tokenify 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (17) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +21 -0
  3. data/.rspec +2 -0
  4. data/.travis.yml +3 -0
  5. data/Gemfile +4 -0
  6. data/LICENSE +20 -0
  7. data/LICENSE.txt +22 -0
  8. data/README.md +50 -0
  9. data/Rakefile +6 -0
  10. data/lib/tokenify.rb +2 -0
  11. data/lib/tokenify/token.rb +41 -0
  12. data/lib/tokenify/version.rb +3 -0
  13. data/spec/spec_helper.rb +6 -0
  14. data/spec/tokenify/token_spec.rb +86 -0
  15. data/spec/tokenify_spec.rb +7 -0
  16. data/tokenify.gemspec +24 -0
  17. metadata +105 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 7e27be55e1d8b752d55d097c6f1fab24d6aeb855
4
+ data.tar.gz: 9d5a0d29e5d9e7f80bca5bd10e120f0e18e2a775
5
+ SHA512:
6
+ metadata.gz: 320f748936b0078dd88740b9dfd252889c466cc8ee347b6d3df3e0e1919b3d45a07981a3d7a0e4ef2e0a75812a38a9768d81113ea054112ab5700aa8e1e7989f
7
+ data.tar.gz: f0a41cfa058ece9b4bb5226039b0cba5af8278e2130db46c30f78fdd13bdc045f9004e3a353cd4c42d038b037513e6f2701605081659c5cb7bd9ff7faaa08e45
data/.gitignore ADDED
@@ -0,0 +1,21 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ coverage
9
+ doc/
10
+ lib/bundler/man
11
+ pkg
12
+ rdoc
13
+ spec/reports
14
+ test/tmp
15
+ test/version_tmp
16
+ tmp
17
+
18
+ # YARD artifacts
19
+ .yardoc
20
+ _yardoc
21
+ doc/
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --format documentation
2
+ --color
data/.travis.yml ADDED
@@ -0,0 +1,3 @@
1
+ language: ruby
2
+ rvm:
3
+ - 2.0.0
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in tokenify.gemspec
4
+ gemspec
data/LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2013 Florent Monbillard
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy of
6
+ this software and associated documentation files (the "Software"), to deal in
7
+ the Software without restriction, including without limitation the rights to
8
+ use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
9
+ the Software, and to permit persons to whom the Software is furnished to do so,
10
+ subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
17
+ FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
18
+ COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
19
+ IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
20
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 EppO
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,50 @@
1
+ # Tokenify
2
+
3
+ tokenify is a utility class to generate and decrypt tokens using AES-256 encryption.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'tokenify'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install tokenify
18
+
19
+ ## Usage
20
+
21
+ ### Generate the token
22
+
23
+ # token = Token.new(secret, salt, data_to_encrypt).generate
24
+ => token object including encrypted token
25
+ # token.encrypted
26
+ => encrypted token string
27
+ # token.encoded
28
+ => encrypted token string encoded in URL friendly base64
29
+
30
+ ### Decrypt the token
31
+
32
+ # data_to_decrypt = token = Token.new(secret, salt, token.encoded).decrypt
33
+ => original data in plain text
34
+ # data_to_decrypt == data_to_encrypt
35
+ => true
36
+
37
+ if you don't want to encode your token in base64, you can still decrypt the encrypted version:
38
+
39
+ # data_to_decrypt = token = Token.new(secret, salt, token.encrypted).decrypt(false)
40
+ => original data in plain text
41
+ # data_to_decrypt == data_to_encrypt
42
+ => true
43
+
44
+ ## Contributing
45
+
46
