rack-header-key 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,4 @@
1
+ *.gem
2
+ .bundle
3
+ Gemfile.lock
4
+ pkg/*
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "http://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in rack-header-key.gemspec
4
+ gemspec
data/MIT-LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ Copyright (c) 2011 Brendon Murphy
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
21
+
data/README.md ADDED
@@ -0,0 +1,40 @@
1
+ # Rack::HeaderKey #
2
+
3
+ Rack::HeaderKey is Rack Middleware for providing authorization for requests via
4
+ an HTTP header. This is useful in instances where you want to authenticate some
5
+ client of yours to an API where it's easier or preferrable over HTTP basic
6
+ authentication.
7
+
8
+ ## Installation ##
9
+
10
+ install it via rubygems:
11
+
12
+ ```
13
+ gem install rack-header-key
14
+ ```
15
+
16
+ or put it in your Gemfile:
17
+
18
+ ```ruby
19
+ # Gemfile
20
+
21
+ gem 'rack-header-key', :require => 'rack/header_key'
22
+ ```
23
+
24
+
25
+ ## Usage ##
26
+
27
+ In a Rack application:
28
+
29
+ ```ruby
30
+ # app.rb
31
+
32
+ use Rack::HeaderKey, :path => "/api", :key => "shared_key"
33
+ ```
34
+
35
+ The optional `:path` value determines a specific path you choose to protect.
36
+ Leaving it off will call the root path to be protected entirely.
37
+
38
+ ## Copyright
39
+
40
+ Copyright © 2011 Brendon Murphy. See [MIT-LICENSE](https://github.com/bemurphy/rack-header-key/blob/master/MIT-LICENSE) for details.
data/Rakefile ADDED
@@ -0,0 +1,2 @@
1
+ require 'bundler'
2
+ Bundler::GemHelper.install_tasks
@@ -0,0 +1,5 @@
1
+ module Rack
2
+ module HeaderKey
3
+ VERSION = "0.0.1"
4
+ end
5
+ end
@@ -0,0 +1,43 @@
1
+ module Rack
2
+ class HeaderKey
3
+ AUTH_HEADER = "X_AUTHORIZATION_KEY".freeze
4
+
5
+ def initialize(app, options)
6
+ @app = app
7
+ @secret = options.fetch(:key)
8
+ @path = options.fetch(:path, "/")
9
+
10
+ unless @path =~ %r{^/}
11
+ raise ArgumentError, "Please provide a path with a leading /"
12
+ end
13
+ @app
14
+ end
15
+
16
+ def call(env)
17
+ self.dup._call(env)
18
+ end
19
+
20
+ def _call(env)
21
+ @request = Rack::Request.new env
22
+ if protected_path?
23
+ if token_ok?
24
+ @app.call(env)
25
+ else
26
+ [401, {'Content-Type' => 'text/plain; charset=utf-8'}, "Unauthorized"]
27
+ end
28
+ else
29
+ @app.call(env)
30
+ end
31
+ end
32
+
33
+ private
34
+
35
+ def token_ok?
36
+ @request.env[AUTH_HEADER] == @secret
37
+ end
38
+
39
+ def protected_path?
40
+ @request.path =~ %r/^#{@path}/
41
+ end
42
+ end
43
+ end
@@ -0,0 +1,24 @@
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path("../lib", __FILE__)
3
+ require "rack/header_key/version"
4
+
5
+ Gem::Specification.new do |s|
6
+ s.name = "rack-header-key"
7
+ s.version = Rack::HeaderKey::VERSION
8
+ s.platform = Gem::Platform::RUBY
9
+ s.authors = ["Brendon Murphy"]
10
+ s.email = ["xternal1+github@gmail.com"]
11
+ s.homepage = ""
12
+ s.summary = %q{Rack Middleware for authenticating requests via an http header}
13
+ s.description = s.summary
14
+
15
+ s.rubyforge_project = "rack-header-key"
16
+
17
+ s.files = `git ls-files`.split("\n")
18
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
19
+ s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
20
+ s.require_paths = ["lib"]
21
+
22
+ s.add_dependency 'rack'
23
+ s.add_development_dependency 'rspec'
24
+ end
@@ -0,0 +1,61 @@
1
+ require 'spec_helper'
2
+
3
+ describe Rack::HeaderKey do
4
+ let(:key) { "sekret" }
5
+ let(:app) {
6
+ Rack::Builder.new do
7
+ use Rack::HeaderKey, :key => "sekret", :path => "/api"
8
+ run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
9
+ end
10
+ }
11
+
12
+ it "raises an argument error if given a path option that doesn't start with /" do
13
+ app = Rack::Builder.new do
14
+ use Rack::HeaderKey, :key => "sekret", :path => "bad_path"
15
+ run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
16
+ end
17
+
18
+ lambda {
19
+ Rack::MockRequest.new(app).get('/test')
20
+ }.should raise_error(ArgumentError)
21
+ end
22
+
23
+ context "for the protected path" do
