rack-simple_auth 0.0.7 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rack/simple_auth/hmac.rb +13 -12
- data/lib/rack/simple_auth/version.rb +1 -1
- data/test/config.ru +5 -2
- data/test/config_fail.ru +5 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9c47c099cef5db40ab296856b0303d0f80f8a029
|
|
4
|
+
data.tar.gz: 30a478fc99e1a28b8e02002cb121b245a1414766
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 49d0adcd6a212b70388594850c423f163fed2df252ab1f951d0678103960b7266125a12a0cf9be742c0b0f92575cfd1d977c504e14083f8734d18ef1f069eb38
|
|
7
|
+
data.tar.gz: b68147b6ee615cff33f4fc082d600fa877a54d11b3be9890df3ab2ea07fc8f45f342a86fb369f41f278a2bcd31dc6c7f3d16443d4cb2bc0f3d8d57ce74b7b7b3
|
|
@@ -7,13 +7,14 @@ module Rack
|
|
|
7
7
|
# @param [Rack Application] app [next middleware or rack app which gets called]
|
|
8
8
|
# @param [String] signature [Public Signature]
|
|
9
9
|
# @param [String] secret [Secret used for Message Encryption]
|
|
10
|
-
def initialize(app,
|
|
10
|
+
def initialize(app, config)
|
|
11
11
|
@app = app
|
|
12
|
-
@signature = signature
|
|
13
|
-
@secret = secret
|
|
14
|
-
@config = config
|
|
12
|
+
@signature = config['signature'] || ''
|
|
13
|
+
@secret = config['secret'] || ''
|
|
15
14
|
@tolerance = config['tolerance'] || 0 # 0 if tolerance not set in config hash
|
|
16
|
-
@logpath = logpath
|
|
15
|
+
@logpath = config['logpath']
|
|
16
|
+
|
|
17
|
+
@config = config
|
|
17
18
|
end
|
|
18
19
|
|
|
19
20
|
# call Method for Rack Middleware/Application
|
|
@@ -32,10 +33,10 @@ module Rack
|
|
|
32
33
|
# @param [Rack::Request] request [current Request]
|
|
33
34
|
# @return [boolean] ValidationStatus [If authorized returns true, else false]
|
|
34
35
|
def valid?(request)
|
|
35
|
-
|
|
36
|
+
hash_array = build_allowed_messages(request)
|
|
36
37
|
|
|
37
38
|
if request.env['HTTP_AUTHORIZATION'].nil?
|
|
38
|
-
log(request)
|
|
39
|
+
log(request, hash_array)
|
|
39
40
|
|
|
40
41
|
return false
|
|
41
42
|
end
|
|
@@ -44,10 +45,10 @@ module Rack
|
|
|
44
45
|
message_hash = auth_array[0]
|
|
45
46
|
signature = auth_array[1]
|
|
46
47
|
|
|
47
|
-
if signature == @signature &&
|
|
48
|
+
if signature == @signature && hash_array.include?(message_hash)
|
|
48
49
|
true
|
|
49
50
|
else
|
|
50
|
-
log(request)
|
|
51
|
+
log(request, hash_array)
|
|
51
52
|
|
|
52
53
|
false
|
|
53
54
|
end
|
|
@@ -100,7 +101,7 @@ module Rack
|
|
|
100
101
|
|
|
101
102
|
# Log to @logpath if request is unathorized
|
|
102
103
|
# @param [Rack::Request] request [current Request]
|
|
103
|
-
def log(request)
|
|
104
|
+
def log(request, hash_array)
|
|
104
105
|
if @logpath
|
|
105
106
|
path = request.path
|
|
106
107
|
method = request.request_method
|
|
@@ -108,9 +109,9 @@ module Rack
|
|
|
108
109
|
log = "#{Time.new} - #{method} #{path} - 400 Unauthorized - HTTP_AUTHORIZATION: #{request.env['HTTP_AUTHORIZATION']}\n"
|
|
109
110
|
log << "Auth Message Config: #{@config[request.request_method]}\n"
|
|
110
111
|
|
|
111
|
-
if
|
|
112
|
+
if hash_array
|
|
112
113
|
log << "Allowed Encrypted Messages:\n"
|
|
113
|
-
|
|
114
|
+
hash_array.each do |hash|
|
|
114
115
|
log << "#{hash}\n"
|
|
115
116
|
end
|
|
116
117
|
end
|
data/test/config.ru
CHANGED
|
@@ -7,8 +7,11 @@ config = {
|
|
|
7
7
|
'DELETE' => 'path',
|
|
8
8
|
'PUT' => 'path',
|
|
9
9
|
'PATCH' => 'path',
|
|
10
|
-
'tolerance' => 2
|
|
10
|
+
'tolerance' => 2,
|
|
11
|
+
'signature' => 'test_signature',
|
|
12
|
+
'secret' => 'test_secret',
|
|
13
|
+
'logpath' => "#{File.expand_path('..', __FILE__)}/logs"
|
|
11
14
|
}
|
|
12
15
|
|
|
13
|
-
use Rack::SimpleAuth::HMAC,
|
|
16
|
+
use Rack::SimpleAuth::HMAC, config
|
|
14
17
|
run Rack::Lobster.new
|
data/test/config_fail.ru
CHANGED
|
@@ -6,8 +6,10 @@ config = {
|
|
|
6
6
|
'POST' => 'paramas',
|
|
7
7
|
'DELETE' => 'path',
|
|
8
8
|
'PUT' => 'path',
|
|
9
|
-
'PATCH' => 'path'
|
|
9
|
+
'PATCH' => 'path',
|
|
10
|
+
'signature' => 'test_signature',
|
|
11
|
+
'secret' => 'test_secret'
|
|
10
12
|
}
|
|
11
13
|
|
|
12
|
-
use Rack::SimpleAuth::HMAC,
|
|
13
|
-
run Rack::Lobster.new
|
|
14
|
+
use Rack::SimpleAuth::HMAC, config
|
|
15
|
+
run Rack::Lobster.new
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-simple_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Benny1992
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-04-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|