+ 1. Fork it
47
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
48
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
49
+ 4. Push to the branch (`git push origin my-new-feature`)
50
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
data/lib/tokenify.rb ADDED
@@ -0,0 +1,2 @@
1
+ require "tokenify/version"
2
+ require "tokenify/token"
data/lib/tokenify/token.rb ADDED
@@ -0,0 +1,41 @@
1
+ require 'openssl'
2
+ require 'base64'
3
+
4
+ module Tokenify
5
+ class Token
6
+ attr_reader :encrypted, :plain
7
+
8
+ def initialize(secret, salt, data)
9
+ @secret = secret
10
+ @salt = salt
11
+ @data = data
12
+ end
13
+
14
+ def self.cipher(mode, key, data, iv = nil)
15
+ cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc').send(mode)
16
+ cipher.key = Digest::SHA256.hexdigest(key)
17
+ if iv
18
+ cipher.iv = iv
19
+ cipher.update(data) << cipher.final
20
+ else
21
+ cipher.iv = iv = cipher.random_iv
22
+ iv + cipher.update(data) + cipher.final
23
+ end
24
+ end
25
+
26
+ def generate
27
+ @encrypted = Token.cipher(:encrypt, "#{@secret}:#{@salt}", @data)
28
+ self
29
+ end
30
+
31
+ def encoded
32
+ Base64.urlsafe_encode64(@encrypted)
33
+ end
34
+
35
+ def decrypt(is_encoded = true)
36
+ decoded = is_encoded ? Base64.urlsafe_decode64(@data) : @data
37
+ iv = decoded.slice!(0,16)
38
+ @plain = Token.cipher(:decrypt, "#{@secret}:#{@salt}", decoded, iv)
39
+ end
40
+ end
41
+ end
data/lib/tokenify/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module Tokenify
2
+ VERSION = "0.0.1"
3
+ end
data/spec/spec_helper.rb ADDED
@@ -0,0 +1,6 @@
1
+ require 'openssl'
2
+ require 'base64'
3
+ require 'securerandom'
4
+
5
+ $LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
6
+ require 'tokenify'
data/spec/tokenify/token_spec.rb ADDED
@@ -0,0 +1,86 @@
1
+ require 'spec_helper'
2
+
3
+ module Tokenify
4
+ describe Token do
5
+ subject { token_instance }
6
+
7
+ let(:secret) { SecureRandom.hex }
8
+ let(:salt) { SecureRandom.hex }
9
+ let(:data) { "this is secret data. Don't let the NSA see this." }
10
+
11
+ let(:token_instance) { Token.new(secret, salt, data) }
12
+ let(:encrypted_token) { token_instance.generate }
13
+
14
+ describe "#new" do
15
+ it "creates a new token instance" do
16
+ expect(subject).to be_kind_of(Token)
17
+ end
18
+
19
+ it "sets secret instance variable" do
20
+ expect(subject.instance_variable_get(:@secret)).to eq(secret)
21
+ end
22
+
23
+ it "sets salt instance variable" do
24
+ expect(subject.instance_variable_get(:@salt)).to eq(salt)
25
+ end
26
+
27
+ it "sets data instance variable" do
28
+ expect(subject.instance_variable_get(:@data)).to eq(data)
29
+ end
30
+ end
31
+
32
+ describe "#generate" do
33
+ let(:another_token) { Token.new(secret, salt, data).generate }
34
+
35
+ it "creates a unique encrypted token" do
36
+ expect(subject.generate).to_not eq(another_token)
37
+ end
38
+ end
39
+
40
+ describe "#encoded" do
41
+ let(:encoded_token) { encrypted_token.encoded }
42
+
43
+ it "creates a unique encrypted token" do
44
+ expect(encoded_token).to eq(Base64.urlsafe_encode64(encrypted_token.encrypted))
45
+ end
46
+ end
47
+
48
+ describe "#decrypt" do
49
+ context "with a good key and a good salt" do
50
+ subject { Token.new(secret, salt, encrypted_token.encoded) }
51
+
52
+ it "decrypts successfully the token" do
53
+ expect(subject.decrypt).to eq(data)
54
+ end
55
+ end
56
+
57
+ context "with a good key and a good salt and a token not encoded" do
58
