shared-secret-authentication 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
data/.document ADDED
@@ -0,0 +1,5 @@
1
+ README.rdoc
2
+ lib/**/*.rb
3
+ bin/*
4
+ features/**/*.feature
5
+ LICENSE
data/.gitignore ADDED
@@ -0,0 +1,21 @@
1
+ ## MAC OS
2
+ .DS_Store
3
+
4
+ ## TEXTMATE
5
+ *.tmproj
6
+ tmtags
7
+
8
+ ## EMACS
9
+ *~
10
+ \#*
11
+ .\#*
12
+
13
+ ## VIM
14
+ *.swp
15
+
16
+ ## PROJECT::GENERAL
17
+ coverage
18
+ rdoc
19
+ pkg
20
+
21
+ ## PROJECT::SPECIFIC
data/LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2009 Josh Moore
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.rdoc ADDED
@@ -0,0 +1,17 @@
1
+ = shared-secret-authentication
2
+
3
+ Description goes here.
4
+
5
+ == Note on Patches/Pull Requests
6
+
7
+ * Fork the project.
8
+ * Make your feature addition or bug fix.
9
+ * Add tests for it. This is important so I don't break it in a
10
+ future version unintentionally.
11
+ * Commit, do not mess with rakefile, version, or history.
12
+ (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
13
+ * Send me a pull request. Bonus points for topic branches.
14
+
15
+ == Copyright
16
+
17
+ Copyright (c) 2010 Josh Moore. See LICENSE for details.
data/Rakefile ADDED
@@ -0,0 +1,45 @@
1
+ require 'rubygems'
2
+ require 'rake'
3
+
4
+ begin
5
+ require 'jeweler'
6
+ Jeweler::Tasks.new do |gem|
7
+ gem.name = "shared-secret-authentication"
8
+ gem.summary = %Q{helper methods to make shared secret authentication easier}
9
+ gem.description = %Q{helper methods to make shared secret authentication easier}
10
+ gem.email = "joshsmoore@gmail.com"
11
+ gem.homepage = "http://github.com/joshsmoore@gmail.com/shared-secret-authentication"
12
+ gem.authors = ["Josh Moore"]
13
+ gem.add_development_dependency "rspec", ">= 1.2.9"
14
+ # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
15
+ end
16
+ Jeweler::GemcutterTasks.new
17
+ rescue LoadError
18
+ puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
19
+ end
20
+
21
+ require 'spec/rake/spectask'
22
+ Spec::Rake::SpecTask.new(:spec) do |spec|
23
+ spec.libs << 'lib' << 'spec'
24
+ spec.spec_files = FileList['spec/**/*_spec.rb']
25
+ end
26
+
27
+ Spec::Rake::SpecTask.new(:rcov) do |spec|
28
+ spec.libs << 'lib' << 'spec'
29
+ spec.pattern = 'spec/**/*_spec.rb'
30
+ spec.rcov = true
31
+ end
32
+
33
+ task :spec => :check_dependencies
34
+
35
+ task :default => :spec
36
+
37
+ require 'rake/rdoctask'
38
+ Rake::RDocTask.new do |rdoc|
39
+ version = File.exist?('VERSION') ? File.read('VERSION') : ""
40
+
41
+ rdoc.rdoc_dir = 'rdoc'
42
+ rdoc.title = "shared-secret-authentication #{version}"
43
+ rdoc.rdoc_files.include('README*')
44
+ rdoc.rdoc_files.include('lib/**/*.rb')
45
+ end
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.1.0
File without changes
@@ -0,0 +1,7 @@
1
+ require 'yaml'
2
+ require 'digest'
3
+
4
+ Dir['lib/shared-secret-authentication/*.rb'].each do |file|
5
+ require file
6
+ end
7
+
@@ -0,0 +1,24 @@
1
+ module SharedSecretAuthentication
2
+ extend self
3
+
4
+ def self.sign_hash(hash)
5
+ hash.merge('signature' => hash_signature(hash))
6
+ end
7
+
8
+ def self.hash_signature_correct?(hash)
9
+ raise ArgumentError.new("hash must be signed (have a key of 'signature')") unless expected_signature = hash.delete('signature')
10
+
11
+ hash_signature(hash) == expected_signature
12
+ end
13
+
14
+ def self.hash_signature(hash)
15
+ d = Digest::SHA2.new
16
+ string_keys = hash.keys.inject({}) {|keys, key| keys.merge!(key.to_s => key) }
17
+ string_keys.keys.sort.each do |key|
18
+ d.update key
19
+ d.update hash[string_keys[key]].to_s
20
+ end
21
+ d.update SHARED_SECRET
22
+ d.to_s
23
+ end
24
+ end
@@ -0,0 +1,5 @@
1
+ require 'yaml'
2
+
3
+ puts File.new('config/shared_secret.yml').read
4
+ puts YAML.load(File.new('config/shared_secret.yml')).inspect
5
+ SHARED_SECRET = YAML.load(File.new('config/shared_secret.yml'))
@@ -0,0 +1,55 @@
1
+ require 'spec/spec_helper'
2
+
3
+ describe SharedSecretAuthentication do
4
+ before(:all) do
5
+ Object.const_set(:SHARED_SECRET, 'test')
6
+ end
7
+ describe '.sign_hash' do
8
+ it 'should respond to sign_hash' do
9
+ SharedSecretAuthentication.should respond_to :sign_hash
10
+ end
11
+
12
+ it 'should add a "signature" key to the hash ' do
13
+ SharedSecretAuthentication.sign_hash({'test' => 'me'}).keys.should include 'signature'
14
+ end
15
+
16
+ it 'should assign the signature of the hash plus the shared string and make this the value of signature' do
17
+ SharedSecretAuthentication.sign_hash('test' => 'me')['signature'].should == '95f5e1e8bc0f836d233fd108393d56f3c5532830c3fc29f54bd3a208de9699fd'
18
+ end
19
+ end
20
+
21
+ describe '.check_hash_signature' do
22
+ it 'should respond to check_hash_signature' do
23
+ SharedSecretAuthentication.should respond_to :hash_signature_correct?
