RubyGems - userbin - Versions diffs - 0.1.3 - Mend

userbin 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +7 -0
data/README.md +4 -0
data/lib/userbin/authentication.rb +140 -0
data/lib/userbin/basic_auth.rb +33 -0
data/lib/userbin/current.rb +17 -0
data/lib/userbin/session.rb +31 -0
data/lib/userbin/userbin.rb +123 -0
data/lib/userbin.rb +28 -0
data/spec/session_spec.rb +38 -0
data/spec/spec_helper.rb +8 -0
data/spec/userbin_spec.rb +100 -0
metadata +127 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 4283d8611ee035f2141284b2c339d5244f2830fa
+  data.tar.gz: 0200a7e005412dc60e56fee0693fcea5a1f826bd
+SHA512:
+  metadata.gz: 2980f02fb4669639ac88c121141959499e6e783dc23ca58f4dc41156838a3639f626e55537ec0a04b4d8f4016857400cee9e8cc69f7a10bb5184fa938a55a4c4
+  data.tar.gz: 4735bd77af93832204838b1776c0779c77056af02f31e19778e7b4bc92933f07a0fa1214dd2f592f86c49084d79d2e6fe767b56e22ae7b3959a684916148f6d4

data/README.md ADDED Viewed

@@ -0,0 +1,4 @@
+Userbin Ruby gem
+================
+Hold tight for more info.

data/lib/userbin/authentication.rb ADDED Viewed

@@ -0,0 +1,140 @@
+module Userbin
+  class Authentication
+    CLOSING_HEAD_TAG = %r{</head>}
+    CLOSING_BODY_TAG = %r{</body>}
+    def initialize(app, options = {})
+      @app = app
+      @restricted_path = options[:restricted_path]
+    end
+    def call(env)
+      request = Rack::Request.new(env)
+      begin
+        if env["REQUEST_PATH"] == "/userbin" &&
+           env["REQUEST_METHOD"] == "POST"
+          signature, data = Userbin.authenticate_events!(request)
+          MultiJson.decode(data)['events'].each do |event|
+            Userbin.trigger(event)
+          end
+          [ 200, { 'Content-Type' => 'text/html',
+            'Content-Length' => '2' }, ['OK'] ]
+        else
+          signature, data = Userbin.authenticate!(request)
+          if restrict && env["REQUEST_PATH"].start_with?(restrict) &&
+             !Userbin.authenticated?
+            return render_gateway(env["REQUEST_PATH"])
+          end
+          generate_response(env, signature, data)
+        end
+      rescue Userbin::SecurityError
+        message =
+          'Userbin::SecurityError: Invalid signature. Refresh to try again.'
+        headers = {
+          'Content-Type' => 'text/text',
+          'Content-Length' => message.length.to_s
+        }
+        Rack::Utils.delete_cookie_header!(
+          headers, 'userbin_signature', value = {})
+        Rack::Utils.delete_cookie_header!(
+          headers, 'userbin_data', value = {})
+        [ 400, headers, [message] ]
+      end
+    end
+    def restrict
+      Userbin.restricted_path || @restricted_path
+    end
+    def link_tags(login_path)
+      <<-LINK_TAGS
+<link rel="userbin:root" href="/">
+<link rel="userbin:login" href="#{login_path}">
+      LINK_TAGS
+    end
+    def meta_tag
+      <<-META_TAG
+<meta property="userbin:events" content="/userbin">
+      META_TAG
+    end
+    def script_tag
+      script_url = ENV.fetch('USERBIN_SCRIPT_URL') {
+        "https://userbin.com/js/v0"
+      }
+      str = <<-SCRIPT_TAG
+<script src="#{script_url}?#{Userbin.app_id}"></script>
+      SCRIPT_TAG
+    end
+    def render_gateway(current_path)
+      login_page = <<-LOGIN_PAGE
+<html>
+<head>
+  <title>Log in</title>
+</head>
+<body style="background-color: #DBDBDB;">
+  <a class="ub-login-form"></a>
+</body>
+</html>
+      LOGIN_PAGE
+      login_page = inject_tags(login_page, current_path)
+      [ 200,
+        { 'Content-Type' => 'text/html',
+          'Content-Length' => login_page.length.to_s },
+        [login_page]
+      ]
+    end
+    def inject_tags(body, login_path = restrict)
+      if body[CLOSING_HEAD_TAG]
+        body = body.gsub(CLOSING_HEAD_TAG, link_tags(login_path) + '\\0')
+        body = body.gsub(CLOSING_HEAD_TAG, meta_tag + '\\0')
+      end
+      if body[CLOSING_BODY_TAG]
+        body = body.gsub(CLOSING_BODY_TAG, script_tag + '\\0')
+      end
+      body
+    end
+    def generate_response(env, signature, data)
+      status, headers, response = @app.call(env)
+      if headers['Content-Type'] && headers['Content-Type']['text/html']
+        body = response.each.map do |chunk|
+          inject_tags(chunk)
+        end
+        if response.class.name.end_with?('::Response')
+          response.body = body
+        else
+          response = body
+        end
+        headers['Content-Length'] = body.join.length.to_s
+      end
+      if signature && data
+        Rack::Utils.set_cookie_header!(
+          headers, 'userbin_signature', value: signature, path: '/')
+        Rack::Utils.set_cookie_header!(
+          headers, 'userbin_data', value: data, path: '/')
+      else
+        Rack::Utils.delete_cookie_header!(
+          headers, 'userbin_signature', value = {})
+        Rack::Utils.delete_cookie_header!(
+          headers, 'userbin_data', value = {})
+      end
+      [status, headers, response]
+    end
+  end
+end

