warden-hmac-authentication 0.6.0 → 0.6.1
Sign up to get free protection for your applications and to get access to all the features.
- data/bin/warden-hmac-authentication +64 -12
- data/lib/hmac/signer.rb +2 -1
- metadata +24 -75
@@ -1,16 +1,68 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
-
#
|
3
|
-
# This file was generated by Bundler.
|
4
|
-
#
|
5
|
-
# The application 'warden-hmac-authentication' is installed as part of a gem, and
|
6
|
-
# this file is here to facilitate running it.
|
7
|
-
#
|
8
2
|
|
9
|
-
|
10
|
-
|
11
|
-
|
3
|
+
begin
|
4
|
+
require 'trollop'
|
5
|
+
rescue LoadError => e
|
6
|
+
puts ""
|
7
|
+
puts ""
|
8
|
+
puts "============= ERROR ================"
|
9
|
+
puts ""
|
10
|
+
puts "You need trollop installed or in your gemfile to use the signer"
|
11
|
+
puts ""
|
12
|
+
puts "============= ERROR ================"
|
13
|
+
puts ""
|
14
|
+
puts ""
|
15
|
+
exit(-1)
|
16
|
+
end
|
12
17
|
|
13
|
-
require '
|
14
|
-
require 'bundler/setup'
|
18
|
+
require 'hmac/signer'
|
15
19
|
|
16
|
-
|
20
|
+
opts = Trollop::options do
|
21
|
+
|
22
|
+
version "warden-hmac-sign 0.3.0 (c) 2011 Felix Gilcher, Florian Gilcher"
|
23
|
+
banner <<-EOS
|
24
|
+
warden-hmac-authentication is used to create and validate signed urls for
|
25
|
+
usage with the HMAC authentication scheme used by
|
26
|
+
https://github.com/Asquera/warden-hmac-authentication
|
27
|
+
|
28
|
+
Usage:
|
29
|
+
warden-hmac-authentication [options] <command> url
|
30
|
+
|
31
|
+
where command is one of
|
32
|
+
|
33
|
+
sign: signs the given url
|
34
|
+
validate: validates the given url
|
35
|
+
|
36
|
+
and where [options] are:
|
37
|
+
|
38
|
+
EOS
|
39
|
+
|
40
|
+
opt :algorithm, "The hashing algorithm to use for the HMAC", :type => :string, :default => "sha1"
|
41
|
+
opt :secret, "The shared secret for the HMAC", :type => :string, :required => true
|
42
|
+
opt :"auth-param", "The name for the auth param in the url", :default => "auth"
|
43
|
+
opt :"date", "The date to use for the signature (defaults to now)"
|
44
|
+
end
|
45
|
+
|
46
|
+
cmd = ARGV.shift
|
47
|
+
Trollop::die "You must give a command" if cmd.nil?
|
48
|
+
Trollop::die "You command must be one of [sign, validate]" unless ["sign", "validate"].include? cmd
|
49
|
+
Trollop::die "You must provide a URL" if ARGV.empty?
|
50
|
+
url = ARGV.shift
|
51
|
+
|
52
|
+
secret = opts.delete(:secret)
|
53
|
+
algorithm = opts.delete(:algorithm)
|
54
|
+
|
55
|
+
signer = HMAC::Signer.new(algorithm)
|
56
|
+
|
57
|
+
if "sign" == cmd
|
58
|
+
puts signer.sign_url(url, secret, opts)
|
59
|
+
else
|
60
|
+
success = signer.validate_url_signature(url, secret, opts)
|
61
|
+
if success
|
62
|
+
puts "URL #{url} is valid"
|
63
|
+
exit 0
|
64
|
+
else
|
65
|
+
puts "URL #{url} does not contain a valid signature"
|
66
|
+
exit 1
|
67
|
+
end
|
68
|
+
end
|
data/lib/hmac/signer.rb
CHANGED
@@ -123,8 +123,9 @@ module HMAC
|
|
123
123
|
|
124
124
|
uri = Addressable::URI.parse(url)
|
125
125
|
query_values = uri.query_values
|
126
|
-
|
126
|
+
return false unless query_values
|
127
127
|
|
128
|
+
auth_params = query_values.delete(opts[:auth_param])
|
128
129
|
return false unless auth_params
|
129
130
|
|
130
131
|
date = auth_params["date"]
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warden-hmac-authentication
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.6.
|
4
|
+
version: 0.6.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,11 +10,11 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-04-13 00:00:00.
