rack-simple_auth 1.0.1 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/MANIFEST +1 -22
- data/README.rdoc +1 -0
- data/checksum/rack-simple_auth-1.0.1.gem.sha512 +1 -0
- data/lib/rack/simple_auth/hmac/middleware.rb +46 -8
- data/lib/rack/simple_auth/version.rb +1 -1
- data/rack-simple_auth.gemspec +5 -0
- metadata +59 -24
- data/doc/Rack.html +0 -128
- data/doc/Rack/SimpleAuth.html +0 -252
- data/doc/Rack/SimpleAuth/HMAC.html +0 -128
- data/doc/Rack/SimpleAuth/HMAC/Config.html +0 -1003
- data/doc/Rack/SimpleAuth/HMAC/Middleware.html +0 -1418
- data/doc/Rack/SimpleAuth/Logger.html +0 -264
- data/doc/_index.html +0 -185
- data/doc/class_list.html +0 -54
- data/doc/css/common.css +0 -1
- data/doc/css/full_list.css +0 -57
- data/doc/css/style.css +0 -339
- data/doc/examples/index.php +0 -32
- data/doc/examples/rack_lobster.ru +0 -22
- data/doc/file.README.html +0 -221
- data/doc/file_list.html +0 -56
- data/doc/frames.html +0 -26
- data/doc/index.html +0 -221
- data/doc/js/app.js +0 -219
- data/doc/js/full_list.js +0 -178
- data/doc/js/jquery.js +0 -4
- data/doc/method_list.html +0 -179
- data/doc/top-level-namespace.html +0 -112
data/doc/file.README.html
DELETED
@@ -1,221 +0,0 @@
|
|
1
|
-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
2
|
-
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
3
|
-
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
4
|
-
<head>
|
5
|
-
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
|
6
|
-
<title>
|
7
|
-
File: README
|
8
|
-
|
9
|
-
— Documentation by YARD 0.8.7.4
|
10
|
-
|
11
|
-
</title>
|
12
|
-
|
13
|
-
<link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
|
14
|
-
|
15
|
-
<link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
|
16
|
-
|
17
|
-
<script type="text/javascript" charset="utf-8">
|
18
|
-
hasFrames = window.top.frames.main ? true : false;
|
19
|
-
relpath = '';
|
20
|
-
framesUrl = "frames.html#!file.README.html";
|
21
|
-
</script>
|
22
|
-
|
23
|
-
|
24
|
-
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
25
|
-
|
26
|
-
<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
|
27
|
-
|
28
|
-
|
29
|
-
</head>
|
30
|
-
<body>
|
31
|
-
<div id="header">
|
32
|
-
<div id="menu">
|
33
|
-
|
34
|
-
<a href="_index.html">Index</a> »
|
35
|
-
<span class="title">File: README</span>
|
36
|
-
|
37
|
-
|
38
|
-
<div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
|
39
|
-
</div>
|
40
|
-
|
41
|
-
<div id="search">
|
42
|
-
|
43
|
-
<a class="full_list_link" id="class_list_link"
|
44
|
-
href="class_list.html">
|
45
|
-
Class List
|
46
|
-
</a>
|
47
|
-
|
48
|
-
<a class="full_list_link" id="method_list_link"
|
49
|
-
href="method_list.html">
|
50
|
-
Method List
|
51
|
-
</a>
|
52
|
-
|
53
|
-
<a class="full_list_link" id="file_list_link"
|
54
|
-
href="file_list.html">
|
55
|
-
File List
|
56
|
-
</a>
|
57
|
-
|
58
|
-
</div>
|
59
|
-
<div class="clear"></div>
|
60
|
-
</div>
|
61
|
-
|
62
|
-
<iframe id="search_frame"></iframe>
|
63
|
-
|
64
|
-
<div id="content"><div id='filecontents'>
|
65
|
-
<h1 id="label-What+is+Rack%3A%3ASimpleAuth">What is Rack::SimpleAuth</h1>
|
66
|
-
|
67
|
-
<p>Rack::SimpleAuth will contain different Authentication Class Middlewares</p>
|
68
|
-
|
69
|
-
<p>Until now only HMAC is implemented…</p>
|
70
|
-
|
71
|
-
<h2 id="label-Installation">Installation</h2>
|
72
|
-
|
73
|
-
<p>Add this line to your application's Gemfile:</p>
|
74
|
-
|
75
|
-
<pre class="code ruby"><code class="ruby">$ gem 'rack-simple_auth'</code></pre>
|
76
|
-
|
77
|
-
<p>And then execute:</p>
|
78
|
-
|
79
|
-
<pre class="code ruby"><code class="ruby">$ bundle</code></pre>
|
80
