rack-bearer_auth 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 92570ae4c83643cc6f477ec27efd364f87d536dd5951fd6cdfc1dbf2536a2b22
4
+ data.tar.gz: 407b3cbc08de91012b5f08d614b698d1ca54d4ff1b8562202e0fac9326bf88ec
5
+ SHA512:
6
+ metadata.gz: 6117026d93c4629e033df09823064489d95decaa305f692e75ae3b941f4e42788325287510f5723722ad2c0684699c9428d2d60e1fd0cfd75ec4b831eaff6c7d
7
+ data.tar.gz: f5f0db70906d8d82470f5d5952f901d751e5c6926ab4673bc9ea739759c58c2c3f85a726851e4796c3886639fbe371af7c854f6074f5778f80bba9d576779117
data/.gitignore ADDED
@@ -0,0 +1,12 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /Gemfile.lock
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
10
+
11
+ # rspec failure tracking
12
+ .rspec_status
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/.rubocop.yml ADDED
@@ -0,0 +1,23 @@
1
+ AllCops:
2
+ TargetRubyVersion: 2.3
3
+
4
+ Style/AsciiComments:
5
+ Enabled: false
6
+
7
+ Style/Documentation:
8
+ Enabled: false
9
+
10
+ Style/RedundantSelf:
11
+ Enabled: false
12
+
13
+ Style/StringLiterals:
14
+ Enabled: true
15
+ EnforcedStyle: double_quotes
16
+
17
+ Layout/EndOfLine:
18
+ Enabled: true
19
+ EnforcedStyle: lf
20
+
21
+ Metrics/BlockLength:
22
+ Exclude:
23
+ - spec/**/*
data/.travis.yml ADDED
@@ -0,0 +1,9 @@
1
+ sudo: false
2
+ language: ruby
3
+ rvm:
4
+ - 2.3.7
5
+ - 2.4.4
6
+ - 2.5.1
7
+ before_install: gem install bundler -v 1.16.1
8
+ script:
9
+ - bundle exec rake spec
data/CHANGELOG.md ADDED
@@ -0,0 +1,6 @@
1
+ ## Unreleased
2
+
3
+
4
+ ## 0.1.0 (2018-05-17)
5
+
6
+ * Initial release
data/Gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
6
+
7
+ # Specify your gem's dependencies in rack-bearer_auth.gemspec
8
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2018 Yuji Hanamura
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,84 @@
1
+ # Rack::BearerAuth
2
+
3
+ Rack::BearerAuth is middleware that make using [RFC 6750](https://tools.ietf.org/html/rfc6750) bearer auth in Rack apps.
4
+
5
+ [![Build Status](https://travis-ci.org/yujideveloper/rack-bearer_auth.svg?branch=master)](https://travis-ci.org/yujideveloper/rack-bearer_auth)
6
+ [![Maintainability](https://api.codeclimate.com/v1/badges/db47f9a4e48bd30edb98/maintainability)](https://codeclimate.com/github/yujideveloper/rack-bearer_auth/maintainability)
7
+
8
+ ## Installation
9
+
10
+ Add this line to your application's Gemfile:
11
+
12
+ ```ruby
13
+ gem 'rack-bearer_auth'
14
+ ```
15
+
16
+ And then execute:
17
+
18
+ $ bundle
19
+
20
+ Or install it yourself as:
21
+
22
+ $ gem install rack-bearer_auth
23
+
24
+ ## Configuration
25
+
26
+ ### Rsils configuration
27
+
28
+ ``` ruby
29
+ module YourApp
30
+ class Application < Rails::Application
31
+
32
+ # ...
