warden-hmac-authentication 0.6.3 → 0.6.4

data/README.md

@@ -178,7 +178,8 @@ Some headers are optional but should be included in the signature of the request
 includes `Content-MD5` and `Content-Type`. The list of optional headers can be configured using the `:optional_headers` config option.
 Optional headers are always included in the canonical representation if they are found in the request and not blank. Optional headers
 will be included in the canonical representation for query-based authentication if they are present in the request so be careful 
-not to include any header that is out of your clients control.
+not to include any header that is out of your clients control. Optional headers are currently not validated in any other way, that is
+the strategy does not check that they actually match the provided request body. This check is currently up to the application.
 
 ## Date and TTL
 

data/bin/warden-hmac-authentication

@@ -1,16 +1,68 @@
 #!/usr/bin/env ruby
-#
-# This file was generated by Bundler.
-#
-# The application 'warden-hmac-authentication' is installed as part of a gem, and
-# this file is here to facilitate running it.
-#
 
-require 'pathname'
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
-  Pathname.new(__FILE__).realpath)
+begin
+  require 'trollop'
+rescue LoadError => e
+  puts ""
+  puts ""
+  puts "============= ERROR ================"
+  puts ""
+  puts "You need trollop installed or in your gemfile to use the signer"
+  puts ""
+  puts "============= ERROR ================"
+  puts ""
+  puts ""
+  exit(-1)
+end
 
-require 'rubygems'
-require 'bundler/setup'
+require 'hmac/signer'
 
-load Gem.bin_path('warden-hmac-authentication', 'warden-hmac-authentication')
+opts = Trollop::options do
+  
+  version "warden-hmac-sign 0.3.0 (c) 2011 Felix Gilcher, Florian Gilcher"
+    banner <<-EOS
+  warden-hmac-authentication is used to create and validate signed urls for
+  usage with the HMAC authentication scheme used by 
+  https://github.com/Asquera/warden-hmac-authentication
+
+  Usage:
+         warden-hmac-authentication [options] <command> url
+  
+  where command is one of
+  
+    sign: signs the given url 
+    validate: validates the given url
+    
+  and where [options] are:
+  
+  EOS
+  
+  opt :algorithm, "The hashing algorithm to use for the HMAC", :type => :string, :default => "sha1"
+  opt :secret, "The shared secret for the HMAC", :type => :string, :required => true
+  opt :"auth-param", "The name for the auth param in the url", :default => "auth"
+  opt :"date", "The date to use for the signature (defaults to now)"
+end
+
+cmd = ARGV.shift
+Trollop::die "You must give a command" if cmd.nil?
+Trollop::die "You command must be one of [sign, validate]" unless ["sign", "validate"].include? cmd
+Trollop::die "You must provide a URL" if ARGV.empty?
+url = ARGV.shift
+
+secret = opts.delete(:secret)
+algorithm = opts.delete(:algorithm)
+
+signer = HMAC::Signer.new(algorithm)
+
+if "sign" == cmd
+  puts signer.sign_url(url, secret, opts)
+else
+  success = signer.validate_url_signature(url, secret, opts)
+  if success
+    puts "URL #{url} is valid"
+    exit 0
+  else
+    puts "URL #{url} does not contain a valid signature"
+    exit 1
+  end
+end

data/lib/faraday/request/hmac.rb

@@ -3,7 +3,7 @@ require 'hmac/signer'
 
 module Faraday
   class Request::Hmac < Faraday::Middleware
-      
+
     # create a new Hmac middleware instance
     #
     # @param [Object] app           The url of the request
@@ -13,7 +13,7 @@ module Faraday
     # @option options [String]             :nonce ('')           The nonce to use in the signature
     # @option options [String, #strftime]  :date (Time.now)      The date to use in the signature
     # @option options [Hash]               :headers ({})         A list of optional headers to include in the signature
-    #                       
+    #
     # @option options [String]             :auth_scheme ('HMAC')   The name of the authorization scheme used in the Authorization header and to construct various header-names
     # @option options [String]             :auth_param ('auth')   The name of the authentication param to use for query based authentication
     # @option options [Hash]               :extra_auth_params ({}) Additional parameters to inject in the auth parameter. This parameter is ignored unless :query_based evaluates to true.
@@ -27,21 +27,22 @@ module Faraday
     def initialize(app, secret, options = {})
       @app, @secret, @options, @query_values = app, secret, options
     end
-  
+
     def call(env)
       sign(env)
       @app.call(env)
     end
-  
+
     def sign(env)
       signer = HMAC::Signer.new
       url = env[:url]
-      headers, url = *signer.sign_request(url, @secret, @options)
-        
+      method = env[:method]
+      headers, url = *signer.sign_request(url, @secret, @options.merge(:method => env[:method]))
+
       env[:request_headers] = (env[:request_headers] || {}).merge(headers)
       env[:url] = URI.parse(url)
       env
     end
-      
+
   end
-end
+end