data/lib/userbin/basic_auth.rb ADDED Viewed

@@ -0,0 +1,33 @@
+module Userbin
+  class BasicAuth < Faraday::Middleware
+    def call(env)
+      value = Base64.encode64([Userbin.app_id, Userbin.api_secret].join(':'))
+      value.gsub!("\n", '')
+      env[:request_headers]["Authorization"] = "Basic #{value}"
+      @app.call(env)
+    end
+  end
+  class VerifySignature < Faraday::Response::Middleware
+    def call(env)
+      @app.call(env).on_complete do
+        signature = env[:response_headers]['x-userbin-signature']
+        data = env[:body]
+        Userbin.valid_signature?(signature, data)
+      end
+    end
+  end
+  class ParseSignedJSON < Faraday::Response::Middleware
+    def on_complete(env)
+      json = MultiJson.load(env[:body], symbolize_keys: true)
+      signature = env[:response_headers]['x-userbin-signature']
+      json[:signature] = signature if signature
+      env[:body] = {
+        data: json,
+        errors: [],
+        metadata: {}
+      }
+    end
+  end
+end

data/lib/userbin/current.rb ADDED Viewed

@@ -0,0 +1,17 @@
+module Userbin
+  class Current
+    attr_accessor :token, :expires_at, :user
+    def initialize(data)
+      if data
+        @token = data['id']
+        @expires_at = data['expires_at']
+        @user = Userbin::User.new(data['user'])
+      end
+    end
+    def authenticated?
+      !@user.nil?
+    end
+  end
+end

data/lib/userbin/session.rb ADDED Viewed

@@ -0,0 +1,31 @@
+require 'her'
+module Userbin
+  class Model
+    include Her::Model
+  end
+  class User < Model
+    def update_local_id(local_id)
+      self.local_id = local_id
+      save
+    end
+  end
+  class Session < Model
+    has_one :user
+    # Hack to avoid loading a remote user
+    def user
+      return self['user'] if self['user'].is_a?(User)
+      User.new(self['user']) if self['user']
+    end
+    def authenticated?
+      !user.id.nil? rescue false
+    end
+  end
+  class Event < Model
+  end
+end