|
13
|
+
date: 2012-04-13 00:00:00.000000000Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: addressable
|
17
|
-
requirement: !ruby/object:Gem::Requirement
|
17
|
+
requirement: &2163603720 !ruby/object:Gem::Requirement
|
18
18
|
none: false
|
19
19
|
requirements:
|
20
20
|
- - ! '>='
|
@@ -22,15 +22,10 @@ dependencies:
|
|
22
22
|
version: '0'
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
|
-
version_requirements:
|
26
|
-
none: false
|
27
|
-
requirements:
|
28
|
-
- - ! '>='
|
29
|
-
- !ruby/object:Gem::Version
|
30
|
-
version: '0'
|
25
|
+
version_requirements: *2163603720
|
31
26
|
- !ruby/object:Gem::Dependency
|
32
27
|
name: rack
|
33
|
-
requirement: !ruby/object:Gem::Requirement
|
28
|
+
requirement: &2163603260 !ruby/object:Gem::Requirement
|
34
29
|
none: false
|
35
30
|
requirements:
|
36
31
|
- - ! '>='
|
@@ -38,15 +33,10 @@ dependencies:
|
|
38
33
|
version: '0'
|
39
34
|
type: :runtime
|
40
35
|
prerelease: false
|
41
|
-
version_requirements:
|
42
|
-
none: false
|
43
|
-
requirements:
|
44
|
-
- - ! '>='
|
45
|
-
- !ruby/object:Gem::Version
|
46
|
-
version: '0'
|
36
|
+
version_requirements: *2163603260
|
47
37
|
- !ruby/object:Gem::Dependency
|
48
38
|
name: warden
|
49
|
-
requirement: !ruby/object:Gem::Requirement
|
39
|
+
requirement: &2163602820 !ruby/object:Gem::Requirement
|
50
40
|
none: false
|
51
41
|
requirements:
|
52
42
|
- - ! '>='
|
@@ -54,15 +44,10 @@ dependencies:
|
|
54
44
|
version: '0'
|
55
45
|
type: :runtime
|
56
46
|
prerelease: false
|
57
|
-
version_requirements:
|
58
|
-
none: false
|
59
|
-
requirements:
|
60
|
-
- - ! '>='
|
61
|
-
- !ruby/object:Gem::Version
|
62
|
-
version: '0'
|
47
|
+
version_requirements: *2163602820
|
63
48
|
- !ruby/object:Gem::Dependency
|
64
49
|
name: rake
|
65
|
-
requirement: !ruby/object:Gem::Requirement
|
50
|
+
requirement: &2163602340 !ruby/object:Gem::Requirement
|
66
51
|
none: false
|
67
52
|
requirements:
|
68
53
|
- - ! '>='
|
@@ -70,15 +55,10 @@ dependencies:
|
|
70
55
|
version: '0'
|
71
56
|
type: :development
|
72
57
|
prerelease: false
|
73
|
-
version_requirements:
|
74
|
-
none: false
|
75
|
-
requirements:
|
76
|
-
- - ! '>='
|
77
|
-
- !ruby/object:Gem::Version
|
78
|
-
version: '0'
|
58
|
+
version_requirements: *2163602340
|
79
59
|
- !ruby/object:Gem::Dependency
|
80
60
|
name: rack-test
|
81
|
-
requirement: !ruby/object:Gem::Requirement
|
61
|
+
requirement: &2163601920 !ruby/object:Gem::Requirement
|
82
62
|
none: false
|
83
63
|
requirements:
|
84
64
|
- - ! '>='
|
@@ -86,15 +66,10 @@ dependencies:
|
|
86
66
|
version: '0'
|
87
67
|
type: :development
|
88
68
|
prerelease: false
|
89
|
-
version_requirements:
|
90
|
-
none: false
|
91
|
-
requirements:
|
92
|
-
- - ! '>='
|
93
|
-
- !ruby/object:Gem::Version
|
94
|
-
version: '0'
|
69
|
+
version_requirements: *2163601920
|
95
70
|
- !ruby/object:Gem::Dependency
|
96
71
|
name: riot
|
97
|
-
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirement: &2163601480 !ruby/object:Gem::Requirement
|
98
73
|
none: false
|
99
74
|
requirements:
|
100
75
|
- - ! '>='
|
@@ -102,15 +77,10 @@ dependencies:
|
|
102
77
|
version: '0'
|
103
78
|
type: :development
|
104
79
|
prerelease: false
|
105
|
-
version_requirements:
|
106
|
-
none: false
|
107
|
-
requirements:
|
108
|
-
- - ! '>='
|
109
|
-
- !ruby/object:Gem::Version
|
110
|
-
version: '0'
|
80
|
+
version_requirements: *2163601480
|
111
81
|
