rack-simple_auth 1.0.0rc → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -7
- data/MANIFEST +26 -26
- data/README.rdoc +121 -0
- data/checksum/rack-simple_auth-1.0.0.gem.sha512 +1 -0
- data/checksum/rack-simple_auth-1.0.0rc.gem.sha512 +1 -0
- data/doc/Rack.html +128 -0
- data/doc/Rack/SimpleAuth.html +252 -0
- data/doc/Rack/SimpleAuth/HMAC.html +128 -0
- data/doc/Rack/SimpleAuth/HMAC/Config.html +1003 -0
- data/doc/Rack/SimpleAuth/HMAC/Middleware.html +1418 -0
- data/doc/Rack/SimpleAuth/Logger.html +264 -0
- data/doc/_index.html +185 -0
- data/doc/class_list.html +54 -0
- data/doc/css/common.css +1 -0
- data/doc/css/full_list.css +57 -0
- data/doc/css/style.css +339 -0
- data/doc/examples/index.php +32 -0
- data/{test/rack/simple_auth/hmac/config.ru → doc/examples/rack_lobster.ru} +1 -2
- data/doc/file.README.html +221 -0
- data/doc/file_list.html +56 -0
- data/doc/frames.html +26 -0
- data/doc/index.html +221 -0
- data/doc/js/app.js +219 -0
- data/doc/js/full_list.js +178 -0
- data/doc/js/jquery.js +4 -0
- data/doc/method_list.html +179 -0
- data/doc/top-level-namespace.html +112 -0
- data/lib/rack/simple_auth.rb +3 -1
- data/lib/rack/simple_auth/hmac/config.rb +46 -8
- data/lib/rack/simple_auth/hmac/middleware.rb +102 -75
- data/lib/rack/simple_auth/logger.rb +8 -3
- data/lib/rack/simple_auth/version.rb +1 -1
- metadata +91 -105
- data/.gitignore +0 -18
- data/.rubocop.yml +0 -1
- data/.travis.yml +0 -22
- data/.yardopts +0 -1
- data/Gemfile +0 -4
- data/README.md +0 -68
- data/Rakefile +0 -8
- data/rubocop-todo.yml +0 -19
- data/task/build.rake +0 -4
- data/task/checksum.rake +0 -15
- data/task/console.rake +0 -7
- data/task/default.rake +0 -6
- data/task/floodtest.rake +0 -34
- data/task/manifest.rake +0 -8
- data/task/test.rake +0 -23
- data/test/rack/simple_auth/hmac/config_fail.ru +0 -23
- data/test/rack/simple_auth/hmac/config_fail_option.ru +0 -24
- data/test/rack/simple_auth/hmac/config_fail_run.ru +0 -22
- data/test/rack/simple_auth/hmac/config_fail_step.ru +0 -23
- data/test/rack/simple_auth/hmac/config_fail_tolerance.ru +0 -23
- data/test/rack/simple_auth/hmac/hmac_fail_run_test.rb +0 -26
- data/test/rack/simple_auth/hmac/hmac_fail_test.rb +0 -38
- data/test/rack/simple_auth/hmac/hmac_test.rb +0 -128
- data/test/test_helper.rb +0 -50
|
@@ -1,128 +0,0 @@
|
|
|
1
|
-
require 'test_helper.rb'
|
|
2
|
-
|
|
3
|
-
# Test HMAC Authorization Method
|
|
4
|
-
class HMACTest < MiniTest::Unit::TestCase
|
|
5
|
-
include Rack::Test::Methods
|
|
6
|
-
|
|
7
|
-
def setup
|
|
8
|
-
@secret = 'test_secret'
|
|
9
|
-
@signature = 'test_signature'
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
def app
|
|
13
|
-
Rack::SimpleAuth::HMAC.testapp
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def test_get_without_auth_header
|
|
17
|
-
get '/'
|
|
18
|
-
assert_equal(401, last_response.status, 'Unauthorized reqeust should receive 401')
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
def test_get_with_wrong_auth_header
|
|
22
|
-
get '/', {}, 'HTTP_AUTHORIZATION' => 'wrong_header'
|
|
23
|
-
assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
def test_get_with_right_auth_header
