rack-simple_auth 1.0.3 → 1.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 185f4e18284df3e3d9a0a54d91ab5d6f44efa43d
-  data.tar.gz: 170edd2a83ad1b31c9f9b84fd554592bc5695e91
+  metadata.gz: 0166a62aa16634f85f815db10c9856bf39e9e11c
+  data.tar.gz: 7a4043bcbe808edfb1eeb580d737914b47637f90
 SHA512:
-  metadata.gz: 625d216c440cbb2d84448d7652f23e4f4b45b00ffdd427ae8571a5e974f1873fcca41fc67dae4496c82950c3e82aeb9496f70cbc0255f8f94a01e53a6dcab2f2
-  data.tar.gz: 2fa968ad1e8e9489a9fc636da5f4a0f249c76f1166cda18e8070ad5454165c0b6d7f76e72cbee1db8e6f4bc04c48d96412bb4b3955cf11af19eda675a67769d9
+  metadata.gz: f32b803d35245a9a37e665fff4b39fde60bc4c3431318bc8c7480b8d6a7fb1cae99a9aee3214634e059cd45f7674e01a2f074d201945e3a839b3001b1fb3365f
+  data.tar.gz: a257ea5f3f9f234c74e308932239280b118dda9f6475b0ffbffc91627fe08835803ea901af3e91f848089ef93f8f1c69786815c5cfdbf30ac5e9b80a65762638

data/MANIFEST

@@ -8,9 +8,13 @@ checksum/rack-simple_auth-0.1.2.gem.sha512
 checksum/rack-simple_auth-1.0.0.gem.sha512
 checksum/rack-simple_auth-1.0.0rc.gem.sha512
 checksum/rack-simple_auth-1.0.1.gem.sha512
+checksum/rack-simple_auth-1.0.3.gem.sha512
+checksum/rack-simple_auth-1.0.4.gem.sha512
 lib/rack/simple_auth.rb
 lib/rack/simple_auth/hmac/config.rb
 lib/rack/simple_auth/hmac/middleware.rb
+lib/rack/simple_auth/hmac/request.rb
+lib/rack/simple_auth/hmac/response.rb
 lib/rack/simple_auth/logger.rb
 lib/rack/simple_auth/version.rb
 rack-simple_auth.gemspec

data/checksum/rack-simple_auth-1.0.3.gem.sha512

@@ -0,0 +1 @@
+3c74fc621b80b95b3dcde055142e6900778c67c8e5ed3b550195c4d934c5aff5b7ab427b936dd725afc1aa5c118e7e7646a25e991be9f12f0c45e7621902f537

data/checksum/rack-simple_auth-1.0.4.gem.sha512

@@ -0,0 +1 @@
+4dc93569f637e6d1e4e4f564efab90c192cba3f84d4368de83ff80b88d14dd642c8a234e64ee3a1167ab765651963d4a37873e34353cff7701cd5e5eef06bf2d

data/lib/rack/simple_auth.rb

@@ -3,6 +3,8 @@ require 'rack/simple_auth/logger'
 
 # HMAC utilities
 require 'rack/simple_auth/hmac/config'
+require 'rack/simple_auth/hmac/request'
+require 'rack/simple_auth/hmac/response'
 require 'rack/simple_auth/hmac/middleware'
 
 require 'json'

data/lib/rack/simple_auth/hmac/config.rb

@@ -23,7 +23,7 @@ module Rack
       # @!attribute [rw] verbose
       #  @return [TrueClass|NilClass]
       #
-      class Config < Hash
+      class Config
         attr_writer :tolerance
         attr_writer :secret, :signature
 

data/lib/rack/simple_auth/hmac/middleware.rb

@@ -63,163 +63,15 @@ module Rack
         #
         def call!(env)
           env = env.dup
-          @request = Rack::Request.new(env)
+          @request = Request.new(env, @config)
 
