rack-blinkbox-zuul-tokens 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. checksums.yaml +15 -0
  2. data/.gitignore +4 -0
  3. data/.rspec +5 -0
  4. data/.travis.yml +13 -0
  5. data/CHANGELOG.md +19 -0
  6. data/Gemfile +3 -0
  7. data/LICENCE +21 -0
  8. data/README.md +3 -0
  9. data/Rakefile +20 -0
  10. data/VERSION +1 -0
  11. data/lib/rack/blinkbox/zuul/tokens.rb +2 -0
  12. data/lib/rack/blinkbox/zuul/tokens/file_key_finder.rb +36 -0
  13. data/lib/rack/blinkbox/zuul/tokens/token_decoder.rb +78 -0
  14. data/lib/rack/blinkbox/zuul/tokens/version.rb +9 -0
  15. data/rack-blinkbox-zuul-tokens.gemspec +26 -0
  16. data/spec/keys/test-enc/private.pem +27 -0
  17. data/spec/keys/test-enc/public.pem +9 -0
  18. data/spec/keys/test-sig/private.pem +8 -0
  19. data/spec/keys/test-sig/public.pem +4 -0
  20. data/spec/rack/blinkbox/zuul/tokens/token_decoder_spec.rb +81 -0
  21. data/spec/spec_helper.rb +16 -0
  22. metadata +171 -0
checksums.yaml ADDED
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ ZGRjMjg2MmQ3YmY5ZjY0YjU1NjNjYzQ3ZWViMGUyMmNhYjA3OGViYQ==
5
+ data.tar.gz: !binary |-
6
+ MzI0YzEwMjdiZGRhOTlkNGYyNTBkMjAzNDRlMjQ3NDhiYTJjZjAwNA==
7
+ SHA512:
8
+ metadata.gz: !binary |-
9
+ OWUwNThlZjQ4YzE3NmViNzEwNzYzMTQxZmQxNzYwYTk4MTA3ZWY3MGRkY2E5
10
+ NzNjZTQwZGEwMDQwYWI3NTIwMGNhOGRhOTlmMTFhMTU5ZTliYTViODRkM2Vh
11
+ MGY0OTE2ZDUyMGFiYWFmNzk1NmFkNjQ2NTMyZjdkNzY5ZDViYzg=
12
+ data.tar.gz: !binary |-
13
+ MDM2MzA3ZGY1OTk1N2Q0NmFmZjFkM2ZiNWFlNDA4M2U2MzVkZTI5NTllNjk2
14
+ ODNkNzE0OWQ0ZmQxOTk3NzBjNGJhZWJlODg0MzNkYTE1MzA4N2EyNjBjMWNj
15
+ MGJlMWNiZjQzZThhNzE1MTY3NzRlMTY3OTQyNTNlZjA5YzMxZDc=
data/.gitignore ADDED
@@ -0,0 +1,4 @@
1
+ .DS_Store
2
+ log/
3
+ pkg/
4
+ Gemfile.lock
data/.rspec ADDED
@@ -0,0 +1,5 @@
1
+ --no-color
2
+ --require spec_helper
3
+ --format progress -o log/spec.log
4
+ --format html -o log/spec.html
5
+ -cfs
data/.travis.yml ADDED
@@ -0,0 +1,13 @@
1
+ language: ruby
2
+ rvm:
3
+ - 2.0.0
4
+ - 2.1.2
5
+ deploy:
6
+ provider: rubygems
7
+ api_key:
8
+ secure: IOY7z+QUAzc8ADiD3hyywMLl4l7YxrL8kbfvkAja316jsGCSNqCCcNxa+wx1UiCXfavSNB0kFB1BwRLELS7ADxF0Shyg4h0g+/CbwUHVTELg8J0JfyuV7oEnMZVve12SQzolGeFynGecU6tah5NGRjUgr4+2O9BvIl9umWG8DKU=
9
+ gem: rack-blinkbox-zuul-tokens
10
+ on:
11
+ repo: blinkboxbooks/rack-blinkbox-zuul-tokens.rb
12
+ rvm: 2.1.2
13
+ branch: master
data/CHANGELOG.md ADDED
@@ -0,0 +1,19 @@
1
+ # Change Log
2
+
3
+ ## 0.1.0 ([#4](https://git.mobcastdev.com/Zuul/rack-blinkbox-zuul-tokens/pull/4) 2014-06-30 17:34:52)
4
+
5
+ Move to artifactory
6
+
7
+ ### Improvements
8
+
9
+ - Move to Artifactory
10
+
11
+ ## 0.0.2
12
+
13
+ ### Bug Fixes
14
+
15
+ - (CP-607) Can now differentiate between no attempt to provide a bearer token, and providing an empty bearer token.