24
+ end
25
+
26
+ it 'should raise an arguemtn error if the hash is not signed' do
27
+ lambda {SharedSecretAuthentication.hash_signature_correct?({})}.should raise_error ArgumentError
28
+ end
29
+
30
+
31
+ it 'should return true if the signature matches the expected signature' do
32
+ SharedSecretAuthentication.hash_signature_correct?({'test' => 'me', 'signature' => '95f5e1e8bc0f836d233fd108393d56f3c5532830c3fc29f54bd3a208de9699fd'}).should be_true
33
+ end
34
+
35
+ it 'should return false if the signatures do not match' do
36
+ SharedSecretAuthentication.hash_signature_correct?({'test' => 'me', 'signature' => '95f5e1e8bc0f836d233fd108393d56f3c5532830c3fc29f54bd3a200de9699fd'}).should be_false
37
+ end
38
+ end
39
+
40
+ describe '.hash_signature' do
41
+ it 'should calculate the checksum of the hash plus the shared string and make this the value of signature' do
42
+ SharedSecretAuthentication.hash_signature('test' => 'me').should == '95f5e1e8bc0f836d233fd108393d56f3c5532830c3fc29f54bd3a208de9699fd'
43
+ end
44
+
45
+
46
+ it 'should not matter what order the hash is defined it it should produce the same signature' do
47
+ SharedSecretAuthentication.hash_signature({'test' => 'me', 'different' => 'order', '1' => '2'}).should == SharedSecretAuthentication.hash_signature({'1' => '2', 'different' => 'order', 'test' => 'me'})
48
+ end
49
+
50
+ it 'should work for hash keys that are symbols' do
51
+ SharedSecretAuthentication.hash_signature(:test => 'me', :key => 'test').should == 'b1a4b3df933590f973f07e6f0a391e95a8423e7b5250973f24e3174d60e8a1ac'
52
+ end
53
+
54
+ end
55
+ end
@@ -0,0 +1,19 @@
1
+ require 'spec/spec_helper'
2
+
3
+ describe 'load shared secret' do
4
+ it 'should declare a constant SHARED_SECRET' do
5
+ File.stub!(:new)
6
+ Object.const_defined?(:SHARED_SECRET).should be_true
7
+ end
8
+
9
+ it 'should load the shared_secret from config/shared_secret.yml' do
10
+ puts 'starting test'
11
+ file = StringIO.new(":shared_secret : my_shared_secret")
12
+ File.stub!(:new).and_return(file)
13
+
14
+ require 'lib/shared-secret-authentication/load_secret'
15
+ #file.should_receive(:read).once.and_return(file.read)
16
+
17
+ SHARED_SECRET.should == 'my_shared_secret'
18
+ end
19
+ end
@@ -0,0 +1,7 @@
1
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+
3
+ describe "SharedSecretAuthentication" do
4
+ it "fails" do
5
+ fail "hey buddy, you should probably rename this file and start specing for real"
6
+ end
7
+ end
data/spec/spec.opts ADDED
@@ -0,0 +1 @@
1
+ --color
@@ -0,0 +1,9 @@
1
+ $LOAD_PATH.unshift(File.dirname(__FILE__))
2
+ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
3
+ require 'shared-secret-authentication'
4
+ require 'spec'
5
+ require 'spec/autorun'
6
+
7
+ Spec::Runner.configure do |config|
8
+
9
+ end
data/watchr.rb ADDED
@@ -0,0 +1,36 @@
1
+ puts "\n### Watching specs and features ... ###\n"
2
+
3
+ #def cmd() 'bundle exec spec -O spec/spec.opts '; end
4
+ def cmd() 'spec -O spec/spec.opts '; end
5
+
6
+ def run_all_specs
7
+ system(cmd + 'spec/')
8
+ end
9
+
10
+ def run_spec(spec)
11
+ puts "Running #{spec}"
12
+ system(cmd + spec)
13
+ puts
14
+ end
15
