warden-hmac-authentication 0.5.3 → 0.5.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/bin/warden-hmac-authentication +12 -64
- data/lib/hmac/signer.rb +4 -1
- data/lib/hmac/strategies/base.rb +1 -1
- metadata +22 -22
@@ -1,68 +1,16 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# This file was generated by Bundler.
|
4
|
+
#
|
5
|
+
# The application 'warden-hmac-authentication' is installed as part of a gem, and
|
6
|
+
# this file is here to facilitate running it.
|
7
|
+
#
|
2
8
|
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
puts ""
|
7
|
-
puts ""
|
8
|
-
puts "============= ERROR ================"
|
9
|
-
puts ""
|
10
|
-
puts "You need trollop installed or in your gemfile to use the signer"
|
11
|
-
puts ""
|
12
|
-
puts "============= ERROR ================"
|
13
|
-
puts ""
|
14
|
-
puts ""
|
15
|
-
exit(-1)
|
16
|
-
end
|
9
|
+
require 'pathname'
|
10
|
+
ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
|
11
|
+
Pathname.new(__FILE__).realpath)
|
17
12
|
|
18
|
-
require '
|
13
|
+
require 'rubygems'
|
14
|
+
require 'bundler/setup'
|
19
15
|
|
20
|
-
|
21
|
-
|
22
|
-
version "warden-hmac-sign 0.3.0 (c) 2011 Felix Gilcher, Florian Gilcher"
|
23
|
-
banner <<-EOS
|
24
|
-
warden-hmac-authentication is used to create and validate signed urls for
|
25
|
-
usage with the HMAC authentication scheme used by
|
26
|
-
https://github.com/Asquera/warden-hmac-authentication
|
27
|
-
|
28
|
-
Usage:
|
29
|
-
warden-hmac-authentication [options] <command> url
|
30
|
-
|
31
|
-
where command is one of
|
32
|
-
|
33
|
-
sign: signs the given url
|
34
|
-
validate: validates the given url
|
35
|
-
|
36
|
-
and where [options] are:
|
37
|
-
|
38
|
-
EOS
|
39
|
-
|
40
|
-
opt :algorithm, "The hashing algorithm to use for the HMAC", :type => :string, :default => "sha1"
|
41
|
-
opt :secret, "The shared secret for the HMAC", :type => :string, :required => true
|
42
|
-
opt :"auth-param", "The name for the auth param in the url", :default => "auth"
|
43
|
-
opt :"date", "The date to use for the signature (defaults to now)"
|
44
|
-
end
|
45
|
-
|
46
|
-
cmd = ARGV.shift
|
47
|
-
Trollop::die "You must give a command" if cmd.nil?
|
48
|
-
Trollop::die "You command must be one of [sign, validate]" unless ["sign", "validate"].include? cmd
|
49
|
-
Trollop::die "You must provide a URL" if ARGV.empty?
