url_signature 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/FUNDING.yml +4 -0
- data/.github/ISSUE_TEMPLATE/bug_report.md +41 -0
- data/.github/ISSUE_TEMPLATE/feature_request.md +23 -0
- data/.github/PULL_REQUEST_TEMPLATE.md +38 -0
- data/.github/dependabot.yml +15 -0
- data/.github/workflows/tests.yml +53 -0
- data/.gitignore +11 -0
- data/.rubocop.yml +13 -0
- data/CHANGELOG.md +16 -0
- data/CODE_OF_CONDUCT.md +74 -0
- data/CONTRIBUTING.md +79 -0
- data/Gemfile +5 -0
- data/LICENSE.md +20 -0
- data/README.md +108 -0
- data/Rakefile +15 -0
- data/bin/console +16 -0
- data/bin/setup +10 -0
- data/lib/url_signature.rb +79 -0
- data/lib/url_signature/url.rb +91 -0
- data/lib/url_signature/version.rb +5 -0
- data/url_signature.gemspec +44 -0
- data/url_signature.svg +1 -0
- metadata +169 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 403aa1e79b5d5f67e7179061d8458f0121dd1a0541efb43af01854a109d7d8c5
|
4
|
+
data.tar.gz: 7c1de86c5265f134981ea8872c7a7875c617510b338e12b2674e0bd11ecb8875
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 70d88e10de08b6653c911c47a85b298c0dba0de6a927ec9fc41af3c72fb9732d9e0e31bdcb35bcff86ffdb97b53b89795ff22e7471313d6533bfcd7ec7b6880e
|
7
|
+
data.tar.gz: 1e80fbb63970e492e61332f030d30f9de64dc8d128f4232bfd230f8ac22d3748bcf15fc631e6e9ab0b11007dd71b658d6c93c7adcbd59a3f53a6fc17ac712ddd
|
data/.github/FUNDING.yml
ADDED
@@ -0,0 +1,41 @@
|
|
1
|
+
---
|
2
|
+
name: "🐛 Bug Report"
|
3
|
+
about: Report a reproducible bug or regression.
|
4
|
+
title: 'Bug: '
|
5
|
+
labels: 'Status: Unconfirmed'
|
6
|
+
|
7
|
+
---
|
8
|
+
|
9
|
+
<!--
|
10
|
+
- Please provide a clear and concise description of what the bug is.
|
11
|
+
- If possible, add an example reproducing your issue.
|
12
|
+
- Please test using the latest version of url_signature
|
13
|
+
to make sure your issue has not already been fixed.
|
14
|
+
-->
|
15
|
+
|
16
|
+
## Description
|
17
|
+
|
18
|
+
[Add bug description here]
|
19
|
+
|
20
|
+
## How to reproduce
|
21
|
+
|
22
|
+
[Add steps on how to reproduce this issue]
|
23
|
+
|
24
|
+
## What do you expect
|
25
|
+
|
26
|
+
[Describe what do you expect to happen]
|
27
|
+
|
28
|
+
## What happened instead
|
29
|
+
|
30
|
+
[Describe the actual results]
|
31
|
+
|
32
|
+
## Software:
|
33
|
+
|
34
|
+
- Gem version: [Add gem version here]
|
35
|
+
- Ruby version: [Add version here]
|
36
|
+
|
37
|
+
## Full backtrace
|
38
|
+
|
39
|
+
```text
|
40
|
+
[Paste full backtrace here]
|
41
|
+
```
|
@@ -0,0 +1,23 @@
|
|
1
|
+
---
|
2
|
+
name: "💡 Feature request"
|
3
|
+
about: Have an idea that may be useful? Make a suggestion!
|
4
|
+
title: 'Feature Request: '
|
5
|
+
labels: 'Feature request'
|
6
|
+
|
7
|
+
---
|
8
|
+
|
9
|
+
## Description
|
10
|
+
|
11
|
+
_A clear and concise description of what the problem is._
|
12
|
+
|
13
|
+
## Describe the solution
|
14
|
+
|
15
|
+
_A clear and concise description of what you want to happen._
|
16
|
+
|
17
|
+
## Alternatives you considered
|
18
|
+
|
19
|
+
_A clear and concise description of any alternative solutions or features you've considered._
|
20
|
+
|
21
|
+
## Additional context
|
22
|
+
|
23
|
+
_Add any other context, screenshots, links, etc about the feature request here._
|
@@ -0,0 +1,38 @@
|
|
1
|
+
<!--
|
2
|
+
If you're making a doc PR or something tiny where the below is irrelevant,
|
3
|
+
delete this template and use a short description, but in your description aim to
|
4
|
+
include both what the change is, and why it is being made, with enough context
|
5
|
+
for anyone to understand.
|
6
|
+
-->
|
7
|
+
|
8
|
+
<details>
|
9
|
+
<summary>PR Checklist</summary>
|
10
|
+
|
11
|
+
### PR Structure
|
12
|
+
|
13
|
+
- [ ] This PR has reasonably narrow scope (if not, break it down into smaller
|
14
|
+
PRs).
|
15
|
+
- [ ] This PR avoids mixing refactoring changes with feature changes (split into
|
16
|
+
two PRs otherwise).
|
17
|
+
- [ ] This PR's title starts is concise and descriptive.
