RubyGems - rack-simple_auth - Versions diffs - 1.0.1 → 1.0.2 - Mend

rack-simple_auth 1.0.1 → 1.0.2

Files changed (30) hide show

checksums.yaml +4 -4
data/MANIFEST +1 -22
data/README.rdoc +1 -0
data/checksum/rack-simple_auth-1.0.1.gem.sha512 +1 -0
data/lib/rack/simple_auth/hmac/middleware.rb +46 -8
data/lib/rack/simple_auth/version.rb +1 -1
data/rack-simple_auth.gemspec +5 -0
metadata +59 -24
data/doc/Rack.html +0 -128
data/doc/Rack/SimpleAuth.html +0 -252
data/doc/Rack/SimpleAuth/HMAC.html +0 -128
data/doc/Rack/SimpleAuth/HMAC/Config.html +0 -1003
data/doc/Rack/SimpleAuth/HMAC/Middleware.html +0 -1418
data/doc/Rack/SimpleAuth/Logger.html +0 -264
data/doc/_index.html +0 -185
data/doc/class_list.html +0 -54
data/doc/css/common.css +0 -1
data/doc/css/full_list.css +0 -57
data/doc/css/style.css +0 -339
data/doc/examples/index.php +0 -32
data/doc/examples/rack_lobster.ru +0 -22
data/doc/file.README.html +0 -221
data/doc/file_list.html +0 -56
data/doc/frames.html +0 -26
data/doc/index.html +0 -221
data/doc/js/app.js +0 -219
data/doc/js/full_list.js +0 -178
data/doc/js/jquery.js +0 -4
data/doc/method_list.html +0 -179
data/doc/top-level-namespace.html +0 -112

