warden-hmac-authentication 0.5.4 → 0.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. data/bin/warden-hmac-authentication +64 -12
  2. data/lib/hmac/strategies/base.rb +4 -4
  3. data/lib/hmac/strategies/header.rb +3 -3
  4. metadata +22 -22
data/bin/warden-hmac-authentication CHANGED
@@ -1,16 +1,68 @@
1
1
  #!/usr/bin/env ruby
2
- #
3
- # This file was generated by Bundler.
4
- #
5
- # The application 'warden-hmac-authentication' is installed as part of a gem, and
6
- # this file is here to facilitate running it.
7
- #
8
2
 
9
- require 'pathname'
10
- ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
11
- Pathname.new(__FILE__).realpath)
3
+ begin
4
+ require 'trollop'
5
+ rescue LoadError => e
6
+ puts ""
7
+ puts ""
8
+ puts "============= ERROR ================"
9
+ puts ""
10
+ puts "You need trollop installed or in your gemfile to use the signer"
11
+ puts ""
12
+ puts "============= ERROR ================"
13
+ puts ""
14
+ puts ""
15
+ exit(-1)
16
+ end
12
17
 
13
- require 'rubygems'
14
- require 'bundler/setup'
18
+ require 'hmac/signer'
15
19
 
16
- load Gem.bin_path('warden-hmac-authentication', 'warden-hmac-authentication')
20
+ opts = Trollop::options do
21
+
22
+ version "warden-hmac-sign 0.3.0 (c) 2011 Felix Gilcher, Florian Gilcher"
23
+ banner <<-EOS
24
+ warden-hmac-authentication is used to create and validate signed urls for
25
+ usage with the HMAC authentication scheme used by
26
+ https://github.com/Asquera/warden-hmac-authentication
27
+
28
+ Usage:
29
+ warden-hmac-authentication [options] <command> url
30
+
31
+ where command is one of
32
+
33
+ sign: signs the given url
34
+ validate: validates the given url
35
+
36
+ and where [options] are:
37
+
38
+ EOS
39
+
40
+ opt :algorithm, "The hashing algorithm to use for the HMAC", :type => :string, :default => "sha1"
41
+ opt :secret, "The shared secret for the HMAC", :type => :string, :required => true
42
+ opt :"auth-param", "The name for the auth param in the url", :default => "auth"
43
+ opt :"date", "The date to use for the signature (defaults to now)"
44
+ end
45
+
46
+ cmd = ARGV.shift
47
+ Trollop::die "You must give a command" if cmd.nil?
48
+ Trollop::die "You command must be one of [sign, validate]" unless ["sign", "validate"].include? cmd
49
+ Trollop::die "You must provide a URL" if ARGV.empty?
50
+ url = ARGV.shift
51
+
52
+ secret = opts.delete(:secret)
53
+ algorithm = opts.delete(:algorithm)
54
+
55
+ signer = HMAC::Signer.new(algorithm)
56
+
57
+ if "sign" == cmd
58
+ puts signer.sign_url(url, secret, opts)
59
+ else
60
+ success = signer.validate_url_signature(url, secret, opts)
61
+ if success
62
+ puts "URL #{url} is valid"
63
+ exit 0
64
+ else
65
+ puts "URL #{url} does not contain a valid signature"
66
+ exit 1
67
+ end
68
+ end
data/lib/hmac/strategies/base.rb CHANGED
@@ -105,7 +105,7 @@ module Warden
105
105
  end
106
106
 
107
107
  def auth_header
108
- config[:auth_header] || "Authorization"
108
+ (config[:auth_header] || "Authorization").upcase
109
109
  end
110
110
 
111
111
  def auth_scheme_name
@@ -113,15 +113,15 @@ module Warden
113
113
  end
114
114
 
115
115
  def nonce_header_name
116
- config[:nonce_header] || "X-#{auth_scheme_name}-Nonce"
116
+ (config[:nonce_header] || "X-#{auth_scheme_name}-Nonce").upcase
117
117
  end
118
118
 
119
119
  def alternate_date_header_name
120
- config[:alternate_date_header] || "X-#{auth_scheme_name}-Date"
120
+ (config[:alternate_date_header] || "X-#{auth_scheme_name}-Date").upcase
121
121
  end
122
122
 
123
123
  def optional_headers
124
- (config[:optional_headers] || []) + ["Content-MD5", "Content-Type"]
124
+ ((config[:optional_headers] || []) + ["Content-MD5", "Content-Type"]).map {|h| h.upcase }
125
125
  end
126
126
 
