rack-authentication 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +17 -0
- data/.travis.yml +10 -0
- data/Gemfile +9 -0
- data/LICENSE +22 -0
- data/README.md +67 -0
- data/Rakefile +10 -0
- data/lib/rack-authentication.rb +1 -0
- data/lib/rack-authentication/version.rb +5 -0
- data/lib/rack/authentication.rb +47 -0
- data/lib/rack/authentication/adapters/base.rb +19 -0
- data/lib/rack/authentication/adapters/basic.rb +13 -0
- data/lib/rack/authentication/config.rb +9 -0
- data/lib/rack/authentication/request.rb +44 -0
- data/lib/rack/authentication/version.rb +5 -0
- data/rack-authentication.gemspec +17 -0
- data/test/rack/authentication_test.rb +31 -0
- data/test/support/app.rb +10 -0
- data/test/test_helper.rb +10 -0
- metadata +66 -0
data/.gitignore
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/LICENSE
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2012 Dane Harrigan
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,67 @@
|
|
1
|
+
# Rack::Authentication
|
2
|
+
|
3
|
+
A modular implementation of Rack::Auth
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Add this line to your application's Gemfile:
|
8
|
+
|
9
|
+
gem 'rack-authentication'
|
10
|
+
|
11
|
+
And then execute:
|
12
|
+
|
13
|
+
$ bundle
|
14
|
+
|
15
|
+
Or install it yourself as:
|
16
|
+
|
17
|
+
$ gem install rack-authentication
|
18
|
+
|
19
|
+
## Usage
|
20
|
+
|
21
|
+
require "rack/authentication"
|
22
|
+
require "rack/authentication/adapters/basic"
|
23
|
+
|
24
|
+
class App < Sinatra::Base
|
25
|
+
use Rack::Authentication do |config|
|
26
|
+
config.realm "My App"
|
27
|
+
config.adapter Rack::Authentication::Adapters::Basic
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
### Want to make your own custom authentication adapter?
|
32
|
+
|
33
|
+
Just inherit from `Rack::Authentication::Adapters::Base`. Three methods wil be defined
|
34
|
+
for you:
|
35
|
+
|
36
|
+
* `type` - The type of authentication (eg: Basic, Bearer)
|
37
|
+
* `env` - The rack app's environment
|
38
|
+
* `credentials` - The username/password of the request. This will always be an array
|
39
|
+
|
40
|
+
You're required to define `good?` and `authorized?`.
|
41
|
+
|
42
|
+
# my_adapter.rb
|
43
|
+
class MyAdapter < Rack::Authentication::Adapters::Base
|
44
|
+
def good?
|
45
|
+
"Basic" == type
|
46
|
+
end
|
47
|
+
|
48
|
+
def authorized?
|
49
|
+
User.exists?(username: credentials[0], password: credentials[1])
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
# app.rb
|
54
|
+
class App < Sinatra::Base
|
55
|
+
use Rack::Authentication do |config|
|
56
|
+
config.realm "My App"
|
57
|
+
config.adapter MyAdapter
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
## Contributing
|
62
|
+
|
63
|
+
1. Fork it
|
64
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
65
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
66
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
67
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "rack/authentication"
|
@@ -0,0 +1,47 @@
|
|
1
|
+
require "rack/authentication/version"
|
2
|
+
require "rack/authentication/request"
|
3
|
+
require "rack/authentication/config"
|
4
|
+
require "rack/authentication/adapters/base"
|
5
|
+
|
6
|
+
module Rack
|
7
|
+
class Authentication
|
8
|
+
def initialize(app)
|
9
|
+
@app = app
|
10
|
+
@config = Config.new
|
11
|
+
yield(@config)
|
12
|
+
end
|
13
|
+
|
14
|
+
def call(env)
|
15
|
+
@env = env
|
16
|
+
@req = Request.new(env, @config)
|
17
|
+
|
18
|
+
return bad_request unless @req.good?