|
-
|
81
|
-
<p>Or install it yourself as:</p>
|
82
|
-
|
83
|
-
<pre class="code ruby"><code class="ruby">$ gem install rack-simple_auth</code></pre>
|
84
|
-
|
85
|
-
<h2 id="label-Gem+Status">Gem Status</h2>
|
86
|
-
|
87
|
-
<p><a href="https://travis-ci.org/Benny1992/rack-simple_auth"><img
|
88
|
-
src="https://travis-ci.org/Benny1992/rack-simple_auth.svg?branch=v1.0.0rc"
|
89
|
-
alt="Build Status" /></a> <a
|
90
|
-
href="https://coveralls.io/r/Benny1992/rack-simple_auth"><img
|
91
|
-
src="https://coveralls.io/repos/Benny1992/rack-simple_auth/badge.png"
|
92
|
-
alt="Code Coverage" /></a> <a
|
93
|
-
href="http://badge.fury.io/rb/rack-simple_auth"><img
|
94
|
-
src="https://badge.fury.io/rb/rack-simple_auth.png" alt="Gem Version"
|
95
|
-
/></a> <a href="https://gemnasium.com/Benny1992/rack-simple_auth"><img
|
96
|
-
src="https://gemnasium.com/Benny1992/rack-simple_auth.png" alt="Dependency
|
97
|
-
Status" /></a> <a
|
98
|
-
href="https://www.codeship.io/projects/f2d9d790-b0fe-0131-3fd5-025f180094b5/status"><img
|
99
|
-
src="https://www.codeship.io/projects/f2d9d790-b0fe-0131-3fd5-025f180094b5/status"
|
100
|
-
alt="Build Status" /></a></p>
|
101
|
-
|
102
|
-
<h2 id="label-Usage">Usage</h2>
|
103
|
-
|
104
|
-
<h3 id="label-HMAC">HMAC</h3>
|
105
|
-
|
106
|
-
<p>To use HMAC Authorization you have to use the
|
107
|
-
Rack::SimpleAuth::HMAC::Middleware for your Rack App</p>
|
108
|
-
|
109
|
-
<p>Basic Usage:</p>
|
110
|
-
|
111
|
-
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>rack/lobster</span><span class='tstring_end'>'</span></span>
|
112
|
-
<span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>rack/simple_auth</span><span class='tstring_end'>'</span></span>
|
113
|
-
|
114
|
-
<span class='id identifier rubyid_request_config'>request_config</span> <span class='op'>=</span> <span class='lbrace'>{</span>
|
115
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>GET</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>path</span><span class='tstring_end'>'</span></span><span class='comma'>,</span>
|
116
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>POST</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>params</span><span class='tstring_end'>'</span></span><span class='comma'>,</span>
|
117
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>DELETE</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>path</span><span class='tstring_end'>'</span></span><span class='comma'>,</span>
|
118
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>PUT</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>path</span><span class='tstring_end'>'</span></span><span class='comma'>,</span>
|
119
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>PATCH</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>path</span><span class='tstring_end'>'</span></span>
|
120
|
-
<span class='rbrace'>}</span>
|
121
|
-
|
122
|
-
<span class='id identifier rubyid_use'>use</span> <span class='const'>Rack</span><span class='op'>::</span><span class='const'>SimpleAuth</span><span class='op'>::</span><span class='const'>HMAC</span><span class='op'>::</span><span class='const'>Middleware</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_options'>options</span><span class='op'>|</span>
|
123
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_tolerance'>tolerance</span> <span class='op'>=</span> <span class='int'>1500</span> <span class='comment'># 1500ms -> 1.5s
|
124
|
-
</span>
|
125
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_secret'>secret</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>test_secret</span><span class='tstring_end'>'</span></span>
