rack-auth-ip 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/ChangeLog +4 -0
- data/README +37 -0
- data/Rakefile +52 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-block_rb.html +661 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-callbacks_rb.html +932 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-change_rb.html +779 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-hunk_rb.html +867 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs_rb.html +1715 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-handler_rb.html +638 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-request_rb.html +647 -0
- data/doc/output/coverage/-Library-Ruby-Gems-gems-rcov-0_8_1_2_0-lib-rcov_rb.html +1598 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-drb_rb.html +2373 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-eq_rb.html +626 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-invokemethod_rb.html +646 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-forwardable_rb.html +828 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-ipaddr_rb.html +1139 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-pp_rb.html +1257 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-prettyprint_rb.html +1506 -0
- data/doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-timeout_rb.html +715 -0
- data/doc/output/coverage/index.html +657 -0
- data/doc/output/coverage/lib-rack-auth-ip_rb.html +656 -0
- data/lib/rack/auth/ip.rb +44 -0
- data/spec/rack-auth-ip_spec.rb +83 -0
- data/spec/spec.opts +1 -0
- data/spec/spec_helper.rb +4 -0
- data/tasks/basic_config.rake +22 -0
- data/tasks/basic_tasks.rake +139 -0
- metadata +103 -0
data/lib/rack/auth/ip.rb
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
require 'ipaddr'
|
2
|
+
module Rack
|
3
|
+
module Auth
|
4
|
+
class IP
|
5
|
+
module Util
|
6
|
+
# consider using reverse proxy
|
7
|
+
def detect_ip env
|
8
|
+
if env['HTTP_X_FORWARDED_FOR']
|
9
|
+
env['HTTP_X_FORWARDED_FOR'].split(',').pop
|
10
|
+
else
|
11
|
+
env["REMOTE_ADDR"]
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
module_function :detect_ip
|
16
|
+
end
|
17
|
+
include Util
|
18
|
+
|
19
|
+
def initialize app, ip_list=nil
|
20
|
+
@app = app
|
21
|
+
@ip_list = ip_list
|
22
|
+
|
23
|
+
if @ip_list
|
24
|
+
@ip_list = @ip_list.map {|ip| IPAddr.new(ip) }
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
def call env
|
29
|
+
req_ip = IPAddr.new(detect_ip(env))
|
30
|
+
|
31
|
+
if @ip_list
|
32
|
+
if @ip_list.find {|ip| ip.include? req_ip }
|
33
|
+
return @app.call(env)
|
34
|
+
end
|
35
|
+
else
|
36
|
+
if yield(req_ip)
|
37
|
+
return @app.call(env)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
return [403, {}, 'Forbidden' ]
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), 'spec_helper')
|
2
|
+
require 'rack/auth/ip'
|
3
|
+
require 'ipaddr'
|
4
|
+
|
5
|
+
module Rack::Auth::IP::CustomMatchers
|
6
|
+
class BeForbidden
|
7
|
+
def matches? actual
|
8
|
+
@actual = actual
|
9
|
+
actual[0] == 403
|
10
|
+
end
|
11
|
+
|
12
|
+
def failure_message
|
13
|
+
"expected status code 403 #{@actual.inspect}"
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
def be_forbidden
|
18
|
+
BeForbidden.new
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
describe Rack::Auth::IP do
|
23
|
+
describe 'detect_ip' do
|
24
|
+
it 'should return REMOTE_ADDR if not exists HTTP_X_FORWARDED_FOR' do
|
25
|
+
Rack::Auth::IP::Util.detect_ip({"REMOTE_ADDR" => '127.0.0.1'}).should == '127.0.0.1'
