request_signing-rack 0.1.0.pre1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/request_signing/rack.rb +90 -0
  3. metadata +74 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 990891400b8e0e83e423d658dc26026259a4fe7c
4
+ data.tar.gz: 200fd6b4d5f2361fdcd6bd8461fa15ce609a307e
5
+ SHA512:
6
+ metadata.gz: ac88f6d1a7d976524e17977da1ee15fe6be800a1cbcb1d61fd1e58b848aa1e6a5fe1d1c0f94c6794ec8ea9365c53d337f1daf2e3824183a0eec4944a51635cf1
7
+ data.tar.gz: 71b8c0efbda1713f60dd16ae1184921b8ab436d4b8b1424d8cec81e0e1989aacd5a317e11eba27b659f1fe632a1a990a83f8a7197af0c857bdaf11ce4d877b9d
data/lib/request_signing/rack.rb ADDED
@@ -0,0 +1,90 @@
1
+ require "rack/request"
2
+ require "request_signing"
3
+
4
+ module RequestSigning
5
+ module Adapters
6
+
7
+ # Registers `:rack` adapter for user with {RequestSigning::Verifier}
8
+ #
9
+ # @example
10
+ # v = RequestSigning::Verifier.new(adapter: :rack, key_store: key_store)
11
+ class Rack
12
+ def call(rack_request_env)
13
+ rack_request = ::Rack::Request.new(rack_request_env)
14
+ headers =
15
+ rack_request.each_header.select do |h, _|
16
+ h.start_with?("HTTP_") || %w[CONTENT_TYPE CONTENT_LENGTH].include?(h)
17
+ end.map do |h, v|
18
+ [h.gsub(/\AHTTP_/, "").gsub(/_/, "-").downcase, Array(v)]
19
+ end.to_h
20
+
21
+ GenericHTTPRequest.new(
22
+ rack_request.request_method.downcase,
23
+ rack_request.fullpath,
24
+ headers
25
+ )
26
+ end
27
+ end
28
+ end
29
+ register_adapter :rack, ->() { Adapters::Rack.new }
30
+
31
+ module Rack
32
+
33
+ ##
34
+ # Provides rack middleware for request signature verification
35
+ #
36
+ # @example common use case
37
+ # key_store = RequestSigning::KeyStores::Static.new(
38
+ # "app_1.v1" => ENV["APP_1_PUBKEY"],
39
+ # "app_2.v1" => ENV["APP_2_PUBKEY"],
40
+ # )
41
+ # use RequestSigning::Rack::Middleware, key_store: key_store
42
+ #
43
+ # @example custom error handling
44
+ # key_store = RequestSigning::KeyStores::Static.new(
45
+ # "app_1.v1" => ENV["APP_1_PUBKEY"],
46
+ # "app_2.v1" => ENV["APP_2_PUBKEY"],
47
+ # )
48
+ # logger = Logger.new(STDOUT)
49
+ #
50
+ # use RequestSigning::Rack::Middleware, key_store: key_store do |error, env, app|
51
+ # case error
52
+ # when RequestSigning::KeyNotFound, RequestSigning::MissingSignatureHeader
53
+ # # Useful during transition period while some clients still don't sign requests
54
+ # logger.debug("skipping signature verification: #{error}")
55
+ # app.call(env)
56
+ # else
57
+ # logger.error(error)
58
+ # [401, { "Content-Type" => "application/json" }, [%q({"error": "signature verification error"})]]
59
+ # end
60
+ # end
61
+ ##
62
+ class Middleware
63
+ ##
64
+ # @overload initialize(app, key_store:)
65
+ # @param app [#call] underlying rack app
66
+ # @param key_store [#fetch, #key?] verification key repository
67
+ # @raise [RequestSigning::Error] request signature verification error
68
+ #
69
+ # @overload initialize(app, key_store:)
70
+ # @param app [#call] underlying rack app
71
+ # @param key_store [#fetch, #key?] verification key repository
72
+ # @yieldparam err [RequestSigning::Error] signature verification error object
73
+ # @yieldparam env [Rack::Request::Env] rack request
74
+ # @yieldparam app [#call] the underlying rack app
75
+ ##
76
+ def initialize(app, key_store:, &block)
77
+ @app = app
78
+ @verifier = RequestSigning::Verifier.new(adapter: :rack, key_store: key_store)
79
+ @block = block || proc { |err, _, _| raise err if err }
80
+ end
81
+
82
+ def call(env)
83
+ @verifier.verify!(env)
84
+ @app.call(env)
85
+ rescue RequestSigning::Error => e
86
+ @block.call(e, env, @app)
87
+ end
88
+ end
89
+ end
90
+ end
metadata ADDED
@@ -0,0 +1,74 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: request_signing-rack
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0.pre1
5
+ platform: ruby
6
+ authors:
7
+ - Vlad Yarotsky
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2017-10-27 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: request_signing
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '='
18
+ - !ruby/object:Gem::Version
19
+ version: 0.1.0.pre1
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '='
25
+ - !ruby/object:Gem::Version
26
+ version: 0.1.0.pre1
27
+ - !ruby/object:Gem::Dependency
28
+ name: rack
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '2.0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '2.0'
41
+ description: Rack middleware for request signature verification based on request_signing
42
+ email:
43
+ - vlad@remind101.com
44
+ executables: []
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - lib/request_signing/rack.rb
49
+ homepage: https://github.com/remind101/request_signing
50
+ licenses:
51
+ - MIT
52
+ metadata:
53
+ yard.run: yri
54
+ post_install_message:
55
+ rdoc_options: []
56
+ require_paths:
57
+ - lib
58
+ required_ruby_version: !ruby/object:Gem::Requirement
59
+ requirements:
60
+ - - ">="
61
+ - !ruby/object:Gem::Version
62
+ version: '0'
63
+ required_rubygems_version: !ruby/object:Gem::Requirement
64
+ requirements:
65
+ - - ">"
66
+ - !ruby/object:Gem::Version
67
+ version: 1.3.1
68
+ requirements: []
69
+ rubyforge_project:
70
+ rubygems_version: 2.6.8
71
+ signing_key:
72
+ specification_version: 4
73
+ summary: Rack middleware for request signature verification
74
+ test_files: []