data/doc/file.README.html DELETED Viewed

@@ -1,221 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-<title>
-  File: README
-    &mdash; Documentation by YARD 0.8.7.4
-</title>
-  <link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
-  <link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
-<script type="text/javascript" charset="utf-8">
-  hasFrames = window.top.frames.main ? true : false;
-  relpath = '';
-  framesUrl = "frames.html#!file.README.html";
-</script>
-  <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
-  <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
-  </head>
-  <body>
-    <div id="header">
-      <div id="menu">
-    <a href="_index.html">Index</a> &raquo;
-    <span class="title">File: README</span>
-  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
-</div>
-      <div id="search">
-    <a class="full_list_link" id="class_list_link"
-        href="class_list.html">
-      Class List
-    </a>
-    <a class="full_list_link" id="method_list_link"
-        href="method_list.html">
-      Method List
-    </a>
-    <a class="full_list_link" id="file_list_link"
-        href="file_list.html">
-      File List
-    </a>
-</div>
-      <div class="clear"></div>
-    </div>
-    <iframe id="search_frame"></iframe>
-    <div id="content"><div id='filecontents'>
-<h1 id="label-What+is+Rack%3A%3ASimpleAuth">What is Rack::SimpleAuth</h1>
-<p>Rack::SimpleAuth will contain different Authentication Class Middlewares</p>
-<p>Until now only HMAC is implemented…</p>
-<h2 id="label-Installation">Installation</h2>
-<p>Add this line to your application&#39;s Gemfile:</p>
-<pre class="code ruby"><code class="ruby">$ gem &#39;rack-simple_auth&#39;</code></pre>
-<p>And then execute:</p>
-<pre class="code ruby"><code class="ruby">$ bundle</code></pre>
-<p>Or install it yourself as:</p>
-<pre class="code ruby"><code class="ruby">$ gem install rack-simple_auth</code></pre>
-<h2 id="label-Gem+Status">Gem Status</h2>
-<p><a href="https://travis-ci.org/Benny1992/rack-simple_auth"><img
-src="https://travis-ci.org/Benny1992/rack-simple_auth.svg?branch=v1.0.0rc"
-alt="Build Status" /></a> <a
-href="https://coveralls.io/r/Benny1992/rack-simple_auth"><img
-src="https://coveralls.io/repos/Benny1992/rack-simple_auth/badge.png"
-alt="Code Coverage" /></a> <a
-href="http://badge.fury.io/rb/rack-simple_auth"><img
-src="https://badge.fury.io/rb/rack-simple_auth.png" alt="Gem Version"
-/></a> <a href="https://gemnasium.com/Benny1992/rack-simple_auth"><img
-src="https://gemnasium.com/Benny1992/rack-simple_auth.png" alt="Dependency
-Status" /></a> <a
-href="https://www.codeship.io/projects/f2d9d790-b0fe-0131-3fd5-025f180094b5/status"><img
-src="https://www.codeship.io/projects/f2d9d790-b0fe-0131-3fd5-025f180094b5/status"
-alt="Build Status" /></a></p>
-<h2 id="label-Usage">Usage</h2>
-<h3 id="label-HMAC">HMAC</h3>
-<p>To use HMAC Authorization you have to use the
-Rack::SimpleAuth::HMAC::Middleware for your Rack App</p>
-<p>Basic Usage:</p>
-<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>rack/lobster</span><span class='tstring_end'>&#39;</span></span>
-<span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>rack/simple_auth</span><span class='tstring_end'>&#39;</span></span>
-<span class='id identifier rubyid_request_config'>request_config</span> <span class='op'>=</span> <span class='lbrace'>{</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>GET</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>path</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>POST</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>params</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DELETE</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>path</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PUT</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>path</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PATCH</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>path</span><span class='tstring_end'>&#39;</span></span>
-<span class='rbrace'>}</span>
-<span class='id identifier rubyid_use'>use</span> <span class='const'>Rack</span><span class='op'>::</span><span class='const'>SimpleAuth</span><span class='op'>::</span><span class='const'>HMAC</span><span class='op'>::</span><span class='const'>Middleware</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_options'>options</span><span class='op'>|</span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_tolerance'>tolerance</span> <span class='op'>=</span> <span class='int'>1500</span> <span class='comment'># 1500ms -&gt; 1.5s
-</span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_secret'>secret</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>test_secret</span><span class='tstring_end'>&#39;</span></span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_signature'>signature</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>test_signature</span><span class='tstring_end'>&#39;</span></span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_logpath'>logpath</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_expand_path'>expand_path</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>..</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>__FILE__</span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='tstring_content'>/logs</span><span class='tstring_end'>&quot;</span></span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_request_config'>request_config</span> <span class='op'>=</span> <span class='id identifier rubyid_request_config'>request_config</span>