16
+
17
+ ## 0.0.1
18
+
19
+ Initial release with basic token parsing functionality.
data/Gemfile ADDED
@@ -0,0 +1,3 @@
1
+ source "https://rubygems.org/"
2
+
3
+ gemspec
data/LICENCE ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2015 blinkbox Books Ltd.
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,3 @@
1
+ # Zuul Authentication for Rack Applications
2
+
3
+ This gem will automatically check the authenticity of any blinkbox authorisation tokens coming into your Rack application and provide details of the authenticated user.
data/Rakefile ADDED
@@ -0,0 +1,20 @@
1
+ require 'rake'
2
+ require 'bundler/gem_tasks'
3
+
4
+ task :default => :build
5
+ task :build => :test
6
+ task :test => :spec
7
+
8
+ desc "Run all rspec tests"
9
+ begin
10
+ require 'rspec/core/rake_task'
11
+
12
+ RSpec::Core::RakeTask.new(:spec) do |t|
13
+ t.pattern = 'spec/**/*_spec.rb'
14
+ end
15
+ rescue LoadError => e
16
+ raise e
17
+ task :spec do
18
+ $stderr.puts "Please install rspec: `gem install rspec`"
19
+ end
20
+ end
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.1.0
data/lib/rack/blinkbox/zuul/tokens.rb ADDED
@@ -0,0 +1,2 @@
1
+ require "rack/blinkbox/zuul/tokens/token_decoder"
2
+ require "rack/blinkbox/zuul/tokens/version"
data/lib/rack/blinkbox/zuul/tokens/file_key_finder.rb ADDED
@@ -0,0 +1,36 @@
1
+ require "rack"
2
+ require "sandal"
3
+
4
+ module Rack
5
+ module Blinkbox
6
+ module Zuul
7
+ # A simple key finder which uses the key identifier to locate keys on the file system.
8
+ class FileKeyFinder
9
+
10
+ # Initialises a new file key finder.
11
+ #
12
+ # @param key_dir [String] The directory in which keys are located.
13
+ def initialize(key_dir = "./keys")
14
+ @key_dir = key_dir
15
+ end
16
+
17
+ # Loads a key with a specified identifier.
18
+ #
19
+ # @param key_id [String] The key identifier.
20
+ # @param type [Symbol] :public, :private or :symmetric, depending on the required key type.
21
+ # @return [String]
22
+ def key_with_id(key_id, type)
23
+ raise Sandal::InvalidTokenError.new("Unspecified key.") if key_id.nil?
24
+ key_dir = ::File.join(@key_dir, ::File.expand_path(key_id, "/")) # mitigate directory expansion attacks
25
+ key_file = "#{key_dir}/#{type}.pem"
26
+ begin
27
+ ::File.read(key_file) # TODO: Binary read
28
+ rescue
29
+ raise Sandal::InvalidTokenError.new("Unknown key.")
30
+ end
31
+ end
32
+
33
+ end
34
+ end
35
+ end
36
+ end
data/lib/rack/blinkbox/zuul/tokens/token_decoder.rb ADDED
@@ -0,0 +1,78 @@
1
+ require "rack"
2
+ require "sandal"
3
+ require "rack/blinkbox/zuul/tokens/file_key_finder"
4
+
5
+ module Rack
6
+ module Blinkbox
7
+ module Zuul
8
+ # Rack middleware for decoding blinkbox Zuul authentication tokens.
9
+ class TokenDecoder
10
+
11
+ # Initialises a new token decoder.
12
+ #
13
+ # @param app [??] The Rack application.
