rack-auth-ip 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/ChangeLog +4 -0
- data/README +37 -0
- data/Rakefile +52 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-block_rb.html +661 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-callbacks_rb.html +932 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-change_rb.html +779 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-hunk_rb.html +867 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs_rb.html +1715 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-handler_rb.html +638 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-request_rb.html +647 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-rcov-0_8_1_2_0-lib-rcov_rb.html +1598 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-drb_rb.html +2373 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-eq_rb.html +626 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-invokemethod_rb.html +646 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-forwardable_rb.html +828 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-ipaddr_rb.html +1139 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-pp_rb.html +1257 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-prettyprint_rb.html +1506 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-timeout_rb.html +715 -0
- data/doc/output/coverage/index.html +657 -0
- data/doc/output/coverage/lib-rack-auth-ip_rb.html +656 -0
- data/lib/rack/auth/ip.rb +44 -0
- data/spec/rack-auth-ip_spec.rb +83 -0
- data/spec/spec.opts +1 -0
- data/spec/spec_helper.rb +4 -0
- data/tasks/basic_config.rake +22 -0
- data/tasks/basic_tasks.rake +139 -0
- metadata +103 -0
data/lib/rack/auth/ip.rb
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
require 'ipaddr'
|
2
|
+
module Rack
|
3
|
+
module Auth
|
4
|
+
class IP
|
5
|
+
module Util
|
6
|
+
# consider using reverse proxy
|
7
|
+
def detect_ip env
|
8
|
+
if env['HTTP_X_FORWARDED_FOR']
|
9
|
+
env['HTTP_X_FORWARDED_FOR'].split(',').pop
|
10
|
+
else
|
11
|
+
env["REMOTE_ADDR"]
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
module_function :detect_ip
|
16
|
+
end
|
17
|
+
include Util
|
18
|
+
|
19
|
+
def initialize app, ip_list=nil
|
20
|
+
@app = app
|
21
|
+
@ip_list = ip_list
|
22
|
+
|
23
|
+
if @ip_list
|
24
|
+
@ip_list = @ip_list.map {|ip| IPAddr.new(ip) }
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
def call env
|
29
|
+
req_ip = IPAddr.new(detect_ip(env))
|
30
|
+
|
31
|
+
if @ip_list
|
32
|
+
if @ip_list.find {|ip| ip.include? req_ip }
|
33
|
+
return @app.call(env)
|
34
|
+
end
|
35
|
+
else
|
36
|
+
if yield(req_ip)
|
37
|
+
return @app.call(env)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
return [403, {}, 'Forbidden' ]
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), 'spec_helper')
|
2
|
+
require 'rack/auth/ip'
|
3
|
+
require 'ipaddr'
|
4
|
+
|
5
|
+
module Rack::Auth::IP::CustomMatchers
|
6
|
+
class BeForbidden
|
7
|
+
def matches? actual
|
8
|
+
@actual = actual
|
9
|
+
actual[0] == 403
|
10
|
+
end
|
11
|
+
|
12
|
+
def failure_message
|
13
|
+
"expected status code 403 #{@actual.inspect}"
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
def be_forbidden
|
18
|
+
BeForbidden.new
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
describe Rack::Auth::IP do
|
23
|
+
describe 'detect_ip' do
|
24
|
+
it 'should return REMOTE_ADDR if not exists HTTP_X_FORWARDED_FOR' do
|
25
|
+
Rack::Auth::IP::Util.detect_ip({"REMOTE_ADDR" => '127.0.0.1'}).should == '127.0.0.1'