|
18
|
+
|
19
|
+
### Thoroughness
|
20
|
+
|
21
|
+
- [ ] This PR adds tests for the most critical parts of the new functionality or
|
22
|
+
fixes.
|
23
|
+
- [ ] I've updated any docs, `.md` files, etc… affected by this change.
|
24
|
+
|
25
|
+
</details>
|
26
|
+
|
27
|
+
### What
|
28
|
+
|
29
|
+
[TODO: Short statement about what is changing.]
|
30
|
+
|
31
|
+
### Why
|
32
|
+
|
33
|
+
[TODO: Why this change is being made. Include any context required to understand
|
34
|
+
the why.]
|
35
|
+
|
36
|
+
### Known limitations
|
37
|
+
|
38
|
+
[TODO or N/A]
|
@@ -0,0 +1,15 @@
|
|
1
|
+
---
|
2
|
+
# Documentation:
|
3
|
+
# https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates
|
4
|
+
|
5
|
+
version: 2
|
6
|
+
updates:
|
7
|
+
- package-ecosystem: "github-actions"
|
8
|
+
directory: "/"
|
9
|
+
schedule:
|
10
|
+
interval: "daily"
|
11
|
+
|
12
|
+
- package-ecosystem: "bundler"
|
13
|
+
directory: "/"
|
14
|
+
schedule:
|
15
|
+
interval: "daily"
|
@@ -0,0 +1,53 @@
|
|
1
|
+
name: Tests
|
2
|
+
|
3
|
+
on:
|
4
|
+
pull_request:
|
5
|
+
branches:
|
6
|
+
- main
|
7
|
+
push:
|
8
|
+
branches:
|
9
|
+
- main
|
10
|
+
|
11
|
+
schedule:
|
12
|
+
- cron: "0 10 * * *"
|
13
|
+
|
14
|
+
jobs:
|
15
|
+
build:
|
16
|
+
name: Tests with Ruby ${{ matrix.ruby }} and ${{ matrix.gemfile }}
|
17
|
+
runs-on: "ubuntu-latest"
|
18
|
+
strategy:
|
19
|
+
fail-fast: false
|
20
|
+
matrix:
|
21
|
+
ruby: [2.6.x, 2.7.x]
|
22
|
+
gemfile:
|
23
|
+
- Gemfile
|
24
|
+
|
25
|
+
steps:
|
26
|
+
- uses: actions/checkout@v2.3.4
|
27
|
+
|
28
|
+
- uses: actions/cache@v2
|
29
|
+
with:
|
30
|
+
path: vendor/bundle
|
31
|
+
key: >
|
32
|
+
${{ runner.os }}-${{ matrix.ruby }}-gems-${{ hashFiles(matrix.gemfile) }}
|
33
|
+
restore-keys: >
|
34
|
+
${{ runner.os }}-${{ matrix.ruby }}-gems-${{ hashFiles(matrix.gemfile) }}
|
35
|
+
|
36
|
+
- name: Set up Ruby
|
37
|
+
uses: actions/setup-ruby@v1
|
38
|
+
with:
|
39
|
+
ruby-version: ${{ matrix.ruby }}
|
40
|
+
|
41
|
+
- name: Install gem dependencies
|
42
|
+
env:
|
43
|
+
BUNDLE_GEMFILE: ${{ matrix.gemfile }}
|
44
|
+
run: |
|
45
|
+
gem install bundler
|
46
|
+
bundle config path vendor/bundle
|
47
|
+
bundle update --jobs 4 --retry 3
|
48
|
+
|
49
|
+
- name: Run Tests
|
50
|
+
env:
|
51
|
+
BUNDLE_GEMFILE: ${{ matrix.gemfile }}
|
52
|
+
run: |
|
53
|
+
bundle exec rake
|
data/.gitignore
ADDED
data/.rubocop.yml
ADDED
data/CHANGELOG.md
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
# Changelog
|
2
|
+
|
3
|
+
<!--
|
4
|
+
Prefix your message with one of the following:
|
5
|
+
|
6
|
+
- [Added] for new features.
|
7
|
+
- [Changed] for changes in existing functionality.
|
8
|
+
- [Deprecated] for soon-to-be removed features.
|
9
|
+
- [Removed] for now removed features.
|
10
|
+
- [Fixed] for any bug fixes.
|
11
|
+
- [Security] in case of vulnerabilities.
|
12
|
+
-->
|
13
|
+
|
14
|
+
## v0.0.1 - 2020-11-04
|
15
|
+
|
16
|
+
- Initial release.
|
data/CODE_OF_CONDUCT.md
ADDED
@@ -0,0 +1,74 @@
|
|
1
|
+
# Contributor Covenant Code of Conduct
|
2
|
+
|
3
|
+
## Our Pledge
|
4
|
+
|
5
|
+
In the interest of fostering an open and welcoming environment, we as
|
6
|
+
contributors and maintainers pledge to making participation in our project and
|
7
|
+
our community a harassment-free experience for everyone, regardless of age, body
|
8
|
+
size, disability, ethnicity, gender identity and expression, level of experience,
|
9
|
+
nationality, personal appearance, race, religion, or sexual identity and
|
10
|
+
orientation.
