rack-auth-ip 0.0.1

data/lib/rack/auth/ip.rb

@@ -0,0 +1,44 @@
+require 'ipaddr'
+module Rack
+  module Auth
+    class IP
+      module Util
+        # consider using reverse proxy
+        def detect_ip env
+          if env['HTTP_X_FORWARDED_FOR']
+            env['HTTP_X_FORWARDED_FOR'].split(',').pop
+          else
+            env["REMOTE_ADDR"]
+          end
+        end
+
+        module_function :detect_ip
+      end
+      include Util
+
+      def initialize app, ip_list=nil
+        @app = app
+        @ip_list = ip_list
+
+        if @ip_list 
+          @ip_list = @ip_list.map {|ip| IPAddr.new(ip) }
+        end
+      end
+
+      def call env
+        req_ip = IPAddr.new(detect_ip(env))
+
+        if @ip_list
+          if @ip_list.find {|ip| ip.include? req_ip }
+            return @app.call(env)
+          end
+        else
+          if yield(req_ip)
+            return @app.call(env)
+          end
+        end
+        return [403, {}, 'Forbidden' ]
+      end
+    end
+  end
+end

data/spec/rack-auth-ip_spec.rb

@@ -0,0 +1,83 @@
+require File.join(File.dirname(__FILE__), 'spec_helper')
+require 'rack/auth/ip'
+require 'ipaddr'
+
+module Rack::Auth::IP::CustomMatchers
+  class BeForbidden
+    def matches? actual
+      @actual = actual
+      actual[0] == 403
+    end
+
+    def failure_message
+      "expected status code 403 #{@actual.inspect}"
+    end
+  end
+
+  def be_forbidden
+    BeForbidden.new
+  end
+end
+
+describe Rack::Auth::IP do
+  describe 'detect_ip' do
+    it 'should return REMOTE_ADDR if not exists HTTP_X_FORWARDED_FOR' do
+      Rack::Auth::IP::Util.detect_ip({"REMOTE_ADDR" => '127.0.0.1'}).should == '127.0.0.1'
+    end
+
+    it 'should return HTTP_X_FORWARDED_FOR if exists HTTP_X_FORWARDED_FOR' do
+      Rack::Auth::IP::Util.detect_ip({'HTTP_X_FORWARDED_FOR' => '192.168.0.1', "REMOTE_ADDR" => '127.0.0.1'}).should == '192.168.0.1'
+    end
+
+    it 'should return last HTTP_X_FORWARDED_FOR if HTTP_X_FORWARDED_FOR has multi address' do
+      Rack::Auth::IP::Util.detect_ip({'HTTP_X_FORWARDED_FOR' => '192.168.0.1,192.168.0.2', "REMOTE_ADDR" => '127.0.0.1'}).should == '192.168.0.2'
+    end
+  end
+
+  describe 'when without ip list' do
+    before do
+      @env = { "REMOTE_ADDR" => '127.0.0.1' }
+      @app = proc {|env| env }
+      @auth_ip = Rack::Auth::IP.new(@app)
+    end
+
+    it 'should raise LocalJumpError without block' do
+      lambda { @auth_ip.call(@env) }.should raise_error(LocalJumpError)
+    end
+
+    it 'should recieve IPAddr instance in block' do
+      @auth_ip.call(@env) do |ip|
+        ip.should == IPAddr.new(@env["REMOTE_ADDR"])
+      end
+    end
+  end
+
+  describe 'with ip list' do
+    include Rack::Auth::IP::CustomMatchers
+
+    before do
+      @env = { "REMOTE_ADDR" => '127.0.0.1' }
+      @app = proc {|env| env }
+    end
+
+    it 'should be forbidden when ip list is blank' do
+      Rack::Auth::IP.new(@app, []).call(@env).should be_forbidden
+    end
+
+    it 'should be forbidden when ip list dose not match' do
+      Rack::Auth::IP.new(@app, ['192.168.0.1']).call(@env).should be_forbidden
+    end
+
+    it 'should run app when request ip is match' do
+      Rack::Auth::IP.new(@app, ['127.0.0.1']).call(@env).should == @app.call(@env)
+    end
+
+    it 'should run app when request ip in list' do
+      Rack::Auth::IP.new(@app, %w(192.168.0.1 127.0.0.1)).call(@env).should == @app.call(@env)
+    end
+
+    it 'can use mask as ip' do
+      Rack::Auth::IP.new(@app, %w(127.0.0.0/24)).call(@env).should == @app.call(@env)
+    end
+  end
+end