33
+
34
+ config.middleware.use, Rack::BearerAuth::Middleware do
35
+ match path: "/foo" do |token|
36
+ # validate token
37
+ end
38
+
39
+ match via: :all do |token|
40
+ # validate token
41
+ end
42
+
43
+ match path: "/bar", via: %i[post patch delete], token: "some_token"
44
+ end
45
+ end
46
+ end
47
+ ```
48
+
49
+ ### Rack configuration
50
+
51
+ ``` ruby
52
+ use Rack::BearerAuth::Middleware do
53
+ match path: "/foo" do |token|
54
+ # validate token
55
+ end
56
+
57
+ match via: :all do |token|
58
+ # validate token
59
+ end
60
+
61
+ match path: "/bar", via: %i[post patch delete], token: "some_token"
62
+ end
63
+
64
+ ```
65
+
66
+ ## Restrictions
67
+
68
+ * [Form-Encoded Body Parameter(RFC 6750 section 2.2)](https://tools.ietf.org/html/rfc6750#section-2.2) is not supported.
69
+ * [URI Query Parameter(RFC 6750 section 2.3)](https://tools.ietf.org/html/rfc6750#section-2.3) is not supported.
70
+ * `scope` attribute is not supported.
71
+
72
+ ## Development
73
+
74
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
75
+
76
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
77
+
78
+ ## Contributing
79
+
80
+ Bug reports and pull requests are welcome on GitHub at https://github.com/yujideveloper/rack-bearer_auth.
81
+
82
+ ## License
83
+
84
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
data/Rakefile ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
+
6
+ RSpec::Core::RakeTask.new(:spec)
7
+
8
+ task default: :spec
data/bin/console ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require "bundler/setup"
5
+ require "rack/bearer_auth"
6
+ require "pry"
7
+
8
+ Pry.start
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "rack/bearer_auth/module"
4
+ require "rack/bearer_auth/version"
5
+ require "rack/bearer_auth/middleware"
@@ -0,0 +1,122 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rack
4
+ module BearerAuth
5
+ class MatchPattern
6
+ attr_reader :path, :via, :token
7
+
8
+ def initialize(path, via, token)
9
+ raise ArgumentError, "Token pattern is required" unless token
10
+
11
+ @path = Path.new(path)
12
+ @via = Via.new(via)
13
+ @token = Token.new(token)
14
+ end
15
+
16
+ def match(req)
17
+ return :skip unless match_route?(req)
18
+ return :token_required unless req.token
19
+ token.match?(req.token) ? :ok : :invalid_token
20
+ end
21
+
22
+ private
23
+
24
+ def match_route?(req)
25
+ path.match?(req.path) && via.match?(req.via)
26
+ end
27
+
28
+ class Base
29
+ attr_reader :pattern
30
+
31
+ def initialize(pattern)
32
+ @pattern = pattern
33
+ end
34
+
35
+ def match?(*)
36
+ raise ::NotImplementedError
37
+ end
38
+
39
+ def self.new(*)
40
+ if self == Base
41
+ raise ::NotImplementedError,
42
+ "#{self} is an abstract class and cannot be instantiated."
43
+ end
44
+ super
45
+ end
46
+ end
47
+
48
+ class Path < Base
49
+ def match?(path)
50
+ _match?(self.pattern, path)
51
+ end
52
+
53
+ private
54
+
55
+ def _match?(path_pattern, path_value)
56
+ case path_pattern
57
+ when nil
58
+ true
59
+ when String
60
+ path_pattern == path_value
61
+ when Regexp
62
+ !(path_pattern =~ path_value).nil?
63
+ when Proc
64
+ path_pattern.call(path_value)
65
+ when Array
66
+ path_pattern.any? { |pattern| _match?(pattern, path_value) }
67
+ else
68
+ raise "Unsupported path pattern"
69
+ end
70
+ end
71
+ end
72
+
73
+ class Via < Base
74
+ def match?(via)
75
+ _match?(self.pattern, via)
76
+ end
77
+
78
+ private
79
+
80
+ def _match?(via_pattern, via_value)
81
+ case via_pattern
82
+ when nil, :all
83
+ true
84
+ when Symbol, String
85
+ via_pattern.to_sym == via_value
86
+ when Regexp
87
+ !(via_pattern =~ via_value).nil?
