rack-simple_auth 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+--- 
+SHA1: 
+  metadata.gz: 391baa3938d8f51b5501b0064c25100dfaf8941c
+  data.tar.gz: f785d92ba75ad9b0b968202460b384da9c36f489
+SHA512: 
+  metadata.gz: ec4dbc9f92f9625b28c355d0745f4d6648c7d06f79b98a2078133124a6648de7e7b926f21c75604385b2e5f57e2e99151d628f16aafb7d5fba715e4bb6df6a5b
+  data.tar.gz: 217410019be2f9157251c14f7eb35ca7af23e652b5394f09cbcd9d189f5ee5f594df56eea976a32dc36bba5ce842cb35626c4151a33610ba6bac63e6f77099eb

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.swp

data/.rubocop.yml

@@ -0,0 +1,2 @@
+LineLength:
+  Max: 160

data/.travis.yml

@@ -0,0 +1,17 @@
+language: ruby
+cache: bundler
+
+rvm:
+  - 2.0.0
+  - 2.1.0
+  - 2.1.1
+  - ruby-head
+  - jruby
+  - rbx
+
+matrix:
+  allow_failures:
+    - rvm: jruby
+    - rvm: ruby-head
+
+script:  "env COVERAGE=true bundle exec rake"

data/.yardopts

@@ -0,0 +1 @@
+--private

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in rack-simple_auth.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Benny1992
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,49 @@
+# Rack::SimpleAuth
+
+Rack Middleware for HMAC Authentication
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'rack-simple_auth'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install rack-simple_auth
+
+## Gem Status
+
+[![Build Status](https://travis-ci.org/Benny1992/rack-simple_auth.png?branch=master)](https://travis-ci.org/Benny1992/rack-simple_auth)
+[![Coverage Status](https://coveralls.io/repos/Benny1992/rack-simple_auth/badge.png?branch=master)](https://coveralls.io/r/Benny1992/rack-simple_auth?branch=master)
+[![GitHub version](https://badge.fury.io/gh/benny1992%2Frack-simple_auth.png)](http://badge.fury.io/gh/benny1992%2Frack-simple_auth)
+
+## Usage
+
+Uses Authorization HTTP Header, example:
+```Authorization: ContentHash:Signature```
+
+Signature is the "Public Key"
+
+ContentHash is the HMAC encrypted Message
+
+```ruby
+map '/' do
+  use Rack::SimpleAuth::HMAC, 'signature', 'private_key'
+  run MyApplication
+end
+```
+
+Private Key and Signature should be served by a file which is not checked into git version control.
+
+## Contributing
+
+1. Fork it ( http://github.com/<my-github-username>/rack-simple_auth/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,7 @@
+require "bundler/gem_tasks"
+require 'rake/testtask'
+# require 'cucumber/rake/task'
+
+Dir.glob('tasks/*.rake').each { |r| import r }
+
+

data/lib/rack/simple_auth.rb

@@ -0,0 +1,18 @@
+require 'rack/simple_auth/version'
+require 'rack/simple_auth/hmac'
+
+require 'json'
+
+# Rack Module
+module Rack
+  # Module which Contains different Authorization / Authentication Classes (HMAC, ..)
+  module SimpleAuth
+    class << self
+      # Method to return Gem Root Dir
+      # @return [String] Gem Root Folder
+      def root
+        ::File.dirname(::File.dirname(::File.expand_path('..', __FILE__)))
+      end
+    end
+  end
+end

data/lib/rack/simple_auth/hmac.rb

@@ -0,0 +1,62 @@
+module Rack
+  # Module which Contains different Authorization / Authentication Classes (HMAC, ..)
+  module SimpleAuth
+    # HMAC Middleware uses HMAC Authorization for Securing an REST API
+    class HMAC
+      # Constructor for Rack Middleware (passing the rack stack)
+      # @param [Rack Application] app [next middleware or rack app which gets called]
+      # @param [String] signature [Public Signature]
+      # @param [String] secret [Secret used for Message Encryption]
+      def initialize(app, signature, secret)
+        @app = app
+        @signature = signature
+        @secret = secret
+      end
+
+      # call Method for Rack Middleware/Application
+      # @param [Hash] env [Rack Env Hash which contains headers etc..]
+      def call(env)
+        request = Rack::Request.new(env)
+        if valid?(request)
+          @app.call(env)
+        else
+          response = Rack::Response.new('Unauthorized', 401, 'Content-Type' => 'text/html')
+          response.finish
+        end
+      end
+
+      # checks for valid HMAC Request
+      # @param [Rack::Request] request [current Request]
+      # @return [boolean] ValidationStatus [If authorized returns true, else false]
+      def valid?(request)
+        return false if request.env['HTTP_AUTHORIZATION'].nil?
+
+        auth_array = request.env['HTTP_AUTHORIZATION'].split(':')
+        content_hash = auth_array[0]
+        signature = auth_array[1]
+
+        case request.request_method
+        when 'GET'
+          content = { 'method' => request.request_method, 'data' => request.path }.to_json
+        when 'POST'
+          content = { 'method' => request.request_method, 'data' => request.POST }.to_json
+        when 'DELETE'
+          content = { 'method' => request.request_method, 'data' => request.path }.to_json
+        when 'PUT'
+          content = { 'method' => request.request_method, 'data' => request.POST }.to_json
+        end
+
+        hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
+        # puts content
+        # puts "Hash to Check: #{hash}"
+        # puts "Content Hash: #{content_hash}"
+
+        if signature == @signature && hash == content_hash
+          true
+        else
+          false
+        end
+      end
+    end
+  end
+end