|
50
|
-
url = ARGV.shift
|
51
|
-
|
52
|
-
secret = opts.delete(:secret)
|
53
|
-
algorithm = opts.delete(:algorithm)
|
54
|
-
|
55
|
-
signer = HMAC::Signer.new(algorithm)
|
56
|
-
|
57
|
-
if "sign" == cmd
|
58
|
-
puts signer.sign_url(url, secret, opts)
|
59
|
-
else
|
60
|
-
success = signer.validate_url_signature(url, secret, opts)
|
61
|
-
if success
|
62
|
-
puts "URL #{url} is valid"
|
63
|
-
exit 0
|
64
|
-
else
|
65
|
-
puts "URL #{url} does not contain a valid signature"
|
66
|
-
exit 1
|
67
|
-
end
|
68
|
-
end
|
16
|
+
load Gem.bin_path('warden-hmac-authentication', 'warden-hmac-authentication')
|
data/lib/hmac/signer.rb
CHANGED
@@ -182,6 +182,7 @@ module HMAC
|
|
182
182
|
# @option opts [String] :nonce ('') The nonce to use in the signature
|
183
183
|
# @option opts [String, #strftime] :date (Time.now) The date to use in the signature
|
184
184
|
# @option opts [Hash] :headers ({}) A list of optional headers to include in the signature
|
185
|
+
# @option opts [String,Symbol] :method ('GET') The HTTP method to use in the signature
|
185
186
|
#
|
186
187
|
# @option opts [String] :auth_scheme ('HMAC') The name of the authorization scheme used in the Authorization header and to construct various header-names
|
187
188
|
# @option opts [String] :auth_param ('auth') The name of the authentication param to use for query based authentication
|
@@ -201,8 +202,10 @@ module HMAC
|
|
201
202
|
|
202
203
|
date = opts[:date] || Time.now.gmtime
|
203
204
|
date = date.gmtime.strftime('%a, %e %b %Y %T GMT') if date.respond_to? :strftime
|
205
|
+
|
206
|
+
method = opts[:method] ? opts[:method].to_s.upcase : "GET"
|
204
207
|
|
205
|
-
signature = generate_signature(:secret => secret, :method =>
|
208
|
+
signature = generate_signature(:secret => secret, :method => method, :path => uri.path, :date => date, :nonce => opts[:nonce], :query => uri.query_values, :headers => opts[:headers])
|
206
209
|
|
207
210
|
if opts[:query_based]
|
208
211
|
auth_params = opts[:extra_auth_params].merge({
|
data/lib/hmac/strategies/base.rb
CHANGED
@@ -93,7 +93,7 @@ module Warden
|
|
93
93
|
|
94
94
|
private
|
95
95
|
def config
|
96
|
-
if env["warden"].config[:scope_defaults][scope][:hmac]
|
96
|
+
if (env["warden"].config[:scope_defaults][scope] && env["warden"].config[:scope_defaults][scope][:hmac])
|
97
97
|
env["warden"].config[:scope_defaults][scope][:hmac]
|
98
98
|
else
|
99
99
|
{}
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warden-hmac-authentication
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.4
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,11 +10,11 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date:
|
13
|
+
date: 2012-01-10 00:00:00.000000000Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: addressable
|
17
|
-
requirement: &
|
17
|
+
requirement: &2160133740 !ruby/object:Gem::Requirement
|
18
18
|
none: false
|
19
19
|
requirements:
|
20
20
|
- - ! '>='
|
@@ -22,10 +22,10 @@ dependencies:
|
|
22
22
|
version: '0'
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
|
-
version_requirements: *
|
25
|
+
version_requirements: *2160133740
|
26
26
|
- !ruby/object:Gem::Dependency
|
27
27
|
name: rack
|
28
|
-
requirement: &
|
28
|
+
requirement: &2160132880 !ruby/object:Gem::Requirement
|
29
29
|
none: false
|
30
30
|
requirements:
|
31
31
|
- - ! '>='
|
@@ -33,10 +33,10 @@ dependencies:
|
|
33
33
|
version: '0'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
|
-
version_requirements: *
|
36
|
+
version_requirements: *2160132880
|
37
37
|
- !ruby/object:Gem::Dependency
|
38
38
|
name: warden
|
39
|