|
126
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_signature'>signature</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>test_signature</span><span class='tstring_end'>'</span></span>
|
127
|
-
|
128
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_logpath'>logpath</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='embexpr_beg'>#{</span><span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_expand_path'>expand_path</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>..</span><span class='tstring_end'>'</span></span><span class='comma'>,</span> <span class='kw'>__FILE__</span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='tstring_content'>/logs</span><span class='tstring_end'>"</span></span>
|
129
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_request_config'>request_config</span> <span class='op'>=</span> <span class='id identifier rubyid_request_config'>request_config</span>
|
130
|
-
<span class='kw'>end</span>
|
131
|
-
|
132
|
-
<span class='id identifier rubyid_run'>run</span> <span class='const'>Rack</span><span class='op'>::</span><span class='const'>Lobster</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
|
133
|
-
</code></pre>
|
134
|
-
|
135
|
-
<p>In general each request has a message (which is encrypted) in following
|
136
|
-
format:</p>
|
137
|
-
|
138
|
-
<pre class="code ruby"><code class="ruby"><span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>method</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='ivar'>@request</span><span class='period'>.</span><span class='id identifier rubyid_request_method'>request_method</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>date</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='id identifier rubyid_date'>date</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>data</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='id identifier rubyid_request_data'>request_data</span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
|
139
|
-
</code></pre>
|
140
|
-
|
141
|
-
<p>For example accessing <tt>GET /test</tt> with this configuration represents
|
142
|
-
following message</p>
|
143
|
-
|
144
|
-
<pre class="code ruby"><code class="ruby"><span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>method</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>GET</span><span class='tstring_end'>'</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>date</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='int'>1398821451494</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>data</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>/test</span><span class='tstring_end'>'</span></span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
|
145
|
-
</code></pre>
|
146
|
-
|
147
|
-
<p>With the tolerance there is an adjustable amount of messages wich are built
|
148
|
-
(Rack::SimpleAuth::HMAC::Middleware#allowed_messages)</p>
|
149
|
-
|
150
|
-
<p>This means a request could have a certain latency (delay) and the request
|
151
|
-
is still authorized</p>
|
152
|
-
|
153
|
-
<h4 id="label-Secure+your+REST+Api%3A">Secure your REST Api:</h4>
|
154
|
-
|
155
|
-
<p>To secure your REST Api you have to send the HTTP_AUTHORIZATION Header with
|
156
|
-
each request where the HMAC Middleware is used.</p>
|
157
|
-
|
158
|
-
<p>For example <tt>POST /form</tt> with params <tt>{ name => benny1992 }</tt> is secured
|
159
|
-
the following way:</p>
|
160
|
-
|
161
|
-
<p>Uncrypted Message:</p>
|
162
|
-
|
163
|
-
<pre class="code ruby"><code class="ruby">{ 'method' => 'POST', 'date' => timestamp +- tolerance, 'data' => { 'name' => 'benny1992' } }.to_json