data/lib/rack/simple_auth/version.rb

@@ -0,0 +1,7 @@
+module Rack
+  # Module which Contains different Authorization / Authentication Classes (HMAC, ..)
+  module SimpleAuth
+    # Current Gem Version
+    VERSION = '0.0.1'
+  end
+end

data/rack-simple_auth.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'rack/simple_auth/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "rack-simple_auth"
+  spec.version       = Rack::SimpleAuth::VERSION
+  spec.authors       = ["Benny1992"]
+  spec.email         = ["klotz.benjamin@yahoo.de"]
+  spec.summary       = %q{SimpleAuth HMAC authentication}
+  spec.description   = %q{SimpleAuth HMAC authentication}
+  spec.homepage      = "http://www.bennyklotz.at"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency "rack"
+
+  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "coveralls"
+  spec.add_development_dependency "rack-test"
+end

data/tasks/default.rake

@@ -0,0 +1,5 @@
+task :default do
+  Rake::Task['test:unit'].invoke
+  # Rake::Task['test:spec'].invoke
+  # Rake::Task['test:feature'].invoke
+end

data/tasks/floodtest.rake

@@ -0,0 +1,33 @@
+test_runs = if ENV['TESTS']
+              Integer(ENV['TESTS'])
+            else
+              30
+            end
+
+namespace :floodtest do
+  task :unit do
+    desc 'Run Unit floodtest (default 30 tests, configurable via ENV["TESTS"])'
+    1.upto(test_runs) do |i|
+      puts "Running test #{i} of #{test_runs}"
+      exit(-1) if !system('bundle exec rake test:unit')
+    end
+  end
+
+  # task :spec do
+    # desc 'Run Spec floodtest (default 30 tests, configurable via ENV["TESTS"])'
+    # 1.upto(test_runs) do |i|
+      # puts "Running test #{i} of #{test_runs}"
+      # exit(-1) if !system('bundle exec rake test:spec ')
+    # end
+  # end
+
+  # task :feature do
+    # desc 'Run Feature floodtest (default 30 tests, configurable via ENV["TESTS"])'
+    # 1.upto(test_runs) do |i|
+      # puts "Running test #{i} of #{test_runs}"
+      # exit(-1) if !system('bundle exec rake test:feature')
+    # end
+  # end
+end
+
+

data/tasks/test.rake

@@ -0,0 +1,19 @@
+namespace :test do
+  Rake::TestTask.new(:unit) do |t|
+    t.libs << "test" << "bin" << "ext" << "controllers" << "helpers" << "models"
+    t.test_files = FileList['test/**/*_test.rb']
+    t.verbose = true
+  end
+
+  # Rake::TestTask.new(:spec) do |t|
+    # t.libs << "spec" << "bin" << "ext" << "controllers" << "helpers" << "models"
+    # t.test_files = FileList['spec/**/*_spec.rb']
+    # t.verbose = true
+  # end
+
+  # Cucumber::Rake::Task.new(:feature) do |t|
+    # t.cucumber_opts = "features --format pretty"
+  # end
+end
+
+

data/tasks/travis.rake

@@ -0,0 +1,5 @@
+task :travis do
+  Rake::Task['floodtest:unit'].invoke
+  # Rake::Task['floodtest:feature'].invoke
+  # Rake::Task['floodtest:spec'].invoke
+end

data/test/config.ru

@@ -0,0 +1,5 @@
+require 'rack/lobster'
+require 'rack/simple_auth'
+
+use Rack::SimpleAuth::HMAC, 'test_signature', 'test_secret'
+run Rack::Lobster.new

