rack-header-key 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +4 -0
- data/Gemfile +4 -0
- data/MIT-LICENSE +21 -0
- data/README.md +40 -0
- data/Rakefile +2 -0
- data/lib/rack/header_key/version.rb +5 -0
- data/lib/rack/header_key.rb +43 -0
- data/rack-header-key.gemspec +24 -0
- data/spec/header_key_spec.rb +61 -0
- data/spec/spec_helper.rb +11 -0
- metadata +105 -0
data/.gitignore
ADDED
data/Gemfile
ADDED
data/MIT-LICENSE
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
Copyright (c) 2011 Brendon Murphy
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
21
|
+
|
data/README.md
ADDED
@@ -0,0 +1,40 @@
|
|
1
|
+
# Rack::HeaderKey #
|
2
|
+
|
3
|
+
Rack::HeaderKey is Rack Middleware for providing authorization for requests via
|
4
|
+
an HTTP header. This is useful in instances where you want to authenticate some
|
5
|
+
client of yours to an API where it's easier or preferrable over HTTP basic
|
6
|
+
authentication.
|
7
|
+
|
8
|
+
## Installation ##
|
9
|
+
|
10
|
+
install it via rubygems:
|
11
|
+
|
12
|
+
```
|
13
|
+
gem install rack-header-key
|
14
|
+
```
|
15
|
+
|
16
|
+
or put it in your Gemfile:
|
17
|
+
|
18
|
+
```ruby
|
19
|
+
# Gemfile
|
20
|
+
|
21
|
+
gem 'rack-header-key', :require => 'rack/header_key'
|
22
|
+
```
|
23
|
+
|
24
|
+
|
25
|
+
## Usage ##
|
26
|
+
|
27
|
+
In a Rack application:
|
28
|
+
|
29
|
+
```ruby
|
30
|
+
# app.rb
|
31
|
+
|
32
|
+
use Rack::HeaderKey, :path => "/api", :key => "shared_key"
|
33
|
+
```
|
34
|
+
|
35
|
+
The optional `:path` value determines a specific path you choose to protect.
|
36
|
+
Leaving it off will call the root path to be protected entirely.
|
37
|
+
|
38
|
+
## Copyright
|
39
|
+
|
40
|
+
Copyright © 2011 Brendon Murphy. See [MIT-LICENSE](https://github.com/bemurphy/rack-header-key/blob/master/MIT-LICENSE) for details.
|
data/Rakefile
ADDED
@@ -0,0 +1,43 @@
|
|
1
|
+
module Rack
|
2
|
+
class HeaderKey
|
3
|
+
AUTH_HEADER = "X_AUTHORIZATION_KEY".freeze
|
4
|
+
|
5
|
+
def initialize(app, options)
|
6
|
+
@app = app
|
7
|
+
@secret = options.fetch(:key)
|
8
|
+
@path = options.fetch(:path, "/")
|
9
|
+
|
10
|
+
unless @path =~ %r{^/}
|
11
|
+
raise ArgumentError, "Please provide a path with a leading /"
|
12
|
+
end
|
13
|
+
@app
|
14
|
+
end
|
15
|
+
|
16
|
+
def call(env)
|
17
|
+
self.dup._call(env)
|
18
|
+
end
|
19
|
+
|
20
|
+
def _call(env)
|
21
|
+
@request = Rack::Request.new env
|
22
|
+
if protected_path?
|
23
|
+
if token_ok?
|
24
|
+
@app.call(env)
|
25
|
+
else
|
26
|
+
[401, {'Content-Type' => 'text/plain; charset=utf-8'}, "Unauthorized"]
|
27
|
+
end
|
28
|
+
else
|
29
|
+
@app.call(env)
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
private
|
34
|
+
|
35
|
+
def token_ok?
|
36
|
+
@request.env[AUTH_HEADER] == @secret
|
37
|
+
end
|
38
|
+
|
39
|
+
def protected_path?