88
+ when Proc
89
+ via_pattern.call(via_value)
90
+ when Array
91
+ via_pattern.any? { |pattern| _match?(pattern, via_value) }
92
+ else
93
+ raise "Unsupported via pattern"
94
+ end
95
+ end
96
+ end
97
+
98
+ class Token < Base
99
+ def match?(token)
100
+ _match?(self.pattern, token)
101
+ end
102
+
103
+ private
104
+
105
+ def _match?(token_pattern, token_value)
106
+ case token_pattern
107
+ when String
108
+ token_pattern == token_value
109
+ when Regexp
110
+ !(token_pattern =~ token_value).nil?
111
+ when Proc
112
+ token_pattern.call(token_value)
113
+ when Array
114
+ token_pattern.any? { |pattern| _match?(pattern, token_value) }
115
+ else
116
+ raise "Unsupported token pattern"
117
+ end
118
+ end
119
+ end
120
+ end
121
+ end
122
+ end
@@ -0,0 +1,60 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "request"
4
+ require_relative "match_pattern"
5
+
6
+ module Rack
7
+ module BearerAuth
8
+ class Middleware
9
+ def initialize(app, &block)
10
+ raise ArgumentError, "Block argument is required." unless block_given?
11
+
12
+ @app = app
13
+ @match_patterns = []
14
+
15
+ instance_exec(&block)
16
+ end
17
+
18
+ def call(env)
19
+ req = Request.new(env)
20
+
21
+ handle(req) || @app.call(env)
22
+ end
23
+
24
+ def match(path: nil, via: nil, token: nil, &block)
25
+ if block_given?
26
+ warn "Token paramter is ignored." if token
27
+ token = block
28
+ end
29
+
30
+ @match_patterns << MatchPattern.new(path, via, token)
31
+ end
32
+
33
+ private
34
+
35
+ def handle(req)
36
+ @match_patterns.each do |pattern|
37
+ case pattern.match(req)
38
+ when :ok
39
+ break
40
+ when :token_required
41
+ return [401,
42
+ { "WWW-Authenticate" => 'Bearer realm="token_required"',
43
+ "Content-Type" => "text/plain; charset=utf-8",
44
+ "Content-Length" => "0" },
45
+ []]
46
+ when :invalid_token
47
+ return [401,
48
+ { "WWW-Authenticate" => 'Bearer error="invalid_token"',
49
+ "Content-Type" => "text/plain; charset=utf-8",
50
+ "Content-Length" => "0" },
51
+ []]
52
+ else
53
+ warn "A pattern is ignored."
54
+ end
55
+ end
56
+ nil
57
+ end
58
+ end
59
+ end
60
+ end
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rack
4
+ module BearerAuth
5
+ end
6
+ end
@@ -0,0 +1,23 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rack
4
+ module BearerAuth
5
+ class Request
6
+ # https://tools.ietf.org/html/rfc6750#section-2.1
7
+ # b64token = 1*( ALPHA / DIGIT /
8
+ # "-" / "." / "_" / "~" / "+" / "/" ) *"="
9
+ # credentials = "Bearer" 1*SP b64token
10
+ BEARER_TOKEN_REGEXP = %r{\ABearer +([A-Za-z0-9\-._~+/]+=*)\z}
11
+
12
+ attr_reader :path, :via, :token
13
+
14
+ def initialize(env)
15
+ @path = env["PATH_INFO"]
16
+ @via = env["REQUEST_METHOD"].downcase.to_sym
17
+
18
+ authz = env["HTTP_AUTHORIZATION"]
19
+ @token = Regexp.last_match(1) if authz&.match(BEARER_TOKEN_REGEXP)
20
+ end
21
+ end
22
+ end
23
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rack
4
+ module BearerAuth
5
+ VERSION = "0.1.0"
6
+ end
7
+ end
@@ -0,0 +1,34 @@
1
+ # frozen_string_literal: true
2
+
3
+ lib = File.expand_path("lib", __dir__)
4
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
+ require "rack/bearer_auth/version"
6
+
7
+ Gem::Specification.new do |spec|
8
+ spec.name = "rack-bearer_auth"
9
+ spec.version = Rack::BearerAuth::VERSION
10
+ spec.authors = ["Yuji Hanamura"]
11
+ spec.email = ["yuji.developer@gmail.com"]
12
+
13
+ spec.summary = "Middleware for using RFC 6750 bearer auth in Rack apps"
14
+ spec.description = "Middleware for using RFC 6750 bearer auth in Rack apps"
15
+ spec.homepage = "https://github.com/yujideveloper/rack-bearer_auth"