data/lib/userbin/userbin.rb ADDED Viewed

@@ -0,0 +1,123 @@
+module Userbin
+  Callback = Struct.new(:pattern, :block) do; end
+  class << self
+    attr_accessor :app_id, :api_secret, :restricted_path
+  end
+  def self.authenticate_events!(request, now = Time.now)
+    signature, data =
+      request.params.values_at('userbin_signature', 'userbin_data')
+    valid_signature?(signature, data)
+    [signature, data]
+  end
+  # Provide either a Rack::Request or a Hash containing :signature and :data.
+  #
+  def self.authenticate!(request, now = Time.now)
+    signature, data =
+      request.cookies.values_at('userbin_signature', 'userbin_data')
+    if signature && data && valid_signature?(signature, data)
+      current = Userbin::Session.new(MultiJson.decode(data))
+      if current.authenticated?
+        # FIXME: NoMethodError (undefined method `/' for nil:NilClass):
+        if now > Time.at(current.expires_at / 1000)
+          signature, data = refresh_session(current.user.id)
+        end
+      end
+    end
+    tmp = MultiJson.decode(data) if data
+    self.current = Userbin::Session.new(tmp)
+    [signature, data]
+  end
+  def self.refresh_session(user_id)
+    api_endpoint = ENV["USERBIN_API_ENDPOINT"] || 'https://userbin.com/api/v0'
+    uri = URI("#{api_endpoint}/users/#{user_id}/sessions")
+    uri.user = app_id
+    uri.password = api_secret
+    net = Net::HTTP.post_form(uri, {})
+    [net['X-Userbin-Signature'], net.body]
+  end
+  def self.current
+    Thread.current[:userbin]
+  end
+  def self.current=(value)
+    Thread.current[:userbin] = value
+  end
+  def self.authenticated?
+    current.authenticated? rescue false
+  end
+  def self.current_user
+    current.user if current
+  end
+  def self.user
+    current_user
+  end
+  # Event handling
+  #
+  class << self
+    def on(*names, &block)
+      pattern = Regexp.union(names.empty? ? TYPE_LIST.to_a : names)
+      callbacks.each do |callback|
+        if pattern == callback.pattern
+          callbacks.delete(callback)
+          callbacks << Userbin::Callback.new(pattern, block)
+          return
+        end
+      end
+      callbacks << Userbin::Callback.new(pattern, block)
+    end
+    def trigger(raw_event)
+      event = Userbin::Event.new(raw_event)
+      callbacks.each do |callback|
+        if event.type =~ callback.pattern
+          object = case event['type']
+          when /^user\./
+            Userbin::User.new(event.object)
+          else
+            event.object
+          end
+          model = event.instance_exec object, &callback.block
+          if event.type =~ /user\.created/ && model.respond_to?(:id)
+            object.update_local_id(model.id)
+          end
+        end
+      end
+    end
+    private
+    def callbacks
+      @callbacks ||= []
+    end
+  end
+  private
+  # Checks signature against secret and returns boolean
+  #
+  def self.valid_signature?(signature, data)
+    digest = OpenSSL::Digest::SHA256.new
+    valid = signature == OpenSSL::HMAC.hexdigest(digest, api_secret, data)
+    raise SecurityError, "Invalid signature" unless valid
+    valid
+  end
+end

data/lib/userbin.rb ADDED Viewed

@@ -0,0 +1,28 @@
+require 'her'
+require 'multi_json'
+require 'openssl'
+require 'net/http'
+require "userbin/userbin"
+require "userbin/basic_auth"
+api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
+  "https://userbin.com/api/v0"
+}
+@api = Her::API.setup url: api_endpoint do |c|
+  c.use Userbin::BasicAuth
+  c.use Faraday::Request::UrlEncoded
+  c.use Userbin::ParseSignedJSON
+  c.use Faraday::Adapter::NetHttp
+  c.use Userbin::VerifySignature
+end
+require "userbin/current"
+require "userbin/session"
+require "userbin/authentication"
+class Userbin::Error < Exception; end
+class Userbin::SecurityError < Userbin::Error; end

data/spec/session_spec.rb ADDED Viewed

@@ -0,0 +1,38 @@
+require 'spec_helper'
+require 'multi_json'
+describe 'Userbin::Session' do
+  before do
+    Userbin.app_id = '100000000000000'
+    Userbin.api_secret = 'test'
+  end
+  before do
+    data = {
+      id: "Prars5v7xz2xwWvF5LEqfEUHCoNNsV7V",
+      created_at: 1378978281000,
+      expires_at: 1378981881000,
+      user: {
+        confirmed_at: nil,
+        created_at: 1378978280000,
+        email: "johan@userbin.com",
+        id: "TF15JEy7HRxDYx6U435zzEwydKJcptUr",
+        last_sign_in_at: nil,
+        local_id: nil
+      }
+    }
+    stub_request(:post, /\/users\/.*\/sessions/).to_return(
+      status: 200,
+      headers: {'X-Userbin-Signature' => 'abcd'},
+      body: MultiJson.encode(data)
+    )
+  end
+  xit 'creates a session' do
+    allow(OpenSSL::HMAC).to receive(:hexdigest) { 'abcd' }
+    user = Userbin::User.new(id: 'guid1')
+    session = user.sessions.create
+    session.user.email.should == 'johan@userbin.com'
+    session.signature.should == 'abcd'
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,8 @@
+require 'rubygems'
+require 'bundler/setup'
+require 'rack'
+require 'userbin'
+require 'webmock/rspec'
+RSpec.configure do |config|
+end