-          # This STATE is needed
-          # logging & authorizing have to use the exact same messages, so don't call allowed_messages 2 times
-          # Call it 1 time and save this state
-          @allowed_messages = allowed_messages
-
-          if valid_request?
+          if @request.valid?
             @app.call(env)
           else
-            response = Rack::Response.new('Unauthorized', 401, 'Content-Type' => 'text/html')
+            response = Response.new('Unauthorized', 401, 'Content-Type' => 'text/html')
             response.finish
           end
         end
-
-        private
-
-        ##
-        # Checks for valid HMAC Request
-        #
-        # @return [TrueClass] if request is authorized
-        # @return [FalseClass] if request is not authorized or HTTP_AUTHORIZATION Header is not set
-        #
-        def valid_request?
-          log
-
-          return false if empty_header? || !authorized?
-
-          true
-        end
-
-        ##
-        # Check if HTTP_AUTHORIZATION Header is set
-        #
-        # @return [TrueClass] if header is set
-        # @return [FalseClass] if header is not set
-        #
-        def empty_header?
-          @request.env['HTTP_AUTHORIZATION'].nil?
-        end
-
-        ##
-        # Check if request is authorized
-        #
-        # @return [TrueClass] if request is authorized -> {#request_signature} is correct & {#request_message} is included
-        #   in {#allowed_messages}
-        # @return [FalseClass] if request is not authorized
-        #
-        def authorized?
-          request_signature.eql?(@config.signature) && @allowed_messages.include?(request_message)
-        end
-
-        ##
-        # Get request signature
-        #
-        # @return [String] signature of current request
-        #
-        def request_signature
-          @request.env['HTTP_AUTHORIZATION'].split(':').last
-        end
-
-        ##
-        # Get encrypted request message
-        #
-        # @return [String] message of current request
-        #
-        def request_message
-          @request.env['HTTP_AUTHORIZATION'].split(':').first
-        end
-
-        ##
-        # Builds Array of allowed message hashs between @tolerance via {#message}
-        #
-        # @return [Array]
-        def allowed_messages
-          messages = []
-
-          # Timestamp with milliseconds as Fixnum
-          date = (Time.now.to_f.freeze * 1000).to_i
-          (-(@config.tolerance)..0).step(1) do |i|
-            messages << OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @config.secret, message(date, i))
-          end
-
-          messages
-        end
-
-        ##
-        # Get Message for current Request and delay
-        #
-        # @param [Fixnum] date [current date in timestamp format]
-        # @param [Fixnum] delay [delay in timestamp format]
-        #
-        # @return [String] message
-        def message(date, delay = 0)
-          date += delay
-
-          { 'method' => @request.request_method, 'date' => date, 'data' => request_data }.to_json
-        end
-
-        ##
-        # Get Request Data specified by @config.request_config
-        #
-        # @return [String|Hash] data
-        #
-        # Note: REFACTOR this shit..
-        def request_data
-          return @request.send(@config.request_config[method].to_sym) if valid_message_type?
-
-          fail "Not a valid option #{@config.request_config[method]} - Use either params or path"
-        end
-
-        ##
-        # Request method for current request
-        #
-        # @return [String] Request Method [GET|POST|PUT|DELETE|PATCH]
-        #
-        def method
-          @request.request_method
-        end
-
-        ##
-        # Check if message type for current request is valid
-        #
-        # @return [TrueClass] if message type for current request is path or params
-        # @return [FalseClass] if message type is invalid
-        #
-        def valid_message_type?
-          @config.request_config[method] == 'path' || @config.request_config[method] == 'params'
-        end
-
-        ##
-        # Log to @config.logpath
-        # Contains:
-        #   - allowed messages and received message
-        #   - time when request was made
-        #   - type of request
-        #   - requested path
-        #
-        # Note: This is kinda slow under Rubinius
-        #   (Rack::SimpleAuth::Logger.log has IO action, i think there are some performance issues)
-        #
-        def log
-          msg =  "#{Time.new} - #{@request.request_method} #{@request.path} - 400 Unauthorized\n"
-          msg << "HTTP_AUTHORIZATION: #{@request.env['HTTP_AUTHORIZATION']}\n"
-          msg << "Auth Message Config: #{@config.request_config[@request.request_method]}\n"
-
-          if @allowed_messages
-            msg << "Allowed Encrypted Messages:\n"
-            @allowed_messages.each do |hash|
-              msg << "#{hash}\n"
-            end
-          end
-
-          msg << "Auth Signature: #{@config.signature}"
-
-          Rack::SimpleAuth::Logger.log(@config.logpath, @config.verbose, ENV['RACK_ENV'], msg)
-        end
       end # Middleware
     end # HMAC
   end # SimpleAuth