|
164
|
-
</code></pre>
|
165
|
-
|
166
|
-
<p>Encryption Mechanism:</p>
|
167
|
-
|
168
|
-
<pre class="code ruby"><code class="ruby"><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>HMAC</span><span class='period'>.</span><span class='id identifier rubyid_hexdigest'>hexdigest</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>sha256</span><span class='tstring_end'>'</span></span><span class='rparen'>)</span><span class='comma'>,</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_secret'>secret</span><span class='comma'>,</span> <span class='id identifier rubyid_message'>message</span><span class='lparen'>(</span><span class='id identifier rubyid_date'>date</span><span class='comma'>,</span> <span class='id identifier rubyid_i'>i</span><span class='rparen'>)</span><span class='rparen'>)</span></code></pre>
|
169
|
-
|
170
|
-
<p>where @config.secret represents your secret which was set in the middleware
|
171
|
-
dsl block and message represents the uncrypted message for the specific
|
172
|
-
timestamp(date) and delay(i)</p>
|
173
|
-
|
174
|
-
<h5 id="label-Therefore+you+need+following+encryption+mechanism+on+the+client+side+%28pseudocode%29%3A">Therefore you need following encryption mechanism on the client side (pseudocode):</h5>
|
175
|
-
|
176
|
-
<pre class="code ruby"><code class="ruby">encrypted_message = OpenSSL::HMAC.hexdigest(OpenSSL:Digest.new('sha256'), 'test_secret', message)
|
177
|
-
|
178
|
-
HTTP_AUTHORIZATION = encrypted_message:'test_signature'</code></pre>
|
179
|
-
|
180
|
-
<h5 id="label-Time+formats">Time formats</h5>
|
181
|
-
|
182
|
-
<p>The timestamp and tolerance are in millisecond format:</p>
|
183
|
-
|
184
|
-
<p>In Ruby land this means:</p>
|
185
|
-
|
186
|
-
<pre class="code ruby"><code class="ruby"><span class='lparen'>(</span><span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_f'>to_f</span> <span class='op'>*</span> <span class='int'>1000</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span></code></pre>
|
187
|
-
|
188
|
-
<p>For PHP you have to use <tt>round()</tt> and <tt>microtime()</tt> :</p>
|
189
|
-
|
190
|
-
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_round'>round</span><span class='lparen'>(</span><span class='id identifier rubyid_microtime'>microtime</span><span class='lparen'>(</span><span class='kw'>true</span><span class='rparen'>)</span> <span class='op'>*</span> <span class='int'>1000</span><span class='rparen'>)</span></code></pre>
|
191
|
-
|
192
|
-
<h4 id="label-Examples">Examples</h4>
|
193
|
-
|
194
|
-
<p>Examples can be found in doc/examples</p>
|
195
|
-
|
196
|
-
<h5 id="label-General+your+timestamp+should+only+contain+13+digits+and+NO+floating+part">General your timestamp should only contain 13 digits and NO floating part</h5>
|
197
|
-
|
198
|
-
<h2 id="label-Contributing">Contributing</h2>
|
199
|
-
<ol><li>
|
200
|
-
<p>Fork it ( <a
|
201
|
-
href="http://github.com/benny1992/rack-simple_auth/fork">github.com/benny1992/rack-simple_auth/fork</a>
|
202
|
-
)</p>
|
203
|
-
</li><li>
|
204
|
-
<p>Create your feature branch (`git checkout -b my-new-feature`)</p>
|
205
|
-
</li><li>
|
206
|
-
<p>Commit your changes (`git commit -am 'Add some feature'`)</p>
|
207
|
-
</li><li>
|
208
|
-
<p>Push to the branch (`git push origin my-new-feature`)</p>
|
209
|
-
</li><li>
|
210
|
-
<p>Create new Pull Request</p>
|
211
|
-
</li></ol>
|
212
|
-
</div></div>
|
213
|
-
|
214
|
-
<div id="footer">
|
215
|
-
Generated on Wed Apr 30 09:50:21 2014 by
|
216
|
-
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
217
|
-
0.8.7.4 (ruby-2.1.1).
