soar_smaak 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/README.md +6 -6
- data/lib/soar_smaak/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 54105076178483895fe0e6a804ab68575c328dfa
|
4
|
+
data.tar.gz: 74883a8412232860c90b1d41b0d96f5ad7aa38ff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 903b24fcabbc5c8073de057a0ad30c39c86813209ff76c3013cb3b38f29e73e8b53823186ec6b2479f7abed52a8f067c57df772503c711038429ce27584b6114
|
7
|
+
data.tar.gz: 629977dec239617f6b7191e56d0abfb231954ee7c879dcf40cd8d25f6166ca634cb35b31bc60830a5fa89ac9d9d7e2572d04ecd5b0ebd8ecbc05e3601cf376a5
|
data/.gitignore
CHANGED
data/README.md
CHANGED
@@ -1,12 +1,12 @@
|
|
1
1
|
# SoarSmaak
|
2
2
|
|
3
|
-
This library offers Rack middle-ware for SMAAK communication.
|
3
|
+
This library offers Rack middle-ware for SMAAK communication. Requests are examined to determine whether the route the request is destined for requires message signing, or whether the request itself is a SMAAK request. If either are true, the SMAAK message is interpreted and verified. The message is decrypted if it was encrypted, and passed to the rack application stack unencrypted, only if the signature is verified. After processing by the application stack, responses are signed into SMAAK responses, and encrypted if the authorization message indicated it should be. Non-SMAAK messages are passed through to the application stack without interpretation or verification. SoarSmaak::Router will refuse requests with a 500 in the case of any failures.
|
4
4
|
|
5
5
|
## Dependencies
|
6
6
|
|
7
|
-
### configuration
|
7
|
+
### configuration : optional
|
8
8
|
|
9
|
-
A dictionary including a SMAAK public and private key identifying the service component in question, as well as an optional associations dictionary with the identity and public key and pre-shared key of associations that the SMAAK middleware should verify. An example follows:
|
9
|
+
A dictionary including a SMAAK public and private key identifying the service component in question, as well as an optional associations dictionary with the identity and public key and pre-shared key of associations that the SMAAK middleware should verify. If a configuration is not provided, SMAAK will be disabled. An example follows:
|
10
10
|
|
11
11
|
```
|
12
12
|
public_key: |
|
@@ -28,16 +28,16 @@ associations:
|
|
28
28
|
psk: 655U0Rw6Rk12
|
29
29
|
```
|
30
30
|
|
31
|
-
### signed_routes
|
31
|
+
### signed_routes: optional
|
32
32
|
|
33
|
-
A dictionary of paths and an indication whether the route is signed,
|
33
|
+
A dictionary of paths and an indication whether the route is signed. If no routes are signed, SMAAK requests will still be verified if detected. If signed routes are provided, SMAAK verification will be done and non-SMAAK requests will be refused on those routes. E.g.
|
34
34
|
|
35
35
|
```
|
36
36
|
{ "/secure-service" => true,
|
37
37
|
"/another-service" => false }
|
38
38
|
```
|
39
39
|
|
40
|
-
### auditing
|
40
|
+
### auditing: optional
|
41
41
|
|
42
42
|
An auditing provider that adheres to the API specified here: https://rubygems.org/gems/soar_auditor_api. If an auditing provider is not present, $stderr will be used.
|
43
43
|
|
data/lib/soar_smaak/version.rb
CHANGED