data/lib/rack/simple_auth/hmac/request.rb

@@ -0,0 +1,156 @@
+module Rack
+  module SimpleAuth
+    module HMAC
+      class Request < Rack::Request
+        def initialize(env, config)
+          @env = env
+          @config = config
+          @allowed_messages = allowed_messages
+        end
+
+        ##
+        # Checks for valid HMAC Request
+        #
+        # @return [TrueClass] if request is authorized
+        # @return [FalseClass] if request is not authorized or HTTP_AUTHORIZATION Header is not set
+        #
+        def valid?
+          log
+
+          return false if empty_header? || !authorized?
+
+          true
+        end
+
+      private
+
+        ##
+        # Builds Array of allowed message hashs between @tolerance via {#message}
+        #
+        # @return [Array]
+        def allowed_messages
+          messages = []
+
+          # Timestamp with milliseconds as Fixnum
+          date = (Time.now.to_f.freeze * 1000).to_i
+          (-(@config.tolerance)..0).step(1) do |i|
+            messages << OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), @config.secret, build_message(date, i))
+          end
+
+          messages
+        end
+
+        ##
+        # Build Message for current Request and delay
+        #
+        # @param [Fixnum] date [current date in timestamp format]
+        # @param [Fixnum] delay [delay in timestamp format]
+        #
+        # @return [String] message
+        def build_message(date, delay = 0)
+          date += delay
+
+          { 'method' => self.request_method, 'date' => date, 'data' => data }.to_json
+        end
+
+        ##
+        # Get Request Data specified by @config.request_config
+        #
+        # @return [String|Hash] data
+        #
+        # Note: REFACTOR this shit..
+        def data
+          return self.send(@config.request_config[method].to_sym) if valid_message_type?
+
+          fail "Not a valid option #{@config.request_config[method]} - Use either params or path"
+        end
+
+        ##
+        # Check if HTTP_AUTHORIZATION Header is set
+        #
+        # @return [TrueClass] if header is set
+        # @return [FalseClass] if header is not set
+        #
+        def empty_header?
+          self.env['HTTP_AUTHORIZATION'].nil?
+        end
+
+        ##
+        # Check if request is authorized
+        #
+        # @return [TrueClass] if request is authorized -> {#signature} is correct & {#message} is included
+        #   in {#allowed_messages}
+        # @return [FalseClass] if request is not authorized
+        #
+        def authorized?
+          signature.eql?(@config.signature) && @allowed_messages.include?(message)
+        end
+
+        ##
+        # Get request signature
+        #
+        # @return [String] signature of current request
+        #
+        def signature
+          self.env['HTTP_AUTHORIZATION'].split(':').last
+        end
+
+        ##
+        # Get encrypted request message
+        #
+        # @return [String] message of current request
+        #
+        def message
+          self.env['HTTP_AUTHORIZATION'].split(':').first
+        end
+
+        ##
+        # Request method for current request
+        #
+        # @return [String] Request Method [GET|POST|PUT|DELETE|PATCH]
+        #
+        def method
+          self.request_method
+        end
+
+        ##
+        # Check if message type for current request is valid
+        #
+        # @return [TrueClass] if message type for current request is path or params
+        # @return [FalseClass] if message type is invalid
+        #
+        def valid_message_type?
+          @config.request_config[method] == 'path' || @config.request_config[method] == 'params'
+        end
+
+        ##
+        # Log to @config.logpath
+        # Contains:
+        #   - allowed messages and received message
+        #   - time when request was made
+        #   - type of request
+        #   - requested path
+        #
+        # Note: This is kinda slow under Rubinius
+        #   (Rack::SimpleAuth::Logger.log has IO action, i think there are some performance issues)
+        #
+        def log
+          msg =  "#{Time.new} - #{self.request_method} #{self.path} - 400 Unauthorized\n"
+          msg << "HTTP_AUTHORIZATION: #{self.env['HTTP_AUTHORIZATION']}\n"
+          msg << "Auth Message Config: #{@config.request_config[self.request_method]}\n"
+
+          if @allowed_messages
+            msg << "Allowed Encrypted Messages:\n"
+            @allowed_messages.each do |hash|
+              msg << "#{hash}\n"
+            end
+          end
+
+          msg << "Auth Signature: #{@config.signature}"
+
+          Rack::SimpleAuth::Logger.log(@config.logpath, @config.verbose, ENV['RACK_ENV'], msg)
+        end
+      end
+    end
+  end
+end

data/lib/rack/simple_auth/hmac/response.rb

@@ -0,0 +1,8 @@
+module Rack
+  module SimpleAuth
+    module HMAC
+      class Response < Rack::Response
+      end
+    end
+  end
+end

data/lib/rack/simple_auth/version.rb

@@ -2,6 +2,6 @@ module Rack
   # Module which Contains different Authorization / Authentication Classes (HMAC, ..)
   module SimpleAuth
     # Current Gem Version
-    VERSION = '1.0.3'
+    VERSION = '1.0.5'
   end
 end

data/rack-simple_auth.gemspec

@@ -28,8 +28,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "coveralls", '~>  0.7'
   spec.add_development_dependency 'codeclimate-test-reporter'
   spec.add_development_dependency "rack-test", '~>  0.6'
-  spec.add_development_dependency 'rspec', '~> 2.14.1'
+  spec.add_development_dependency 'rspec', '~> 3'
 
   spec.add_development_dependency 'minitest', '~> 5.3'
-  spec.add_development_dependency 'minitest-reporters'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-simple_auth
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.0.5
 platform: ruby
 authors:
 - Benny1992
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-05-14 00:00:00.000000000 Z
+date: 2014-06-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.14.1
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.14.1
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -122,20 +122,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.3'
-- !ruby/object:Gem::Dependency
-  name: minitest-reporters
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: SimpleAuth HMAC authentication
 email:
 - r3qnbenni@gmail.com
@@ -153,9 +139,13 @@ files:
 - checksum/rack-simple_auth-1.0.0.gem.sha512
 - checksum/rack-simple_auth-1.0.0rc.gem.sha512
 - checksum/rack-simple_auth-1.0.1.gem.sha512
+- checksum/rack-simple_auth-1.0.3.gem.sha512
+- checksum/rack-simple_auth-1.0.4.gem.sha512
 - lib/rack/simple_auth.rb
 - lib/rack/simple_auth/hmac/config.rb
 - lib/rack/simple_auth/hmac/middleware.rb
+- lib/rack/simple_auth/hmac/request.rb
+- lib/rack/simple_auth/hmac/response.rb
 - lib/rack/simple_auth/logger.rb
 - lib/rack/simple_auth/version.rb
 - rack-simple_auth.gemspec
@@ -179,7 +169,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.3.0
 signing_key: 
 specification_version: 4
 summary: SimpleAuth HMAC authentication