shared-secret-authentication 0.1.5 → 0.1.6

Sign up to get free protection for your applications and to get access to all the features.
data/README.rdoc CHANGED
@@ -1,6 +1,37 @@
1
1
  = shared-secret-authentication
2
2
 
3
- Description goes here.
3
+ The shared secret authentication gem's purpose it to authenticate the communication
4
+ between to web services using a shared secret. While there are many means to accomplish
5
+ this the currently implemented approach is to secure the parameters that are passed
6
+ between the two applications. The parameters are secured by sending the SHA2
7
+ signature of the parameters plus the shared secret along with the request.
8
+ The receiving application can then check the signature and if it matches it knows
9
+ that the request is not only came from an authorized application but that the
10
+ parameters have not been tampered with either.
11
+
12
+ == Setup
13
+
14
+ Besides installing the shared-secret-authentication gem the only other required setup
15
+ is a shared_secret.yml file in the config directory (relative to the root of the
16
+ project). The yaml file should look like this:
17
+
18
+ shared_secret : your_shared_secret
19
+
20
+ Once this file is in place you are ready to go.
21
+
22
+ == Usage
23
+
24
+ To sign a hash simply call <tt>SharedSecretAuthentication.sign_hash(hash)</tt>
25
+ (hash is the hash you want to sign) and a key of 'signature' with a value of the
26
+ checksum will be added to the hash. Please note this changes the originally passed
27
+ in hash.
28
+
29
+ On the other side use <tt>SharedSecretAuthentication.hash_signature_correct?(hash)</tt>
30
+ (hash is the hash you want to check the signature of). True or false is returned if
31
+ the checksum in 'signature' matches the checksum that is calculated locally.
32
+ If the passed in hash does not have a key of 'signature' an exception is raised.
33
+ Also the 'signature' key is deleted during this process.
34
+
4
35
 
5
36
  == Note on Patches/Pull Requests
6
37
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.1.5
1
+ 0.1.6
@@ -20,7 +20,11 @@ module SharedSecretAuthentication
20
20
  if value.instance_of? Hash
21
21
  value = value.collect {|k,v|
22
22
  if v.respond_to? :strftime
23
- k.to_s + v.strftime('%a %b %m %H:%M:%S %Y')
23
+ if v.respond_to? :utc
24
+ k.to_s + v.utc.strftime('%a %b %m %H:%M:%S %Y')
25
+ else
26
+ k.to_s + v.strftime('%a %b %m %H:%M:%S %Y')
27
+ end
24
28
  else
25
29
  k.to_s + v.to_s
26
30
  end
@@ -1,53 +1,51 @@
1
1
  # Generated by jeweler
2
2
  # DO NOT EDIT THIS FILE DIRECTLY
3
- # Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
4
  # -*- encoding: utf-8 -*-
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{shared-secret-authentication}
8
- s.version = "0.1.5"
8
+ s.version = "0.1.6"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Josh Moore"]
12
- s.date = %q{2010-11-16}
12
+ s.date = %q{2011-01-20}
13
13
  s.description = %q{helper methods to make shared secret authentication easier}
14
14
  s.email = %q{joshsmoore@gmail.com}
15
15
  s.extra_rdoc_files = [
16
16
  "LICENSE",
17
- "README.rdoc"
17
+ "README.rdoc"
18
18
  ]
19
19
  s.files = [
20
20
  ".document",
21
- ".gitignore",
22
- "LICENSE",
23
- "README.rdoc",
24
- "Rakefile",
25
- "VERSION",
26
- "config/shared_secret.yml",
27
- "lib/shared-secret-authentication.rb",
28
- "lib/shared-secret-authentication/generator.rb",
29
- "lib/shared-secret-authentication/hash_signatures.rb",
30
- "lib/shared-secret-authentication/load_secret.rb",
31
- "shared-secret-authentication.gemspec",
32
- "spec/shared-secret-authentication/generator_spec.rb",
33
- "spec/shared-secret-authentication/hash_signatures_spec.rb",
34
- "spec/shared-secret-authentication/load_secret_spec.rb",
35
- "spec/shared-secret-authentication_spec.rb",
36
- "spec/spec.opts",
37
- "spec/spec_helper.rb",
38
- "watchr.rb"
21
+ "LICENSE",
22
+ "README.rdoc",
23
+ "Rakefile",
24
+ "VERSION",
25
+ "config/shared_secret.yml",
26
+ "lib/shared-secret-authentication.rb",
27
+ "lib/shared-secret-authentication/generator.rb",
28
+ "lib/shared-secret-authentication/hash_signatures.rb",
29
+ "lib/shared-secret-authentication/load_secret.rb",
30
+ "shared-secret-authentication.gemspec",
31
+ "spec/shared-secret-authentication/generator_spec.rb",
32
+ "spec/shared-secret-authentication/hash_signatures_spec.rb",
33
+ "spec/shared-secret-authentication/load_secret_spec.rb",
34
+ "spec/shared-secret-authentication_spec.rb",
35
+ "spec/spec.opts",
36
+ "spec/spec_helper.rb",
37
+ "watchr.rb"
39
38
  ]
40
39
  s.homepage = %q{http://github.com/joshsmoore@gmail.com/shared-secret-authentication}
41
- s.rdoc_options = ["--charset=UTF-8"]
42
40
  s.require_paths = ["lib"]
43
41
  s.rubygems_version = %q{1.3.7}
44
42
  s.summary = %q{helper methods to make shared secret authentication easier}
45
43
  s.test_files = [
46
44
  "spec/shared-secret-authentication/generator_spec.rb",
47
- "spec/shared-secret-authentication/hash_signatures_spec.rb",
48
- "spec/shared-secret-authentication/load_secret_spec.rb",
49
- "spec/shared-secret-authentication_spec.rb",
50
- "spec/spec_helper.rb"
45
+ "spec/shared-secret-authentication/hash_signatures_spec.rb",
46
+ "spec/shared-secret-authentication/load_secret_spec.rb",
47
+ "spec/shared-secret-authentication_spec.rb",
48
+ "spec/spec_helper.rb"
51
49
  ]
52
50
 