|
11
|
+
|
12
|
+
## Our Standards
|
13
|
+
|
14
|
+
Examples of behavior that contributes to creating a positive environment
|
15
|
+
include:
|
16
|
+
|
17
|
+
* Using welcoming and inclusive language
|
18
|
+
* Being respectful of differing viewpoints and experiences
|
19
|
+
* Gracefully accepting constructive criticism
|
20
|
+
* Focusing on what is best for the community
|
21
|
+
* Showing empathy towards other community members
|
22
|
+
|
23
|
+
Examples of unacceptable behavior by participants include:
|
24
|
+
|
25
|
+
* The use of sexualized language or imagery and unwelcome sexual attention or
|
26
|
+
advances
|
27
|
+
* Trolling, insulting/derogatory comments, and personal or political attacks
|
28
|
+
* Public or private harassment
|
29
|
+
* Publishing others' private information, such as a physical or electronic
|
30
|
+
address, without explicit permission
|
31
|
+
* Other conduct which could reasonably be considered inappropriate in a
|
32
|
+
professional setting
|
33
|
+
|
34
|
+
## Our Responsibilities
|
35
|
+
|
36
|
+
Project maintainers are responsible for clarifying the standards of acceptable
|
37
|
+
behavior and are expected to take appropriate and fair corrective action in
|
38
|
+
response to any instances of unacceptable behavior.
|
39
|
+
|
40
|
+
Project maintainers have the right and responsibility to remove, edit, or
|
41
|
+
reject comments, commits, code, wiki edits, issues, and other contributions
|
42
|
+
that are not aligned to this Code of Conduct, or to ban temporarily or
|
43
|
+
permanently any contributor for other behaviors that they deem inappropriate,
|
44
|
+
threatening, offensive, or harmful.
|
45
|
+
|
46
|
+
## Scope
|
47
|
+
|
48
|
+
This Code of Conduct applies both within project spaces and in public spaces
|
49
|
+
when an individual is representing the project or its community. Examples of
|
50
|
+
representing a project or community include using an official project e-mail
|
51
|
+
address, posting via an official social media account, or acting as an appointed
|
52
|
+
representative at an online or offline event. Representation of a project may be
|
53
|
+
further defined and clarified by project maintainers.
|
54
|
+
|
55
|
+
## Enforcement
|
56
|
+
|
57
|
+
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
58
|
+
reported by contacting the project team at me@fnando.com. All
|
59
|
+
complaints will be reviewed and investigated and will result in a response that
|
60
|
+
is deemed necessary and appropriate to the circumstances. The project team is
|
61
|
+
obligated to maintain confidentiality with regard to the reporter of an incident.
|
62
|
+
Further details of specific enforcement policies may be posted separately.
|
63
|
+
|
64
|
+
Project maintainers who do not follow or enforce the Code of Conduct in good
|
65
|
+
faith may face temporary or permanent repercussions as determined by other
|
66
|
+
members of the project's leadership.
|
67
|
+
|
68
|
+
## Attribution
|
69
|
+
|
70
|
+
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
|
71
|
+
available at [https://contributor-covenant.org/version/1/4][version]
|
72
|
+
|
73
|
+
[homepage]: https://contributor-covenant.org
|
74
|
+
[version]: https://contributor-covenant.org/version/1/4/
|
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,79 @@
|
|
1
|
+
# Contributing to url_signature
|
2
|
+
|
3
|
+
👍🎉 First off, thanks for taking the time to contribute! 🎉👍
|
4
|
+
|
5
|
+
The following is a set of guidelines for contributing to this project. These are
|
6
|
+
mostly guidelines, not rules. Use your best judgment, and feel free to propose
|
7
|
+
changes to this document in a pull request.
|
8
|
+
|
9
|
+
## Code of Conduct
|
10
|
+
|
11
|
+
Everyone interacting in this project's codebases, issue trackers, chat rooms and
|
12
|
+
mailing lists is expected to follow the [code of conduct](https://github.com/fnando/url_signature/blob/main/CODE_OF_CONDUCT.md).
|
13
|
+
|
14
|
+
## Reporting bugs
|
15
|
+
|
16
|
+
This section guides you through submitting a bug report. Following these
|
17
|
+
guidelines helps maintainers and the community understand your report, reproduce
|
18
|
+
the behavior, and find related reports.
|
19
|
+
|
20
|
+
- Before creating bug reports, please check the open issues; somebody may
|
21
|
+
already have submitted something similar, and you may not need to create a new
|
22
|
+
one.
|
23
|
+
- When you are creating a bug report, please include as many details as
|
24
|
+
possible, with an example reproducing the issue.
|
25
|
+
|
26
|
+
## Contributing with code
|
27
|
+
|
28
|
+
Before making any radicals changes, please make sure you discuss your intention
|
29
|
+
by [opening an issue on Github](https://github.com/fnando/url_signature/issues).
|
30
|
+
|
31
|
+
When you're ready to make your pull request, follow checklist below to make sure
|
32
|
+
your contribution is according to how this project works.
|
33
|
+
|
34
|
+
1. [Fork](https://help.github.com/forking/) url_signature
|
35
|
+
2. Create a topic branch - `git checkout -b my_branch`
|
36
|
+
3. Make your changes using [descriptive commit messages](#commit-messages)
|
37
|
+
4. Update CHANGELOG.md describing your changes by adding an entry to the
|
38
|
+
"Unreleased" section. If this section is not available, create one right
|
39
|
+
before the last version.