14
+ # @param key_finder [#key_with_id] The class that is used to find
15
+ #
16
+ def initialize(app, key_finder = nil)
17
+ @app = app
18
+ @key_finder = key_finder || FileKeyFinder.new("./keys")
19
+ end
20
+
21
+ def call(env)
22
+ access_token = extract_bearer_token(env)
23
+ if access_token
24
+ env["zuul.access_token"] = access_token
25
+ begin
26
+ env["zuul.claims"] = claims = decode_access_token(access_token)
27
+
28
+ user_guid = claims["sub"]
29
+ env["zuul.user_guid"] = user_guid
30
+ env["zuul.user_id"] = user_guid.match(/\Aurn:blinkbox:zuul:user:(\d+)\Z/)[1]
31
+ env["zuul.user_roles"] = claims["bb/rol"] || []
32
+
33
+ client_guid = claims["bb/cid"]
34
+ if client_guid
35
+ env["zuul.client_guid"] = client_guid
36
+ env["zuul.client_id"] = client_guid.match(/\Aurn:blinkbox:zuul:client:(\d+)\Z/)[1]
37
+ end
38
+ rescue => error
39
+ env["zuul.error"] = error
40
+ end
41
+ end
42
+ @app.call(env)
43
+ end
44
+
45
+ private
46
+
47
+ def extract_bearer_token(env)
48
+ auth_header = env["HTTP_AUTHORIZATION"]
49
+ return nil if auth_header.nil?
50
+
51
+ auth_scheme, bearer_token = auth_header.split(" ", 2)
52
+ return nil unless auth_scheme == "Bearer"
53
+
54
+ # return an empty string if there was no bearer token in the header so that it's possible to
55
+ # differentiate between no attempt to provide a bearer token, in the cases above where the
56
+ # Authorization header is missing or doesn't use the Bearer scheme, and an attempt to provide
57
+ # bearer token but it happens to be empty.
58
+ bearer_token || ""
59
+ end
60
+
61
+ def decode_access_token(access_token)
62
+ Sandal.decode_token(access_token) do |header|
63
+ if header["alg"] == Sandal::Sig::ES256::NAME
64
+ key = @key_finder.key_with_id(header["kid"], :public)
65
+ Sandal::Sig::ES256.new(key)
66
+ elsif header["enc"] == Sandal::Enc::A128GCM::NAME && header["alg"] == Sandal::Enc::Alg::RSA_OAEP::NAME
67
+ key = @key_finder.key_with_id(header["kid"], :private)
68
+ Sandal::Enc::A128GCM.new(Sandal::Enc::Alg::RSA_OAEP.new(key))
69
+ else
70
+ raise Sandal::UnsupportedTokenError.new("Unsupported signing/encryption method.")
71
+ end
72
+ end
73
+ end
74
+
75
+ end
76
+ end
77
+ end
78
+ end
data/lib/rack/blinkbox/zuul/tokens/version.rb ADDED
@@ -0,0 +1,9 @@
1
+ module Rack
2
+ module Blinkbox
3
+ module Zuul
4
+ class Tokens
5
+ VERSION = File.read(File.join(__dir__,"../../../../../VERSION")) rescue "0.0.2"
6
+ end
7
+ end
8
+ end
9
+ end
data/rack-blinkbox-zuul-tokens.gemspec ADDED
@@ -0,0 +1,26 @@
1
+ # -*- encoding: utf-8 -*-
2
+ lib = File.expand_path("../lib", __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require "rack/blinkbox/zuul/tokens/version"
5
+
6
+ Gem::Specification.new do |s|
7
+ s.name = "rack-blinkbox-zuul-tokens"
8
+ s.version = Rack::Blinkbox::Zuul::Tokens::VERSION
9
+ s.authors = ["Greg Beech", "JP Hastings-Spital"]
10
+ s.email = ["greg@blinkbox.com", "jphastings@blinkbox.com"]
11
