rack-simple_auth 0.0.9 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b5fe75792b1cb30cd2b7ef7810d2c552c586c35e
4
- data.tar.gz: b19a3bc05f918adbc4ee1150f3fa400048523cb5
3
+ metadata.gz: 4ed00cc40f3111fa03accfd030db1def811ad27a
4
+ data.tar.gz: cc12d38b646cb6f258e1914e42467258e1da1598
5
5
  SHA512:
6
- metadata.gz: 11512be444876aaa302ca891fe8f710fa8572e6410e9e5f8154ff80fb52fe737014329617124cf2c34da5085cccb0c8b2466302200bc6a27263005f52f74c05d
7
- data.tar.gz: fd484a1159cbe66f4b35397fa6e302d6d6ff5e6da994fe1f525d6b7e34a29063b7d7ca8a35ed293283539a78ea957e0faf833d9e209a5095e1f2c956aebff973
6
+ metadata.gz: ee8ef0e6b86dc1d199fb32db40721ea0ac79be6d0ad2d1d561c2b9b8acb71b218bd96ddc1591cc5929f8f2cd967445c8d21de7994df700eb419cc0de7ac5d30e
7
+ data.tar.gz: 44443667ba5df710dfd7fd0340397eb2e6e45fd02f91ef8d208dc060a6a3a50fa12dfb3f14ea6719476042a542aebb20a8542109773853896c14554b23640ff5
data/.travis.yml CHANGED
@@ -1,6 +1,11 @@
1
1
  language: ruby
2
2
  cache: bundler
3
3
 
4
+ before_install:
5
+ - gem update --system
6
+ - gem --version
7
+ - gem install bundler
8
+
4
9
  rvm:
5
10
  - 2.0.0
6
11
  - 2.1.0
data/Rakefile CHANGED
@@ -2,6 +2,7 @@ require "bundler/gem_tasks"
2
2
  require 'rake/testtask'
3
3
  # require 'cucumber/rake/task'
4
4
 
5
+ GEMSPEC = Gem::Specification.load('rack-simple_auth.gemspec')
5
6
  Dir.glob('task/*.rake').each { |r| import r }
6
7
 
7
8
 
@@ -5,14 +5,14 @@ module Rack
5
5
  class HMAC
6
6
  # Constructor for Rack Middleware (passing the rack stack)
7
7
  # @param [Rack Application] app [next middleware or rack app which gets called]
8
- # @param [String] signature [Public Signature]
9
- # @param [String] secret [Secret used for Message Encryption]
8
+ # @param [Hash] config [config hash where tolerance, secret, signature etc.. are set]
10
9
  def initialize(app, config)
11
10
  @app = app
12
11
  @signature = config['signature'] || ''
13
12
  @secret = config['secret'] || ''
14
13
  @tolerance = config['tolerance'] || 0 # 0 if tolerance not set in config hash
15
14
  @logpath = config['logpath']
15
+ @steps = config['steps'] || 1
16
16
 
17
17
  @config = config
18
18
  end
@@ -60,7 +60,8 @@ module Rack
60
60
  def build_allowed_messages(request)
61
61
  hash_array = []
62
62
 
63
- (-(@tolerance)..@tolerance).each do |i|
63
+ (-(@tolerance)..@tolerance).step(@steps) do |i|
64
+ i = i.round(2)
64
65
  hash_array << OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message(request, i))
65
66
  end
66
67
 
@@ -73,6 +74,11 @@ module Rack
73
74
  # @return [Hash] message [message which will be encrypted]
74
75
  def message(request, delay = 0)
75
76
  date = Time.now.to_i + delay
77
+
78
+ if delay.eql?(0.0)
79
+ date = date.to_i
80
+ end
81
+
76
82
  case request.request_method
77
83
  when 'GET'
78
84
  return { 'method' => request.request_method, 'date' => date, 'data' => request_data(request, @config) }.to_json
@@ -2,6 +2,6 @@ module Rack
2
2
  # Module which Contains different Authorization / Authentication Classes (HMAC, ..)
3
3
  module SimpleAuth
4
4
  # Current Gem Version
5
- VERSION = '0.0.9'
5
+ VERSION = '0.1.0'
6
6
  end
7
7
  end
@@ -7,12 +7,15 @@ Gem::Specification.new do |spec|
7
7
  spec.name = "rack-simple_auth"
8
8
  spec.version = Rack::SimpleAuth::VERSION
9
9
  spec.authors = ["Benny1992"]
10
- spec.email = ["klotz.benjamin@yahoo.de"]
10
+ spec.email = ["r3qnbenni@gmail.com"]
11
11
  spec.summary = %q{SimpleAuth HMAC authentication}
12
12
  spec.description = spec.summary
13
13
  spec.homepage = "https://github.com/Benny1992/rack-simple_auth"
14
14
  spec.license = "MIT"
15
15
 
16
+ spec.post_install_message = 'Please report any issues at: ' \
17
+ 'https://github.com/Benny1992/rack-simple_auth/issues/new'
18
+
16
19
  spec.files = File.read(File.expand_path('../MANIFEST', __FILE__)).split("\n")
17
20
  spec.require_paths = ["lib"]
18
21
 
