rack-u2f 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +14 -7
  3. data/lib/rack/u2f/authentication_middleware.rb +4 -1
  4. data/lib/rack/u2f/helpers.rb +0 -1
  5. data/lib/rack/u2f/registration_server.rb +1 -1
  6. data/lib/rack/u2f/version.rb +1 -1
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 293216cb2f753e7ffae84b3d65aabd4a5b472359
4
- data.tar.gz: 173f07ee1e0ef64ad696b5994dbd0a993de0bd04
3
+ metadata.gz: 75385507e44ffd51443e6d4a864251a72cbf9724
4
+ data.tar.gz: 3d20699e67ed4f01aa90177111d1b8dddd786a9a
5
5
  SHA512:
6
- metadata.gz: cc091c574805618fa863b6cef886e6ce249151c8b622f08e37bb0fc2ff91ea486f565a08161b4d19b85682560c1b25ee1337fc8931ec9401bc31ca01482e7cb5
7
- data.tar.gz: f1175bd3ce0366219a8cca9db89b962e063cd47dbfa631a8d13861b26958fa5bb2f08a7fea3279379c4043e5ec876bdf68590beb78a24939f0261fd5e3507208
6
+ metadata.gz: df5d4356775a6eb09cd2ed8a816a74359bbd666b111575a587e56f47a059c0ae9712ef4c6389afed2222c1748186110647c5a575a694743e4dcd5b1529814a2e
7
+ data.tar.gz: f3e91e2bee2371b14c40eb1a7ed4ef15847d004603bc9f51938d4e0796b13baeb2ef2233166705d205c0efc0d53c34afc8e393b8001821799f00a7032b2c34c7
data/README.md CHANGED
@@ -2,6 +2,8 @@
2
2
 
3
3
  Note: This gem needs a tidy up and will be properly released by end of Nov 2017
4
4
 
5
+ [![Gem Version](https://badge.fury.io/rb/rack-u2f.svg)](https://badge.fury.io/rb/rack-u2f)
6
+
5
7
  ## Installation
6
8
 
7
9
  Add this line to your application's Gemfile:
@@ -26,23 +28,28 @@ Rack middleware to authenticate against registered U2F devices
26
28
 
27
29
  In rails:
28
30
 
29
- In `config/routes.rb`:
30
-
31
- ```ruby
32
- mount Rack::U2f::RegistrationServer.new(store: Rack::U2f::RegistrationStore::RedisStore.new), at: '/u2f_registration'
33
- ```
34
-
35
31
  in `config/application.rb`
36
32
 
37
33
  ```ruby
38
34
  config.middleware.use Rack::U2f::AuthenticationMiddleware, {
39
35
  store: Rack::U2f::RegistrationStore::RedisStore.new,
40
- exclude_urls: [/\Au2f/, /\A\/\z/]
36
+ exclude_urls: [/\Au2f/, /\A\/\z/],
37
+ enable_registration: ENV['ENABLE_U2F_REGISTRATION'] == "true",
38
+ after_sign_in_url: '/', # optional, defaults to '/'
39
+ u2f_register_path: '/_u2f_register' #optional, defaults to '/_u2f_register'
41
40
  }
42
41
  ```
43
42
 
44
43
  Currently only a redis store is developed, but other stores such as active record will be easy to add.
45
44
 
45
+ if `enable_registration` is set to `"true"` then you will be able to visit `/_u2f_register` to register a new key.
46
+
47
+ Note: U2F only works on *https* connections.
48
+
49
+ In addition, the registration depends on the url used to register, so data from one environment will not work on another.
50
+
51
+ When authenticated, the session is used to store that fact. *You must be using a secure session store*.
52
+
46
53
  ## Development
47
54
 
48
55
  After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
data/lib/rack/u2f/authentication_middleware.rb CHANGED
@@ -6,13 +6,16 @@ module Rack
6
6
 
7
7
  def initialize(app, config = nil)
8
8
  @app = app
9
+ @config = config
10
+ @u2f_register_path = config[:u2f_register_path] || '/_u2f_register'
9
11
  @store = config[:store] || raise('Please specify a U2F store such as Rack::U2f::RegistrationStore::RedisStore.new')
10
- @exclude_urls = config[:exclude_urls] || [/\A\/u2f/]
12
+ @exclude_urls = config[:exclude_urls] || []
11
13
  end
12
14
 
13
15
  def call(env)
14
16
  request = Rack::Request.new(env)
15
17
  return @app.call(env) if excluded?(request)
18
+ return RegistrationServer.new(@config).call(env) if request.path == '/_u2f_register'
16
19
  return @app.call(env) if authenticated?(request)
17
20
  return resp_auth_from_u2f(request) if request.params['u2f_auth']
18
21
  challenge_page(request)
data/lib/rack/u2f/helpers.rb CHANGED
@@ -7,7 +7,6 @@ module Rack
7
7
  return app_id if [443, 80].include?(request.port)
8
8
  app_id + ':' + request.port
9
9
  end
10
-
11
10
  end
12
11
  end
13
12
  end
data/lib/rack/u2f/registration_server.rb CHANGED
@@ -14,7 +14,7 @@ module Rack
14
14
  end
15
15
 
16
16
  def call(env)
17
- return [403, {}, ['']] unless ENV['ENABLE_U2F_REGISTRATION']
17
+ return [403, {}, ['Registration Disabled']] unless @config[:enable_registration]
18
18
  request = Rack::Request.new(env)
19
19
  if request.get?
20
20
  generate_registration(request)
data/lib/rack/u2f/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module U2f
3
- VERSION = "0.1.0"
3
+ VERSION = "0.1.1"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-u2f
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eaden McKee