+ s.description = %q{Automatically processes Zuul authorisation tokens on Rack apps}
12
+ s.summary = %q{blinkbox books authentication for rack apps}
13
+ s.homepage = ""
14
+
15
+ s.files = `git ls-files`.split($/)
16
+ s.test_files = s.files.grep(%r{^(test|spec|features)/})
17
+ s.require_paths = ["lib"]
18
+
19
+ s.add_dependency "rack"
20
+ s.add_dependency "sandal", "~> 0.5", ">= 0.5.1"
21
+
22
+ s.add_development_dependency "rake"
23
+ s.add_development_dependency "rack-test"
24
+ s.add_development_dependency "rspec", "~> 2.0"
25
+ s.add_development_dependency "sinatra"
26
+ end
data/spec/keys/test-enc/private.pem ADDED
@@ -0,0 +1,27 @@
1
+ -----BEGIN RSA PRIVATE KEY-----
2
+ MIIEowIBAAKCAQEAtvdg4VF2VXLQ6X/CUpeGVaTCqThSG4r6EwLVV0YFtMhRHfS3
3
+ Xk3QJik/wNHZDewBvu+g7f3BC25xuz0PbxAKds5QkRYZW0X/tIsIQtIYFco1okY7
4
+ 2iQrsoR2sbE9jqpIMOcdtoLMeF69XP2sUoIWElbEFpwyoU9wY1PTbQMzhUQ4P8Ld
5
+ 1hdQ+GwyLbTj3IC5ODSTNErYuO5W8gS9Gc/36uPr/LIs0D9S8nhReO/cI+UHUPLK
6
+ jhYtFSXjVf280ZwDXaqcbV6q1ecDbPQr6t/Ri6ePIa20R3OzGsXP9k952ksIw35G
7
+ PEgzGjyPkeUEY8O8Ss3X0Dz1Bhrvre6L+w7inQIDAQABAoIBADdi9XnfziGZyzIU
8
+ EcAszGaapK7TNM/Pp1of7nMn6ExMo3mc/fFXPt5+eCUnoTw8qF6jbaT9vvV17onO
9
+ tyBYy8IhPHRfKzfdHcYKnGqV7OKTvt6rwiyL7Ipy3Pd3fvn0BDyBihYYzErX6xz+
10
+ Ua78YDAXAe8SQ6VfRddbpdIHOQ5rEE9Q8lyjleaRzRUEdklzJaix/WfNefLgY+8n
11
+ VtDcx5A43A4BsSMesBf2z2iXXDPu9RvIqaJWfMUa6dtpW2cCHV1xCl4t84BROneF
12
+ KB86TOmoIZqraWvDVQM7nlpsTLYWkByiXlvc1019H9ZtxWkt8w+VVbaiIePIxVW8
13
+ scH1j4UCgYEA2cn6ymUuFChU7iNSwqFdfCUgz430umb+telVDbbJadKDMjMHbj+c
14
+ JBi/y0HhHSocIkVOs+J5j0YRudm9n0KdmqM9DcE11W7stjTg2W0/pCMxnHBKOxQk
15
+ ERXjbkdk6twfaUi3j9laY6CQsoUiApiGdlAluWgtMPwfCsI1Cnaz628CgYEA1xFV
16
+ n2otCltQjPMmOeDofF68tqHmJE2LWv9hCU+zaO6aP2Vu1HCCUGeww6UuqPHsmWS0
17
+ 27MbfGfxMWrDT8NJWZkDvC5/WGYhK7/oErOv/uctHXwYaRF+QeqnzaZDIQiu+1pH
18
+ LvurZ6wYHCE4LSAxnjjL8vJXbVoR3jRIYliA/LMCgYEAusz3gyoNv9RoJGm/zpjB
19
+ qn3eCqhjxI4a4sTj4wNo9o9NYH1MXk/JCV0BBMHY6D76KprvynLyeOVMxu/wKO3m
20
+ aICjGW0jU5H1DsOEKHoAIDTflKLryIiZ9t2jWS97a8aqWo+4gnWXheRut/BhH4Db
21
+ tBdChCjKuj1GEuBIxlTSNZkCgYAtDNSCsBr/MGGPJN+8//+zDaU6HG+46wVl6ljJ
22
+ Ooi6UkC9RuIQXgDuFspQMSm0+fg1qYK5AqufQ6aiU1rWOnIC8qp1oMfMHJiWMXzL
23
+ bhhPrN0mb/gtCh0Icb70tP8azFbbD+4ZSV5+OO5T9iFuUnASVJNkMJ9fqJ5VjV4c
24
+ O63JQQKBgAXA4FWRnI5IE482PXb9J1p4pnbi3IlK791obCdOpH2dHPp4EkPCHALm
25
+ Az8zQW1tXpwNOzq7RSf/jnuKEYk64JYjtDtHLAILJhoWA7vplU0Fj+HyosJolO88
26
+ htgRN++wPL8F3XNPZU0htRKXFJi1TClxwH3BjZnltFRhS7VxxV9K
27
+ -----END RSA PRIVATE KEY-----
data/spec/keys/test-enc/public.pem ADDED
@@ -0,0 +1,9 @@
1
+ -----BEGIN PUBLIC KEY-----
2
+ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvdg4VF2VXLQ6X/CUpeG
3
+ VaTCqThSG4r6EwLVV0YFtMhRHfS3Xk3QJik/wNHZDewBvu+g7f3BC25xuz0PbxAK
4
+ ds5QkRYZW0X/tIsIQtIYFco1okY72iQrsoR2sbE9jqpIMOcdtoLMeF69XP2sUoIW
5
+ ElbEFpwyoU9wY1PTbQMzhUQ4P8Ld1hdQ+GwyLbTj3IC5ODSTNErYuO5W8gS9Gc/3
6
+ 6uPr/LIs0D9S8nhReO/cI+UHUPLKjhYtFSXjVf280ZwDXaqcbV6q1ecDbPQr6t/R
7
+ i6ePIa20R3OzGsXP9k952ksIw35GPEgzGjyPkeUEY8O8Ss3X0Dz1Bhrvre6L+w7i
8