@@ -20,8 +23,8 @@ Gem::Specification.new do |spec|
20
23
 
21
24
  spec.add_runtime_dependency "rack"
22
25
 
23
- spec.add_development_dependency "bundler", "~> 1.5"
24
- spec.add_development_dependency "rake", '~> 10.2.2'
25
- spec.add_development_dependency "coveralls", '~> 0.7.0'
26
- spec.add_development_dependency "rack-test", '~> 0.6.2'
26
+ spec.add_development_dependency "bundler", "~> 1.6"
27
+ spec.add_development_dependency "rake", '~> 10.3'
28
+ spec.add_development_dependency "coveralls", '~> 0.7'
29
+ spec.add_development_dependency "rack-test", '~> 0.6'
27
30
  end
data/test/config.ru CHANGED
@@ -7,10 +7,11 @@ config = {
7
7
  'DELETE' => 'path',
8
8
  'PUT' => 'path',
9
9
  'PATCH' => 'path',
10
- 'tolerance' => 2,
10
+ 'tolerance' => 1,
11
11
  'signature' => 'test_signature',
12
12
  'secret' => 'test_secret',
13
- 'logpath' => "#{File.expand_path('..', __FILE__)}/logs"
13
+ 'logpath' => "#{File.expand_path('..', __FILE__)}/logs",
14
+ 'steps' => 0.1
14
15
  }
15
16
 
16
17
  use Rack::SimpleAuth::HMAC, config
@@ -5,7 +5,7 @@ class HMACFailTest < MiniTest::Unit::TestCase
5
5
  include Rack::Test::Methods
6
6
 
7
7
  def setup
8
- @secret = 'test_secret'
8
+ @secret = 'test_secret'
9
9
  @signature = 'test_signature'
10
10
  end
11
11
 
@@ -35,7 +35,7 @@ class HMACTest < MiniTest::Unit::TestCase
35
35
 
36
36
  def test_get_with_delay_in_tolerance_range
37
37
  uri = '/'
38
- message = { 'method' => 'GET', 'date' => Time.now.to_i - 2, 'data' => uri }.to_json
38
+ message = { 'method' => 'GET', 'date' => Time.now.to_i - 0.5, 'data' => uri }.to_json
39
39
  hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
40
40
 
41
41
  get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
@@ -53,6 +53,16 @@ class HMACTest < MiniTest::Unit::TestCase
53
53
  assert_equal(401, last_response.status, 'Delay not in tolerance range should receive 401')
54
54
  end
55
55
 
56
+ def test_get_with_wrong_step
57
+ uri = '/'
58
+ message = { 'method' => 'GET', 'date' => Time.now.to_i + 0.03, 'data' => uri }.to_json
59
+ hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
60
+
61
+ get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
62
+
63
+ assert_equal(401, last_response.status, 'Message with wrong step should receive 401')
64
+ end
65
+
56
66
  def test_post_with_wrong_auth_header
57
67
  post '/', { 'name' => 'Bensn' }, 'HTTP_AUTHORIZATION' => 'wrong_header'
58
68
  assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
@@ -90,7 +100,7 @@ class HMACTest < MiniTest::Unit::TestCase
90
100
 
91
101
  def test_put_with_right_auth_header
92
102
  uri = '/'
93
- message = { 'method' => 'PUT', 'date' => Time.now.to_i, 'data' => uri }.to_json
103
+ message = { 'method' => 'PUT', 'date' => Time.now.to_i , 'data' => uri }.to_json
94
104
  hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
95
105
 
96
106
  put uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-simple_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.9
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benny1992
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-04-11 00:00:00.000000000 Z
11
+ date: 2014-04-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
@@ -30,59 +30,59 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: '1.5'
33
+ version: '1.6'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: '1.5'
40
+ version: '1.6'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rake
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: 10.2.2
47
+ version: '10.3'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: 10.2.2
54
+ version: '10.3'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: coveralls
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 0.7.0
61
+ version: '0.7'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 0.7.0
68
+ version: '0.7'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rack-test
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
73
  - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: 0.6.2
75
+ version: '0.6'
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: 0.6.2
82
+ version: '0.6'
83
83
  description: SimpleAuth HMAC authentication
84
84
  email:
85
- - klotz.benjamin@yahoo.de
85
+ - r3qnbenni@gmail.com
86
86
  executables: []
87
87
  extensions: []
88
88
  extra_rdoc_files: []
@@ -114,7 +114,7 @@ homepage: https://github.com/Benny1992/rack-simple_auth
114
114
  licenses:
115
115
  - MIT
116
116
  metadata: {}
117
- post_install_message:
117
+ post_install_message: 'Please report any issues at: https://github.com/Benny1992/rack-simple_auth/issues/new'
118
118
  rdoc_options: []
119
119
  require_paths:
120
120
  - lib
@@ -135,4 +135,3 @@ signing_key:
135
135
  specification_version: 4
136
136
  summary: SimpleAuth HMAC authentication
137
137
  test_files: []
138
- has_rdoc: