rack-simple_auth 0.0.9 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +5 -0
- data/Rakefile +1 -0
- data/lib/rack/simple_auth/hmac.rb +9 -3
- data/lib/rack/simple_auth/version.rb +1 -1
- data/rack-simple_auth.gemspec +8 -5
- data/test/config.ru +3 -2
- data/test/rack/simple_auth/hmac_fail_test.rb +1 -1
- data/test/rack/simple_auth/hmac_test.rb +12 -2
- metadata +12 -13
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4ed00cc40f3111fa03accfd030db1def811ad27a
|
|
4
|
+
data.tar.gz: cc12d38b646cb6f258e1914e42467258e1da1598
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ee8ef0e6b86dc1d199fb32db40721ea0ac79be6d0ad2d1d561c2b9b8acb71b218bd96ddc1591cc5929f8f2cd967445c8d21de7994df700eb419cc0de7ac5d30e
|
|
7
|
+
data.tar.gz: 44443667ba5df710dfd7fd0340397eb2e6e45fd02f91ef8d208dc060a6a3a50fa12dfb3f14ea6719476042a542aebb20a8542109773853896c14554b23640ff5
|
data/.travis.yml
CHANGED
data/Rakefile
CHANGED
|
@@ -5,14 +5,14 @@ module Rack
|
|
|
5
5
|
class HMAC
|
|
6
6
|
# Constructor for Rack Middleware (passing the rack stack)
|
|
7
7
|
# @param [Rack Application] app [next middleware or rack app which gets called]
|
|
8
|
-
# @param [
|
|
9
|
-
# @param [String] secret [Secret used for Message Encryption]
|
|
8
|
+
# @param [Hash] config [config hash where tolerance, secret, signature etc.. are set]
|
|
10
9
|
def initialize(app, config)
|
|
11
10
|
@app = app
|
|
12
11
|
@signature = config['signature'] || ''
|
|
13
12
|
@secret = config['secret'] || ''
|
|
14
13
|
@tolerance = config['tolerance'] || 0 # 0 if tolerance not set in config hash
|
|
15
14
|
@logpath = config['logpath']
|
|
15
|
+
@steps = config['steps'] || 1
|
|
16
16
|
|
|
17
17
|
@config = config
|
|
18
18
|
end
|
|
@@ -60,7 +60,8 @@ module Rack
|
|
|
60
60
|
def build_allowed_messages(request)
|
|
61
61
|
hash_array = []
|
|
62
62
|
|
|
63
|
-
(-(@tolerance)..@tolerance).
|
|
63
|
+
(-(@tolerance)..@tolerance).step(@steps) do |i|
|
|
64
|
+
i = i.round(2)
|
|
64
65
|
hash_array << OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message(request, i))
|
|
65
66
|
end
|
|
66
67
|
|
|
@@ -73,6 +74,11 @@ module Rack
|
|
|
73
74
|
# @return [Hash] message [message which will be encrypted]
|
|
74
75
|
def message(request, delay = 0)
|
|
75
76
|
date = Time.now.to_i + delay
|
|
77
|
+
|
|
78
|
+
if delay.eql?(0.0)
|
|
79
|
+
date = date.to_i
|
|
80
|
+
end
|
|
81
|
+
|
|
76
82
|
case request.request_method
|
|
77
83
|
when 'GET'
|
|
78
84
|
return { 'method' => request.request_method, 'date' => date, 'data' => request_data(request, @config) }.to_json
|
data/rack-simple_auth.gemspec
CHANGED
|
@@ -7,12 +7,15 @@ Gem::Specification.new do |spec|
|
|
|
7
7
|
spec.name = "rack-simple_auth"
|
|
8
8
|
spec.version = Rack::SimpleAuth::VERSION
|
|
9
9
|
spec.authors = ["Benny1992"]
|
|
10
|
-
spec.email = ["
|
|
10
|
+
spec.email = ["r3qnbenni@gmail.com"]
|
|
11
11
|
spec.summary = %q{SimpleAuth HMAC authentication}
|
|
12
12
|
spec.description = spec.summary
|
|
13
13
|
spec.homepage = "https://github.com/Benny1992/rack-simple_auth"
|
|
14
14
|
spec.license = "MIT"
|
|
15
15
|
|
|
16
|
+
spec.post_install_message = 'Please report any issues at: ' \
|
|
17
|
+
'https://github.com/Benny1992/rack-simple_auth/issues/new'
|
|
18
|
+
|
|
16
19
|
spec.files = File.read(File.expand_path('../MANIFEST', __FILE__)).split("\n")
|
|
17
20
|
spec.require_paths = ["lib"]
|
|
18
21
|
|
|
@@ -20,8 +23,8 @@ Gem::Specification.new do |spec|
|
|
|
20
23
|
|
|
21
24
|
spec.add_runtime_dependency "rack"
|
|
22
25
|
|
|
23
|
-
spec.add_development_dependency "bundler", "~> 1.
