rack-auth-cookie 0.7.2 → 0.7.3
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/rack/auth/cookie.rb +39 -8
- data/rack-auth-cookie.gemspec +1 -1
- data/test/test_rack_auth_cookie.rb +1 -1
- metadata +27 -10
data/lib/rack/auth/cookie.rb
CHANGED
|
@@ -6,7 +6,7 @@ module Rack
|
|
|
6
6
|
module Auth
|
|
7
7
|
class Cookie
|
|
8
8
|
# The version of the rack-auth-cookie library.
|
|
9
|
-
VERSION = '0.7.
|
|
9
|
+
VERSION = '0.7.3'
|
|
10
10
|
|
|
11
11
|
# Creates a new Rack::Auth::Cookie object.
|
|
12
12
|
#
|
|
@@ -14,16 +14,28 @@ module Rack
|
|
|
14
14
|
# name of the cookie used to authenticate the requestor. The default is
|
|
15
15
|
# 'auth_token'.
|
|
16
16
|
#
|
|
17
|
-
# The +
|
|
18
|
-
#
|
|
19
|
-
#
|
|
20
|
-
# request
|
|
17
|
+
# The +domain_tree_depth+ param is useful for associating a cookie with
|
|
18
|
+
# an ancestor of the domain where an application is currently hosted. The
|
|
19
|
+
# value indicates the number of domain components to strip off the left side
|
|
20
|
+
# of the fully qualified domain associated with each request when determining
|
|
21
|
+
# the domain to use for the cookie.
|
|
22
|
+
#
|
|
23
|
+
# The +share_cookie_with_subdomains+ param will result in a "." appended to
|
|
24
|
+
# the left side of the domain value sent in Set-Cookie response headers. Per
|
|
25
|
+
# RFC 2965, this should cause user agents to include the cookie in requests
|
|
26
|
+
# not only to the associated domain but also to all its subdomains.
|
|
27
|
+
#
|
|
28
|
+
# For instance, if an application is hosted at "blog.example.com", setting
|
|
29
|
+
# domain_tree_depth to 1 and share_cookie_with_subdomains to true will result
|
|
30
|
+
# in a domain value of ".example.com" in Set-Cookie headers, meaning "use a
|
|
31
|
+
# cookie that will be visible to example.com and all subdomains of example.com"
|
|
21
32
|
#
|
|
22
33
|
def initialize(app, options = {})
|
|
23
34
|
@app = app
|
|
24
35
|
@@secret = options[:secret]
|
|
25
36
|
@@cookie_name = options[:cookie_name] || "auth_token"
|
|
26
|
-
@@
|
|
37
|
+
@@domain_tree_depth = options[:domain_tree_depth] || nil
|
|
38
|
+
@@share_with_subdomains = options[:share_with_subdomains] || false
|
|
27
39
|
@@idle_timeout = options[:idle_timeout] || 3600
|
|
28
40
|
@@max_lifetime = options[:max_lifetime] || 36000
|
|
29
41
|
@@env = {}
|
|
@@ -190,7 +202,7 @@ module Rack
|
|
|
190
202
|
def self.create_auth_cookie(env)
|
|
191
203
|
cookie_value = create_auth_token(env)
|
|
192
204
|
cookie = "#{@@cookie_name}=#{URI.escape(cookie_value)}; "
|
|
193
|
-
cookie += "domain=.#{
|
|
205
|
+
cookie += "domain=.#{top_level_domain(env)}; " if @@cookie_domain
|
|
194
206
|
cookie += "path=/; "
|
|
195
207
|
cookie += "HttpOnly; "
|
|
196
208
|
end
|
|
@@ -198,7 +210,7 @@ module Rack
|
|
|
198
210
|
def self.create_clear_cookie(env)
|
|
199
211
|
cookie_value = ""
|
|
200
212
|
cookie = "#{@@cookie_name}=; "
|
|
201
|
-
cookie += "domain=.#{
|
|
213
|
+
cookie += "domain=.#{top_level_domain(env)}; " if @@cookie_domain
|
|
202
214
|
cookie += "path=/; "
|
|
203
215
|
cookie += "expires=Thu, 01-Jan-1970 00:00:00 GMT; "
|
|
204
216
|
cookie += "HttpOnly; "
|
|
@@ -207,6 +219,25 @@ module Rack
|
|
|
207
219
|
def self.generate_hmac(data)
|
|
208
220
|
OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, @@secret, data)
|
|
209
221
|
end
|
|
222
|
+
|
|
223
|
+
def self.raw_host_with_port(env)
|
|
224
|
+
if forwarded = env["HTTP_X_FORWARDED_HOST"]
|
|
225
|
+
forwarded.split(/,\s?/).last
|
|
226
|
+
else
|
|
227
|
+
env['HTTP_HOST'] ||
|
|
228
|
+
"#{env['SERVER_NAME'] || env['SERVER_ADDR']}:#{env['SERVER_PORT']}"
|
|
229
|
+
end
|
|
230
|
+
end
|
|
231
|
+
|
|
232
|
+
def self.host(env)
|
|
233
|
+
raw_host_with_port(env).sub(/:\d+$/, '')
|
|
234
|
+
end
|
|
235
|
+
|
|
236
|
+
def self.top_level_domain(env)
|
|
237
|
+
components = host(env).split('.')