|
40
|
+
5. Push to your branch - `git push origin my_branch`
|
41
|
+
6. [Create a pull request](https://docs.github.com/articles/creating-a-pull-request)
|
42
|
+
7. That's it!
|
43
|
+
|
44
|
+
## Styleguides
|
45
|
+
|
46
|
+
### Commit messages
|
47
|
+
|
48
|
+
- Use the present tense ("Add feature" not "Added feature")
|
49
|
+
- Use the imperative mood ("Move cursor to..." not "Moves cursor to...")
|
50
|
+
- Limit the first line to 72 characters or less
|
51
|
+
- Reference issues and pull requests liberally after the first line
|
52
|
+
|
53
|
+
### Changelog
|
54
|
+
|
55
|
+
- Add a message describing your changes to the "Unreleased" section. The
|
56
|
+
changelog message should follow the same style as the commit message.
|
57
|
+
- Prefix your message with one of the following:
|
58
|
+
- `[Added]` for new features.
|
59
|
+
- `[Changed]` for changes in existing functionality.
|
60
|
+
- `[Deprecated]` for soon-to-be removed features.
|
61
|
+
- `[Removed]` for now removed features.
|
62
|
+
- `[Fixed]` for any bug fixes.
|
63
|
+
- `[Security]` in case of vulnerabilities.
|
64
|
+
|
65
|
+
### Ruby code
|
66
|
+
|
67
|
+
- This project uses [Rubocop](https://rubocop.org) to enforce code style. Before
|
68
|
+
submitting your changes, make sure your tests are passing and code conforms to
|
69
|
+
the expected style by running `rake`.
|
70
|
+
- Do not change the library version. This will be done by the maintainer
|
71
|
+
whenever a new version is about to be released.
|
72
|
+
|
73
|
+
### JavaScript code
|
74
|
+
|
75
|
+
- This project uses [ESLint](https://eslint.org) to enforce code style. Before
|
76
|
+
submitting your changes, make sure your tests are passing and code conforms to
|
77
|
+
the expected style by running `yarn test:ci`.
|
78
|
+
- Do not change the library version. This will be done by the maintainer
|
79
|
+
whenever a new version is about to be released.
|
data/Gemfile
ADDED
data/LICENSE.md
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
# The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2020 Nando Vieira
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
6
|
+
this software and associated documentation files (the "Software"), to deal in
|
7
|
+
the Software without restriction, including without limitation the rights to
|
8
|
+
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
9
|
+
the Software, and to permit persons to whom the Software is furnished to do so,
|
10
|
+
subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
17
|
+
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
18
|
+
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
19
|
+
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
20
|
+
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,108 @@
|
|
1
|
+
<p align="center">
|
2
|
+
<a href="https://github.com/fnando/url_signature/">
|
3
|
+
<img width="400" src="https://github.com/fnando/url_signature/raw/main/url_signature.svg" alt="URL Signature">
|
4
|
+
</a>
|
5
|
+
</p>
|
6
|
+
|
7
|
+
<p align="center">
|
8
|
+
Create and verify signed urls. Supports expiration time.
|
9
|
+
</p>
|
10
|
+
|
11
|
+
<p align="center">
|
12
|
+
<a href="https://github.com/fnando/url_signature"><img src="https://github.com/fnando/url_signature/workflows/Tests/badge.svg" alt="Tests"></a>
|
13
|
+
<a href="https://codeclimate.com/github/fnando/url_signature"><img src="https://codeclimate.com/github/fnando/url_signature/badges/gpa.svg" alt="Code Climate"></a>
|
14
|
+
<a href="https://rubygems.org/gems/url_signature"><img src="https://img.shields.io/gem/v/url_signature.svg" alt="Version"></a>
|
15
|
+
<a href="https://rubygems.org/gems/url_signature"><img src="https://img.shields.io/gem/dt/url_signature.svg" alt="Downloads"></a>
|
16
|
+
</p>
|
17
|
+
|
18
|
+
## Installation
|
19
|
+
|
20
|
+
```bash
|
21
|
+
gem install url_signature
|
22
|
+
```
|
23
|
+
|
24
|
+
Or add the following line to your project's Gemfile:
|
25
|
+
|
26
|
+
```ruby
|
27
|
+
gem "url_signature"
|
28
|
+
```
|
29
|
+
|
30
|
+
## Usage
|
31
|
+
|
32
|
+
To create a signed url, you can use `SignedURL.call(url, **kwargs)`, where
|
33
|
+
arguments are:
|
34
|
+
|
35
|
+
- `key`: The secret key that will be used to generate the HMAC digest.
|
36
|
+
- `params`: Any additional params you want to add as query strings.
|
37
|
+
- `expires`: Any integer representing an epoch time. Urls won't be verified
|
38
|
+
after this date. By default, urls don't expire.
|
39
|
+
- `algorithm`: The hashing algorithm that will be used. By default, SHA256 will
|
40
|
+
be used.
|
41
|
+
- `signature_param`: The signature's param name. By default it's `signature`.
|
42
|
+
- `expires_param`: The expires' param name. By default it's `expires`.
|
43
|
+
|
44
|
+
```ruby
|
45
|
+
key = "secret"
|
46
|
+
|
47
|
+
signed_url = SignedURL.call("https://nandovieira.com", key: key)
|
48
|
+
#=> "https://nandovieira.com/?signature=87fdf44a5109c54edff2e0258b354e32ba5baf3dd21ec5af82f08b82ce362fbf"
|
49
|
+
```
|
50
|
+
|
51
|
+
You can use the method `SignedURL.verified?(url, **kwargs)` to verify if a
|
52
|
+
signed url is valid.