|
19
|
+
return unauthorized unless @req.authorized?
|
20
|
+
|
21
|
+
@app.call(env)
|
22
|
+
end
|
23
|
+
|
24
|
+
private
|
25
|
+
|
26
|
+
def unauthorized
|
27
|
+
return [ 401,
|
28
|
+
{
|
29
|
+
"Content-Type" => "text/plain",
|
30
|
+
"Content-Length" => "0",
|
31
|
+
"WWW-Authenticate" => ('%s realm="%s"' % [@req.type, @config.realm])
|
32
|
+
},
|
33
|
+
[]
|
34
|
+
]
|
35
|
+
end
|
36
|
+
|
37
|
+
def bad_request
|
38
|
+
return [ 400,
|
39
|
+
{
|
40
|
+
"Content-Type" => "text/plain",
|
41
|
+
"Content-Length" => "0"
|
42
|
+
},
|
43
|
+
[]
|
44
|
+
]
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module Rack::Authentication::Adapters
|
2
|
+
class Base
|
3
|
+
attr :type, :credentials, :env
|
4
|
+
|
5
|
+
def initialize(args={})
|
6
|
+
@type = args[:type]
|
7
|
+
@env = args[:env]
|
8
|
+
@credentials = args[:credentials]
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
def good?
|
13
|
+
false
|
14
|
+
end
|
15
|
+
|
16
|
+
def authorized?
|
17
|
+
false
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
module Rack::Authentication::Adapters
|
2
|
+
class Basic < Base
|
3
|
+
def good?
|
4
|
+
"Basic" == type
|
5
|
+
end
|
6
|
+
|
7
|
+
def authorized?
|
8
|
+
username, password = credentials
|
9
|
+
return false if username.nil? || password.nil?
|
10
|
+
ENV["#{username.upcase}_PASSWORD"] == password
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require "base64"
|
2
|
+
|
3
|
+
class Rack::Authentication::Request
|
4
|
+
def initialize(env, config)
|
5
|
+
@env = env
|
6
|
+
@adapter = config.adapter.new({
|
7
|
+
type: type,
|
8
|
+
credentials: credentials,
|
9
|
+
env: @env
|
10
|
+
})
|
11
|
+
end
|
12
|
+
|
13
|
+
def authorized?
|
14
|
+
@adapter.authorized?
|
15
|
+
end
|
16
|
+
|
17
|
+
def good?
|
18
|
+
@adapter.good?
|
19
|
+
end
|
20
|
+
|
21
|
+
def type
|
22
|
+
@type ||= params[0].to_s
|
23
|
+
end
|
24
|
+
|
25
|
+
private
|
26
|
+
|
27
|
+
def credentials
|
28
|
+
return [] if params.empty?
|
29
|
+
@credentials ||= if "Basic" == type
|
30
|
+
Base64.decode64(params[1]).split(":")
|
31
|
+
else
|
32
|
+
params[1].split(":")
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
def params
|
37
|
+
@params ||= @env[authorization_key].to_s.split(" ")
|
38
|
+
end
|
39
|
+
|
40
|
+
def authorization_key
|
41
|
+
keys = ['HTTP_AUTHORIZATION', 'X-HTTP_AUTHORIZATION', 'X_HTTP_AUTHORIZATION']
|
42
|
+
@authorization_key ||= keys.detect { |key| @env.has_key?(key) }
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
require File.expand_path('../lib/rack/authentication/version', __FILE__)
|
3
|
+
|
4
|
+
Gem::Specification.new do |gem|
|
5
|
+
gem.authors = ["Dane Harrigan"]
|
6
|
+
gem.email = ["dane.harrigan@gmail.com"]
|
7
|
+
gem.description = %q{A modular implementation of Rack Auth}
|
8
|
+
gem.summary = %q{A modular implementation of Rack Auth}
|
9
|
+
gem.homepage = "https://github.com/daneharrigan/rack-authentication"
|
10
|
+
|
11
|
+
gem.files = `git ls-files`.split($\)
|
12
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
13
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
14
|
+
gem.name = "rack-authentication"
|
15
|
+
gem.require_paths = ["lib"]
|
16
|
+
gem.version = Rack::Authentication::VERSION
|
17
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
class Rack::AuthenticationTest < MiniTest::Unit::TestCase
|
4
|
+
include Rack::Test::Methods
|
5
|
+
|
6
|
+
def test_bad_request
|
7
|
+
header "Authorization", "Fail Token"
|
8
|
+
get "/"
|
9
|
+
|
10
|
+
assert_equal 400, last_response.status
|
11
|
+
end
|
12
|
+
|
13
|
+
def test_unauthorized
|
14
|
+
authorize "bad-user", "bad-password"
|
15
|
+
get "/"
|
16
|
+
|
17
|
+
assert_equal 401, last_response.status
|
18
|
+
end
|
19
|
+
|
20
|
+
def test_good_request
|
21
|
+
authorize "user", "secret"
|
22
|
+
get "/"
|
23
|
+
|
24
|
+
assert_equal 200, last_response.status
|
25
|
+
assert_equal "OK", last_response.body
|
26
|
+
end
|
27
|
+
|
28
|
+
def app
|
29
|
+
App.new
|
30
|
+
end
|
31
|
+
end
|
data/test/support/app.rb
ADDED
data/test/test_helper.rb
ADDED
metadata
ADDED
@@ -0,0 +1,66 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rack-authentication
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Dane Harrigan
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-08-24 00:00:00.000000000 Z
|
13
|
+
dependencies: []
|
14
|
+
description: A modular implementation of Rack Auth
|
15
|
+
email:
|
16
|
+
- dane.harrigan@gmail.com
|
17
|
+
executables: []
|
18
|
+
extensions: []
|
19
|
+
extra_rdoc_files: []
|
20
|
+
files:
|
21
|
+
- .gitignore
|
22
|
+
- .travis.yml
|
23
|
+
- Gemfile
|
24
|
+
- LICENSE
|
25
|
+
- README.md
|
26
|
+
- Rakefile
|
27
|
+
- lib/rack-authentication.rb
|
28
|
+
- lib/rack-authentication/version.rb
|
29
|
+
- lib/rack/authentication.rb
|
30
|
+
- lib/rack/authentication/adapters/base.rb
|
31
|
+
- lib/rack/authentication/adapters/basic.rb
|
32
|
+
- lib/rack/authentication/config.rb
|
33
|
+
- lib/rack/authentication/request.rb
|
34
|
+
- lib/rack/authentication/version.rb
|
35
|
+
- rack-authentication.gemspec
|
36
|
+
- test/rack/authentication_test.rb
|
37
|
+
- test/support/app.rb
|
38
|
+
- test/test_helper.rb
|
39
|
+
homepage: https://github.com/daneharrigan/rack-authentication
|
40
|
+
licenses: []
|
41
|
+
post_install_message:
|
42
|
+
rdoc_options: []
|
43
|
+
require_paths:
|
44
|
+
- lib
|
45
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
46
|
+
none: false
|
47
|
+
requirements:
|
48
|
+
- - ! '>='
|
49
|
+
- !ruby/object:Gem::Version
|
50
|
+
version: '0'
|
51
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
52
|
+
none: false
|
53
|
+
requirements:
|
54
|
+
- - ! '>='
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
version: '0'
|
57
|
+
requirements: []
|
58
|
+
rubyforge_project:
|
59
|
+
rubygems_version: 1.8.23
|
60
|
+
signing_key:
|
61
|
+
specification_version: 3
|
62
|
+
summary: A modular implementation of Rack Auth
|
63
|
+
test_files:
|
64
|
+
- test/rack/authentication_test.rb
|
65
|
+
- test/support/app.rb
|
66
|
+
- test/test_helper.rb
|