+
16
+
17
+ def run_all_features
18
+ puts 'Running all features'
19
+ system 'rake cucumber'
20
+ end
21
+
22
+ watch('^spec/.*_spec\.rb') {|md| run_spec(md[0]) }
23
+ watch('spec/spec_helper.rb') {|md| run_all_specs }
24
+ watch('^lib/ruport/(.*)\.rb') {|md| run_spec("spec/lib/ruport/#{md[1]}_spec.rb")}
25
+ watch('^lib/(.*)\.rb') {|md| run_spec("spec/#{md[1]}_spec.rb")}
26
+
27
+ # Ctrl-\
28
+ Signal.trap('QUIT') do
29
+ puts "\n### Running all specs and features ###\n"
30
+ run_all_specs
31
+ run_all_features
32
+ puts
33
+ end
34
+
35
+ # Ctrl-C
36
+ Signal.trap('INT') { abort("\n") }
metadata ADDED
@@ -0,0 +1,101 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: shared-secret-authentication
3
+ version: !ruby/object:Gem::Version
4
+ hash: 27
5
+ prerelease: false
6
+ segments:
7
+ - 0
8
+ - 1
9
+ - 0
10
+ version: 0.1.0
11
+ platform: ruby
12
+ authors:
13
+ - Josh Moore
14
+ autorequire:
15
+ bindir: bin
16
+ cert_chain: []
17
+
18
+ date: 2010-10-29 00:00:00 +08:00
19
+ default_executable:
20
+ dependencies:
21
+ - !ruby/object:Gem::Dependency
22
+ name: rspec
23
+ prerelease: false
24
+ requirement: &id001 !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ">="
28
+ - !ruby/object:Gem::Version
29
+ hash: 13
30
+ segments:
31
+ - 1
32
+ - 2
33
+ - 9
34
+ version: 1.2.9
35
+ type: :development
36
+ version_requirements: *id001
37
+ description: helper methods to make shared secret authentication easier
38
+ email: joshsmoore@gmail.com
39
+ executables: []
40
+
41
+ extensions: []
42
+
43
+ extra_rdoc_files:
44
+ - LICENSE
45
+ - README.rdoc
46
+ files:
47
+ - .document
48
+ - .gitignore
49
+ - LICENSE
50
+ - README.rdoc
51
+ - Rakefile
52
+ - VERSION
53
+ - config/shared_secret.yml
54
+ - lib/shared-secret-authentication.rb
55
+ - lib/shared-secret-authentication/hash_signitures.rb
56
+ - lib/shared-secret-authentication/load_secret.rb
57
+ - spec/shared-secret-authentication/hash_signitures_spec.rb
58
+ - spec/shared-secret-authentication/load_secret_spec.rb
59
+ - spec/shared-secret-authentication_spec.rb
60
+ - spec/spec.opts
61
+ - spec/spec_helper.rb
62
+ - watchr.rb
63
+ has_rdoc: true
64
+ homepage: http://github.com/joshsmoore@gmail.com/shared-secret-authentication
65
+ licenses: []
66
+
67
+ post_install_message:
68
+ rdoc_options:
69
+ - --charset=UTF-8
70
+ require_paths:
71
+ - lib
72
+ required_ruby_version: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - ">="
76
+ - !ruby/object:Gem::Version
77
+ hash: 3
78
+ segments:
79
+ - 0
80
+ version: "0"
81
+ required_rubygems_version: !ruby/object:Gem::Requirement
82
+ none: false
83
+ requirements:
84
+ - - ">="
85
+ - !ruby/object:Gem::Version
86
+ hash: 3
87
+ segments:
88
+ - 0
89
+ version: "0"
90
+ requirements: []
91
+
92
+ rubyforge_project:
93
+ rubygems_version: 1.3.7
94
+ signing_key:
95
+ specification_version: 3
96
+ summary: helper methods to make shared secret authentication easier
97
+ test_files:
98
+ - spec/shared-secret-authentication/hash_signitures_spec.rb
99
+ - spec/shared-secret-authentication/load_secret_spec.rb
100
+ - spec/shared-secret-authentication_spec.rb
101
+ - spec/spec_helper.rb