rack-simple_auth 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +42 -8
  3. data/lib/rack/simple_auth/hmac.rb +34 -14
  4. data/lib/rack/simple_auth/version.rb +1 -1
  5. data/test/config.ru +9 -1
  6. data/test/config_fail.ru +13 -0
  7. data/test/rack/simple_auth/hmac_fail_test.rb +26 -0
  8. data/test/rack/simple_auth/hmac_test.rb +27 -12
  9. data/test/test_helper.rb +2 -1
  10. metadata +6 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 391baa3938d8f51b5501b0064c25100dfaf8941c
4
- data.tar.gz: f785d92ba75ad9b0b968202460b384da9c36f489
3
+ metadata.gz: 4d1332c61244522343025971bc83670b33abec89
4
+ data.tar.gz: 5dd72b9648fd2a736b6c7c578e1a012bec201650
5
5
  SHA512:
6
- metadata.gz: ec4dbc9f92f9625b28c355d0745f4d6648c7d06f79b98a2078133124a6648de7e7b926f21c75604385b2e5f57e2e99151d628f16aafb7d5fba715e4bb6df6a5b
7
- data.tar.gz: 217410019be2f9157251c14f7eb35ca7af23e652b5394f09cbcd9d189f5ee5f594df56eea976a32dc36bba5ce842cb35626c4151a33610ba6bac63e6f77099eb
6
+ metadata.gz: 29fdfd05f22c0fa6a9987c9a02c486ce7ff622d2c149398ae3483b9fa45cf59b6ee62a72ca7a4343985494184727894ae21b8dd1a9e32bb3aa919d69a54c199a
7
+ data.tar.gz: 490235fb4734189062125bbd42c868ceebec5355aeba21d0837f27bd05d796a924992701afe28b660e894bd25149cb7721d814939ff9e336cf433072101f04d9
data/README.md CHANGED
@@ -1,6 +1,8 @@
1
1
  # Rack::SimpleAuth
2
2
 
3
- Rack Middleware for HMAC Authentication
3
+ Rack::SimpleAuth will contain different Authentication Class Middlewares
4
+
5
+ Until now only HMAC is implemented...
4
6
 
5
7
  ## Installation
6
8
 
@@ -20,30 +22,62 @@ Or install it yourself as:
20
22
 
21
23
  [![Build Status](https://travis-ci.org/Benny1992/rack-simple_auth.png?branch=master)](https://travis-ci.org/Benny1992/rack-simple_auth)
22
24
  [![Coverage Status](https://coveralls.io/repos/Benny1992/rack-simple_auth/badge.png?branch=master)](https://coveralls.io/r/Benny1992/rack-simple_auth?branch=master)
23
- [![GitHub version](https://badge.fury.io/gh/benny1992%2Frack-simple_auth.png)](http://badge.fury.io/gh/benny1992%2Frack-simple_auth)
25
+ [![Gem Version](https://badge.fury.io/rb/rack-simple_auth.png)](http://badge.fury.io/rb/rack-simple_auth)
26
+ [![Dependency Status](https://gemnasium.com/Benny1992/rack-simple_auth.png)](https://gemnasium.com/Benny1992/rack-simple_auth)
24
27
 
25
28
  ## Usage
26
29
 
30
+ ### HMAC Authorization
31
+
27
32
  Uses Authorization HTTP Header, example:
28
- ```Authorization: ContentHash:Signature```
33
+ ```Authorization: MessageHash:Signature```
29
34
 
30
- Signature is the "Public Key"
35
+ - Signature is the "Public Key"
36
+ - MessageHash is the HMAC encrypted Message
31
37
 
32
- ContentHash is the HMAC encrypted Message
38
+ #### Basic Usage:
33
39
 
34
40
  ```ruby
41
+ config = {
42
+ 'GET' => 'path',
43
+ 'POST' => 'params',
44
+ 'DELETE' => 'path',
45
+ 'PUT' => 'path',
46
+ 'PATCH' => 'path'
47
+ }
48
+
35
49
  map '/' do
36
- use Rack::SimpleAuth::HMAC, 'signature', 'private_key'
50
+ use Rack::SimpleAuth::HMAC, 'signature', 'private_key', config
37
51
  run MyApplication
38
52
  end
39
53
  ```
40
54
 