+ nQIDAQAB
9
+ -----END PUBLIC KEY-----
data/spec/keys/test-sig/private.pem ADDED
@@ -0,0 +1,8 @@
1
+ -----BEGIN EC PARAMETERS-----
2
+ BggqhkjOPQMBBw==
3
+ -----END EC PARAMETERS-----
4
+ -----BEGIN EC PRIVATE KEY-----
5
+ MHcCAQEEIMqMf7hAPTPnlzIGje7hqS2nREDdznqikgMCihnPowF7oAoGCCqGSM49
6
+ AwEHoUQDQgAEKpuxnYoh/sGl8483iLIqe0sn+oZP4yZLKIfcKJXGf3ooU/X/9sL+
7
+ r+dmErttJrIv0JE3WrcheSNT58Oee1hZZQ==
8
+ -----END EC PRIVATE KEY-----
data/spec/keys/test-sig/public.pem ADDED
@@ -0,0 +1,4 @@
1
+ -----BEGIN PUBLIC KEY-----
2
+ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKpuxnYoh/sGl8483iLIqe0sn+oZP
3
+ 4yZLKIfcKJXGf3ooU/X/9sL+r+dmErttJrIv0JE3WrcheSNT58Oee1hZZQ==
4
+ -----END PUBLIC KEY-----
data/spec/rack/blinkbox/zuul/tokens/token_decoder_spec.rb ADDED
@@ -0,0 +1,81 @@
1
+ require_relative "../../../../spec_helper"
2
+
3
+ describe "A Rack app using Zuul TokenDecoder" do
4
+ include Rack::Test::Methods
5
+
6
+ def app
7
+ @app ||= App.new
8
+ end
9
+
10
+ context "with no token" do
11
+ before(:all) do
12
+ get "/"
13
+ end
14
+ describe "the request environment" do
15
+ subject { last_request.env }
16
+ it { should_not have_key_starting_with("zuul.") }
17
+ end
18
+ end
19
+
20
+ context "with a well-formed signed/encrypted token" do
21
+ before(:all) do
22
+ claims = {
23
+ "sub" => "urn:blinkbox:zuul:user:123",
24
+ "exp" => (Time.now + 1800).to_i,
25
+ "jti" => "urn:blinkbox:zuul:access-token:4857",
26
+ "bb/cid" => "urn:blinkbox:zuul:client:38"
27
+ }
28
+ puts File.expand_path("./")
29
+ signer = Sandal::Sig::ES256.new(File.read("./spec/keys/test-sig/private.pem"))
30
+ encrypter = Sandal::Enc::A128GCM.new(Sandal::Enc::Alg::RSA_OAEP.new(File.read("./spec/keys/test-enc/public.pem")))
31
+ jws_token = Sandal.encode_token(claims, signer, { "kid" => "test-sig" })
32
+ jwe_token = Sandal.encrypt_token(jws_token, encrypter, { "kid" => "test-enc", "cty" => "JWT" })
33
+ get "/", nil, { "HTTP_AUTHORIZATION" => "Bearer #{jwe_token}" }
34
+ end
35
+ describe "the request environment" do
36
+ subject { last_request.env }
37
+ it { should have_key("zuul.access_token") }
38
+ it { should_not have_key("zuul.error") }
39
+ its(["zuul.user_guid"]) { should eq("urn:blinkbox:zuul:user:123") }
40
+ its(["zuul.user_id"]) { should eq("123") }
41
+ its(["zuul.client_guid"]) { should eq("urn:blinkbox:zuul:client:38") }
42
+ its(["zuul.client_id"]) { should eq("38") }
43
+ end
44
+ end
45
+
46
+ context "with a well-formed encrypted but unsigned token" do
47
+ pending
48
+ end
49
+
50
+ context "with a well-formed signed but unencrypted token" do
51
+ pending
52
+ end
53
+
54
+ context "with a well-formed but unsigned/unencrypted token" do
55
+ before(:all) do
56
+ token = Sandal.encode_token({ "sub" => "urn:blinkbox:zuul:user:123" }, Sandal::Sig::NONE)
57
+ get "/", nil, { "HTTP_AUTHORIZATION" => "Bearer #{token}" }
58
+ end
59
+ describe "the request environment" do
60
+ subject { last_request.env }
61
