_host_with_port(env)
|
|
224
|
+
if forwarded = env["HTTP_X_FORWARDED_HOST"]
|
|
225
|
+
forwarded.split(/,\s?/).last
|
|
226
|
+
else
|
|
227
|
+
env['HTTP_HOST'] ||
|
|
228
|
+
"#{env['SERVER_NAME'] || env['SERVER_ADDR']}:#{env['SERVER_PORT']}"
|
|
229
|
+
end
|
|
230
|
+
end
|
|
231
|
+
|
|
232
|
+
def self.host(env)
|
|
233
|
+
raw_host_with_port(env).sub(/:\d+$/, '')
|
|
234
|
+
end
|
|
235
|
+
|
|
236
|
+
def self.top_level_domain(env)
|
|
237
|
+
components = host(env).split('.')
|
|
238
|
+
components.slice!(0, @@domain_tree_depth)
|
|
239
|
+
components.join('.')
|
|
240
|
+
end
|
|
210
241
|
end
|
|
211
242
|
end
|
|
212
243
|
end
|
data/rack-auth-cookie.gemspec
CHANGED
|
@@ -2,7 +2,7 @@ require 'rubygems'
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |gem|
|
|
4
4
|
gem.name = 'rack-auth-cookie'
|
|
5
|
-
gem.version = '0.7.
|
|
5
|
+
gem.version = '0.7.3'
|
|
6
6
|
gem.authors = ["Daniel Berger", "Charlie O'Keefe"]
|
|
7
7
|
gem.email = 'cokeefe@globe.gov'
|
|
8
8
|
gem.homepage = 'http://www.github.com/charlieok/rack-auth-cookie'
|
metadata
CHANGED
|
@@ -1,7 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-auth-cookie
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
4
|
+
hash: 5
|
|
5
|
+
prerelease: false
|
|
6
|
+
segments:
|
|
7
|
+
- 0
|
|
8
|
+
- 7
|
|
9
|
+
- 3
|
|
10
|
+
version: 0.7.3
|
|
5
11
|
platform: ruby
|
|
6
12
|
authors:
|
|
7
13
|
- Daniel Berger
|
|
@@ -10,19 +16,25 @@ autorequire:
|
|
|
10
16
|
bindir: bin
|
|
11
17
|
cert_chain: []
|
|
12
18
|
|
|
13
|
-
date: 2010-07-
|
|
19
|
+
date: 2010-07-29 00:00:00 -06:00
|
|
14
20
|
default_executable:
|
|
15
21
|
dependencies:
|
|
16
22
|
- !ruby/object:Gem::Dependency
|
|
17
23
|
name: rack
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
24
|
+
prerelease: false
|
|
25
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
|
26
|
+
none: false
|
|
21
27
|
requirements:
|
|
22
28
|
- - ">="
|
|
23
29
|
- !ruby/object:Gem::Version
|
|
30
|
+
hash: 23
|
|
31
|
+
segments:
|
|
32
|
+
- 1
|
|
33
|
+
- 0
|
|
34
|
+
- 0
|
|
24
35
|
version: 1.0.0
|
|
25
|
-
|
|
36
|
+
type: :runtime
|
|
37
|
+
version_requirements: *id001
|
|
26
38
|
description: " The rack-auth-cookie library provides a Rack middleware interface for\n authenticating users using a cookie\n"
|
|
27
39
|
email: cokeefe@globe.gov
|
|
28
40
|
executables: []
|
|
@@ -37,7 +49,6 @@ files:
|
|
|
37
49
|
- CHANGES
|
|
38
50
|
- lib/rack/auth/cookie.rb
|
|
39
51
|
- MANIFEST
|
|
40
|
-
- rack-auth-cookie-0.7.2.gem
|
|
41
52
|
- rack-auth-cookie.gemspec
|
|
42
53
|
- Rakefile
|
|
43
54
|
- README
|
|
@@ -52,21 +63,27 @@ rdoc_options: []
|
|
|
52
63
|
require_paths:
|
|
53
64
|
- lib
|
|
54
65
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
66
|
+
none: false
|
|
55
67
|
requirements:
|
|
56
68
|
- - ">="
|
|
57
69
|
- !ruby/object:Gem::Version
|
|
70
|
+
hash: 3
|
|
71
|
+
segments:
|
|
72
|
+
- 0
|
|
58
73
|
version: "0"
|
|
59
|
-
version:
|
|
60
74
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
75
|
+
none: false
|
|
61
76
|
requirements:
|
|
62
77
|
- - ">="
|
|
63
78
|
- !ruby/object:Gem::Version
|
|
79
|
+
hash: 3
|
|
80
|
+
segments:
|
|
81
|
+
- 0
|
|
64
82
|
version: "0"
|
|
65
|
-
version:
|
|
66
83
|
requirements: []
|
|
67
84
|
|
|
68
85
|
rubyforge_project:
|
|
69
|
-
rubygems_version: 1.3.
|
|
86
|
+
rubygems_version: 1.3.7
|
|
70
87
|
signing_key:
|
|
71
88
|
specification_version: 3
|
|
72
89
|
summary: A Rack library that authenticates requests using a cookie
|