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'should return HTTP_X_FORWARDED_FOR if exists HTTP_X_FORWARDED_FOR' do
|
29
|
+
Rack::Auth::IP::Util.detect_ip({'HTTP_X_FORWARDED_FOR' => '192.168.0.1', "REMOTE_ADDR" => '127.0.0.1'}).should == '192.168.0.1'
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'should return last HTTP_X_FORWARDED_FOR if HTTP_X_FORWARDED_FOR has multi address' do
|
33
|
+
Rack::Auth::IP::Util.detect_ip({'HTTP_X_FORWARDED_FOR' => '192.168.0.1,192.168.0.2', "REMOTE_ADDR" => '127.0.0.1'}).should == '192.168.0.2'
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
describe 'when without ip list' do
|
38
|
+
before do
|
39
|
+
@env = { "REMOTE_ADDR" => '127.0.0.1' }
|
40
|
+
@app = proc {|env| env }
|
41
|
+
@auth_ip = Rack::Auth::IP.new(@app)
|
42
|
+
end
|
43
|
+
|
44
|
+
it 'should raise LocalJumpError without block' do
|
45
|
+
lambda { @auth_ip.call(@env) }.should raise_error(LocalJumpError)
|
46
|
+
end
|
47
|
+
|
48
|
+
it 'should recieve IPAddr instance in block' do
|
49
|
+
@auth_ip.call(@env) do |ip|
|
50
|
+
ip.should == IPAddr.new(@env["REMOTE_ADDR"])
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
describe 'with ip list' do
|
56
|
+
include Rack::Auth::IP::CustomMatchers
|
57
|
+
|
58
|
+
before do
|
59
|
+
@env = { "REMOTE_ADDR" => '127.0.0.1' }
|
60
|
+
@app = proc {|env| env }
|
61
|
+
end
|
62
|
+
|
63
|
+
it 'should be forbidden when ip list is blank' do
|
64
|
+
Rack::Auth::IP.new(@app, []).call(@env).should be_forbidden
|
65
|
+
end
|
66
|
+
|
67
|
+
it 'should be forbidden when ip list dose not match' do
|
68
|
+
Rack::Auth::IP.new(@app, ['192.168.0.1']).call(@env).should be_forbidden
|
69
|
+
end
|
70
|
+
|
71
|
+
it 'should run app when request ip is match' do
|
72
|
+
Rack::Auth::IP.new(@app, ['127.0.0.1']).call(@env).should == @app.call(@env)
|
73
|
+
end
|
74
|
+
|
75
|
+
it 'should run app when request ip in list' do
|
76
|
+
Rack::Auth::IP.new(@app, %w(192.168.0.1 127.0.0.1)).call(@env).should == @app.call(@env)
|
77
|
+
end
|
78
|
+
|
79
|
+
it 'can use mask as ip' do
|
80
|
+
Rack::Auth::IP.new(@app, %w(127.0.0.0/24)).call(@env).should == @app.call(@env)
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
data/spec/spec.opts
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
-Du -c -fs
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
AUTHOR = "Keiji, Yoshimi"
|
2
|
+
EMAIL = "walf443 at gmail.com"
|
3
|
+
RUBYFORGE_PROJECT = "akasakarb"
|
4
|
+
RUBYFORGE_PROJECT_ID = 4314
|
5
|
+
HOMEPATH = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"
|
6
|
+
RDOC_OPTS = [
|
7
|
+
"--charset", "utf-8",
|
8
|
+
"--opname", "index.html",
|
9
|
+
"--line-numbers",
|
10
|
+
"--main", "README",
|
11
|
+
"--inline-source",
|
12
|
+
'--exclude', '^(example|extras)/'
|
13
|
+
]
|
14
|
+
DEFAULT_EXTRA_RDOC_FILES = ['README', 'ChangeLog']
|
15
|
+
PKG_FILES = [ 'Rakefile' ] +
|
16
|
+
DEFAULT_EXTRA_RDOC_FILES +
|
17
|
+
Dir.glob('{bin,lib,test,spec,doc,tasks,script,generator,templates,extras,website}/**/*') +
|
18
|
+
Dir.glob('ext/**/*.{h,c,rb}') +
|
19
|
+
Dir.glob('examples/**/*.rb') +
|
20
|
+
Dir.glob('tools/*.rb')
|
21
|
+
|
22
|
+
EXTENSIONS = FileList['ext/**/extconf.rb'].to_a
|
@@ -0,0 +1,139 @@
|
|
1
|
+
|
2
|
+
REV = File.read(".svn/entries")[/committed-rev="(d+)"/, 1] rescue nil
|
3
|
+
CLEAN.include ['**/.*.sw?', '*.gem', '.config']
|
4
|
+
|
5
|
+
Rake::GemPackageTask.new(SPEC) do |p|
|
6
|
+
p.need_tar = true
|
7
|
+
p.gem_spec = SPEC
|
8
|
+
end
|
9
|
+
|
10
|
+
task :default => [:spec]
|
11
|
+
task :test => [:spec]
|
12
|
+
