rack-header-key 0.0.1

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in rack-header-key.gemspec
+gemspec

data/MIT-LICENSE

@@ -0,0 +1,21 @@
+Copyright (c) 2011 Brendon Murphy
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+

data/README.md

@@ -0,0 +1,40 @@
+# Rack::HeaderKey #
+
+Rack::HeaderKey is Rack Middleware for providing authorization for requests via
+an HTTP header.  This is useful in instances where you want to authenticate some
+client of yours to an API where it's easier or preferrable over HTTP basic
+authentication.
+
+## Installation ##
+
+install it via rubygems:
+
+```
+gem install rack-header-key
+```
+
+or put it in your Gemfile:
+
+```ruby
+# Gemfile
+
+gem 'rack-header-key', :require => 'rack/header_key'
+```
+
+
+## Usage ##
+
+In a Rack application:
+
+```ruby
+# app.rb
+
+use Rack::HeaderKey, :path => "/api", :key => "shared_key"
+```
+
+The optional `:path` value determines a specific path you choose to protect.
+Leaving it off will call the root path to be protected entirely.
+
+## Copyright
+
+Copyright © 2011 Brendon Murphy. See [MIT-LICENSE](https://github.com/bemurphy/rack-header-key/blob/master/MIT-LICENSE) for details.

data/Rakefile

@@ -0,0 +1,2 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks

data/lib/rack/header_key/version.rb

@@ -0,0 +1,5 @@
+module Rack
+  module HeaderKey
+    VERSION = "0.0.1"
+  end
+end

data/lib/rack/header_key.rb

@@ -0,0 +1,43 @@
+module Rack
+  class HeaderKey
+    AUTH_HEADER = "X_AUTHORIZATION_KEY".freeze
+
+    def initialize(app, options)
+      @app = app
+      @secret = options.fetch(:key)
+      @path = options.fetch(:path, "/")
+
+      unless @path =~ %r{^/}
+        raise ArgumentError, "Please provide a path with a leading /"
+      end
+      @app
+    end
+
+    def call(env)
+      self.dup._call(env)
+    end
+
+    def _call(env)
+      @request = Rack::Request.new env
+      if protected_path?
+        if token_ok?
+          @app.call(env)
+        else
+          [401, {'Content-Type' => 'text/plain; charset=utf-8'}, "Unauthorized"]
+        end
+      else
+        @app.call(env)
+      end
+    end
+
+    private
+
+    def token_ok?
+      @request.env[AUTH_HEADER] == @secret
+    end
+
+    def protected_path?
+      @request.path =~ %r/^#{@path}/
+    end
+  end
+end

data/rack-header-key.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "rack/header_key/version"
+
+Gem::Specification.new do |s|
+  s.name        = "rack-header-key"
+  s.version     = Rack::HeaderKey::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Brendon Murphy"]
+  s.email       = ["xternal1+github@gmail.com"]
+  s.homepage    = ""
+  s.summary     = %q{Rack Middleware for authenticating requests via an http header}
+  s.description = s.summary
+
+  s.rubyforge_project = "rack-header-key"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_dependency 'rack'
+  s.add_development_dependency 'rspec'
+end

data/spec/header_key_spec.rb

@@ -0,0 +1,61 @@
+require 'spec_helper'
+
+describe Rack::HeaderKey do
+  let(:key) { "sekret" }
+  let(:app) {
+    Rack::Builder.new do
+      use Rack::HeaderKey, :key => "sekret", :path => "/api"
+      run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
+    end
+  }
+
+  it "raises an argument error if given a path option that doesn't start with /" do
+    app = Rack::Builder.new do
+      use Rack::HeaderKey, :key => "sekret", :path => "bad_path"
+      run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
+    end
+
+    lambda {
+      Rack::MockRequest.new(app).get('/test')
+    }.should raise_error(ArgumentError)
+  end
+
+  context "for the protected path" do
+    it "returns 200 if the proper key is present in X_AUTHORIZATION_KEY" do
+      response = Rack::MockRequest.new(app).get('/api/test', "X_AUTHORIZATION_KEY" => key)
+      response.status.should == 200
+      response.body.should == "success"
+    end
+
+    it "returns 401 if the the proper key is not in X_AUTHORIZATION_KEY" do
+      response = Rack::MockRequest.new(app).get('/api/test', "X_AUTHORIZATION_KEY" => "bogus_key")
+      response.status.should == 401
+    end
+  end
+
+  context "for an unprotected path" do
+    it "returns 200 when no key is given" do
+      response = Rack::MockRequest.new(app).get('/test')
+      response.status.should == 200
+      response.body.should == "success"
+    end
+
+    it "returns 200 even if an improper key is given" do
+      response = Rack::MockRequest.new(app).get('/test', "X_AUTHORIZATION_KEY" => "bogus_key")
+      response.status.should == 200
+      response.body.should == "success"
+    end
+  end
+
+  context "when no path is given" do
+    it "protects the root path" do
+      app = Rack::Builder.new do
+        use Rack::HeaderKey, :key => "sekret"
+        run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
+      end
+      response = Rack::MockRequest.new(app).get('/test', "X_AUTHORIZATION_KEY" => "bogus_key")
+      response.status.should == 401
+    end
+  end
+end
+

data/spec/spec_helper.rb

@@ -0,0 +1,11 @@
+require File.expand_path("../../lib/rack/header_key", __FILE__)
+require 'rack/mock'
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+# Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
+
+RSpec.configure do |config|
+  config.mock_with :rspec
+end
+

metadata

@@ -0,0 +1,105 @@
+--- !ruby/object:Gem::Specification 
+name: rack-header-key
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Brendon Murphy
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-09-02 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rack
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id002
+description: Rack Middleware for authenticating requests via an http header
+email: 
+- xternal1+github@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- MIT-LICENSE
+- README.md
+- Rakefile
+- lib/rack/header_key.rb
+- lib/rack/header_key/version.rb
+- rack-header-key.gemspec
+- spec/header_key_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: ""
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: rack-header-key
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Rack Middleware for authenticating requests via an http header
+test_files: 
+- spec/header_key_spec.rb
+- spec/spec_helper.rb