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'should return HTTP_X_FORWARDED_FOR if exists HTTP_X_FORWARDED_FOR' do
|
29
|
+
Rack::Auth::IP::Util.detect_ip({'HTTP_X_FORWARDED_FOR' => '192.168.0.1', "REMOTE_ADDR" => '127.0.0.1'}).should == '192.168.0.1'
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'should return last HTTP_X_FORWARDED_FOR if HTTP_X_FORWARDED_FOR has multi address' do
|
33
|
+
Rack::Auth::IP::Util.detect_ip({'HTTP_X_FORWARDED_FOR' => '192.168.0.1,192.168.0.2', "REMOTE_ADDR" => '127.0.0.1'}).should == '192.168.0.2'
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
describe 'when without ip list' do
|
38
|
+
before do
|
39
|
+
@env = { "REMOTE_ADDR" => '127.0.0.1' }
|
40
|
+
@app = proc {|env| env }
|
41
|
+
@auth_ip = Rack::Auth::IP.new(@app)
|
42
|
+
end
|
43
|
+
|
44
|
+
it 'should raise LocalJumpError without block' do
|
45
|
+
lambda { @auth_ip.call(@env) }.should raise_error(LocalJumpError)
|
46
|
+
end
|
47
|
+
|
48
|
+
it 'should recieve IPAddr instance in block' do
|
49
|
+
@auth_ip.call(@env) do |ip|
|
50
|
+
ip.should == IPAddr.new(@env["REMOTE_ADDR"])
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
describe 'with ip list' do
|
56
|
+
include Rack::Auth::IP::CustomMatchers
|
57
|
+
|
58
|
+
before do
|
59
|
+
@env = { "REMOTE_ADDR" => '127.0.0.1' }
|
60
|
+
@app = proc {|env| env }
|
61
|
+
end
|
62
|
+
|
63
|
+
it 'should be forbidden when ip list is blank' do
|
64
|
+
Rack::Auth::IP.new(@app, []).call(@env).should be_forbidden
|
65
|
+
end
|
66
|
+
|
67
|
+
it 'should be forbidden when ip list dose not match' do
|
68
|
+
Rack::Auth::IP.new(@app, ['192.168.0.1']).call(@env).should be_forbidden
|
69
|
+
end
|
70
|
+
|
71
|
+
it 'should run app when request ip is match' do
|
72
|
+
Rack::Auth::IP.new(@app, ['127.0.0.1']).call(@env).should == @app.call(@env)
|
73
|
+
end
|
74
|
+
|
75
|
+
it 'should run app when request ip in list' do
|
76
|
+
Rack::Auth::IP.new(@app, %w(192.168.0.1 127.0.0.1)).call(@env).should == @app.call(@env)
|
77
|
+
end
|
78
|
+
|
79
|
+
it 'can use mask as ip' do
|
80
|
+
Rack::Auth::IP.new(@app, %w(127.0.0.0/24)).call(@env).should == @app.call(@env)
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
data/spec/spec.opts
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
-Du -c -fs
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
AUTHOR = "Keiji, Yoshimi"
|
2
|
+
EMAIL = "walf443 at gmail.com"
|
3
|
+
RUBYFORGE_PROJECT = "akasakarb"
|
4
|
+
RUBYFORGE_PROJECT_ID = 4314
|
5
|
+
HOMEPATH = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"
|
6
|
+
RDOC_OPTS = [
|
7
|
+
"--charset", "utf-8",
|
8
|
+
"--opname", "index.html",
|
9
|
+
"--line-numbers",
|
10
|
+
"--main", "README",
|
11
|
+
"--inline-source",
|
12
|
+
'--exclude', '^(example|extras)/'
|
13
|
+
]
|
14
|
+
DEFAULT_EXTRA_RDOC_FILES = ['README', 'ChangeLog']
|
15
|
+
PKG_FILES = [ 'Rakefile' ] +
|
16
|
+
DEFAULT_EXTRA_RDOC_FILES +
|
17
|
+
Dir.glob('{bin,lib,test,spec,doc,tasks,script,generator,templates,extras,website}/**/*') +
|
18
|
+
Dir.glob('ext/**/*.{h,c,rb}') +
|
19
|
+
Dir.glob('examples/**/*.rb') +
|
20
|
+
Dir.glob('tools/*.rb')
|
21
|
+
|
22
|
+
EXTENSIONS = FileList['ext/**/extconf.rb'].to_a
|
@@ -0,0 +1,139 @@
|
|
1
|
+
|
2
|
+
REV = File.read(".svn/entries")[/committed-rev="(d+)"/, 1] rescue nil
|
3
|
+
CLEAN.include ['**/.*.sw?', '*.gem', '.config']
|
4
|
+
|
5
|
+
Rake::GemPackageTask.new(SPEC) do |p|
|
6
|
+
p.need_tar = true
|
7
|
+
p.gem_spec = SPEC
|
8
|
+
end
|
9
|
+
|
10
|
+
task :default => [:spec]
|
11
|
+
task :test => [:spec]
|
12
|
+