|
53
|
+
|
54
|
+
```ruby
|
55
|
+
key = "secret"
|
56
|
+
|
57
|
+
signed_url = SignedURL.call("https://nandovieira.com", key: key)
|
58
|
+
|
59
|
+
SignedURL.verified?(signed_url, key: key)
|
60
|
+
#=> true
|
61
|
+
```
|
62
|
+
|
63
|
+
Alternatively, you can use `SignedURL.verify!(url, **kwargs)`, which will raise
|
64
|
+
exceptions if a url cannot be verified (e.g. has been tampered, it's not fresh,
|
65
|
+
or is a plain invalid url).
|
66
|
+
|
67
|
+
- `URLSignature::InvalidURL` if url is not valid
|
68
|
+
- `URLSignature::ExpiredURL` if url has expired
|
69
|
+
- `URLSignature::InvalidSignature` if the signature cannot be verified
|
70
|
+
|
71
|
+
To create a url that's valid for a time window, use `:expires`. The following
|
72
|
+
example create a url that's valid for 2 minutes.
|
73
|
+
|
74
|
+
```ruby
|
75
|
+
key = "secret"
|
76
|
+
|
77
|
+
signed_url = SignedURL.call(
|
78
|
+
"https://nandovieira.com",
|
79
|
+
key: secret,
|
80
|
+
expires: Time.now.to_i + 120
|
81
|
+
)
|
82
|
+
#=> "https://nandovieira.com/?expires=1604477596&signature=7ac5eaee20d316c6cd3f81db14cde98c3c669d423a32d2c546730cbb0dcbc6f2"
|
83
|
+
```
|
84
|
+
|
85
|
+
## Maintainer
|
86
|
+
|
87
|
+
- [Nando Vieira](https://github.com/fnando)
|
88
|
+
|
89
|
+
## Contributors
|
90
|
+
|
91
|
+
- https://github.com/fnando/url_signature/contributors
|
92
|
+
|
93
|
+
## Contributing
|
94
|
+
|
95
|
+
For more details about how to contribute, please read
|
96
|
+
https://github.com/fnando/url_signature/blob/main/CONTRIBUTING.md.
|
97
|
+
|
98
|
+
## License
|
99
|
+
|
100
|
+
The gem is available as open source under the terms of the
|
101
|
+
[MIT License](https://opensource.org/licenses/MIT). A copy of the license can be
|
102
|
+
found at https://github.com/fnando/url_signature/blob/main/LICENSE.md.
|
103
|
+
|
104
|
+
## Code of Conduct
|
105
|
+
|
106
|
+
Everyone interacting in the url_signature project's codebases, issue trackers,
|
107
|
+
chat rooms and mailing lists is expected to follow the
|
108
|
+
[code of conduct](https://github.com/fnando/url_signature/blob/main/CODE_OF_CONDUCT.md).
|
data/Rakefile
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "bundler/gem_tasks"
|
4
|
+
require "rake/testtask"
|
5
|
+
require "rubocop/rake_task"
|
6
|
+
|
7
|
+
Rake::TestTask.new(:test) do |t|
|
8
|
+
t.libs << "test"
|
9
|
+
t.libs << "lib"
|
10
|
+
t.test_files = FileList["test/**/*_test.rb"]
|
11
|
+
end
|
12
|
+
|
13
|
+
RuboCop::RakeTask.new
|
14
|
+
|
15
|
+
task default: %i[test rubocop]
|
data/bin/console
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require "bundler/setup"
|
5
|
+
require "url_signature"
|
6
|
+
|
7
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
8
|
+
# with your gem easier. You can also use a different console, if you like.
|
9
|
+
|
10
|
+
begin
|
11
|
+
require "pry"
|
12
|
+
Pry.start
|
13
|
+
rescue LoadError
|
14
|
+
require "irb"
|
15
|
+
IRB.start(__FILE__)
|
16
|
+
end
|
data/bin/setup
ADDED
@@ -0,0 +1,79 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "uri"
|
4
|
+
require "cgi"
|
5
|
+
require "openssl"
|
6
|
+
|
7
|
+
module URLSignature
|
8
|
+
require "url_signature/version"
|
9
|
+
require "url_signature/url"
|
10
|
+
|
11
|
+
InvalidURL = Class.new(StandardError)
|
12
|
+
ExpiredURL = Class.new(StandardError)
|
13
|
+
InvalidSignature = Class.new(StandardError)
|
14
|
+
|
15
|
+
# Create a new signed url.
|
16
|
+
def self.call(
|
17
|
+
url,
|
18
|
+
key:,
|
19
|
+
params: {},
|
20
|
+
expires: 0,
|
21
|
+
signature_param: "signature",
|
22
|
+
expires_param: "expires",
|
23
|
+
algorithm: "SHA256"
|
24
|
+
)
|
25
|
+
expires = expires.to_i
|
26
|
+
params[expires_param] = expires if expires.positive?