16
+ spec.license = "MIT"
17
+
18
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
19
+ f.match(%r{^(test|spec|features)/})
20
+ end
21
+ spec.bindir = "exe"
22
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
23
+ spec.require_paths = ["lib"]
24
+
25
+ spec.required_ruby_version = ">= 2.3.0"
26
+
27
+ spec.add_development_dependency "bundler", "~> 1.16"
28
+ spec.add_development_dependency "pry", ">= 0.10.0"
29
+ spec.add_development_dependency "pry-byebug", ">= 3.6.0"
30
+ spec.add_development_dependency "rack-test", "~> 1.0.0"
31
+ spec.add_development_dependency "rake", "~> 10.0"
32
+ spec.add_development_dependency "rspec", "~> 3.0"
33
+ spec.add_development_dependency "rubocop", ">= 0.51.0"
34
+ end
metadata ADDED
@@ -0,0 +1,160 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rack-bearer_auth
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Yuji Hanamura
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2018-05-17 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.16'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.16'
27
+ - !ruby/object:Gem::Dependency
28
+ name: pry
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: 0.10.0
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: 0.10.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: pry-byebug
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: 3.6.0
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: 3.6.0
55
+ - !ruby/object:Gem::Dependency
56
+ name: rack-test
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: 1.0.0
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: 1.0.0
69
+ - !ruby/object:Gem::Dependency
70
+ name: rake
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '10.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '10.0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: rspec
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '3.0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '3.0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rubocop
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: 0.51.0
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: 0.51.0
111
+ description: Middleware for using RFC 6750 bearer auth in Rack apps
112
+ email:
113
+ - yuji.developer@gmail.com
114
+ executables: []
115
+ extensions: []
116
+ extra_rdoc_files: []
117
+ files:
118
+ - ".gitignore"
119
+ - ".rspec"
120
+ - ".rubocop.yml"
121
+ - ".travis.yml"
122
+ - CHANGELOG.md
123
+ - Gemfile
124
+ - LICENSE.txt
125
+ - README.md
126
+ - Rakefile
127
+ - bin/console
128
+ - bin/setup
129
+ - lib/rack/bearer_auth.rb
130
+ - lib/rack/bearer_auth/match_pattern.rb
131
+ - lib/rack/bearer_auth/middleware.rb
132
+ - lib/rack/bearer_auth/module.rb
133
+ - lib/rack/bearer_auth/request.rb
134
+ - lib/rack/bearer_auth/version.rb
135
+ - rack-bearer_auth.gemspec
136
+ homepage: https://github.com/yujideveloper/rack-bearer_auth
137
+ licenses:
138
+ - MIT
139
+ metadata: {}
140
+ post_install_message:
141
+ rdoc_options: []
142
+ require_paths:
143
+ - lib
144
+ required_ruby_version: !ruby/object:Gem::Requirement
145
+ requirements:
146
+ - - ">="
147
+ - !ruby/object:Gem::Version
148
+ version: 2.3.0
149
+ required_rubygems_version: !ruby/object:Gem::Requirement
150
+ requirements:
151
+ - - ">="
152
+ - !ruby/object:Gem::Version
153
+ version: '0'
154
+ requirements: []
155
+ rubyforge_project:
156
+ rubygems_version: 2.7.6
157
+ signing_key:
158
+ specification_version: 4
159
+ summary: Middleware for using RFC 6750 bearer auth in Rack apps
160
+ test_files: []