+ it { should have_key("zuul.access_token") }
62
+ it { should have_key("zuul.error") }
63
+ it { should_not have_key_starting_with("zuul.user") }
64
+ it { should_not have_key_starting_with("zuul.client") }
65
+ end
66
+ end
67
+
68
+ context "with an invalidly formed token" do
69
+ before(:all) do
70
+ get "/", nil, { "HTTP_AUTHORIZATION" => "Bearer some.random.invalid.token.value" }
71
+ end
72
+ describe "the request environment" do
73
+ subject { last_request.env }
74
+ it { should have_key("zuul.access_token") }
75
+ it { should have_key("zuul.error") }
76
+ it { should_not have_key_starting_with("zuul.user") }
77
+ it { should_not have_key_starting_with("zuul.client") }
78
+ end
79
+ end
80
+
81
+ end
data/spec/spec_helper.rb ADDED
@@ -0,0 +1,16 @@
1
+ require "sinatra/base"
2
+ $:<<File.join(File.dirname(__FILE__), "..", "lib")
3
+
4
+ require "rack/test"
5
+ require "rack/blinkbox/zuul/tokens"
6
+ require "sandal"
7
+
8
+ class App < Sinatra::Base
9
+ use Rack::Blinkbox::Zuul::TokenDecoder, Rack::Blinkbox::Zuul::FileKeyFinder.new("./spec/keys")
10
+ end
11
+
12
+ class Hash
13
+ def has_key_starting_with?(prefix)
14
+ keys.any? { |k| k =~ /^#{::Regexp.escape(prefix)}/ }
15
+ end
16
+ end
metadata ADDED
@@ -0,0 +1,171 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rack-blinkbox-zuul-tokens
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ platform: ruby
6
+ authors:
7
+ - Greg Beech
8
+ - JP Hastings-Spital
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2015-01-30 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: rack
16
+ requirement: !ruby/object:Gem::Requirement
17
+ requirements:
18
+ - - ! '>='
19
+ - !ruby/object:Gem::Version
20
+ version: '0'
21
+ type: :runtime
22
+ prerelease: false
23
+ version_requirements: !ruby/object:Gem::Requirement
24
+ requirements:
25
+ - - ! '>='
26
+ - !ruby/object:Gem::Version
27
+ version: '0'
28
+ - !ruby/object:Gem::Dependency
29
+ name: sandal
30
+ requirement: !ruby/object:Gem::Requirement
31
+ requirements:
32
+ - - ~>
33
+ - !ruby/object:Gem::Version
34
+ version: '0.5'
35
+ - - ! '>='
36
+ - !ruby/object:Gem::Version
37
+ version: 0.5.1
38
+ type: :runtime
39
+ prerelease: false
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ requirements:
42
+ - - ~>
43
+ - !ruby/object:Gem::Version
44
+ version: '0.5'
45
+ - - ! '>='
46
+ - !ruby/object:Gem::Version
47
+ version: 0.5.1
48
+ - !ruby/object:Gem::Dependency
49
+ name: rake
50
+ requirement: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ! '>='
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ type: :development
56
+ prerelease: false
57
+ version_requirements: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ! '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ - !ruby/object:Gem::Dependency
63
+ name: rack-test
64
+ requirement: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ! '>='
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ type: :development
70