24
+ it "returns 200 if the proper key is present in X_AUTHORIZATION_KEY" do
25
+ response = Rack::MockRequest.new(app).get('/api/test', "X_AUTHORIZATION_KEY" => key)
26
+ response.status.should == 200
27
+ response.body.should == "success"
28
+ end
29
+
30
+ it "returns 401 if the the proper key is not in X_AUTHORIZATION_KEY" do
31
+ response = Rack::MockRequest.new(app).get('/api/test', "X_AUTHORIZATION_KEY" => "bogus_key")
32
+ response.status.should == 401
33
+ end
34
+ end
35
+
36
+ context "for an unprotected path" do
37
+ it "returns 200 when no key is given" do
38
+ response = Rack::MockRequest.new(app).get('/test')
39
+ response.status.should == 200
40
+ response.body.should == "success"
41
+ end
42
+
43
+ it "returns 200 even if an improper key is given" do
44
+ response = Rack::MockRequest.new(app).get('/test', "X_AUTHORIZATION_KEY" => "bogus_key")
45
+ response.status.should == 200
46
+ response.body.should == "success"
47
+ end
48
+ end
49
+
50
+ context "when no path is given" do
51
+ it "protects the root path" do
52
+ app = Rack::Builder.new do
53
+ use Rack::HeaderKey, :key => "sekret"
54
+ run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
55
+ end
56
+ response = Rack::MockRequest.new(app).get('/test', "X_AUTHORIZATION_KEY" => "bogus_key")
57
+ response.status.should == 401
58
+ end
59
+ end
60
+ end
61
+
@@ -0,0 +1,11 @@
1
+ require File.expand_path("../../lib/rack/header_key", __FILE__)
2
+ require 'rack/mock'
3
+
4
+ # Requires supporting ruby files with custom matchers and macros, etc,
5
+ # in spec/support/ and its subdirectories.
6
+ # Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
7
+
8
+ RSpec.configure do |config|
9
+ config.mock_with :rspec
10
+ end
11
+
metadata ADDED
@@ -0,0 +1,105 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rack-header-key
3
+ version: !ruby/object:Gem::Version
4
+ hash: 29
5
+ prerelease: false
6
+ segments:
7
+ - 0
8
+ - 0
9
+ - 1
10
+ version: 0.0.1
11
+ platform: ruby
12
+ authors:
13
+ - Brendon Murphy
14
+ autorequire:
15
+ bindir: bin
16
+ cert_chain: []
17
+
18
+ date: 2011-09-02 00:00:00 -07:00
19
+ default_executable:
20
+ dependencies:
21
+ - !ruby/object:Gem::Dependency
22
+ name: rack
23
+ prerelease: false
24
+ requirement: &id001 !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ">="
28
+ - !ruby/object:Gem::Version
29
+ hash: 3
30
+ segments:
31
+ - 0
32
+ version: "0"
33
+ type: :runtime
34
+ version_requirements: *id001
35
+ - !ruby/object:Gem::Dependency
36
+ name: rspec
37
+ prerelease: false
38
+ requirement: &id002 !ruby/object:Gem::Requirement
39
+ none: false
40
+ requirements:
41
+ - - ">="
42
+ - !ruby/object:Gem::Version
43
+ hash: 3
44
+ segments:
45
+ - 0
46
+ version: "0"
47
+ type: :development
48
+ version_requirements: *id002
49
+ description: Rack Middleware for authenticating requests via an http header
50
+ email:
51
+ - xternal1+github@gmail.com
52
+ executables: []
53
+
54
+ extensions: []
55
+
56
+ extra_rdoc_files: []
57
+
58
+ files:
59
+ - .gitignore
60
+ - Gemfile
61
+ - MIT-LICENSE
62
+ - README.md
63
+ - Rakefile
64
+ - lib/rack/header_key.rb
65
+ - lib/rack/header_key/version.rb
66
+ - rack-header-key.gemspec
67
+ - spec/header_key_spec.rb
68
+ - spec/spec_helper.rb
69
+ has_rdoc: true
70
+ homepage: ""
71
+ licenses: []
72
+
73
+ post_install_message:
74
+ rdoc_options: []
75
+
76
+ require_paths:
77
+ - lib
78
+ required_ruby_version: !ruby/object:Gem::Requirement
79
+ none: false
80
+ requirements:
81
+ - - ">="
82
+ - !ruby/object:Gem::Version
83
+ hash: 3
84
+ segments:
85
+ - 0
86
+ version: "0"
87
+ required_rubygems_version: !ruby/object:Gem::Requirement
88
+ none: false
89
+ requirements:
90
+ - - ">="
91
+ - !ruby/object:Gem::Version
92
+ hash: 3
93
+ segments:
94
+ - 0
95
+ version: "0"
96
+ requirements: []
97
+
98
+ rubyforge_project: rack-header-key
99
+ rubygems_version: 1.3.7
100
+ signing_key:
101
+ specification_version: 3
102
+ summary: Rack Middleware for authenticating requests via an http header
103
+ test_files:
104
+ - spec/header_key_spec.rb
105
+ - spec/spec_helper.rb