41
- Private Key and Signature should be served by a file which is not checked into git version control.
55
+ Note: Private Key and Signature should be served by a file which is not checked into git version control.
56
+
57
+ #### Config Hash
58
+
59
+ Via the config hash you are able to define the 'data' for each request method.<br />
60
+ This data + HTTP Methodname is your Message what will be encrypted.<br />
61
+
62
+ For example ```GET '/get/user?name=rack'```:
63
+ ```ruby
64
+ config = { 'GET => 'path' }
65
+ ```
66
+
67
+ The Message what will be HMAC encrypted is:
68
+ ```ruby
69
+ message = { 'method' => 'GET', 'data' => '/get/user?name=rack' }.to_json
70
+ ```
71
+
42
72
 
43
73
  ## Contributing
44
74
 
45
- 1. Fork it ( http://github.com/<my-github-username>/rack-simple_auth/fork )
75
+ 1. Fork it ( http://github.com/benny1992/rack-simple_auth/fork )
46
76
  2. Create your feature branch (`git checkout -b my-new-feature`)
47
77
  3. Commit your changes (`git commit -am 'Add some feature'`)
48
78
  4. Push to the branch (`git push origin my-new-feature`)
49
79
  5. Create new Pull Request
80
+
81
+
82
+
83
+
data/lib/rack/simple_auth/hmac.rb CHANGED
@@ -7,10 +7,11 @@ module Rack
7
7
  # @param [Rack Application] app [next middleware or rack app which gets called]
8
8
  # @param [String] signature [Public Signature]
9
9
  # @param [String] secret [Secret used for Message Encryption]
10
- def initialize(app, signature, secret)
10
+ def initialize(app, signature, secret, config)
11
11
  @app = app
12
12
  @signature = signature
13
13
  @secret = secret
14
+ @config = config
14
15
  end
15
16
 
16
17
  # call Method for Rack Middleware/Application
@@ -32,29 +33,48 @@ module Rack
32
33
  return false if request.env['HTTP_AUTHORIZATION'].nil?
33
34
 
34
35
  auth_array = request.env['HTTP_AUTHORIZATION'].split(':')
35
- content_hash = auth_array[0]
36
+ message_hash = auth_array[0]
36
37
  signature = auth_array[1]
37
38
 
39
+ hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, message(request))
40
+ # puts request.request_method
41
+ # puts "Hash to Check: #{hash}"
42
+ # puts "Message Hash: #{message_hash}"
43
+
44
+ if signature == @signature && hash == message_hash
45
+ true
46
+ else
47
+ false
48
+ end
49
+ end
50
+
51
+ # Get Message for current Request
52
+ # @param [Rack::Request] request [current Request]
53
+ # @return [Hash] message [message which will be encrypted]
54
+ def message(request)
38
55
  case request.request_method
39
56
  when 'GET'
40
- content = { 'method' => request.request_method, 'data' => request.path }.to_json
57
+ return { 'method' => request.request_method, 'data' => request_data(request, @config) }.to_json
41
58
  when 'POST'
42
- content = { 'method' => request.request_method, 'data' => request.POST }.to_json
59
+ return { 'method' => request.request_method, 'data' => request_data(request, @config) }.to_json
43
60
  when 'DELETE'
44
- content = { 'method' => request.request_method, 'data' => request.path }.to_json
61
+ return { 'method' => request.request_method, 'data' => request_data(request, @config) }.to_json
45
62
  when 'PUT'
46
- content = { 'method' => request.request_method, 'data' => request.POST }.to_json
63
+ return { 'method' => request.request_method, 'data' => request_data(request, @config) }.to_json
64
+ when 'PATCH'
65
+ return { 'method' => request.request_method, 'data' => request_data(request, @config) }.to_json
47
66
  end
67
+ end
48
68
 