|
27
|
+
url = build_url(url, params)
|
28
|
+
signature = OpenSSL::HMAC.hexdigest(algorithm, key, url.to_s)
|
29
|
+
url.add_query(signature_param, signature)
|
30
|
+
url.to_s
|
31
|
+
end
|
32
|
+
|
33
|
+
def self.verified?(
|
34
|
+
url,
|
35
|
+
key:,
|
36
|
+
algorithm: "SHA256",
|
37
|
+
expires_param: "expires",
|
38
|
+
signature_param: "signature"
|
39
|
+
)
|
40
|
+
verify!(
|
41
|
+
url,
|
42
|
+
key: key,
|
43
|
+
algorithm: algorithm,
|
44
|
+
expires_param: expires_param,
|
45
|
+
signature_param: signature_param
|
46
|
+
)
|
47
|
+
rescue InvalidSignature, InvalidURL, ExpiredURL
|
48
|
+
false
|
49
|
+
end
|
50
|
+
|
51
|
+
def self.verify!(
|
52
|
+
url,
|
53
|
+
key:,
|
54
|
+
algorithm: "SHA256",
|
55
|
+
expires_param: "expires",
|
56
|
+
signature_param: "signature"
|
57
|
+
)
|
58
|
+
url = build_url(url)
|
59
|
+
actual_signature, * = url.remove_query(signature_param)
|
60
|
+
expected_signature = OpenSSL::HMAC.hexdigest(algorithm, key, url.to_s)
|
61
|
+
|
62
|
+
expires = url.params[expires_param]&.first.to_i
|
63
|
+
|
64
|
+
raise ExpiredURL if expires.positive? && expires < Time.now.to_i
|
65
|
+
raise InvalidSignature unless actual_signature == expected_signature
|
66
|
+
|
67
|
+
true
|
68
|
+
end
|
69
|
+
|
70
|
+
class << self
|
71
|
+
private def build_url(url, params = {})
|
72
|
+
url = URL.new(url)
|
73
|
+
params.each {|name, value| url.add_query(name, value) }
|
74
|
+
url
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
79
|
+
SignedURL = URLSignature
|
@@ -0,0 +1,91 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module URLSignature
|
4
|
+
class URL
|
5
|
+
attr_reader :uri, :scheme, :host, :path, :user, :password, :fragment,
|
6
|
+
:params
|
7
|
+
private :uri
|
8
|
+
|
9
|
+
SEQUENCIAL_PARAMS = Object.new
|
10
|
+
|
11
|
+
def initialize(url)
|
12
|
+
@uri = parse_url(url)
|
13
|
+
@scheme = uri.scheme
|
14
|
+
@host = uri.host
|
15
|
+
@user = uri.user
|
16
|
+
@password = uri.password
|
17
|
+
@path = uri.path.empty? ? "/" : uri.path
|
18
|
+
@params = parse_query(uri.query)
|
19
|
+
@fragment = uri.fragment
|
20
|
+
end
|
21
|
+
|
22
|
+
def port
|
23
|
+
return if uri.port == 80 && @scheme == "http"
|
24
|
+
return if uri.port == 443 && @scheme == "https"
|
25
|
+
|
26
|
+
uri.port
|
27
|
+
end
|
28
|
+
|
29
|
+
def add_query(key, value, replace: true)
|
30
|
+
params[key] ||= []
|
31
|
+
params[key] = [] if replace
|
32
|
+
params[key] += [value].flatten.map(&:to_s)
|
33
|
+
end
|
34
|
+
|
35
|
+
def remove_query(key)
|
36
|
+
params.delete(key) || []
|
37
|
+
end
|
38
|
+
|
39
|
+
def query
|
40
|
+
return if params.empty?
|
41
|
+
|
42
|
+
query = params.each_with_object([]) do |(param, value), buffer|
|
43
|
+
if param.include?("[")
|
44
|
+
value.each {|v| buffer << "#{encode(param)}=#{encode(v)}" }
|
45
|
+
else
|
46
|
+
buffer << "#{encode(param)}=#{encode(value.last)}"
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
query.sort.join("&")
|
51
|
+
end
|
52
|
+
|
53
|
+
def clear_query!
|
54
|
+
@params = {}
|
55
|
+
end
|
56
|
+
|
57
|
+
def to_s
|
58
|
+
[
|
59
|
+
"#{scheme}://#{host}",
|
60
|
+
port ? ":#{port}" : nil,
|
61
|
+
path,
|
62
|
+
query ? "?#{query}" : nil,
|
63
|
+
fragment ? "##{fragment}" : nil
|
64
|
+
].compact.join
|
65
|
+
end
|
66
|
+
|
67
|
+
private def encode(value)
|
68
|
+
CGI.escape(value).gsub("+", "%20")
|
69
|
+
end
|
70
|
+
|
71
|
+
private def parse_query(query)
|
72
|
+
Hash[CGI.parse(query.to_s).to_a]
|
73
|
+
end
|
74
|
+
|
75
|
+
private def parse_url(url)
|
76
|
+
uri = URI(url)
|
77
|
+
|
78
|
+
unless %w[URI::HTTPS URI::HTTP].include?(uri.class.name)
|
79
|
+
raise_invalid_url_error(url)
|
80
|
+
end
|
81
|
+
|
82
|
+
uri
|
83
|
+
rescue ::URI::InvalidURIError
|
84
|
+
raise_invalid_url_error(url)
|
85
|
+
end
|
86
|
+
|
87
|
+
private def raise_invalid_url_error(url)
|
88
|
+
raise InvalidURL, "#{url} must be a fully qualified URL (http/https)"
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative "./lib/url_signature/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = "url_signature"
|
7
|
+
spec.version = URLSignature::VERSION
|
8
|
+
spec.authors = ["Nando Vieira"]
|
9
|
+
spec.email = ["me@fnando.com"]
|
10
|
+
|
11
|
+
spec.summary = "Create and verify signed urls. Supports expiration time."