data/lib/faraday/request/hmac.rb~

@@ -0,0 +1,55 @@
+require 'faraday'
+require 'hmac/signer'
+
+module Faraday
+  class Request::Hmac < Faraday::Middleware
+
+    # create a new Hmac middleware instance
+    #
+    # @param [Object] app           The url of the request
+    # @param [String] secret        The shared secret for the signature
+    # @param [Hash]   options       Options for the signature generation
+    #
+    # @option options [String]             :nonce ('')           The nonce to use in the signature
+    # @option options [String, #strftime]  :date (Time.now)      The date to use in the signature
+    # @option options [Hash]               :headers ({})         A list of optional headers to include in the signature
+    #
+    # @option options [String]             :auth_scheme ('HMAC')   The name of the authorization scheme used in the Authorization header and to construct various header-names
+    # @option options [String]             :auth_param ('auth')   The name of the authentication param to use for query based authentication
+    # @option options [Hash]               :extra_auth_params ({}) Additional parameters to inject in the auth parameter. This parameter is ignored unless :query_based evaluates to true.
+    # @option options [String]             :auth_header ('Authorization') The name of the authorization header to use
+    # @option options [String]             :auth_header_format ('%{auth_scheme} %{signature}') The format of the authorization header. Will be interpolated with the given options and the signature.
+    # @option options [String]             :nonce_header ('X-#{auth_scheme}-Nonce') The header name for the request nonce
+    # @option options [String]             :alternate_date_header ('X-#{auth_scheme}-Date') The header name for the alternate date header
+    # @option options [Bool]               :query_based (false) Whether to use query based authentication
+    # @option options [Bool]               :use_alternate_date_header (false) Use the alternate date header instead of `Date`
+    #
+    def initialize(app, secret, options = {})
+      @app, @secret, @options, @query_values = app, secret, options
+    end
+
+    def call(env)
+      sign(env)
+      @app.call(env)
+    end
+
+    def sign(env)
+      signer = HMAC::Signer.new
+      url = env[:url]
+<<<<<<< HEAD
+      method = env[:method]
+      headers, url = *signer.sign_request(url, @secret, @options.merge(:method => env[:method]))
+=======
+
+      signer_options = { :method => env[:method] }.merge @options
+
+      headers, url = *signer.sign_request(url, @secret, signer_options)
+>>>>>>> fc6d1ee3917881a31a9f68a37ece8f630a896840
+
+      env[:request_headers] = (env[:request_headers] || {}).merge(headers)
+      env[:url] = URI.parse(url)
+      env
+    end
+
+  end
+end

metadata

@@ -1,211 +1,212 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification 
 name: warden-hmac-authentication
-version: !ruby/object:Gem::Version
-  version: 0.6.3
-  prerelease: 
+version: !ruby/object:Gem::Version 
+  hash: 15
+  prerelease: false
+  segments: 
+  - 0
+  - 6
+  - 4
+  version: 0.6.4
 platform: ruby
-authors:
+authors: 
 - Felix Gilcher
 - Florian Gilcher
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-10-08 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
+
+date: 2013-04-08 00:00:00 +02:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
   name: rack
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: warden
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: warden
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
   name: rake
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rack-test
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: rack-test
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: riot
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: riot
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: timecop
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: timecop
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: simplecov
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: simplecov
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: simplecov-html
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: simplecov-html
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: trollop
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id008
+- !ruby/object:Gem::Dependency 
+  name: trollop
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-description: ! "This gem provides request authentication via [HMAC](http://en.wikipedia.org/wiki/Hmac).
-  The main usage is request based, noninteractive\n  authentication for API implementations.
-  Two strategies are supported that differ mainly in how the authentication information
-  is\n  transferred to the server: One header-based authentication method and one
-  query-based. The authentication scheme is in some parts based\n  on ideas laid out
-  in this article and the following discussion: \n  http://broadcast.oreilly.com/2009/12/principles-for-standardized-rest-authentication.html\n\n
-  \ The gem also provides a small helper class that can be used to generate request
-  signatures."
-email:
+  requirement: &id009 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id009
+description: |-
+  This gem provides request authentication via [HMAC](http://en.wikipedia.org/wiki/Hmac). The main usage is request based, noninteractive
+    authentication for API implementations. Two strategies are supported that differ mainly in how the authentication information is
+    transferred to the server: One header-based authentication method and one query-based. The authentication scheme is in some parts based
+    on ideas laid out in this article and the following discussion: 
+    http://broadcast.oreilly.com/2009/12/principles-for-standardized-rest-authentication.html
+  
+    The gem also provides a small helper class that can be used to generate request signatures.
+email: 
 - felix.gilcher@asquera.de
 - florian.gilcher@asquera.de
-executables:
+executables: 
 - warden-hmac-authentication
 extensions: []
+
 extra_rdoc_files: []
-files:
+
+files: 
 - README.md
 - Rakefile
 - LICENSE
 - lib/faraday/request/hmac.rb
+- lib/faraday/request/hmac.rb~
 - lib/hmac/signer.rb
 - lib/hmac/strategies/base.rb
 - lib/hmac/strategies/header.rb
 - lib/hmac/strategies/query.rb
 - lib/hmac/string/jruby.rb
-- !binary |-
-  YmluL3dhcmRlbi1obWFjLWF1dGhlbnRpY2F0aW9u
+- bin/warden-hmac-authentication
+has_rdoc: true
 homepage: https://github.com/Asquera/warden-hmac-authentication
 licenses: []
+
 post_install_message: 
 rdoc_options: []
-require_paths:
+
+require_paths: 
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
 requirements: []
+
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
 summary: Provides request based, non-interactive authentication for APIs
 test_files: []
-has_rdoc: 
+