|
218
|
-
</div>
|
219
|
-
|
220
|
-
</body>
|
221
|
-
</html>
|
data/doc/file_list.html
DELETED
@@ -1,56 +0,0 @@
|
|
1
|
-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
2
|
-
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
3
|
-
<html>
|
4
|
-
<head>
|
5
|
-
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
6
|
-
|
7
|
-
<link rel="stylesheet" href="css/full_list.css" type="text/css" media="screen" charset="utf-8" />
|
8
|
-
|
9
|
-
<link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
14
|
-
|
15
|
-
<script type="text/javascript" charset="utf-8" src="js/full_list.js"></script>
|
16
|
-
|
17
|
-
|
18
|
-
<title>File List</title>
|
19
|
-
<base id="base_target" target="_parent" />
|
20
|
-
</head>
|
21
|
-
<body>
|
22
|
-
<script type="text/javascript" charset="utf-8">
|
23
|
-
if (window.top.frames.main) {
|
24
|
-
document.getElementById('base_target').target = 'main';
|
25
|
-
document.body.className = 'frames';
|
26
|
-
}
|
27
|
-
</script>
|
28
|
-
<div id="content">
|
29
|
-
<h1 id="full_list_header">File List</h1>
|
30
|
-
<div id="nav">
|
31
|
-
|
32
|
-
<span><a target="_self" href="class_list.html">
|
33
|
-
Classes
|
34
|
-
</a></span>
|
35
|
-
|
36
|
-
<span><a target="_self" href="method_list.html">
|
37
|
-
Methods
|
38
|
-
</a></span>
|
39
|
-
|
40
|
-
<span><a target="_self" href="file_list.html">
|
41
|
-
Files
|
42
|
-
</a></span>
|
43
|
-
|
44
|
-
</div>
|
45
|
-
<div id="search">Search: <input type="text" /></div>
|
46
|
-
|
47
|
-
<ul id="full_list" class="file">
|
48
|
-
|
49
|
-
|
50
|
-
<li class="r1"><span class="object_link"><a href="index.html" title="README">README</a></a></li>
|
51
|
-
|
52
|
-
|
53
|
-
</ul>
|
54
|
-
</div>
|
55
|
-
</body>
|
56
|
-
</html>
|
data/doc/frames.html
DELETED
@@ -1,26 +0,0 @@
|
|
1
|
-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"
|
2
|
-
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
|
3
|
-
|
4
|
-
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
5
|
-
<head>
|
6
|
-
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
|
7
|
-
<title>Documentation by YARD 0.8.7.4</title>
|
8
|
-
</head>
|
9
|
-
<script type="text/javascript" charset="utf-8">
|
10
|
-
window.onload = function() {
|
11
|
-
var match = unescape(window.location.hash).match(/^#!(.+)/);
|
12
|
-
var name = match ? match[1] : 'index.html';
|
13
|
-
name = name.replace(/^(\w+):\/\//, '').replace(/^\/\//, '');
|
14
|
-
document.writeln('<frameset cols="20%,*">' +
|
15
|
-
'<frame name="list" src="class_list.html" />' +
|
16
|
-
'<frame name="main" src="' + escape(name) + '" />' +
|
17
|
-
'</frameset>');
|
18
|
-
}
|
19
|
-
</script>
|
20
|
-
<noscript>
|
21
|
-
<frameset cols="20%,*">
|
22
|
-
<frame name="list" src="class_list.html" />
|
23
|
-
<frame name="main" src="index.html" />
|
24
|
-
</frameset>
|
25
|
-
</noscript>
|
26
|
-
</html>
|
data/doc/index.html
DELETED
@@ -1,221 +0,0 @@
|
|
1
|
-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
2
|
-
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
3
|
-
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
4
|
-
<head>
|
5
|
-
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
|
6
|
-
<title>
|
7
|
-
File: README
|
8
|
-
|
9
|
-
— Documentation by YARD 0.8.7.4
|
10
|
-
|
11
|
-
</title>
|
12
|
-
|
13
|
-
<link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
|
14
|
-
|
15
|
-
<link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
|
16
|
-
|
17
|
-
<script type="text/javascript" charset="utf-8">
|
18
|
-
hasFrames = window.top.frames.main ? true : false;
|
19
|
-
relpath = '';
|
20
|
-
framesUrl = "frames.html#!file.README.html";
|
21
|
-
</script>
|
22
|
-
|
23
|
-
|
24
|
-
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
25
|
-
|
26
|
-
<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
|
27
|
-
|
28
|
-
|
29
|
-
</head>
|
30
|
-
<body>
|
31
|
-
<div id="header">
|
32
|
-
<div id="menu">
|
33
|
-
|
34
|
-
<a href="_index.html">Index</a> »
|
35
|
-
<span class="title">File: README</span>
|
36
|
-
|
37
|
-
|
38
|
-
<div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