data/spec/spec.opts

@@ -0,0 +1 @@
+-Du -c -fs

data/spec/spec_helper.rb

@@ -0,0 +1,4 @@
+require 'rubygems'
+require 'spec'
+$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__) + '/../lib/'))
+

data/tasks/basic_config.rake

@@ -0,0 +1,22 @@
+AUTHOR            = "Keiji, Yoshimi"
+EMAIL             = "walf443 at gmail.com"
+RUBYFORGE_PROJECT = "akasakarb"
+RUBYFORGE_PROJECT_ID = 4314
+HOMEPATH          = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"
+RDOC_OPTS = [
+	"--charset", "utf-8",
+	"--opname", "index.html",
+	"--line-numbers",
+	"--main", "README",
+	"--inline-source",
+  '--exclude', '^(example|extras)/'
+]
+DEFAULT_EXTRA_RDOC_FILES = ['README', 'ChangeLog']
+PKG_FILES = [ 'Rakefile' ] + 
+  DEFAULT_EXTRA_RDOC_FILES +
+  Dir.glob('{bin,lib,test,spec,doc,tasks,script,generator,templates,extras,website}/**/*') + 
+  Dir.glob('ext/**/*.{h,c,rb}') +
+  Dir.glob('examples/**/*.rb') +
+  Dir.glob('tools/*.rb')
+
+EXTENSIONS = FileList['ext/**/extconf.rb'].to_a

data/tasks/basic_tasks.rake

@@ -0,0 +1,139 @@
+
+REV = File.read(".svn/entries")[/committed-rev="(d+)"/, 1] rescue nil
+CLEAN.include ['**/.*.sw?', '*.gem', '.config']
+
+Rake::GemPackageTask.new(SPEC) do |p|
+	p.need_tar = true
+	p.gem_spec = SPEC
+end
+
+task :default => [:spec]
+task :test    => [:spec]
+task :package => [:clean]
+
+require 'spec/rake/spectask'
+Spec::Rake::SpecTask.new(:spec) do |t|
+  t.spec_files = FileList['spec/**/*_spec.rb']
+  t.spec_opts = ['--options', 'spec/spec.opts']
+  t.warning = true
+  t.rcov = true
+  t.rcov_dir = 'doc/output/coverage'
+  t.rcov_opts = ['--exclude', 'spec,\.autotest']
+end
+
+desc "Heckle each module and class in turn"
+task :heckle => :spec do
+  root_modules = HECKLE_ROOT_MODULES
+  spec_files = FileList['spec/**/*_spec.rb']
+  
+  current_module, current_method = nil, nil
+  heckle_caught_modules = Hash.new { |hash, key| hash[key] = [] }
+  unhandled_mutations = 0
+  
+  root_modules.each do |root_module|
+    IO.popen("heckle #{root_module} -t #{spec_files}") do |pipe|
+      while line = pipe.gets
+        line = line.chomp
+        
+        if line =~ /^\*\*\*  ((?:\w+(?:::)?)+)#(\w+)/
+          current_module, current_method = $1, $2
+        elsif line == "The following mutations didn't cause test failures:"
+          heckle_caught_modules[current_module] << current_method
+        elsif line == "+++ mutation"
+          unhandled_mutations += 1 
+        end
+              
+        puts line
+      end
+    end
+  end
+  
+  if unhandled_mutations > 0
+    error_message_lines = ["*************\n"]
+    
+    error_message_lines << 
+      "Heckle found #{unhandled_mutations} " + 
+      "mutation#{"s" unless unhandled_mutations == 1} " +
+      "that didn't cause spec violations\n"
+
+    heckle_caught_modules.each do |mod, methods|
+      error_message_lines <<
+        "#{mod} contains the following poorly-specified methods:"
+      methods.each do |m| 
+        error_message_lines << " - #{m}"
+      end
+      error_message_lines << ""
+    end
+    
+    error_message_lines <<
+      "Get your act together and come back " +
+      "when your specs are doing their job!"
+    
+    puts "*************"
+    raise error_message_lines.join("\n")
+  else
+    puts "Well done! Your code withstood a heckling."
+  end
+end
+
+require 'spec/rake/verify_rcov'
+RCov::VerifyTask.new(:rcov => :spec) do |t|
+  t.index_html = "doc/output/coverage/index.html"
+  t.threshold = 100
+end
+
+task :install do
+	name = "#{NAME}-#{VERS}.gem"
+	sh %{rake package}
+	sh %{sudo gem install pkg/#{name}}
+end
+
+task :uninstall => [:clean] do
+	sh %{sudo gem uninstall #{NAME}}
+end
+
+
+Rake::RDocTask.new do |rdoc|
+	rdoc.rdoc_dir = 'html'
+	rdoc.options += RDOC_OPTS
+	rdoc.template = "resh"
+	#rdoc.template = "#{ENV['template']}.rb" if ENV['template']
+	if ENV['DOC_FILES']
+		rdoc.rdoc_files.include(ENV['DOC_FILES'].split(/,\s*/))
+	else
+		rdoc.rdoc_files.include('README', 'ChangeLog')
+		rdoc.rdoc_files.include('lib/**/*.rb')
+		rdoc.rdoc_files.include('ext/**/*.c')
+	end
+end
+
+desc "Publish to RubyForge"
+task :rubyforge => [:rdoc, :package] do
+	require 'rubyforge'
+	Rake::RubyForgePublisher.new(RUBYFORGE_PROJECT, 'yoshimi').upload
+end
+
+desc 'Package and upload the release to rubyforge.'
+task :release => [:clean, :package] do |t|
+	require 'rubyforge'
+	v = ENV["VERSION"] or abort "Must supply VERSION=x.y.z"
+	abort "Versions don't match #{v} vs #{VERS}" unless v == VERS
+	pkg = "pkg/#{NAME}-#{VERS}"
+
+	rf = RubyForge.new
+	puts "Logging in"
+	rf.login
+
+	c = rf.userconfig
+#	c["release_notes"] = description if description
+#	c["release_changes"] = changes if changes
+	c["preformatted"] = true
+
+	files = [
+		"#{pkg}.tgz",
+		"#{pkg}.gem"
+	].compact
+
+	puts "Releasing #{NAME} v. #{VERS}"
+	rf.add_release RUBYFORGE_PROJECT_ID, RUBYFORGE_PACKAGE_ID, VERS, *files
+end