49
- hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
50
- # puts content
51
- # puts "Hash to Check: #{hash}"
52
- # puts "Content Hash: #{content_hash}"
53
-
54
- if signature == @signature && hash == content_hash
55
- true
69
+ # Get Request Data specified by Config
70
+ # @param [Rack::Request] request [current Request]
71
+ # @param [Hash] config [Config Hash containing what type of info is data for each request]
72
+ # @return [String|Hash] data [Data for each request]
73
+ def request_data(request, config)
74
+ if config[request.request_method] == 'path' || config[request.request_method] == 'params'
75
+ request.send(config[request.request_method].to_sym)
56
76
  else
57
- false
77
+ fail "Not a valid option #{config[request.request_method]} - Use either params or path"
58
78
  end
59
79
  end
60
80
  end
data/lib/rack/simple_auth/version.rb CHANGED
@@ -2,6 +2,6 @@ module Rack
2
2
  # Module which Contains different Authorization / Authentication Classes (HMAC, ..)
3
3
  module SimpleAuth
4
4
  # Current Gem Version
5
- VERSION = '0.0.1'
5
+ VERSION = '0.0.2'
6
6
  end
7
7
  end
data/test/config.ru CHANGED
@@ -1,5 +1,13 @@
1
1
  require 'rack/lobster'
2
2
  require 'rack/simple_auth'
3
3
 
4
- use Rack::SimpleAuth::HMAC, 'test_signature', 'test_secret'
4
+ config = {
5
+ 'GET' => 'path',
6
+ 'POST' => 'params',
7
+ 'DELETE' => 'path',
8
+ 'PUT' => 'path',
9
+ 'PATCH' => 'path'
10
+ }
11
+
12
+ use Rack::SimpleAuth::HMAC, 'test_signature', 'test_secret', config
5
13
  run Rack::Lobster.new
data/test/config_fail.ru ADDED
@@ -0,0 +1,13 @@
1
+ require 'rack/lobster'
2
+ require 'rack/simple_auth'
3
+
4
+ config = {
5
+ 'GET' => 'pathasdf',
6
+ 'POST' => 'paramas',
7
+ 'DELETE' => 'path',
8
+ 'PUT' => 'path',
9
+ 'PATCH' => 'path'
10
+ }
11
+
12
+ use Rack::SimpleAuth::HMAC, 'test_signature', 'test_secret', config
13
+ run Rack::Lobster.new
data/test/rack/simple_auth/hmac_fail_test.rb ADDED
@@ -0,0 +1,26 @@
1
+ require 'test_helper.rb'
2
+
3
+ # Test HMAC Authorization Method
4
+ class HMACFailTest < MiniTest::Unit::TestCase
5
+ include Rack::Test::Methods
6
+
7
+ def setup
8
+ @secret = 'test_secret'
9
+ @signature = 'test_signature'
10
+ end
11
+
12
+ def app
13
+ Rack::SimpleAuth.failapp
14
+ end
15
+
16
+ def test_fail
17
+ uri = '/'
18
+ content = { 'method' => 'GET', 'data' => uri }.to_json
19
+ hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
20
+
21
+ assert_raises(RuntimeError) { get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}" }
22
+ end
23
+
24
+ def teardown
25
+ end
26
+ end
data/test/rack/simple_auth/hmac_test.rb CHANGED
@@ -25,8 +25,8 @@ class HMACTest < MiniTest::Unit::TestCase
25
25
 
26
26
  def test_get_with_right_auth_header
27
27
  uri = '/'
28
- content = { 'method' => 'GET', 'data' => uri }.to_json
29
- hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
28
+ message = { 'method' => 'GET', 'data' => uri }.to_json
29
+ hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, message)
30
30
 