|
39
|
-
</div>
|
40
|
-
|
41
|
-
<div id="search">
|
42
|
-
|
43
|
-
<a class="full_list_link" id="class_list_link"
|
44
|
-
href="class_list.html">
|
45
|
-
Class List
|
46
|
-
</a>
|
47
|
-
|
48
|
-
<a class="full_list_link" id="method_list_link"
|
49
|
-
href="method_list.html">
|
50
|
-
Method List
|
51
|
-
</a>
|
52
|
-
|
53
|
-
<a class="full_list_link" id="file_list_link"
|
54
|
-
href="file_list.html">
|
55
|
-
File List
|
56
|
-
</a>
|
57
|
-
|
58
|
-
</div>
|
59
|
-
<div class="clear"></div>
|
60
|
-
</div>
|
61
|
-
|
62
|
-
<iframe id="search_frame"></iframe>
|
63
|
-
|
64
|
-
<div id="content"><div id='filecontents'>
|
65
|
-
<h1 id="label-What+is+Rack%3A%3ASimpleAuth">What is Rack::SimpleAuth</h1>
|
66
|
-
|
67
|
-
<p>Rack::SimpleAuth will contain different Authentication Class Middlewares</p>
|
68
|
-
|
69
|
-
<p>Until now only HMAC is implemented…</p>
|
70
|
-
|
71
|
-
<h2 id="label-Installation">Installation</h2>
|
72
|
-
|
73
|
-
<p>Add this line to your application's Gemfile:</p>
|
74
|
-
|
75
|
-
<pre class="code ruby"><code class="ruby">$ gem 'rack-simple_auth'</code></pre>
|
76
|
-
|
77
|
-
<p>And then execute:</p>
|
78
|
-
|
79
|
-
<pre class="code ruby"><code class="ruby">$ bundle</code></pre>
|
80
|
-
|
81
|
-
<p>Or install it yourself as:</p>
|
82
|
-
|
83
|
-
<pre class="code ruby"><code class="ruby">$ gem install rack-simple_auth</code></pre>
|
84
|
-
|
85
|
-
<h2 id="label-Gem+Status">Gem Status</h2>
|
86
|
-
|
87
|
-
<p><a href="https://travis-ci.org/Benny1992/rack-simple_auth"><img
|
88
|
-
src="https://travis-ci.org/Benny1992/rack-simple_auth.svg?branch=v1.0.0rc"
|
89
|
-
alt="Build Status" /></a> <a
|
90
|
-
href="https://coveralls.io/r/Benny1992/rack-simple_auth"><img
|
91
|
-
src="https://coveralls.io/repos/Benny1992/rack-simple_auth/badge.png"
|
92
|
-
alt="Code Coverage" /></a> <a
|
93
|
-
href="http://badge.fury.io/rb/rack-simple_auth"><img
|
94
|
-
src="https://badge.fury.io/rb/rack-simple_auth.png" alt="Gem Version"
|
95
|
-
/></a> <a href="https://gemnasium.com/Benny1992/rack-simple_auth"><img
|
96
|
-
src="https://gemnasium.com/Benny1992/rack-simple_auth.png" alt="Dependency
|
97
|
-
Status" /></a> <a
|
98
|
-
href="https://www.codeship.io/projects/f2d9d790-b0fe-0131-3fd5-025f180094b5/status"><img
|
99
|
-
src="https://www.codeship.io/projects/f2d9d790-b0fe-0131-3fd5-025f180094b5/status"
|
100
|
-
alt="Build Status" /></a></p>
|
101
|
-
|
102
|
-
<h2 id="label-Usage">Usage</h2>
|
103
|
-
|
104
|
-
<h3 id="label-HMAC">HMAC</h3>
|
105
|
-
|
106
|
-
<p>To use HMAC Authorization you have to use the
|
107
|
-
Rack::SimpleAuth::HMAC::Middleware for your Rack App</p>
|
108
|
-
|
109
|
-
<p>Basic Usage:</p>
|
110
|
-
|
111
|
-
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>rack/lobster</span><span class='tstring_end'>'</span></span>
|
112
|
-
<span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>rack/simple_auth</span><span class='tstring_end'>'</span></span>
|
113
|
-
|
114
|
-
<span class='id identifier rubyid_request_config'>request_config</span> <span class='op'>=</span> <span class='lbrace'>{</span>
|
115
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>GET</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>path</span><span class='tstring_end'>'</span></span><span class='comma'>,</span>
|
116
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>POST</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>params</span><span class='tstring_end'>'</span></span><span class='comma'>,</span>
|
117
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>DELETE</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>path</span><span class='tstring_end'>'</span></span><span class='comma'>,</span>
|
118
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>PUT</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>path</span><span class='tstring_end'>'</span></span><span class='comma'>,</span>
|
119
|
-
<span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>PATCH</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>path</span><span class='tstring_end'>'</span></span>