task :package => [:clean]
|
13
|
+
|
14
|
+
require 'spec/rake/spectask'
|
15
|
+
Spec::Rake::SpecTask.new(:spec) do |t|
|
16
|
+
t.spec_files = FileList['spec/**/*_spec.rb']
|
17
|
+
t.spec_opts = ['--options', 'spec/spec.opts']
|
18
|
+
t.warning = true
|
19
|
+
t.rcov = true
|
20
|
+
t.rcov_dir = 'doc/output/coverage'
|
21
|
+
t.rcov_opts = ['--exclude', 'spec,\.autotest']
|
22
|
+
end
|
23
|
+
|
24
|
+
desc "Heckle each module and class in turn"
|
25
|
+
task :heckle => :spec do
|
26
|
+
root_modules = HECKLE_ROOT_MODULES
|
27
|
+
spec_files = FileList['spec/**/*_spec.rb']
|
28
|
+
|
29
|
+
current_module, current_method = nil, nil
|
30
|
+
heckle_caught_modules = Hash.new { |hash, key| hash[key] = [] }
|
31
|
+
unhandled_mutations = 0
|
32
|
+
|
33
|
+
root_modules.each do |root_module|
|
34
|
+
IO.popen("heckle #{root_module} -t #{spec_files}") do |pipe|
|
35
|
+
while line = pipe.gets
|
36
|
+
line = line.chomp
|
37
|
+
|
38
|
+
if line =~ /^\*\*\* ((?:\w+(?:::)?)+)#(\w+)/
|
39
|
+
current_module, current_method = $1, $2
|
40
|
+
elsif line == "The following mutations didn't cause test failures:"
|
41
|
+
heckle_caught_modules[current_module] << current_method
|
42
|
+
elsif line == "+++ mutation"
|
43
|
+
unhandled_mutations += 1
|
44
|
+
end
|
45
|
+
|
46
|
+
puts line
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
if unhandled_mutations > 0
|
52
|
+
error_message_lines = ["*************\n"]
|
53
|
+
|
54
|
+
error_message_lines <<
|
55
|
+
"Heckle found #{unhandled_mutations} " +
|
56
|
+
"mutation#{"s" unless unhandled_mutations == 1} " +
|
57
|
+
"that didn't cause spec violations\n"
|
58
|
+
|
59
|
+
heckle_caught_modules.each do |mod, methods|
|
60
|
+
error_message_lines <<
|
61
|
+
"#{mod} contains the following poorly-specified methods:"
|
62
|
+
methods.each do |m|
|
63
|
+
error_message_lines << " - #{m}"
|
64
|
+
end
|
65
|
+
error_message_lines << ""
|
66
|
+
end
|
67
|
+
|
68
|
+
error_message_lines <<
|
69
|
+
"Get your act together and come back " +
|
70
|
+
"when your specs are doing their job!"
|
71
|
+
|
72
|
+
puts "*************"
|
73
|
+
raise error_message_lines.join("\n")
|
74
|
+
else
|
75
|
+
puts "Well done! Your code withstood a heckling."
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
79
|
+
require 'spec/rake/verify_rcov'
|
80
|
+
RCov::VerifyTask.new(:rcov => :spec) do |t|
|
81
|
+
t.index_html = "doc/output/coverage/index.html"
|
82
|
+
t.threshold = 100
|
83
|
+
end
|
84
|
+
|
85
|
+
task :install do
|
86
|
+
name = "#{NAME}-#{VERS}.gem"
|
87
|
+
sh %{rake package}
|
88
|
+
sh %{sudo gem install pkg/#{name}}
|
89
|
+
end
|
90
|
+
|
91
|
+
task :uninstall => [:clean] do
|
92
|
+
sh %{sudo gem uninstall #{NAME}}
|
93
|
+
end
|
94
|
+
|
95
|
+
|
96
|
+
Rake::RDocTask.new do |rdoc|
|
97
|
+
rdoc.rdoc_dir = 'html'
|
98
|
+
rdoc.options += RDOC_OPTS
|
99
|
+
rdoc.template = "resh"
|
100
|
+
#rdoc.template = "#{ENV['template']}.rb" if ENV['template']
|
101
|
+
if ENV['DOC_FILES']
|
102
|
+
rdoc.rdoc_files.include(ENV['DOC_FILES'].split(/,\s*/))
|
103
|
+
else
|
104
|
+
rdoc.rdoc_files.include('README', 'ChangeLog')
|
105
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
106
|
+
rdoc.rdoc_files.include('ext/**/*.c')
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
desc "Publish to RubyForge"
|
111
|
+
task :rubyforge => [:rdoc, :package] do
|
112
|
+
require 'rubyforge'
|
113
|
+
Rake::RubyForgePublisher.new(RUBYFORGE_PROJECT, 'yoshimi').upload
|
114
|
+
end
|
115
|
+
|
116
|
+
desc 'Package and upload the release to rubyforge.'