|
12
|
+
spec.description = spec.summary
|
13
|
+
spec.license = "MIT"
|
14
|
+
spec.required_ruby_version = Gem::Requirement.new(">= 2.6.0")
|
15
|
+
|
16
|
+
github_url = "https://github.com/fnando/url_signature"
|
17
|
+
github_tree_url = "#{github_url}/tree/v#{spec.version}"
|
18
|
+
|
19
|
+
spec.homepage = github_url
|
20
|
+
spec.metadata["homepage_uri"] = spec.homepage
|
21
|
+
spec.metadata["bug_tracker_uri"] = "#{github_url}/issues"
|
22
|
+
spec.metadata["source_code_uri"] = github_tree_url
|
23
|
+
spec.metadata["changelog_uri"] = "#{github_tree_url}/CHANGELOG.md"
|
24
|
+
spec.metadata["documentation_uri"] = "#{github_tree_url}/README.md"
|
25
|
+
spec.metadata["license_uri"] = "#{github_tree_url}/LICENSE.md"
|
26
|
+
|
27
|
+
spec.files = Dir.chdir(File.expand_path(__dir__)) do
|
28
|
+
`git ls-files -z`
|
29
|
+
.split("\x0")
|
30
|
+
.reject {|f| f.match(%r{^(test|spec|features)/}) }
|
31
|
+
end
|
32
|
+
|
33
|
+
spec.bindir = "exe"
|
34
|
+
spec.executables = spec.files.grep(%r{^exe/}) {|f| File.basename(f) }
|
35
|
+
spec.require_paths = ["lib"]
|
36
|
+
|
37
|
+
spec.add_development_dependency "minitest"
|
38
|
+
spec.add_development_dependency "minitest-utils"
|
39
|
+
spec.add_development_dependency "pry-meta"
|
40
|
+
spec.add_development_dependency "rake"
|
41
|
+
spec.add_development_dependency "rubocop"
|
42
|
+
spec.add_development_dependency "rubocop-fnando"
|
43
|
+
spec.add_development_dependency "simplecov"
|
44
|
+
end
|
data/url_signature.svg
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
<svg xmlns="http://www.w3.org/2000/svg" width="622" height="139" viewBox="0 0 622 139"><g fill="none" fill-rule="evenodd"><path fill="#0091FF" d="M176 0c16.569 0 30 13.431 30 30v47.302a33.59 33.59 0 0 0-4.5-.302c-18.457 0-33.5 15.043-33.5 33.5a33.5 33.5 0 0 0 .846 7.5H30c-16.569 0-30-13.431-30-30V30C0 13.431 13.431 0 30 0h146z"/><path fill="#FFF" fill-rule="nonzero" d="M58.75 83.809c13.148 0 21.234-6.82 21.234-17.403V35.012H65.22v29.32c0 5.203-2.778 7.383-6.469 7.383-3.727 0-6.469-2.074-6.469-7.383v-29.32H37.516v31.394c0 10.582 8.086 17.403 21.234 17.403zM103.192 83V67.004h3.692L114.583 83h16.207l-9.422-17.86c2.707-1.23 8.402-5.66 8.402-13.605 0-9.914-6.468-16.523-19.02-16.523H88.744V83h14.45zm5.309-25.84h-5.309V45.594h5.309c3.094 0 6.047 1.933 6.047 5.87 0 3.903-2.813 5.696-6.047 5.696zM169.22 83V70.906h-17.614V35.012h-14.766V83h32.38z"/><path fill="#434C50" fill-rule="nonzero" d="M250.57 84.809c14.063 0 20.778-6.82 20.778-16.172 0-9.914-6.891-13.325-13.536-14.309l-6.152-.95c-3.902-.597-6.258-1.651-6.258-3.726 0-2.039 1.582-3.761 5.344-3.761 4.254 0 6.188 2.53 6.258 4.535h13.36c0-7.489-6.083-15.188-19.653-15.188-11.953 0-19.934 5.696-19.934 15.61 0 8.894 5.73 12.867 13.641 14.273l5.8 1.02c4.325.773 6.716 1.617 6.716 4.078 0 1.969-1.547 3.761-6.047 3.761-4.606 0-6.961-2.425-7.032-4.675h-13.851c.035 7.382 4.816 15.504 20.566 15.504zM293.29 84V36.012h-14.766V84h14.766zm29.676.809c15.293 0 21.059-9.528 21.059-18.95v-9h-19.793v9.774h5.977v.562c0 2.778-2.18 5.801-6.82 5.801-6.47 0-7.84-5.203-7.84-10.582v-5.062c0-6.645 2.53-10.301 7.453-10.301 4.253 0 6.503 2.707 6.785 5.52h14.238c0-8.403-6.54-17.333-20.918-17.333-14.766 0-22.5 9.352-22.5 21.938v5.308c0 11.743 6.188 22.325 22.36 22.325zM364.877 84V60.375h.563L381.893 84h10.969V36.012h-13.535v23.203h-.563l-16.348-23.203h-11.074V84h13.535zm47.818 0l2.144-9.07h13.113l2.075 9.07h15.75l-14.414-47.988h-18.704L398.105 84h14.59zm12.902-19.441h-8.332l3.867-16.348h.738l3.727 16.348zM470.32 84V47.824h12.2V36.012h-39.165v11.812h12.2V84h14.765zm38.396.809c13.148 0 21.234-6.82 21.234-17.403V36.012h-14.766v29.32c0 5.203-2.777 7.383-6.468 7.383-3.727 0-6.47-2.074-6.47-7.383v-29.32h-14.765v31.394c0 