|
|
24
|
-
spec.add_development_dependency "rake", '~>
|
|
25
|
-
spec.add_development_dependency "coveralls", '~>
|
|
26
|
-
spec.add_development_dependency "rack-test", '~>
|
|
26
|
+
spec.add_development_dependency "bundler", "~> 1.6"
|
|
27
|
+
spec.add_development_dependency "rake", '~> 10.3'
|
|
28
|
+
spec.add_development_dependency "coveralls", '~> 0.7'
|
|
29
|
+
spec.add_development_dependency "rack-test", '~> 0.6'
|
|
27
30
|
end
|
data/test/config.ru
CHANGED
|
@@ -7,10 +7,11 @@ config = {
|
|
|
7
7
|
'DELETE' => 'path',
|
|
8
8
|
'PUT' => 'path',
|
|
9
9
|
'PATCH' => 'path',
|
|
10
|
-
'tolerance' =>
|
|
10
|
+
'tolerance' => 1,
|
|
11
11
|
'signature' => 'test_signature',
|
|
12
12
|
'secret' => 'test_secret',
|
|
13
|
-
'logpath' => "#{File.expand_path('..', __FILE__)}/logs"
|
|
13
|
+
'logpath' => "#{File.expand_path('..', __FILE__)}/logs",
|
|
14
|
+
'steps' => 0.1
|
|
14
15
|
}
|
|
15
16
|
|
|
16
17
|
use Rack::SimpleAuth::HMAC, config
|
|
@@ -35,7 +35,7 @@ class HMACTest < MiniTest::Unit::TestCase
|
|
|
35
35
|
|
|
36
36
|
def test_get_with_delay_in_tolerance_range
|
|
37
37
|
uri = '/'
|
|
38
|
-
message = { 'method' => 'GET', 'date' => Time.now.to_i -
|
|
38
|
+
message = { 'method' => 'GET', 'date' => Time.now.to_i - 0.5, 'data' => uri }.to_json
|
|
39
39
|
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
40
40
|
|
|
41
41
|
get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
@@ -53,6 +53,16 @@ class HMACTest < MiniTest::Unit::TestCase
|
|
|
53
53
|
assert_equal(401, last_response.status, 'Delay not in tolerance range should receive 401')
|
|
54
54
|
end
|
|
55
55
|
|
|
56
|
+
def test_get_with_wrong_step
|
|
57
|
+
uri = '/'
|
|
58
|
+
message = { 'method' => 'GET', 'date' => Time.now.to_i + 0.03, 'data' => uri }.to_json
|
|
59
|
+
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
60
|
+
|
|
61
|
+
get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
62
|
+
|
|
63
|
+
assert_equal(401, last_response.status, 'Message with wrong step should receive 401')
|
|
64
|
+
end
|
|
65
|
+
|
|
56
66
|
def test_post_with_wrong_auth_header
|
|
57
67
|
post '/', { 'name' => 'Bensn' }, 'HTTP_AUTHORIZATION' => 'wrong_header'
|
|
58
68
|
assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
|
|
@@ -90,7 +100,7 @@ class HMACTest < MiniTest::Unit::TestCase
|
|
|
90
100
|
|
|
91
101
|
def test_put_with_right_auth_header
|
|
92
102
|
uri = '/'
|
|
93
|
-
message = { 'method' => 'PUT', 'date' => Time.now.to_i, 'data' => uri }.to_json
|
|
103
|
+
message = { 'method' => 'PUT', 'date' => Time.now.to_i , 'data' => uri }.to_json
|
|
94
104
|
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
95
105
|
|
|
96
106
|
put uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-simple_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 0.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Benny1992
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-04-
|
|
11
|
+
date: 2014-04-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -30,59 +30,59 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '1.
|
|
33
|
+
version: '1.6'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '1.
|
|
40
|
+
version: '1.6'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rake
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: 10.
|
|
47
|
+
version: '10.3'
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: 10.
|
|
54
|
+
version: '10.3'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: coveralls
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: 0.7
|
|
61
|
+
version: '0.7'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: 0.7
|
|
68
|
+
version: '0.7'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: rack-test
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
72
72
|
requirements:
|
|
73
73
|
- - "~>"
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version: 0.6
|
|
75
|
+
version: '0.6'
|
|
76
76
|
type: :development
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
80
|
- - "~>"
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version: 0.6
|
|
82
|
+
version: '0.6'
|
|
83
83
|
description: SimpleAuth HMAC authentication
|
|
84
84
|
email:
|
|
85
|
-
-
|
|
85
|
+
- r3qnbenni@gmail.com
|
|
86
86
|
executables: []
|
|
87
87
|
extensions: []
|
|
88
88
|
extra_rdoc_files: []
|
|
@@ -114,7 +114,7 @@ homepage: https://github.com/Benny1992/rack-simple_auth
|
|
|
114
114
|
licenses:
|
|
115
115
|
- MIT
|
|
116
116
|
metadata: {}
|
|
117
|
-
post_install_message:
|
|
117
|
+
post_install_message: 'Please report any issues at: https://github.com/Benny1992/rack-simple_auth/issues/new'
|
|
118
118
|
rdoc_options: []
|
|
119
119
|
require_paths:
|
|
120
120
|
- lib
|
|
@@ -135,4 +135,3 @@ signing_key:
|
|
|
135
135
|
specification_version: 4
|
|
136
136
|
summary: SimpleAuth HMAC authentication
|
|
137
137
|
test_files: []
|
|
138
|
-
has_rdoc:
|