|
|
27
|
-
uri = '/'
|
|
28
|
-
message = { 'method' => 'GET', 'date' => Time.now.to_i, 'data' => uri }.to_json
|
|
29
|
-
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
30
|
-
|
|
31
|
-
get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
32
|
-
|
|
33
|
-
assert_equal(200, last_response.status, 'Authorized Request should receive 200')
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
def test_get_with_delay_in_tolerance_range
|
|
37
|
-
uri = '/'
|
|
38
|
-
message = { 'method' => 'GET', 'date' => Time.now.to_i - 0.5, 'data' => uri }.to_json
|
|
39
|
-
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
40
|
-
|
|
41
|
-
get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
42
|
-
|
|
43
|
-
assert_equal(200, last_response.status, 'Delay in tolerance range should receive 200')
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
def test_get_with_too_big_delay
|
|
47
|
-
uri = '/'
|
|
48
|
-
message = { 'method' => 'GET', 'date' => Time.now.to_i - 50, 'data' => uri }.to_json
|
|
49
|
-
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
50
|
-
|
|
51
|
-
get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
52
|
-
|
|
53
|
-
assert_equal(401, last_response.status, 'Delay not in tolerance range should receive 401')
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
def test_get_with_wrong_step
|
|
57
|
-
uri = '/'
|
|
58
|
-
message = { 'method' => 'GET', 'date' => Time.now.to_i + 0.035, 'data' => uri }.to_json
|
|
59
|
-
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
60
|
-
|
|
61
|
-
get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
62
|
-
|
|
63
|
-
assert_equal(401, last_response.status, 'Message with wrong step should receive 401')
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
def test_post_with_wrong_auth_header
|
|
67
|
-
post '/', { 'name' => 'Bensn' }, 'HTTP_AUTHORIZATION' => 'wrong_header'
|
|
68
|
-
assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
|
|
69
|
-
end
|
|
70
|
-
|
|
71
|
-
def test_post_with_right_auth_header
|
|
72
|
-
params = { 'name' => 'Bensn' }
|
|
73
|
-
message = { 'method' => 'POST', 'date' => Time.now.to_i, 'data' => params }.to_json
|
|
74
|
-
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
75
|
-
|
|
76
|
-
post '/', params, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
77
|
-
|
|
78
|
-
assert_equal(200, last_response.status, 'Authorized Request should receive 200')
|
|
79
|
-
end
|
|
80
|
-
|
|
81
|
-
def test_delete_with_wrong_auth_header
|
|
82
|
-
delete '/', {}, 'HTTP_AUTHORIZATION' => 'wrong_header'
|
|
83
|
-
assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
def test_delete_with_right_auth_header
|
|
87
|
-
uri = '/'
|
|
88
|
-
message = { 'method' => 'DELETE', 'date' => Time.now.to_i, 'data' => uri }.to_json
|
|
89
|
-
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
90
|
-
|
|
91
|
-
delete uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
92
|
-
|
|
93
|
-
assert_equal(200, last_response.status, 'Authorized Request should receive 200')
|
|
94
|
-
end
|
|
95
|
-
|
|
96
|
-
def test_put_with_wrong_auth_header
|
|
97
|
-
put '/', {}, 'HTTP_AUTHORIZATION' => 'wrong_header'