10.582 8.086 17.403 21.235 17.403zM553.158 84V68.004h3.691L564.55 84h16.206l-9.421-17.86c2.707-1.23 8.402-5.66 8.402-13.605 0-9.914-6.469-16.523-19.02-16.523H538.71V84h14.449zm5.308-25.84h-5.308V46.594h5.308c3.094 0 6.047 1.933 6.047 5.87 0 3.903-2.812 5.696-6.047 5.696zM621.014 84V72.645h-19.617V65.19h18.316V54.926h-18.316v-7.559h19.617V36.012h-34.207V84h34.207z"/><path fill="#0091FF" fill-rule="nonzero" d="M201.5 139c15.702 0 28.5-12.77 28.5-28.5 0-15.702-12.798-28.5-28.5-28.5S173 94.798 173 110.5c0 15.73 12.798 28.5 28.5 28.5zm6.361-16h-12.694c-2.111 0-3.167-.995-3.167-3.226v-9.303c0-1.614.611-2.609 1.806-2.985v-2.312c0-4.867 3.138-8.174 7.694-8.174 4.611 0 7.722 3.307 7.722 8.174v2.339c1.167.35 1.778 1.344 1.778 2.958v9.303c0 2.231-1.028 3.226-3.139 3.226zM204 108v-2.435c0-2.232-.954-3.565-2.526-3.565-1.52 0-2.474 1.362-2.474 3.565V108h5z"/></g></svg>
|
metadata
ADDED
@@ -0,0 +1,169 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: url_signature
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Nando Vieira
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2020-11-04 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: minitest
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: minitest-utils
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: pry-meta
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rubocop
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: rubocop-fnando
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: simplecov
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
description: Create and verify signed urls. Supports expiration time.
|
112
|
+
email:
|
113
|
+
- me@fnando.com
|
114
|
+
executables: []
|
115
|
+
extensions: []
|
116
|
+
extra_rdoc_files: []
|
117
|
+
files:
|
118
|
+
- ".github/FUNDING.yml"
|
119
|
+
- ".github/ISSUE_TEMPLATE/bug_report.md"
|
120
|
+
- ".github/ISSUE_TEMPLATE/feature_request.md"
|
121
|
+
- ".github/PULL_REQUEST_TEMPLATE.md"
|
122
|
+
- ".github/dependabot.yml"
|
123
|
+
- ".github/workflows/tests.yml"
|
124
|
+
- ".gitignore"
|
125
|
+
- ".rubocop.yml"
|
126
|
+
- CHANGELOG.md
|
127
|
+
- CODE_OF_CONDUCT.md
|
128
|
+
- CONTRIBUTING.md
|
129
|
+
- Gemfile
|
130
|
+
- LICENSE.md
|
131
|
+
- README.md
|
132
|
+
- Rakefile
|
133
|
+
- bin/console
|
134
|
+
- bin/setup
|
135
|
+
- lib/url_signature.rb
|
136
|
+
- lib/url_signature/url.rb
|
137
|
+
- lib/url_signature/version.rb
|
138
|
+
- url_signature.gemspec
|
139
|
+
- url_signature.svg
|
140
|
+
homepage: https://github.com/fnando/url_signature
|
141
|
+
licenses:
|
142
|
+
- MIT
|
143
|
+
metadata:
|
144
|
+
homepage_uri: https://github.com/fnando/url_signature
|
145
|
+
bug_tracker_uri: https://github.com/fnando/url_signature/issues
|
146
|
+
source_code_uri: https://github.com/fnando/url_signature/tree/v0.0.1
|
147
|
+
changelog_uri: https://github.com/fnando/url_signature/tree/v0.0.1/CHANGELOG.md
|
148
|
+
documentation_uri: https://github.com/fnando/url_signature/tree/v0.0.1/README.md
|
149
|
+
license_uri: https://github.com/fnando/url_signature/tree/v0.0.1/LICENSE.md
|
150
|
+
post_install_message:
|
151
|
+
rdoc_options: []
|
152
|
+
require_paths:
|
153
|
+
- lib
|
154
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
155
|
+
requirements:
|
156
|
+
- - ">="
|
157
|
+
- !ruby/object:Gem::Version
|
158
|
+
version: 2.6.0
|
159
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
160
|
+
requirements:
|
161
|
+
- - ">="
|
162
|
+
- !ruby/object:Gem::Version
|
163
|
+
version: '0'
|
164
|
+
requirements: []
|
165
|
+
rubygems_version: 3.1.4
|
166
|
+
signing_key:
|
167
|
+
specification_version: 4
|
168
|
+
summary: Create and verify signed urls. Supports expiration time.
|
169
|
+
test_files: []
|