-<span class='kw'>end</span>
-<span class='id identifier rubyid_run'>run</span> <span class='const'>Rack</span><span class='op'>::</span><span class='const'>Lobster</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
-</code></pre>
-<p>In general each request has a message (which is encrypted) in following
-format:</p>
-<pre class="code ruby"><code class="ruby"><span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>method</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='ivar'>@request</span><span class='period'>.</span><span class='id identifier rubyid_request_method'>request_method</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>date</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_date'>date</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>data</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_request_data'>request_data</span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
-</code></pre>
-<p>For example accessing <tt>GET /test</tt> with this configuration represents
-following message</p>
-<pre class="code ruby"><code class="ruby"><span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>method</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>GET</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>date</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='int'>1398821451494</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>data</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/test</span><span class='tstring_end'>&#39;</span></span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
-</code></pre>
-<p>With the tolerance there is an adjustable amount of messages wich are built
-(Rack::SimpleAuth::HMAC::Middleware#allowed_messages)</p>
-<p>This means a request could have a certain latency (delay) and the request
-is still authorized</p>
-<h4 id="label-Secure+your+REST+Api%3A">Secure your REST Api:</h4>
-<p>To secure your REST Api you have to send the HTTP_AUTHORIZATION Header with
-each request where the HMAC Middleware is used.</p>
-<p>For example <tt>POST /form</tt> with params <tt>{ name =&gt; benny1992 }</tt> is secured
-the following way:</p>
-<p>Uncrypted Message:</p>
-<pre class="code ruby"><code class="ruby">{ &#39;method&#39; =&gt; &#39;POST&#39;, &#39;date&#39; =&gt; timestamp +- tolerance, &#39;data&#39; =&gt; { &#39;name&#39; =&gt; &#39;benny1992&#39; } }.to_json
-</code></pre>
-<p>Encryption Mechanism:</p>
-<pre class="code ruby"><code class="ruby"><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>HMAC</span><span class='period'>.</span><span class='id identifier rubyid_hexdigest'>hexdigest</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>sha256</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='comma'>,</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_secret'>secret</span><span class='comma'>,</span> <span class='id identifier rubyid_message'>message</span><span class='lparen'>(</span><span class='id identifier rubyid_date'>date</span><span class='comma'>,</span> <span class='id identifier rubyid_i'>i</span><span class='rparen'>)</span><span class='rparen'>)</span></code></pre>
-<p>where @config.secret represents your secret which was set in the middleware
-dsl block and message represents the uncrypted message for the specific
-timestamp(date) and delay(i)</p>
-<h5 id="label-Therefore+you+need+following+encryption+mechanism+on+the+client+side+%28pseudocode%29%3A">Therefore you need following encryption mechanism on the client side (pseudocode):</h5>
-<pre class="code ruby"><code class="ruby">encrypted_message = OpenSSL::HMAC.hexdigest(OpenSSL:Digest.new(&#39;sha256&#39;), &#39;test_secret&#39;, message)
-HTTP_AUTHORIZATION = encrypted_message:&#39;test_signature&#39;</code></pre>
-<h5 id="label-Time+formats">Time formats</h5>
-<p>The timestamp and tolerance are in millisecond format:</p>
-<p>In Ruby land this means:</p>
-<pre class="code ruby"><code class="ruby"><span class='lparen'>(</span><span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_f'>to_f</span> <span class='op'>*</span> <span class='int'>1000</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span></code></pre>
-<p>For PHP you have to use <tt>round()</tt> and <tt>microtime()</tt> :</p>
-<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_round'>round</span><span class='lparen'>(</span><span class='id identifier rubyid_microtime'>microtime</span><span class='lparen'>(</span><span class='kw'>true</span><span class='rparen'>)</span> <span class='op'>*</span> <span class='int'>1000</span><span class='rparen'>)</span></code></pre>
-<h4 id="label-Examples">Examples</h4>
-<p>Examples can be found in doc/examples</p>
-<h5 id="label-General+your+timestamp+should+only+contain+13+digits+and+NO+floating+part">General your timestamp should only contain 13 digits and NO floating part</h5>
-<h2 id="label-Contributing">Contributing</h2>
-<ol><li>
-<p>Fork it ( <a
-href="http://github.com/benny1992/rack-simple_auth/fork">github.com/benny1992/rack-simple_auth/fork</a>
-)</p>
-</li><li>
-<p>Create your feature branch (`git checkout -b my-new-feature`)</p>
-</li><li>
-<p>Commit your changes (`git commit -am &#39;Add some feature&#39;`)</p>
-</li><li>
-<p>Push to the branch (`git push origin my-new-feature`)</p>
-</li><li>
-<p>Create new Pull Request</p>
-</li></ol>
-</div></div>
-    <div id="footer">
-  Generated on Wed Apr 30 09:50:21 2014 by
-  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.8.7.4 (ruby-2.1.1).
-</div>
-  </body>
-</html>