|
120
|
-
<span class='rbrace'>}</span>
|
121
|
-
|
122
|
-
<span class='id identifier rubyid_use'>use</span> <span class='const'>Rack</span><span class='op'>::</span><span class='const'>SimpleAuth</span><span class='op'>::</span><span class='const'>HMAC</span><span class='op'>::</span><span class='const'>Middleware</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_options'>options</span><span class='op'>|</span>
|
123
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_tolerance'>tolerance</span> <span class='op'>=</span> <span class='int'>1500</span> <span class='comment'># 1500ms -> 1.5s
|
124
|
-
</span>
|
125
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_secret'>secret</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>test_secret</span><span class='tstring_end'>'</span></span>
|
126
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_signature'>signature</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>test_signature</span><span class='tstring_end'>'</span></span>
|
127
|
-
|
128
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_logpath'>logpath</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='embexpr_beg'>#{</span><span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_expand_path'>expand_path</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>..</span><span class='tstring_end'>'</span></span><span class='comma'>,</span> <span class='kw'>__FILE__</span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='tstring_content'>/logs</span><span class='tstring_end'>"</span></span>
|
129
|
-
<span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_request_config'>request_config</span> <span class='op'>=</span> <span class='id identifier rubyid_request_config'>request_config</span>
|
130
|
-
<span class='kw'>end</span>
|
131
|
-
|
132
|
-
<span class='id identifier rubyid_run'>run</span> <span class='const'>Rack</span><span class='op'>::</span><span class='const'>Lobster</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
|
133
|
-
</code></pre>
|
134
|
-
|
135
|
-
<p>In general each request has a message (which is encrypted) in following
|
136
|
-
format:</p>
|
137
|
-
|
138
|
-
<pre class="code ruby"><code class="ruby"><span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>method</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='ivar'>@request</span><span class='period'>.</span><span class='id identifier rubyid_request_method'>request_method</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>date</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='id identifier rubyid_date'>date</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>data</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='id identifier rubyid_request_data'>request_data</span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
|
139
|
-
</code></pre>
|
140
|
-
|
141
|
-
<p>For example accessing <tt>GET /test</tt> with this configuration represents
|
142
|
-
following message</p>
|
143
|
-
|
144
|
-
<pre class="code ruby"><code class="ruby"><span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>method</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>GET</span><span class='tstring_end'>'</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>date</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='int'>1398821451494</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>data</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>/test</span><span class='tstring_end'>'</span></span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
|
145
|
-
</code></pre>
|
146
|
-
|
147
|
-
<p>With the tolerance there is an adjustable amount of messages wich are built
|
148
|
-
(Rack::SimpleAuth::HMAC::Middleware#allowed_messages)</p>
|
149
|
-
|
150
|
-
<p>This means a request could have a certain latency (delay) and the request
|
151
|
-
is still authorized</p>
|
152
|
-
|
153
|
-
<h4 id="label-Secure+your+REST+Api%3A">Secure your REST Api:</h4>
|
154
|
-
|
155
|
-
<p>To secure your REST Api you have to send the HTTP_AUTHORIZATION Header with