+ prerelease: false
71
+ version_requirements: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ! '>='
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ - !ruby/object:Gem::Dependency
77
+ name: rspec
78
+ requirement: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ~>
81
+ - !ruby/object:Gem::Version
82
+ version: '2.0'
83
+ type: :development
84
+ prerelease: false
85
+ version_requirements: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ~>
88
+ - !ruby/object:Gem::Version
89
+ version: '2.0'
90
+ - !ruby/object:Gem::Dependency
91
+ name: sinatra
92
+ requirement: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ! '>='
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ type: :development
98
+ prerelease: false
99
+ version_requirements: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ! '>='
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ description: Automatically processes Zuul authorisation tokens on Rack apps
105
+ email:
106
+ - greg@blinkbox.com
107
+ - jphastings@blinkbox.com
108
+ executables: []
109
+ extensions: []
110
+ extra_rdoc_files: []
111
+ files:
112
+ - .gitignore
113
+ - .rspec
114
+ - .travis.yml
115
+ - CHANGELOG.md
116
+ - Gemfile
117
+ - LICENCE
118
+ - README.md
119
+ - Rakefile
120
+ - VERSION
121
+ - lib/.DS_Store
122
+ - lib/rack/.DS_Store
123
+ - lib/rack/blinkbox/.DS_Store
124
+ - lib/rack/blinkbox/zuul/.DS_Store
125
+ - lib/rack/blinkbox/zuul/tokens.rb
126
+ - lib/rack/blinkbox/zuul/tokens/file_key_finder.rb
127
+ - lib/rack/blinkbox/zuul/tokens/token_decoder.rb
128
+ - lib/rack/blinkbox/zuul/tokens/version.rb
129
+ - rack-blinkbox-zuul-tokens.gemspec
130
+ - spec/.DS_Store
131
+ - spec/keys/test-enc/private.pem
132
+ - spec/keys/test-enc/public.pem
133
+ - spec/keys/test-sig/private.pem
134
+ - spec/keys/test-sig/public.pem
135
+ - spec/rack/.DS_Store
136
+ - spec/rack/blinkbox/.DS_Store
137
+ - spec/rack/blinkbox/zuul/tokens/token_decoder_spec.rb
138
+ - spec/spec_helper.rb
139
+ homepage: ''
140
+ licenses: []
141
+ metadata: {}
142
+ post_install_message:
143
+ rdoc_options: []
144
+ require_paths:
145
+ - lib
146
+ required_ruby_version: !ruby/object:Gem::Requirement
147
+ requirements:
148
+ - - ! '>='
149
+ - !ruby/object:Gem::Version
150
+ version: '0'
151
+ required_rubygems_version: !ruby/object:Gem::Requirement
152
+ requirements:
153
+ - - ! '>='
154
+ - !ruby/object:Gem::Version
155
+ version: '0'
156
+ requirements: []
157
+ rubyforge_project:
158
+ rubygems_version: 2.4.5
159
+ signing_key:
160
+ specification_version: 4
161
+ summary: blinkbox books authentication for rack apps
162
+ test_files:
163
+ - spec/.DS_Store
164
+ - spec/keys/test-enc/private.pem
165
+ - spec/keys/test-enc/public.pem
166
+ - spec/keys/test-sig/private.pem
167
+ - spec/keys/test-sig/public.pem
168
+ - spec/rack/.DS_Store
169
+ - spec/rack/blinkbox/.DS_Store
170
+ - spec/rack/blinkbox/zuul/tokens/token_decoder_spec.rb
171
+ - spec/spec_helper.rb