31
31
  get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
32
32
 
@@ -40,8 +40,8 @@ class HMACTest < MiniTest::Unit::TestCase
40
40
 
41
41
  def test_post_with_right_auth_header
42
42
  params = { 'name' => 'Bensn' }
43
- content = { 'method' => 'POST', 'data' => params }.to_json
44
- hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
43
+ message = { 'method' => 'POST', 'data' => params }.to_json
44
+ hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, message)
45
45
 
46
46
  post '/', params, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
47
47
 
@@ -55,8 +55,8 @@ class HMACTest < MiniTest::Unit::TestCase
55
55
 
56
56
  def test_delete_with_right_auth_header
57
57
  uri = '/'
58
- content = { 'method' => 'DELETE', 'data' => uri }.to_json
59
- hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
58
+ message = { 'method' => 'DELETE', 'data' => uri }.to_json
59
+ hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, message)
60
60
 
61
61
  delete uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
62
62
 
@@ -64,16 +64,31 @@ class HMACTest < MiniTest::Unit::TestCase
64
64
  end
65
65
 
66
66
  def test_put_with_wrong_auth_header
67
- put '/', { 'name' => 'Bensn' }, 'HTTP_AUTHORIZATION' => 'wrong_header'
67
+ put '/', {}, 'HTTP_AUTHORIZATION' => 'wrong_header'
68
68
  assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
69
69
  end
70
70
 
71
- def test_post_with_right_auth_header
72
- params = { 'name' => 'Bensn' }
73
- content = { 'method' => 'PUT', 'data' => params }.to_json
74
- hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
71
+ def test_put_with_right_auth_header
72
+ uri = '/'
73
+ message = { 'method' => 'PUT', 'data' => uri }.to_json
74
+ hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, message)
75
+
76
+ put uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
77
+
78
+ assert_equal(200, last_response.status, 'Authorized Request should receive 200')
79
+ end
80
+
81
+ def test_patch_with_wrong_auth_header
82
+ patch '/', {}, 'HTTP_AUTHORIZATION' => 'wrong_header'
83
+ assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
84
+ end
85
+
86
+ def test_patch_with_right_auth_header
87
+ uri = '/'
88
+ message = { 'method' => 'PATCH', 'data' => uri }.to_json
89
+ hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, message)
75
90
 
76
- put '/', params, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
91
+ patch uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
77
92
 
78
93
  assert_equal(200, last_response.status, 'Authorized Request should receive 200')
79
94
  end
data/test/test_helper.rb CHANGED
@@ -32,9 +32,10 @@ module Rack
32
32
  # Module which Contains different Authorization / Authentication Classes (HMAC, ..)
33
33
  module SimpleAuth
34
34
  class << self
35
- attr_accessor :testapp
35
+ attr_accessor :testapp, :failapp
36
36
  end
37
37
  end
38
38
  end
39
39
 
40
40
  Rack::SimpleAuth.testapp = Rack::Builder.parse_file("#{Rack::SimpleAuth.root}/test/config.ru").first
41
+ Rack::SimpleAuth.failapp = Rack::Builder.parse_file("#{Rack::SimpleAuth.root}/test/config_fail.ru").first
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-simple_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benny1992
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2014-03-09 00:00:00 Z
12
+ date: 2014-03-10 00:00:00 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  requirement: &id001 !ruby/object:Gem::Requirement
@@ -83,6 +83,8 @@ files:
83
83
  - tasks/test.rake
84
84
  - tasks/travis.rake
85
85
  - test/config.ru
86
+ - test/config_fail.ru
87
+ - test/rack/simple_auth/hmac_fail_test.rb
86
88
  - test/rack/simple_auth/hmac_test.rb
87
89
  - test/test_helper.rb
88
90
  homepage: http://www.bennyklotz.at
@@ -110,5 +112,7 @@ specification_version: 4
110
112
  summary: SimpleAuth HMAC authentication
111
113
  test_files:
112
114
  - test/config.ru
115
+ - test/config_fail.ru
116
+ - test/rack/simple_auth/hmac_fail_test.rb
113
117
  - test/rack/simple_auth/hmac_test.rb
114
118
  - test/test_helper.rb