|
156
|
-
each request where the HMAC Middleware is used.</p>
|
157
|
-
|
158
|
-
<p>For example <tt>POST /form</tt> with params <tt>{ name => benny1992 }</tt> is secured
|
159
|
-
the following way:</p>
|
160
|
-
|
161
|
-
<p>Uncrypted Message:</p>
|
162
|
-
|
163
|
-
<pre class="code ruby"><code class="ruby">{ 'method' => 'POST', 'date' => timestamp +- tolerance, 'data' => { 'name' => 'benny1992' } }.to_json
|
164
|
-
</code></pre>
|
165
|
-
|
166
|
-
<p>Encryption Mechanism:</p>
|
167
|
-
|
168
|
-
<pre class="code ruby"><code class="ruby"><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>HMAC</span><span class='period'>.</span><span class='id identifier rubyid_hexdigest'>hexdigest</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>sha256</span><span class='tstring_end'>'</span></span><span class='rparen'>)</span><span class='comma'>,</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_secret'>secret</span><span class='comma'>,</span> <span class='id identifier rubyid_message'>message</span><span class='lparen'>(</span><span class='id identifier rubyid_date'>date</span><span class='comma'>,</span> <span class='id identifier rubyid_i'>i</span><span class='rparen'>)</span><span class='rparen'>)</span></code></pre>
|
169
|
-
|
170
|
-
<p>where @config.secret represents your secret which was set in the middleware
|
171
|
-
dsl block and message represents the uncrypted message for the specific
|
172
|
-
timestamp(date) and delay(i)</p>
|
173
|
-
|
174
|
-
<h5 id="label-Therefore+you+need+following+encryption+mechanism+on+the+client+side+%28pseudocode%29%3A">Therefore you need following encryption mechanism on the client side (pseudocode):</h5>
|
175
|
-
|
176
|
-
<pre class="code ruby"><code class="ruby">encrypted_message = OpenSSL::HMAC.hexdigest(OpenSSL:Digest.new('sha256'), 'test_secret', message)
|
177
|
-
|
178
|
-
HTTP_AUTHORIZATION = encrypted_message:'test_signature'</code></pre>
|
179
|
-
|
180
|
-
<h5 id="label-Time+formats">Time formats</h5>
|
181
|
-
|
182
|
-
<p>The timestamp and tolerance are in millisecond format:</p>
|
183
|
-
|
184
|
-
<p>In Ruby land this means:</p>
|
185
|
-
|
186
|
-
<pre class="code ruby"><code class="ruby"><span class='lparen'>(</span><span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_f'>to_f</span> <span class='op'>*</span> <span class='int'>1000</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span></code></pre>
|
187
|
-
|
188
|
-
<p>For PHP you have to use <tt>round()</tt> and <tt>microtime()</tt> :</p>
|
189
|
-
|
190
|
-
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_round'>round</span><span class='lparen'>(</span><span class='id identifier rubyid_microtime'>microtime</span><span class='lparen'>(</span><span class='kw'>true</span><span class='rparen'>)</span> <span class='op'>*</span> <span class='int'>1000</span><span class='rparen'>)</span></code></pre>
|
191
|
-
|
192
|
-
<h4 id="label-Examples">Examples</h4>
|
193
|
-
|
194
|
-
<p>Examples can be found in doc/examples</p>
|
195
|
-
|
196
|
-
<h5 id="label-General+your+timestamp+should+only+contain+13+digits+and+NO+floating+part">General your timestamp should only contain 13 digits and NO floating part</h5>
|
197
|
-
|
198
|
-
<h2 id="label-Contributing">Contributing</h2>
|
199
|
-
<ol><li>
|
200
|
-
<p>Fork it ( <a
|
201
|
-
href="http://github.com/benny1992/rack-simple_auth/fork">github.com/benny1992/rack-simple_auth/fork</a>
|
202
|
-
)</p>
|
203
|
-
</li><li>
|
204
|
-
<p>Create your feature branch (`git checkout -b my-new-feature`)</p>
|
205
|
-
</li><li>
|
206
|
-
<p>Commit your changes (`git commit -am 'Add some feature'`)</p>
|
207
|
-
</li><li>
|
208
|
-
<p>Push to the branch (`git push origin my-new-feature`)</p>
|
209
|
-
</li><li>
|
210
|
-
<p>Create new Pull Request</p>
|
211
|
-
</li></ol>
|
212
|
-
</div></div>
|
213
|
-
|
214
|
-
<div id="footer">
|
215
|
-
Generated on Wed Apr 30 09:50:21 2014 by
|
216
|
-
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
217
|
-
0.8.7.4 (ruby-2.1.1).
|
218
|
-
</div>
|
219
|
-
|
220
|
-
</body>
|
221
|
-
</html>
|