task :package => [:clean]
|
13
|
+
|
14
|
+
require 'spec/rake/spectask'
|
15
|
+
Spec::Rake::SpecTask.new(:spec) do |t|
|
16
|
+
t.spec_files = FileList['spec/**/*_spec.rb']
|
17
|
+
t.spec_opts = ['--options', 'spec/spec.opts']
|
18
|
+
t.warning = true
|
19
|
+
t.rcov = true
|
20
|
+
t.rcov_dir = 'doc/output/coverage'
|
21
|
+
t.rcov_opts = ['--exclude', 'spec,\.autotest']
|
22
|
+
end
|
23
|
+
|
24
|
+
desc "Heckle each module and class in turn"
|
25
|
+
task :heckle => :spec do
|
26
|
+
root_modules = HECKLE_ROOT_MODULES
|
27
|
+
spec_files = FileList['spec/**/*_spec.rb']
|
28
|
+
|
29
|
+
current_module, current_method = nil, nil
|
30
|
+
heckle_caught_modules = Hash.new { |hash, key| hash[key] = [] }
|
31
|
+
unhandled_mutations = 0
|
32
|
+
|
33
|
+
root_modules.each do |root_module|
|
34
|
+
IO.popen("heckle #{root_module} -t #{spec_files}") do |pipe|
|
35
|
+
while line = pipe.gets
|
36
|
+
line = line.chomp
|
37
|
+
|
38
|
+
if line =~ /^\*\*\* ((?:\w+(?:::)?)+)#(\w+)/
|
39
|
+
current_module, current_method = $1, $2
|
40
|
+
elsif line == "The following mutations didn't cause test failures:"
|
41
|
+
heckle_caught_modules[current_module] << current_method
|
42
|
+
elsif line == "+++ mutation"
|
43
|
+
unhandled_mutations += 1
|
44
|
+
end
|
45
|
+
|
46
|
+
puts line
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
if unhandled_mutations > 0
|
52
|
+
error_message_lines = ["*************\n"]
|
53
|
+
|
54
|
+
error_message_lines <<
|
55
|
+
"Heckle found #{unhandled_mutations} " +
|
56
|
+
"mutation#{"s" unless unhandled_mutations == 1} " +
|
57
|
+
"that didn't cause spec violations\n"
|
58
|
+
|
59
|
+
heckle_caught_modules.each do |mod, methods|
|
60
|
+
error_message_lines <<
|
61
|
+
"#{mod} contains the following poorly-specified methods:"
|
62
|
+
methods.each do |m|
|
63
|
+
error_message_lines << " - #{m}"
|
64
|
+
end
|
65
|
+
error_message_lines << ""
|
66
|
+
end
|
67
|
+
|
68
|
+
error_message_lines <<
|
69
|
+
"Get your act together and come back " +
|
70
|
+
"when your specs are doing their job!"
|
71
|
+
|
72
|
+
puts "*************"
|
73
|
+
raise error_message_lines.join("\n")
|
74
|
+
else
|
75
|
+
puts "Well done! Your code withstood a heckling."
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
79
|
+
require 'spec/rake/verify_rcov'
|
80
|
+
RCov::VerifyTask.new(:rcov => :spec) do |t|
|
81
|
+
t.index_html = "doc/output/coverage/index.html"
|
82
|
+
t.threshold = 100
|
83
|
+
end
|
84
|
+
|
85
|
+
task :install do
|
86
|
+
name = "#{NAME}-#{VERS}.gem"
|
87
|
+
sh %{rake package}
|
88
|
+
sh %{sudo gem install pkg/#{name}}
|
89
|
+
end
|
90
|
+
|
91
|
+
task :uninstall => [:clean] do
|
92
|
+
sh %{sudo gem uninstall #{NAME}}
|
93
|
+
end
|
94
|
+
|
95
|
+
|
96
|
+
Rake::RDocTask.new do |rdoc|
|
97
|
+
rdoc.rdoc_dir = 'html'
|
98
|
+
rdoc.options += RDOC_OPTS
|
99
|
+
rdoc.template = "resh"
|
100
|
+
#rdoc.template = "#{ENV['template']}.rb" if ENV['template']
|
101
|
+
if ENV['DOC_FILES']
|
102
|
+
rdoc.rdoc_files.include(ENV['DOC_FILES'].split(/,\s*/))
|
103
|
+
else
|
104
|
+
rdoc.rdoc_files.include('README', 'ChangeLog')
|
105
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
106
|
+
rdoc.rdoc_files.include('ext/**/*.c')
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
desc "Publish to RubyForge"
|
111
|
+
task :rubyforge => [:rdoc, :package] do
|
112
|
+
require 'rubyforge'
|
113
|
+
Rake::RubyForgePublisher.new(RUBYFORGE_PROJECT, 'yoshimi').upload
|
114
|
+
end
|
115
|
+
|
116
|
+
desc 'Package and upload the release to rubyforge.'