-
requirement: &
|
39
|
+
requirement: &2160131880 !ruby/object:Gem::Requirement
|
40
40
|
none: false
|
41
41
|
requirements:
|
42
42
|
- - ! '>='
|
@@ -44,10 +44,10 @@ dependencies:
|
|
44
44
|
version: '0'
|
45
45
|
type: :runtime
|
46
46
|
prerelease: false
|
47
|
-
version_requirements: *
|
47
|
+
version_requirements: *2160131880
|
48
48
|
- !ruby/object:Gem::Dependency
|
49
49
|
name: rake
|
50
|
-
requirement: &
|
50
|
+
requirement: &2160130760 !ruby/object:Gem::Requirement
|
51
51
|
none: false
|
52
52
|
requirements:
|
53
53
|
- - ! '>='
|
@@ -55,10 +55,10 @@ dependencies:
|
|
55
55
|
version: '0'
|
56
56
|
type: :development
|
57
57
|
prerelease: false
|
58
|
-
version_requirements: *
|
58
|
+
version_requirements: *2160130760
|
59
59
|
- !ruby/object:Gem::Dependency
|
60
60
|
name: rack-test
|
61
|
-
requirement: &
|
61
|
+
requirement: &2160129280 !ruby/object:Gem::Requirement
|
62
62
|
none: false
|
63
63
|
requirements:
|
64
64
|
- - ! '>='
|
@@ -66,10 +66,10 @@ dependencies:
|
|
66
66
|
version: '0'
|
67
67
|
type: :development
|
68
68
|
prerelease: false
|
69
|
-
version_requirements: *
|
69
|
+
version_requirements: *2160129280
|
70
70
|
- !ruby/object:Gem::Dependency
|
71
71
|
name: riot
|
72
|
-
requirement: &
|
72
|
+
requirement: &2160128600 !ruby/object:Gem::Requirement
|
73
73
|
none: false
|
74
74
|
requirements:
|
75
75
|
- - ! '>='
|
@@ -77,10 +77,10 @@ dependencies:
|
|
77
77
|
version: '0'
|
78
78
|
type: :development
|
79
79
|
prerelease: false
|
80
|
-
version_requirements: *
|
80
|
+
version_requirements: *2160128600
|
81
81
|
- !ruby/object:Gem::Dependency
|
82
82
|
name: timecop
|
83
|
-
requirement: &
|
83
|
+
requirement: &2160127940 !ruby/object:Gem::Requirement
|
84
84
|
none: false
|
85
85
|
requirements:
|
86
86
|
- - ! '>='
|
@@ -88,10 +88,10 @@ dependencies:
|
|
88
88
|
version: '0'
|
89
89
|
type: :development
|
90
90
|
prerelease: false
|
91
|
-
version_requirements: *
|
91
|
+
version_requirements: *2160127940
|
92
92
|
- !ruby/object:Gem::Dependency
|
93
93
|
name: simplecov
|
94
|
-
requirement: &
|
94
|
+
requirement: &2160127140 !ruby/object:Gem::Requirement
|
95
95
|
none: false
|
96
96
|
requirements:
|
97
97
|
- - ! '>='
|
@@ -99,10 +99,10 @@ dependencies:
|
|
99
99
|
version: '0'
|
100
100
|
type: :development
|
101
101
|
prerelease: false
|
102
|
-
version_requirements: *
|
102
|
+
version_requirements: *2160127140
|
103
103
|
- !ruby/object:Gem::Dependency
|
104
104
|
name: simplecov-html
|
105
|
-
requirement: &
|
105
|
+
requirement: &2160126080 !ruby/object:Gem::Requirement
|
106
106
|
none: false
|
107
107
|
requirements:
|
108
108
|
- - ! '>='
|
@@ -110,10 +110,10 @@ dependencies:
|
|
110
110
|
version: '0'
|
111
111
|
type: :development
|
112
112
|
prerelease: false
|
113
|
-
version_requirements: *
|
113
|
+
version_requirements: *2160126080
|
114
114
|
- !ruby/object:Gem::Dependency
|
115
115
|
name: trollop
|
116
|
-
requirement: &
|
116
|
+
requirement: &2160124740 !ruby/object:Gem::Requirement
|
117
117
|
none: false
|
118
118
|
requirements:
|
119
119
|
- - ! '>='
|
@@ -121,7 +121,7 @@ dependencies:
|
|
121
121
|
version: '0'
|
122
122
|
type: :development
|
123
123
|
prerelease: false
|
124
|
-
version_requirements: *
|
124
|
+
version_requirements: *2160124740
|
125
125
|
description: ! "This gem provides request authentication via [HMAC](http://en.wikipedia.org/wiki/Hmac).
|
126
126
|
The main usage is request based, noninteractive\n authentication for API implementations.
|
127
127
|
Two strategies are supported that differ mainly in how the authentication information
|