data/test/rack/simple_auth/hmac_test.rb

@@ -0,0 +1,83 @@
+require 'test_helper.rb'
+
+# Test HMAC Authorization Method
+class HMACTest < MiniTest::Unit::TestCase
+  include Rack::Test::Methods
+
+  def setup
+    @secret = 'test_secret'
+    @signature = 'test_signature'
+  end
+
+  def app
+    Rack::SimpleAuth.testapp
+  end
+
+  def test_get_without_auth_header
+    get '/'
+    assert_equal(401, last_response.status, 'Unauthorized reqeust should receive 401')
+  end
+
+  def test_get_with_wrong_auth_header
+    get '/', {}, 'HTTP_AUTHORIZATION' => 'wrong_header'
+    assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
+  end
+
+  def test_get_with_right_auth_header
+    uri = '/'
+    content = { 'method' => 'GET', 'data' => uri }.to_json
+    hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
+
+    get uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
+
+    assert_equal(200, last_response.status, 'Authorized Request should receive 200')
+  end
+
+  def test_post_with_wrong_auth_header
+    post '/', { 'name' => 'Bensn' }, 'HTTP_AUTHORIZATION' => 'wrong_header'
+    assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
+  end
+
+  def test_post_with_right_auth_header
+    params = { 'name' => 'Bensn' }
+    content = { 'method' => 'POST', 'data' => params }.to_json
+    hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
+
+    post '/', params, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
+
+    assert_equal(200, last_response.status, 'Authorized Request should receive 200')
+  end
+
+  def test_delete_with_wrong_auth_header
+    delete '/', {}, 'HTTP_AUTHORIZATION' => 'wrong_header'
+    assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
+  end
+
+  def test_delete_with_right_auth_header
+    uri = '/'
+    content = { 'method' => 'DELETE', 'data' => uri }.to_json
+    hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
+
+    delete uri, {}, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
+
+    assert_equal(200, last_response.status, 'Authorized Request should receive 200')
+  end
+
+  def test_put_with_wrong_auth_header
+    put '/', { 'name' => 'Bensn' }, 'HTTP_AUTHORIZATION' => 'wrong_header'
+    assert_equal(401, last_response.status, 'Wrong HTTP_AUTHORIZATION Header should receive 401')
+  end
+
+  def test_post_with_right_auth_header
+    params = { 'name' => 'Bensn' }
+    content = { 'method' => 'PUT', 'data' => params }.to_json
+    hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), @secret, content)
+
+    put '/', params, 'HTTP_AUTHORIZATION' => "#{hash}:#{@signature}"
+
+    assert_equal(200, last_response.status, 'Authorized Request should receive 200')
+  end
+
+  def teardown
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,40 @@
+require 'simplecov'
+require 'coveralls'
+
+SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
+  SimpleCov::Formatter::HTMLFormatter,
+  Coveralls::SimpleCov::Formatter
+]
+
+SimpleCov.start do
+  project_name 'rack-simple_auth'
+  add_filter '/test/'
+  add_filter '/pkg/'
+  add_filter '/spec/'
+  add_filter '/features/'
+  add_filter '/doc/'
+end if ENV['COVERAGE']
+
+# Minitest
+require 'minitest/autorun'
+require 'minitest/mock'
+require 'minitest/pride' # for colored output
+
+# Rack Test Methods
+require 'rack/test'
+
+require 'json'
+
+# Load gem
+require 'rack/simple_auth'
+
+module Rack
+  # Module which Contains different Authorization / Authentication Classes (HMAC, ..)
+  module SimpleAuth
+    class << self
+      attr_accessor :testapp
+    end
+  end
+end
+
+Rack::SimpleAuth.testapp = Rack::Builder.parse_file("#{Rack::SimpleAuth.root}/test/config.ru").first

metadata

@@ -0,0 +1,114 @@
+--- !ruby/object:Gem::Specification 
+name: rack-simple_auth
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Benny1992
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2014-03-09 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - &id003 
+      - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  name: rack
+  prerelease: false
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: "1.5"
+  name: bundler
+  prerelease: false
+  type: :development
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    requirements: 
+    - *id003
+  name: rake
+  prerelease: false
+  type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    requirements: 
+    - *id003
+  name: coveralls
+  prerelease: false
+  type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    requirements: 
+    - *id003
+  name: rack-test
+  prerelease: false
+  type: :development
+  version_requirements: *id006
+description: SimpleAuth HMAC authentication
+email: 
+- klotz.benjamin@yahoo.de
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- .rubocop.yml
+- .travis.yml
+- .yardopts
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/rack/simple_auth.rb
+- lib/rack/simple_auth/hmac.rb
+- lib/rack/simple_auth/version.rb
+- rack-simple_auth.gemspec
+- tasks/default.rake
+- tasks/floodtest.rake
+- tasks/test.rake
+- tasks/travis.rake
+- test/config.ru
+- test/rack/simple_auth/hmac_test.rb
+- test/test_helper.rb
+homepage: http://www.bennyklotz.at
+licenses: 
+- MIT
+metadata: {}
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - *id003
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - *id003
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: SimpleAuth HMAC authentication
+test_files: 
+- test/config.ru
+- test/rack/simple_auth/hmac_test.rb
+- test/test_helper.rb