- !ruby/object:Gem::Dependency
|
112
82
|
name: timecop
|
113
|
-
requirement: !ruby/object:Gem::Requirement
|
83
|
+
requirement: &2163601060 !ruby/object:Gem::Requirement
|
114
84
|
none: false
|
115
85
|
requirements:
|
116
86
|
- - ! '>='
|
@@ -118,15 +88,10 @@ dependencies:
|
|
118
88
|
version: '0'
|
119
89
|
type: :development
|
120
90
|
prerelease: false
|
121
|
-
version_requirements:
|
122
|
-
none: false
|
123
|
-
requirements:
|
124
|
-
- - ! '>='
|
125
|
-
- !ruby/object:Gem::Version
|
126
|
-
version: '0'
|
91
|
+
version_requirements: *2163601060
|
127
92
|
- !ruby/object:Gem::Dependency
|
128
93
|
name: simplecov
|
129
|
-
requirement: !ruby/object:Gem::Requirement
|
94
|
+
requirement: &2163593440 !ruby/object:Gem::Requirement
|
130
95
|
none: false
|
131
96
|
requirements:
|
132
97
|
- - ! '>='
|
@@ -134,15 +99,10 @@ dependencies:
|
|
134
99
|
version: '0'
|
135
100
|
type: :development
|
136
101
|
prerelease: false
|
137
|
-
version_requirements:
|
138
|
-
none: false
|
139
|
-
requirements:
|
140
|
-
- - ! '>='
|
141
|
-
- !ruby/object:Gem::Version
|
142
|
-
version: '0'
|
102
|
+
version_requirements: *2163593440
|
143
103
|
- !ruby/object:Gem::Dependency
|
144
104
|
name: simplecov-html
|
145
|
-
requirement: !ruby/object:Gem::Requirement
|
105
|
+
requirement: &2163593000 !ruby/object:Gem::Requirement
|
146
106
|
none: false
|
147
107
|
requirements:
|
148
108
|
- - ! '>='
|
@@ -150,15 +110,10 @@ dependencies:
|
|
150
110
|
version: '0'
|
151
111
|
type: :development
|
152
112
|
prerelease: false
|
153
|
-
version_requirements:
|
154
|
-
none: false
|
155
|
-
requirements:
|
156
|
-
- - ! '>='
|
157
|
-
- !ruby/object:Gem::Version
|
158
|
-
version: '0'
|
113
|
+
version_requirements: *2163593000
|
159
114
|
- !ruby/object:Gem::Dependency
|
160
115
|
name: trollop
|
161
|
-
requirement: !ruby/object:Gem::Requirement
|
116
|
+
requirement: &2163592540 !ruby/object:Gem::Requirement
|
162
117
|
none: false
|
163
118
|
requirements:
|
164
119
|
- - ! '>='
|
@@ -166,12 +121,7 @@ dependencies:
|
|
166
121
|
version: '0'
|
167
122
|
type: :development
|
168
123
|
prerelease: false
|
169
|
-
version_requirements:
|
170
|
-
none: false
|
171
|
-
requirements:
|
172
|
-
- - ! '>='
|
173
|
-
- !ruby/object:Gem::Version
|
174
|
-
version: '0'
|
124
|
+
version_requirements: *2163592540
|
175
125
|
description: ! "This gem provides request authentication via [HMAC](http://en.wikipedia.org/wiki/Hmac).
|
176
126
|
The main usage is request based, noninteractive\n authentication for API implementations.
|
177
127
|
Two strategies are supported that differ mainly in how the authentication information
|
@@ -197,8 +147,7 @@ files:
|
|
197
147
|
- lib/hmac/strategies/header.rb
|
198
148
|
- lib/hmac/strategies/query.rb
|
199
149
|
- lib/hmac/string/jruby.rb
|
200
|
-
-
|
201
|
-
YmluL3dhcmRlbi1obWFjLWF1dGhlbnRpY2F0aW9u
|
150
|
+
- bin/warden-hmac-authentication
|
202
151
|
homepage: https://github.com/Asquera/warden-hmac-authentication
|
203
152
|
licenses: []
|
204
153
|
post_install_message:
|
@@ -219,7 +168,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
219
168
|
version: '0'
|
220
169
|
requirements: []
|
221
170
|
rubyforge_project:
|
222
|
-
rubygems_version: 1.8.
|
171
|
+
rubygems_version: 1.8.7
|
223
172
|
signing_key:
|
224
173
|
specification_version: 3
|
225
174
|
summary: Provides request based, non-interactive authentication for APIs
|