metadata

@@ -0,0 +1,103 @@
+--- !ruby/object:Gem::Specification 
+name: rack-auth-ip
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Keiji, Yoshimi
+autorequire: ""
+bindir: bin
+cert_chain: []
+
+date: 2008-05-24 00:00:00 +09:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rack
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.3.0
+    version: 
+description: rack's moddleware to restrict ip address
+email: walf443 at gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README
+- ChangeLog
+files: 
+- Rakefile
+- README
+- ChangeLog
+- lib/rack
+- lib/rack/auth
+- lib/rack/auth/ip.rb
+- spec/rack-auth-ip_spec.rb
+- spec/spec.opts
+- spec/spec_helper.rb
+- doc/output
+- doc/output/coverage
+- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-block_rb.html
+- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-callbacks_rb.html
+- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-change_rb.html
+- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-hunk_rb.html
+- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs_rb.html
+- doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-handler_rb.html
+- doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-request_rb.html
+- doc/output/coverage/-Library-Ruby-Gems-gems-rcov-0_8_1_2_0-lib-rcov_rb.html
+- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-drb_rb.html
+- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-eq_rb.html
+- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-invokemethod_rb.html
+- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-forwardable_rb.html
+- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-ipaddr_rb.html
+- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-pp_rb.html
+- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-prettyprint_rb.html
+- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-timeout_rb.html
+- doc/output/coverage/index.html
+- doc/output/coverage/lib-rack-auth-ip_rb.html
+- tasks/basic_config.rake
+- tasks/basic_tasks.rake
+has_rdoc: true
+homepage: http://akasakarb.rubyforge.org
+post_install_message: 
+rdoc_options: 
+- --charset
+- utf-8
+- --opname
+- index.html
+- --line-numbers
+- --main
+- README
+- --inline-source
+- --exclude
+- ^(example|extras)/
+- --title
+- rack-auth-ip documentation
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: akasakarb
+rubygems_version: 1.0.1
+signing_key: 
+specification_version: 2
+summary: rack's moddleware to restrict ip address
+test_files: 
+- spec/rack-auth-ip_spec.rb