data/doc/file_list.html DELETED Viewed

@@ -1,56 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-      <link rel="stylesheet" href="css/full_list.css" type="text/css" media="screen" charset="utf-8" />
-      <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
-      <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
-      <script type="text/javascript" charset="utf-8" src="js/full_list.js"></script>
-    <title>File List</title>
-    <base id="base_target" target="_parent" />
-  </head>
-  <body>
-    <script type="text/javascript" charset="utf-8">
-      if (window.top.frames.main) {
-        document.getElementById('base_target').target = 'main';
-        document.body.className = 'frames';
-      }
-    </script>
-    <div id="content">
-      <h1 id="full_list_header">File List</h1>
-      <div id="nav">
-          <span><a target="_self" href="class_list.html">
-            Classes
-          </a></span>
-          <span><a target="_self" href="method_list.html">
-            Methods
-          </a></span>
-          <span><a target="_self" href="file_list.html">
-            Files
-          </a></span>
-      </div>
-      <div id="search">Search: <input type="text" /></div>
-      <ul id="full_list" class="file">
-  <li class="r1"><span class="object_link"><a href="index.html" title="README">README</a></a></li>
-      </ul>
-    </div>
-  </body>
-</html>

data/doc/frames.html DELETED Viewed

@@ -1,26 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"
-	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
-	<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
-	<title>Documentation by YARD 0.8.7.4</title>
-</head>
-<script type="text/javascript" charset="utf-8">
-window.onload = function() {
-  var match = unescape(window.location.hash).match(/^#!(.+)/);
-  var name = match ? match[1] : 'index.html';
-  name = name.replace(/^(\w+):\/\//, '').replace(/^\/\//, '');
-  document.writeln('<frameset cols="20%,*">' +
-    '<frame name="list" src="class_list.html" />' +
-    '<frame name="main" src="' + escape(name) + '" />' +
-    '</frameset>');
-}
-</script>
-<noscript>
-  <frameset cols="20%,*">
-    <frame name="list" src="class_list.html" />
-    <frame name="main" src="index.html" />
-  </frameset>
-</noscript>
-</html>