|
|
98
|
-
assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
|
|
99
|
-
end
|
|
100
|
-
|
|
101
|
-
def test_put_with_right_auth_header
|
|
102
|
-
uri = '/'
|
|
103
|
-
message = { 'method' => 'PUT', 'date' => Time.now.to_i , 'data' => uri }.to_json
|
|
104
|
-
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
105
|
-
|
|
106
|
-
put uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
107
|
-
|
|
108
|
-
assert_equal(200, last_response.status, 'Authorized Request should receive 200')
|
|
109
|
-
end
|
|
110
|
-
|
|
111
|
-
def test_patch_with_wrong_auth_header
|
|
112
|
-
patch '/', {}, 'HTTP_AUTHORIZATION' => 'wrong_header'
|
|
113
|
-
assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
|
|
114
|
-
end
|
|
115
|
-
|
|
116
|
-
def test_patch_with_right_auth_header
|
|
117
|
-
uri = '/'
|
|
118
|
-
message = { 'method' => 'PATCH', 'date' => Time.now.to_i, 'data' => uri }.to_json
|
|
119
|
-
hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @secret, message)
|
|
120
|
-
|
|
121
|
-
patch uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
|
|
122
|
-
|
|
123
|
-
assert_equal(200, last_response.status, 'Authorized Request should receive 200')
|
|
124
|
-
end
|
|
125
|
-
|
|
126
|
-
def teardown
|
|
127
|
-
end
|
|
128
|
-
end
|
data/test/test_helper.rb
DELETED
|
@@ -1,50 +0,0 @@
|
|
|
1
|
-
ENV['RACK_ENV'] = 'test'
|
|
2
|
-
|
|
3
|
-
require 'simplecov'
|
|
4
|
-
require 'coveralls'
|
|
5
|
-
|
|
6
|
-
SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
|
|
7
|
-
SimpleCov::Formatter::HTMLFormatter,
|
|
8
|
-
Coveralls::SimpleCov::Formatter
|
|
9
|
-
]
|
|
10
|
-
|
|
11
|
-
SimpleCov.start do
|
|
12
|
-
project_name 'rack-simple_auth'
|
|
13
|
-
add_filter '/test/'
|
|
14
|
-
add_filter '/pkg/'
|
|
15
|
-
add_filter '/spec/'
|
|
16
|
-
add_filter '/features/'
|
|
17
|
-
add_filter '/doc/'
|
|
18
|
-
end if ENV['COVERAGE']
|
|
19
|
-
|
|
20
|
-
# Minitest
|
|
21
|
-
require 'minitest/autorun'
|
|
22
|
-
require 'minitest/mock'
|
|
23
|
-
require 'minitest/pride' # for colored output
|
|
24
|
-
|
|
25
|
-
# Rack Test Methods
|
|
26
|
-
require 'rack/test'
|
|
27
|
-
|
|
28
|
-
require 'json'
|
|
29
|
-
|
|
30
|
-
# Load gem
|
|
31
|
-
require 'rack/simple_auth'
|
|
32
|
-
|
|
33
|
-
module Rack
|
|
34
|
-
# Module which Contains different Authorization / Authentication Classes (HMAC, ..)
|
|
35
|
-
module SimpleAuth
|
|
36
|
-
# HMAC module
|
|
37
|
-
module HMAC
|
|
38
|
-
class << self
|
|
39
|
-
attr_accessor :testapp, :failapp, :failrunapp
|
|
40
|
-
end
|
|
41
|
-
end
|
|
42
|
-
end
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
Rack::SimpleAuth::HMAC.testapp = Rack::Builder.parse_file("#{Rack::SimpleAuth.root}/test/rack/simple_auth/hmac/config.ru").first
|
|
46
|
-
Rack::SimpleAuth::HMAC.failapp = Rack::Builder.parse_file("#{Rack::SimpleAuth.root}/test/rack/simple_auth/hmac/config_fail.ru").first
|
|
47
|
-
Rack::SimpleAuth::HMAC.failrunapp = Rack::Builder.parse_file("#{Rack::SimpleAuth.root}/test/rack/simple_auth/hmac/config_fail_run.ru").first
|
|
48
|
-
|
|
49
|
-
@logpath = "#{File.expand_path("..", __FILE__)}/logs"
|
|
50
|
-
system("mkdir #{@logpath}")
|