|
117
|
+
task :release => [:clean, :package] do |t|
|
118
|
+
require 'rubyforge'
|
119
|
+
v = ENV["VERSION"] or abort "Must supply VERSION=x.y.z"
|
120
|
+
abort "Versions don't match #{v} vs #{VERS}" unless v == VERS
|
121
|
+
pkg = "pkg/#{NAME}-#{VERS}"
|
122
|
+
|
123
|
+
rf = RubyForge.new
|
124
|
+
puts "Logging in"
|
125
|
+
rf.login
|
126
|
+
|
127
|
+
c = rf.userconfig
|
128
|
+
# c["release_notes"] = description if description
|
129
|
+
# c["release_changes"] = changes if changes
|
130
|
+
c["preformatted"] = true
|
131
|
+
|
132
|
+
files = [
|
133
|
+
"#{pkg}.tgz",
|
134
|
+
"#{pkg}.gem"
|
135
|
+
].compact
|
136
|
+
|
137
|
+
puts "Releasing #{NAME} v. #{VERS}"
|
138
|
+
rf.add_release RUBYFORGE_PROJECT_ID, RUBYFORGE_PACKAGE_ID, VERS, *files
|
139
|
+
end
|
metadata
ADDED
@@ -0,0 +1,103 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rack-auth-ip
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Keiji, Yoshimi
|
8
|
+
autorequire: ""
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2008-05-24 00:00:00 +09:00
|
13
|
+
default_executable:
|
14
|
+
dependencies:
|
15
|
+
- !ruby/object:Gem::Dependency
|
16
|
+
name: rack
|
17
|
+
version_requirement:
|
18
|
+
version_requirements: !ruby/object:Gem::Requirement
|
19
|
+
requirements:
|
20
|
+
- - ">="
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: 0.3.0
|
23
|
+
version:
|
24
|
+
description: rack's moddleware to restrict ip address
|
25
|
+
email: walf443 at gmail.com
|
26
|
+
executables: []
|
27
|
+
|
28
|
+
extensions: []
|
29
|
+
|
30
|
+
extra_rdoc_files:
|
31
|
+
- README
|
32
|
+
- ChangeLog
|
33
|
+
files:
|
34
|
+
- Rakefile
|
35
|
+
- README
|
36
|
+
- ChangeLog
|
37
|
+
- lib/rack
|
38
|
+
- lib/rack/auth
|
39
|
+
- lib/rack/auth/ip.rb
|
40
|
+
- spec/rack-auth-ip_spec.rb
|
41
|
+
- spec/spec.opts
|
42
|
+
- spec/spec_helper.rb
|
43
|
+
- doc/output
|
44
|
+
- doc/output/coverage
|
45
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-block_rb.html
|
46
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-callbacks_rb.html
|
47
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-change_rb.html
|
48
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs-hunk_rb.html
|
49
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-diff-lcs-1_1_2-lib-diff-lcs_rb.html
|
50
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-handler_rb.html
|
51
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-rack-0_3_0-lib-rack-auth-abstract-request_rb.html
|
52
|
+
- doc/output/coverage/-Library-Ruby-Gems-gems-rcov-0_8_1_2_0-lib-rcov_rb.html
|
53
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-drb_rb.html
|
54
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-eq_rb.html
|
55
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-drb-invokemethod_rb.html
|
56
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-forwardable_rb.html
|
57
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-ipaddr_rb.html
|
58
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-pp_rb.html
|
59
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-prettyprint_rb.html
|
60
|
+
- doc/output/coverage/-System-Library-Frameworks-Ruby_framework-Versions-1_8-usr-lib-ruby-1_8-timeout_rb.html
|
61
|
+
- doc/output/coverage/index.html
|
62
|
+
- doc/output/coverage/lib-rack-auth-ip_rb.html
|
63
|
+
- tasks/basic_config.rake
|
64
|
+
- tasks/basic_tasks.rake
|
65
|
+
has_rdoc: true
|
66
|
+
homepage: http://akasakarb.rubyforge.org
|
67
|
+
post_install_message:
|
68
|
+
rdoc_options:
|
69
|
+
- --charset
|
70
|
+
- utf-8
|
71
|
+
- --opname
|
72
|
+
- index.html
|
73
|
+
- --line-numbers
|
74
|
+
- --main
|
75
|
+
- README
|
76
|
+
- --inline-source
|
77
|
+
- --exclude
|
78
|
+
- ^(example|extras)/
|
79
|
+
- --title
|
80
|
+
- rack-auth-ip documentation
|
81
|
+
require_paths:
|
82
|
+
- lib
|
83
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
84
|
+
requirements:
|
85
|
+
- - ">="
|
86
|
+
- !ruby/object:Gem::Version
|
87
|
+
version: "0"
|
88
|
+
version:
|
89
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
90
|
+
requirements:
|
91
|
+
- - ">="
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: "0"
|
94
|
+
version:
|
95
|
+
requirements: []
|
96
|
+
|
97
|
+
rubyforge_project: akasakarb
|
98
|
+
rubygems_version: 1.0.1
|
99
|
+
signing_key:
|
100
|
+
specification_version: 2
|
101
|
+
summary: rack's moddleware to restrict ip address
|
102
|
+
test_files:
|
103
|
+
- spec/rack-auth-ip_spec.rb
|