data/doc/index.html DELETED Viewed

@@ -1,221 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-<title>
-  File: README
-    &mdash; Documentation by YARD 0.8.7.4
-</title>
-  <link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
-  <link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
-<script type="text/javascript" charset="utf-8">
-  hasFrames = window.top.frames.main ? true : false;
-  relpath = '';
-  framesUrl = "frames.html#!file.README.html";
-</script>
-  <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
-  <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
-  </head>
-  <body>
-    <div id="header">
-      <div id="menu">
-    <a href="_index.html">Index</a> &raquo;
-    <span class="title">File: README</span>
-  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
-</div>
-      <div id="search">
-    <a class="full_list_link" id="class_list_link"
-        href="class_list.html">
-      Class List
-    </a>
-    <a class="full_list_link" id="method_list_link"
-        href="method_list.html">
-      Method List
-    </a>
-    <a class="full_list_link" id="file_list_link"
-        href="file_list.html">
-      File List
-    </a>
-</div>
-      <div class="clear"></div>
-    </div>
-    <iframe id="search_frame"></iframe>
-    <div id="content"><div id='filecontents'>
-<h1 id="label-What+is+Rack%3A%3ASimpleAuth">What is Rack::SimpleAuth</h1>
-<p>Rack::SimpleAuth will contain different Authentication Class Middlewares</p>
-<p>Until now only HMAC is implemented…</p>
-<h2 id="label-Installation">Installation</h2>
-<p>Add this line to your application&#39;s Gemfile:</p>
-<pre class="code ruby"><code class="ruby">$ gem &#39;rack-simple_auth&#39;</code></pre>
-<p>And then execute:</p>
-<pre class="code ruby"><code class="ruby">$ bundle</code></pre>
-<p>Or install it yourself as:</p>
-<pre class="code ruby"><code class="ruby">$ gem install rack-simple_auth</code></pre>
-<h2 id="label-Gem+Status">Gem Status</h2>
-<p><a href="https://travis-ci.org/Benny1992/rack-simple_auth"><img
-src="https://travis-ci.org/Benny1992/rack-simple_auth.svg?branch=v1.0.0rc"
-alt="Build Status" /></a> <a
-href="https://coveralls.io/r/Benny1992/rack-simple_auth"><img
-src="https://coveralls.io/repos/Benny1992/rack-simple_auth/badge.png"
-alt="Code Coverage" /></a> <a
-href="http://badge.fury.io/rb/rack-simple_auth"><img
-src="https://badge.fury.io/rb/rack-simple_auth.png" alt="Gem Version"
-/></a> <a href="https://gemnasium.com/Benny1992/rack-simple_auth"><img
-src="https://gemnasium.com/Benny1992/rack-simple_auth.png" alt="Dependency
-Status" /></a> <a
-href="https://www.codeship.io/projects/f2d9d790-b0fe-0131-3fd5-025f180094b5/status"><img
-src="https://www.codeship.io/projects/f2d9d790-b0fe-0131-3fd5-025f180094b5/status"
-alt="Build Status" /></a></p>
-<h2 id="label-Usage">Usage</h2>
-<h3 id="label-HMAC">HMAC</h3>
-<p>To use HMAC Authorization you have to use the
-Rack::SimpleAuth::HMAC::Middleware for your Rack App</p>
-<p>Basic Usage:</p>
-<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>rack/lobster</span><span class='tstring_end'>&#39;</span></span>
-<span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>rack/simple_auth</span><span class='tstring_end'>&#39;</span></span>
-<span class='id identifier rubyid_request_config'>request_config</span> <span class='op'>=</span> <span class='lbrace'>{</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>GET</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>path</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>POST</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>params</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DELETE</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>path</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PUT</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>path</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
-  <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PATCH</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>path</span><span class='tstring_end'>&#39;</span></span>
-<span class='rbrace'>}</span>
-<span class='id identifier rubyid_use'>use</span> <span class='const'>Rack</span><span class='op'>::</span><span class='const'>SimpleAuth</span><span class='op'>::</span><span class='const'>HMAC</span><span class='op'>::</span><span class='const'>Middleware</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_options'>options</span><span class='op'>|</span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_tolerance'>tolerance</span> <span class='op'>=</span> <span class='int'>1500</span> <span class='comment'># 1500ms -&gt; 1.5s
-</span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_secret'>secret</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>test_secret</span><span class='tstring_end'>&#39;</span></span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_signature'>signature</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>test_signature</span><span class='tstring_end'>&#39;</span></span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_logpath'>logpath</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_expand_path'>expand_path</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>..</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>__FILE__</span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='tstring_content'>/logs</span><span class='tstring_end'>&quot;</span></span>
-  <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_request_config'>request_config</span> <span class='op'>=</span> <span class='id identifier rubyid_request_config'>request_config</span>