|
117
|
+
task :release => [:clean, :package] do |t|
|
118
|
+
require 'rubyforge'
|
119
|
+
v = ENV["VERSION"] or abort "Must supply VERSION=x.y.z"
|
120
|
+
abort "Versions don't match #{v} vs #{VERS}" unless v == VERS
|
121
|
+
pkg = "pkg/#{NAME}-#{VERS}"
|
122
|
+
|
123
|
+
rf = RubyForge.new
|
124
|
+
puts "Logging in"
|
125
|
+
rf.login
|
126
|
+
|
127
|
+
c = rf.userconfig
|
128
|
+
# c["release_notes"] = description if description
|
129
|
+
# c["release_changes"] = changes if changes
|
130
|
+
c["preformatted"] = true
|
131
|
+
|
132
|
+
files = [
|
133
|
+
"#{pkg}.tgz",
|
134
|
+
"#{pkg}.gem"
|
135
|
+
].compact
|
136
|
+
|
137
|
+
puts "Releasing #{NAME} v. #{VERS}"
|
138
|
+
rf.add_release RUBYFORGE_PROJECT_ID, RUBYFORGE_PACKAGE_ID, VERS, *files
|
139
|
+
end
|
metadata
ADDED
@@ -0,0 +1,103 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rack-auth-ip
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Keiji, Yoshimi
|
8
|
+
autorequire: ""
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2008-05-24 00:00:00 +09:00
|
13
|
+
default_executable:
|
14
|
+
dependencies:
|
15
|
+
- !ruby/object:Gem::Dependency
|
16
|
+
name: rack
|
17
|
+
version_requirement:
|
18
|
+
version_requirements: !ruby/object:Gem::Requirement
|
19
|
+
requirements:
|
20
|
+
- - ">="
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: 0.3.0
|
23
|
+
version:
|
24
|
+
description: rack's moddleware to restrict ip address
|
25
|
+
email: walf443 at gmail.com
|
26
|
+
executables: []
|
27
|
+
|
28
|
+
extensions: []
|
29
|
+
|
30
|
+
extra_rdoc_files:
|
31
|
+
- README
|
32
|
+
- ChangeLog
|
33
|
+
files:
|
34
|
+
- Rakefile
|
35
|
+
- README
|
36
|
+
- ChangeLog
|
37
|
+
- lib/rack
|
38
|
+
- lib/rack/auth
|
39
|
+
- lib/rack/auth/ip.rb
|
40
|
+
- spec/rack-auth-ip_spec.rb
|
41
|
+
- spec/spec.opts
|
42
|
+
- spec/spec_helper.rb
|
43
|
+
- doc/output
|
44
|
+
- doc/output/coverage
|
45
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-block_rb.html
|
46
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-callbacks_rb.html
|
47
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-change_rb.html
|
48
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-hunk_rb.html
|
49
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs_rb.html
|
50
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-handler_rb.html
|
51
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-request_rb.html
|
52
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-rcov-0_8_1_2_0-lib-rcov_rb.html
|
53
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-drb_rb.html
|
54
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-eq_rb.html
|
55
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-invokemethod_rb.html
|
56
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-forwardable_rb.html
|
57
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-ipaddr_rb.html
|
58
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-pp_rb.html
|
59
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-prettyprint_rb.html
|
60
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-timeout_rb.html
|
61
|
+
- doc/output/coverage/index.html
|
62
|
+
- doc/output/coverage/lib-rack-auth-ip_rb.html
|
63
|
+
- tasks/basic_config.rake
|
64
|
+
- tasks/basic_tasks.rake
|
65
|
+
has_rdoc: true
|
66
|
+
homepage: http://akasakarb.rubyforge.org
|
67
|
+
post_install_message:
|
68
|
+
rdoc_options:
|
69
|
+
- --charset
|
70
|
+
- utf-8
|
71
|
+
- --opname
|
72
|
+
- index.html
|
73
|
+
- --line-numbers
|
74
|
+
- --main
|
75
|
+
- README
|
76
|
+
- --inline-source
|
77
|
+
- --exclude
|
78
|
+
- ^(example|extras)/
|
79
|
+
- --title
|
80
|
+
- rack-auth-ip documentation
|
81
|
+
require_paths:
|
82
|
+
- lib
|
83
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
84
|
+
requirements:
|
85
|
+
- - ">="
|
86
|
+
- !ruby/object:Gem::Version
|
87
|
+
version: "0"
|
88
|
+
version:
|
89
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
90
|
+
requirements:
|
91
|
+
- - ">="
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: "0"
|
94
|
+
version:
|
95
|
+
requirements: []
|
96
|
+
|
97
|
+
rubyforge_project: akasakarb
|
98
|
+
rubygems_version: 1.0.1
|
99
|
+
signing_key:
|
100
|
+
specification_version: 2
|
101
|
+
summary: rack's moddleware to restrict ip address
|
102
|
+
test_files:
|
103
|
+
- spec/rack-auth-ip_spec.rb
|