53
51
  if s.respond_to? :specification_version then
@@ -48,16 +48,18 @@ describe SharedSecretAuthentication do
48
48
  SharedSecretAuthentication.hash_signature('test' => 'me').should == '95f5e1e8bc0f836d233fd108393d56f3c5532830c3fc29f54bd3a208de9699fd'
49
49
  end
50
50
 
51
-
52
51
  it 'should not matter what order the hash is defined it it should produce the same signature' do
53
52
  SharedSecretAuthentication.hash_signature({'test' => 'me', 'different' => 'order', '1' => '2'}).should == SharedSecretAuthentication.hash_signature({'1' => '2', 'different' => 'order', 'test' => 'me'})
54
53
  end
55
54
 
56
-
57
55
  it 'should work for hash keys that are symbols' do
58
56
  SharedSecretAuthentication.hash_signature(:test => 'me', :key => 'test').should == 'b1a4b3df933590f973f07e6f0a391e95a8423e7b5250973f24e3174d60e8a1ac'
59
57
  end
60
58
 
59
+ it 'should work if the hash is signed in a different time zone' do
60
+ SharedSecretAuthentication.hash_signature_correct?({'visits' => {'visit_date' => Time.parse('2010-06-04T16:48:46Z'), 'mysql_id' => 1}, 'signature' => "d461a73c904fe4cd55b0eaa7212a89973f3126067bccf97775767575a26a148f"}).should be_true
61
+ end
62
+
61
63
  context 'edge cases' do
62
64
  it 'should produce the same signature for both hashes' do
63
65
  hash1 = {"practices"=>{"name"=>"Body Image Physical Therapy & Fitness P.C.", "mysql_updated_at"=>Time.parse("Thu, 03 Jun 2010 19:15:03 UTC +00:00"), "mysql_id"=>79}}
data/spec/spec_helper.rb CHANGED
@@ -6,6 +6,7 @@ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
6
6
  require 'shared-secret-authentication'
7
7
  require 'rspec'
8
8
  require 'rspec/autorun'
9
+ require 'time'
9
10
 
10
11
 
11
12
  RSpec.configure do |config|
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: shared-secret-authentication
3
3
  version: !ruby/object:Gem::Version
4
- hash: 17
4
+ hash: 23
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 1
9
- - 5
10
- version: 0.1.5
9
+ - 6
10
+ version: 0.1.6
11
11
  platform: ruby
12
12
  authors:
13
13
  - Josh Moore
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-11-16 00:00:00 +08:00
18
+ date: 2011-01-20 00:00:00 -10:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
@@ -45,7 +45,6 @@ extra_rdoc_files:
45
45
  - README.rdoc
46
46
  files:
47
47
  - .document
48
- - .gitignore
49
48
  - LICENSE
50
49
  - README.rdoc
51
50
  - Rakefile
@@ -68,8 +67,8 @@ homepage: http://github.com/joshsmoore@gmail.com/shared-secret-authentication
68
67
  licenses: []
69
68
 
70
69
  post_install_message:
71
- rdoc_options:
72
- - --charset=UTF-8
70
+ rdoc_options: []
71
+
73
72
  require_paths:
74
73
  - lib
75
74
  required_ruby_version: !ruby/object:Gem::Requirement
data/.gitignore DELETED
@@ -1,23 +0,0 @@
1
- ## MAC OS
2
- .DS_Store
3
-
4
- ## TEXTMATE
5
- *.tmproj
6
- tmtags
7
-
8
- .idea
9
-
10
- ## EMACS
11
- *~
12
- \#*
13
- .\#*
14
-
15
- ## VIM
16
- *.swp
17
-
18
- ## PROJECT::GENERAL
19
- coverage
20
- rdoc
21
- pkg
22
-
23
- ## PROJECT::SPECIFIC