-<span class='kw'>end</span>
-<span class='id identifier rubyid_run'>run</span> <span class='const'>Rack</span><span class='op'>::</span><span class='const'>Lobster</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
-</code></pre>
-<p>In general each request has a message (which is encrypted) in following
-format:</p>
-<pre class="code ruby"><code class="ruby"><span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>method</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='ivar'>@request</span><span class='period'>.</span><span class='id identifier rubyid_request_method'>request_method</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>date</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_date'>date</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>data</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_request_data'>request_data</span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
-</code></pre>
-<p>For example accessing <tt>GET /test</tt> with this configuration represents
-following message</p>
-<pre class="code ruby"><code class="ruby"><span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>method</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>GET</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>date</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='int'>1398821451494</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>data</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/test</span><span class='tstring_end'>&#39;</span></span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
-</code></pre>
-<p>With the tolerance there is an adjustable amount of messages wich are built
-(Rack::SimpleAuth::HMAC::Middleware#allowed_messages)</p>
-<p>This means a request could have a certain latency (delay) and the request
-is still authorized</p>
-<h4 id="label-Secure+your+REST+Api%3A">Secure your REST Api:</h4>
-<p>To secure your REST Api you have to send the HTTP_AUTHORIZATION Header with
-each request where the HMAC Middleware is used.</p>
-<p>For example <tt>POST /form</tt> with params <tt>{ name =&gt; benny1992 }</tt> is secured
-the following way:</p>
-<p>Uncrypted Message:</p>
-<pre class="code ruby"><code class="ruby">{ &#39;method&#39; =&gt; &#39;POST&#39;, &#39;date&#39; =&gt; timestamp +- tolerance, &#39;data&#39; =&gt; { &#39;name&#39; =&gt; &#39;benny1992&#39; } }.to_json
-</code></pre>
-<p>Encryption Mechanism:</p>
-<pre class="code ruby"><code class="ruby"><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>HMAC</span><span class='period'>.</span><span class='id identifier rubyid_hexdigest'>hexdigest</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>sha256</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='comma'>,</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_secret'>secret</span><span class='comma'>,</span> <span class='id identifier rubyid_message'>message</span><span class='lparen'>(</span><span class='id identifier rubyid_date'>date</span><span class='comma'>,</span> <span class='id identifier rubyid_i'>i</span><span class='rparen'>)</span><span class='rparen'>)</span></code></pre>
-<p>where @config.secret represents your secret which was set in the middleware
-dsl block and message represents the uncrypted message for the specific
-timestamp(date) and delay(i)</p>
-<h5 id="label-Therefore+you+need+following+encryption+mechanism+on+the+client+side+%28pseudocode%29%3A">Therefore you need following encryption mechanism on the client side (pseudocode):</h5>
-<pre class="code ruby"><code class="ruby">encrypted_message = OpenSSL::HMAC.hexdigest(OpenSSL:Digest.new(&#39;sha256&#39;), &#39;test_secret&#39;, message)
-HTTP_AUTHORIZATION = encrypted_message:&#39;test_signature&#39;</code></pre>
-<h5 id="label-Time+formats">Time formats</h5>
-<p>The timestamp and tolerance are in millisecond format:</p>
-<p>In Ruby land this means:</p>
-<pre class="code ruby"><code class="ruby"><span class='lparen'>(</span><span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_f'>to_f</span> <span class='op'>*</span> <span class='int'>1000</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span></code></pre>
-<p>For PHP you have to use <tt>round()</tt> and <tt>microtime()</tt> :</p>
-<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_round'>round</span><span class='lparen'>(</span><span class='id identifier rubyid_microtime'>microtime</span><span class='lparen'>(</span><span class='kw'>true</span><span class='rparen'>)</span> <span class='op'>*</span> <span class='int'>1000</span><span class='rparen'>)</span></code></pre>
-<h4 id="label-Examples">Examples</h4>
-<p>Examples can be found in doc/examples</p>
-<h5 id="label-General+your+timestamp+should+only+contain+13+digits+and+NO+floating+part">General your timestamp should only contain 13 digits and NO floating part</h5>
-<h2 id="label-Contributing">Contributing</h2>
-<ol><li>
-<p>Fork it ( <a
-href="http://github.com/benny1992/rack-simple_auth/fork">github.com/benny1992/rack-simple_auth/fork</a>
-)</p>
-</li><li>
-<p>Create your feature branch (`git checkout -b my-new-feature`)</p>
-</li><li>
-<p>Commit your changes (`git commit -am &#39;Add some feature&#39;`)</p>
-</li><li>
-<p>Push to the branch (`git push origin my-new-feature`)</p>
-</li><li>
-<p>Create new Pull Request</p>
-</li></ol>
-</div></div>
-    <div id="footer">
-  Generated on Wed Apr 30 09:50:21 2014 by
-  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.8.7.4 (ruby-2.1.1).
-</div>
-  </body>
-</html>