|
|
238
|
+
components.slice!(0, @@domain_tree_depth)
|
|
239
|
+
components.join('.')
|
|
240
|
+
end
|
|
210
241
|
end
|
|
211
242
|
end
|
|
212
243
|
end
|
data/rack-auth-cookie.gemspec
CHANGED
|
@@ -2,7 +2,7 @@ require 'rubygems'
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |gem|
|
|
4
4
|
gem.name = 'rack-auth-cookie'
|
|
5
|
-
gem.version = '0.7.
|
|
5
|
+
gem.version = '0.7.3'
|
|
6
6
|
gem.authors = ["Daniel Berger", "Charlie O'Keefe"]
|
|
7
7
|
gem.email = 'cokeefe@globe.gov'
|
|
8
8
|
gem.homepage = 'http://www.github.com/charlieok/rack-auth-cookie'
|
metadata
CHANGED
|
@@ -1,7 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-auth-cookie
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
4
|
+
hash: 5
|
|
5
|
+
prerelease: false
|
|
6
|
+
segments:
|
|
7
|
+
- 0
|
|
8
|
+
- 7
|
|
9
|
+
- 3
|
|
10
|
+
version: 0.7.3
|
|
5
11
|
platform: ruby
|
|
6
12
|
authors:
|
|
7
13
|
- Daniel Berger
|
|
@@ -10,19 +16,25 @@ autorequire:
|
|
|
10
16
|
bindir: bin
|
|
11
17
|
cert_chain: []
|
|
12
18
|
|
|
13
|
-
date: 2010-07-
|
|
19
|
+
date: 2010-07-29 00:00:00 -06:00
|
|
14
20
|
default_executable:
|
|
15
21
|
dependencies:
|
|
16
22
|
- !ruby/object:Gem::Dependency
|
|
17
23
|
name: rack
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
24
|
+
prerelease: false
|
|
25
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
|
26
|
+
none: false
|
|
21
27
|
requirements:
|
|
22
28
|
- - ">="
|
|
23
29
|
- !ruby/object:Gem::Version
|
|
30
|
+
hash: 23
|
|
31
|
+
segments:
|
|
32
|
+
- 1
|
|
33
|
+
- 0
|
|
34
|
+
- 0
|
|
24
35
|
version: 1.0.0
|
|
25
|
-
|
|
36
|
+
type: :runtime
|
|
37
|
+
version_requirements: *id001
|
|
26
38
|
description: " The rack-auth-cookie library provides a Rack middleware interface for\n authenticating users using a cookie\n"
|
|
27
39
|
email: cokeefe@globe.gov
|
|
28
40
|
executables: []
|
|
@@ -37,7 +49,6 @@ files:
|
|
|
37
49
|
- CHANGES
|
|
38
50
|
- lib/rack/auth/cookie.rb
|
|
39
51
|
- MANIFEST
|
|
40
|
-
- rack-auth-cookie-0.7.2.gem
|
|
41
52
|
- rack-auth-cookie.gemspec
|
|
42
53
|
- Rakefile
|
|
43
54
|
- README
|
|
@@ -52,21 +63,27 @@ rdoc_options: []
|
|
|
52
63
|
require_paths:
|
|
53
64
|
- lib
|
|
54
65
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
66
|
+
none: false
|
|
55
67
|
requirements:
|
|
56
68
|
- - ">="
|
|
57
69
|
- !ruby/object:Gem::Version
|
|
70
|
+
hash: 3
|
|
71
|
+
segments:
|
|
72
|
+
- 0
|
|
58
73
|
version: "0"
|
|
59
|
-
version:
|
|
60
74
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
75
|
+
none: false
|
|
61
76
|
requirements:
|
|
62
77
|
- - ">="
|
|
63
78
|
- !ruby/object:Gem::Version
|
|
79
|
+
hash: 3
|
|
80
|
+
segments:
|
|
81
|
+
- 0
|
|
64
82
|
version: "0"
|
|
65
|
-
version:
|
|
66
83
|
requirements: []
|
|
67
84
|
|
|
68
85
|
rubyforge_project:
|
|
69
|
-
rubygems_version: 1.3.
|
|
86
|
+
rubygems_version: 1.3.7
|
|
70
87
|
signing_key:
|
|
71
88
|
specification_version: 3
|
|
72
89
|
summary: A Rack library that authenticates requests using a cookie
|