data/spec/userbin_spec.rb ADDED Viewed

@@ -0,0 +1,100 @@
+require 'spec_helper'
+require 'cgi'
+describe Userbin do
+  before do
+    Userbin.app_id = '1000'
+    Userbin.api_secret = '1234'
+  end
+  let (:args) do
+    {
+      "HTTP_COOKIE" => "userbin_signature=abcd; userbin_data=#{CGI.escape(MultiJson.encode(session))} "
+    }
+  end
+  let (:session) do
+    {
+      "id" => 'xyz',
+      "expires_at" => 1478981881000,
+      "user" => {
+        "id" => 'abc'
+      }
+    }
+  end
+  let (:request) do
+    Rack::Request.new({
+      'HTTP_X_USERBIN_SIGNATURE' => 'abcd',
+      'CONTENT_TYPE' => 'application/json',
+      'rack.input' => StringIO.new()
+    }.merge(args))
+  end
+  let (:response) do
+    Rack::Response.new("", 200, {})
+  end
+  context 'when session is created' do
+    it 'authenticates with class methods' do
+      allow(OpenSSL::HMAC).to receive(:hexdigest) { 'abcd' }
+      Userbin.authenticate!(request)
+      Userbin.should be_authenticated
+      Userbin.current_user.id.should == "abc"
+    end
+    it 'renews' do
+      stub_request(:post, /.*userbin\.com.*/).to_return(:status => 200, :body => "{\"id\":\"Prars5v7xz2xwWvF5LEqfEUHCoNNsV7V\",\"created_at\":1378978281000,\"expires_at\":1378981881000,\"user\":{\"confirmed_at\":null,\"created_at\":1378978280000,\"email\":\"admin@getapp6133.com\",\"id\":\"TF15JEy7HRxDYx6U435zzEwydKJcptUr\",\"last_sign_in_at\":null,\"local_id\":null}}", :headers => {'X-Userbin-Signature' => 'abcd'})
+      allow(OpenSSL::HMAC).to receive(:hexdigest) { 'abcd' }
+      Userbin.authenticate!(request, Time.at(1478981882)) # expired 1s
+      Userbin.current.id.should == 'Prars5v7xz2xwWvF5LEqfEUHCoNNsV7V'
+    end
+    it 'does not renew' do
+      stub_request(:post, /.*userbin\.com.*/).to_return(:status => 404)
+      allow(OpenSSL::HMAC).to receive(:hexdigest) { 'abcd' }
+      Userbin.authenticate!(request, Time.at(1478981882)) # expired 1s
+    end
+    xit 'authenticate with correct signature' do
+      expect {
+        Userbin.authenticate!(request)
+      }.to raise_error { Userbin::SecurityError }
+    end
+    it 'does not authenticate incorrect signature' do
+      expect {
+        Userbin.authenticate!(request)
+      }.to raise_error { Userbin::SecurityError }
+    end
+  end
+  context 'when session is deleted' do
+    let (:args) do
+      {
+        "HTTP_COOKIE" => "userbin_signature=abcd;"
+      }
+    end
+    it 'does not authenticate' do
+      allow(OpenSSL::HMAC).to receive(:hexdigest) { 'abcd' }
+      Userbin.authenticate!(request)
+      Userbin.should_not be_authenticated
+      Userbin.user.should be_nil
+    end
+  end
+  context 'when params are present' do
+    let (:args) do
+      {
+        "QUERY_STRING" => "userbin_signature=abcd&userbin_data=#{MultiJson.encode(session)}"
+      }
+    end
+    it 'authenticates with class methods' do
+      allow(OpenSSL::HMAC).to receive(:hexdigest) { 'abcd' }
+      Userbin.authenticate_events!(request)
+    end
+  end
+end

metadata ADDED Viewed

@@ -0,0 +1,127 @@
+--- !ruby/object:Gem::Specification
+name: userbin
+version: !ruby/object:Gem::Version
+  version: 0.1.3
+platform: ruby
+authors:
+- Johan
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2013-09-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: her
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.8
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.8
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Plug n’ play user accounts. The simplest way to integrate a full authentication
+  and user management stack into your web application.
+email: johan@userbin.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/userbin/authentication.rb
+- lib/userbin/basic_auth.rb
+- lib/userbin/current.rb
+- lib/userbin/session.rb
+- lib/userbin/userbin.rb
+- lib/userbin.rb
+- README.md
+- spec/session_spec.rb
+- spec/spec_helper.rb
+- spec/userbin_spec.rb
+homepage: https://userbin.com
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.0.3
+signing_key:
+specification_version: 4
+summary: Userbin
+test_files:
+- spec/session_spec.rb
+- spec/spec_helper.rb
+- spec/userbin_spec.rb