|
40
|
+
@request.path =~ %r/^#{@path}/
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "rack/header_key/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "rack-header-key"
|
7
|
+
s.version = Rack::HeaderKey::VERSION
|
8
|
+
s.platform = Gem::Platform::RUBY
|
9
|
+
s.authors = ["Brendon Murphy"]
|
10
|
+
s.email = ["xternal1+github@gmail.com"]
|
11
|
+
s.homepage = ""
|
12
|
+
s.summary = %q{Rack Middleware for authenticating requests via an http header}
|
13
|
+
s.description = s.summary
|
14
|
+
|
15
|
+
s.rubyforge_project = "rack-header-key"
|
16
|
+
|
17
|
+
s.files = `git ls-files`.split("\n")
|
18
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
19
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
20
|
+
s.require_paths = ["lib"]
|
21
|
+
|
22
|
+
s.add_dependency 'rack'
|
23
|
+
s.add_development_dependency 'rspec'
|
24
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Rack::HeaderKey do
|
4
|
+
let(:key) { "sekret" }
|
5
|
+
let(:app) {
|
6
|
+
Rack::Builder.new do
|
7
|
+
use Rack::HeaderKey, :key => "sekret", :path => "/api"
|
8
|
+
run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
|
9
|
+
end
|
10
|
+
}
|
11
|
+
|
12
|
+
it "raises an argument error if given a path option that doesn't start with /" do
|
13
|
+
app = Rack::Builder.new do
|
14
|
+
use Rack::HeaderKey, :key => "sekret", :path => "bad_path"
|
15
|
+
run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
|
16
|
+
end
|
17
|
+
|
18
|
+
lambda {
|
19
|
+
Rack::MockRequest.new(app).get('/test')
|
20
|
+
}.should raise_error(ArgumentError)
|
21
|
+
end
|
22
|
+
|
23
|
+
context "for the protected path" do
|
24
|
+
it "returns 200 if the proper key is present in X_AUTHORIZATION_KEY" do
|
25
|
+
response = Rack::MockRequest.new(app).get('/api/test', "X_AUTHORIZATION_KEY" => key)
|
26
|
+
response.status.should == 200
|
27
|
+
response.body.should == "success"
|
28
|
+
end
|
29
|
+
|
30
|
+
it "returns 401 if the the proper key is not in X_AUTHORIZATION_KEY" do
|
31
|
+
response = Rack::MockRequest.new(app).get('/api/test', "X_AUTHORIZATION_KEY" => "bogus_key")
|
32
|
+
response.status.should == 401
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
context "for an unprotected path" do
|
37
|
+
it "returns 200 when no key is given" do
|
38
|
+
response = Rack::MockRequest.new(app).get('/test')
|
39
|
+
response.status.should == 200
|
40
|
+
response.body.should == "success"
|
41
|
+
end
|
42
|
+
|
43
|
+
it "returns 200 even if an improper key is given" do
|
44
|
+
response = Rack::MockRequest.new(app).get('/test', "X_AUTHORIZATION_KEY" => "bogus_key")
|
45
|
+
response.status.should == 200
|
46
|
+
response.body.should == "success"
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
context "when no path is given" do
|
51
|
+
it "protects the root path" do
|
52
|
+
app = Rack::Builder.new do
|
53
|
+
use Rack::HeaderKey, :key => "sekret"
|
54
|
+
run lambda { |env| [200, {'Content-Type' => "text/plain"}, ["success"]]}
|
55
|
+
end
|
56
|
+
response = Rack::MockRequest.new(app).get('/test', "X_AUTHORIZATION_KEY" => "bogus_key")
|
57
|
+
response.status.should == 401
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
require File.expand_path("../../lib/rack/header_key", __FILE__)
|
2
|
+
require 'rack/mock'
|
3
|
+
|
4
|
+
# Requires supporting ruby files with custom matchers and macros, etc,
|
5
|
+
# in spec/support/ and its subdirectories.
|
6
|
+
# Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
|
7
|
+
|
8
|
+
RSpec.configure do |config|
|
9
|
+
config.mock_with :rspec
|
10
|
+
end
|
11
|
+
|
metadata
ADDED
@@ -0,0 +1,105 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rack-header-key
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 29
|
5
|
+
prerelease: false
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
- 1
|
10
|
+
version: 0.0.1
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- Brendon Murphy
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2011-09-02 00:00:00 -07:00
|
19
|
+
default_executable:
|
20
|
+
dependencies:
|
21
|
+
- !ruby/object:Gem::Dependency
|
22
|
+
name: rack
|
23
|
+
prerelease: false
|
24
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
hash: 3
|
30
|
+
segments:
|
31
|
+
- 0
|
32
|
+
version: "0"
|
33
|
+
type: :runtime
|
34
|
+
version_requirements: *id001
|
35
|
+
- !ruby/object:Gem::Dependency
|
36
|
+
name: rspec
|
37
|
+
prerelease: false
|
38
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ">="
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
hash: 3
|
44
|
+
segments:
|
45
|
+
- 0
|
46
|
+
version: "0"
|
47
|
+
type: :development
|
48
|
+
version_requirements: *id002
|
49
|
+
description: Rack Middleware for authenticating requests via an http header
|
50
|
+
email:
|
51
|
+
- xternal1+github@gmail.com
|
52
|
+
executables: []
|
53
|
+
|
54
|
+
extensions: []
|
55
|
+
|
56
|
+
extra_rdoc_files: []
|
57
|
+
|
58
|
+
files:
|
59
|
+
- .gitignore
|
60
|
+
- Gemfile
|
61
|
+
- MIT-LICENSE
|
62
|
+
- README.md
|
63
|
+
- Rakefile
|
64
|
+
- lib/rack/header_key.rb
|
65
|
+
- lib/rack/header_key/version.rb
|
66
|
+
- rack-header-key.gemspec
|
67
|
+
- spec/header_key_spec.rb
|
68
|
+
- spec/spec_helper.rb
|
69
|
+
has_rdoc: true
|
70
|
+
homepage: ""
|
71
|
+
licenses: []
|
72
|
+
|
73
|
+
post_install_message:
|
74
|
+
rdoc_options: []
|
75
|
+
|
76
|
+
require_paths:
|
77
|
+
- lib
|
78
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
79
|
+
none: false
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
hash: 3
|
84
|
+
segments:
|
85
|
+
- 0
|
86
|
+
version: "0"
|
87
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
88
|
+
none: false
|
89
|
+
requirements:
|
90
|
+
- - ">="
|
91
|
+
- !ruby/object:Gem::Version
|
92
|
+
hash: 3
|
93
|
+
segments:
|
94
|
+
- 0
|
95
|
+
version: "0"
|
96
|
+
requirements: []
|
97
|
+
|
98
|
+
rubyforge_project: rack-header-key
|
99
|
+
rubygems_version: 1.3.7
|
100
|
+
signing_key:
|
101
|
+
specification_version: 3
|
102
|
+
summary: Rack Middleware for authenticating requests via an http header
|
103
|
+
test_files:
|
104
|
+
- spec/header_key_spec.rb
|
105
|
+
- spec/spec_helper.rb
|