+ subject { Token.new(secret, salt, encrypted_token.encrypted) }
59
+
60
+ it "decrypts successfully the token" do
61
+ expect(subject.decrypt(false)).to eq(data)
62
+ end
63
+ end
64
+
65
+ context "with a bad secret key" do
66
+ subject { Token.new(bad_secret, salt, encrypted_token.encoded) }
67
+
68
+ let(:bad_secret) { SecureRandom.hex }
69
+
70
+ it "raises a decryption error" do
71
+ expect { subject.decrypt }.to raise_error(OpenSSL::Cipher::CipherError)
72
+ end
73
+ end
74
+
75
+ context "with a bad secret salt" do
76
+ subject { Token.new(secret, bad_salt, encrypted_token.encoded) }
77
+
78
+ let(:bad_salt) { SecureRandom.hex }
79
+
80
+ it "raises a decryption error" do
81
+ expect { subject.decrypt }.to raise_error(OpenSSL::Cipher::CipherError)
82
+ end
83
+ end
84
+ end
85
+ end
86
+ end
data/spec/tokenify_spec.rb ADDED
@@ -0,0 +1,7 @@
1
+ require 'spec_helper'
2
+
3
+ describe Tokenify do
4
+ it 'should have a version number' do
5
+ Tokenify::VERSION.should_not be_nil
6
+ end
7
+ end
data/tokenify.gemspec ADDED
@@ -0,0 +1,24 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'tokenify/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "tokenify"
8
+ spec.version = Tokenify::VERSION
9
+ spec.authors = [ "Florent Monbillard" ]
10
+ spec.email = [ "f.monbillard@gmail.com" ]
11
+ spec.description = %q{tokenify is a utility class to generate and decrypt tokens using AES-256 encryption}
12
+ spec.summary = %q{Utility class to generate and decrypt tokens}
13
+ spec.homepage = "https://github.com/EppO/tokenify"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_development_dependency "bundler", "~> 1.3"
22
+ spec.add_development_dependency "rake"
23
+ spec.add_development_dependency "rspec"
24
+ end
metadata ADDED
@@ -0,0 +1,105 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: tokenify
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Florent Monbillard
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2013-11-04 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.3'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.3'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rspec
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ description: tokenify is a utility class to generate and decrypt tokens using AES-256
56
+ encryption
57
+ email:
58
+ - f.monbillard@gmail.com
59
+ executables: []
60
+ extensions: []
61
+ extra_rdoc_files: []
62
+ files:
63
+ - ".gitignore"
64
+ - ".rspec"
65
+ - ".travis.yml"
66
+ - Gemfile
67
+ - LICENSE
68
+ - LICENSE.txt
69
+ - README.md
70
+ - Rakefile
71
+ - lib/tokenify.rb
72
+ - lib/tokenify/token.rb
73
+ - lib/tokenify/version.rb
74
+ - spec/spec_helper.rb
75
+ - spec/tokenify/token_spec.rb
76
+ - spec/tokenify_spec.rb
77
+ - tokenify.gemspec
78
+ homepage: https://github.com/EppO/tokenify
79
+ licenses:
80
+ - MIT
81
+ metadata: {}
82
+ post_install_message:
83
+ rdoc_options: []
84
+ require_paths:
85
+ - lib
86
+ required_ruby_version: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - ">="
89
+ - !ruby/object:Gem::Version
90
+ version: '0'
91
+ required_rubygems_version: !ruby/object:Gem::Requirement
92
+ requirements:
93
+ - - ">="
94
+ - !ruby/object:Gem::Version
95
+ version: '0'
96
+ requirements: []
97
+ rubyforge_project:
98
+ rubygems_version: 2.0.3
99
+ signing_key:
100
+ specification_version: 4
101
+ summary: Utility class to generate and decrypt tokens
102
+ test_files:
103
+ - spec/spec_helper.rb
104
+ - spec/tokenify/token_spec.rb
105
+ - spec/tokenify_spec.rb