127
127
  def auth_header_format
data/lib/hmac/strategies/header.rb CHANGED
@@ -15,7 +15,7 @@ module Warden
15
15
  # @return [Bool] true if all required authentication information is available in the request
16
16
  # @see https://github.com/hassox/warden/wiki/Strategies
17
17
  def valid?
18
- valid = required_headers.all? { |h| headers.include?(h) } && headers.include?("Authorization") && has_timestamp?
18
+ valid = required_headers.all? { |h| headers.include?(h) } && headers.include?("AUTHORIZATION") && has_timestamp?
19
19
  valid = valid && scheme_valid?
20
20
  valid
21
21
  end
@@ -97,9 +97,9 @@ module Warden
97
97
 
98
98
  def date_header
99
99
  if headers.include? alternate_date_header_name
100
- alternate_date_header_name
100
+ alternate_date_header_name.upcase
101
101
  else
102
- "Date"
102
+ "DATE"
103
103
  end
104
104
  end
105
105
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: warden-hmac-authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.4
4
+ version: 0.5.5
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -10,11 +10,11 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2012-01-10 00:00:00.000000000Z
13
+ date: 2012-01-15 00:00:00.000000000Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: addressable
17
- requirement: &2160133740 !ruby/object:Gem::Requirement
17
+ requirement: &2157827400 !ruby/object:Gem::Requirement
18
18
  none: false
19
19
  requirements:
20
20
  - - ! '>='
@@ -22,10 +22,10 @@ dependencies:
22
22
  version: '0'
23
23
  type: :runtime
24
24
  prerelease: false
25
- version_requirements: *2160133740
25
+ version_requirements: *2157827400
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: rack
28
- requirement: &2160132880 !ruby/object:Gem::Requirement
28
+ requirement: &2157826460 !ruby/object:Gem::Requirement
29
29
  none: false
30
30
  requirements:
31
31
  - - ! '>='
@@ -33,10 +33,10 @@ dependencies:
33
33
  version: '0'
34
34
  type: :runtime
35
35
  prerelease: false
36
- version_requirements: *2160132880
36
+ version_requirements: *2157826460
37
37
  - !ruby/object:Gem::Dependency
38
38
  name: warden
39
- requirement: &2160131880 !ruby/object:Gem::Requirement
39
+ requirement: &2157825640 !ruby/object:Gem::Requirement
40
40
  none: false
41
41
  requirements:
42
42
  - - ! '>='
@@ -44,10 +44,10 @@ dependencies:
44
44
  version: '0'
45
45
  type: :runtime
46
46
  prerelease: false
47
- version_requirements: *2160131880
47
+ version_requirements: *2157825640
48
48
  - !ruby/object:Gem::Dependency
49
49
  name: rake
50
- requirement: &2160130760 !ruby/object:Gem::Requirement
50
+ requirement: &2157824460 !ruby/object:Gem::Requirement
51
51
  none: false
52
52
  requirements:
53
53
  - - ! '>='
@@ -55,10 +55,10 @@ dependencies:
55
55
  version: '0'
56
56
  type: :development
57
57
  prerelease: false
58
- version_requirements: *2160130760
58
+ version_requirements: *2157824460
59
59
  - !ruby/object:Gem::Dependency
60
60
  name: rack-test
61
- requirement: &2160129280 !ruby/object:Gem::Requirement
61
+ requirement: &2157823380 !ruby/object:Gem::Requirement
62
62
  none: false
63
63
  requirements:
64
64
  - - ! '>='
@@ -66,10 +66,10 @@ dependencies:
66
66
  version: '0'
67
67
  type: :development
68
68
  prerelease: false
69
- version_requirements: *2160129280
69
+ version_requirements: *2157823380
70
70
  - !ruby/object:Gem::Dependency
71
71
  name: riot
72
- requirement: &2160128600 !ruby/object:Gem::Requirement
72
+ requirement: &2157822860 !ruby/object:Gem::Requirement
73
73
  none: false
74
74
  requirements:
75
75
  - - ! '>='
@@ -77,10 +77,10 @@ dependencies:
77
77
  version: '0'
78
78
  type: :development
79
79
  prerelease: false
80
- version_requirements: *2160128600
80
+ version_requirements: *2157822860
81
81
  - !ruby/object:Gem::Dependency
82
82
  name: timecop
83
- requirement: &2160127940 !ruby/object:Gem::Requirement
83
+ requirement: &2157822400 !ruby/object:Gem::Requirement
84
84
  none: false
85
85
  requirements:
86
86
  - - ! '>='
@@ -88,10 +88,10 @@ dependencies:
88
88
  version: '0'
89
89
  type: :development
90
90
  prerelease: false
91
- version_requirements: *2160127940
91
+ version_requirements: *2157822400
92
92
  - !ruby/object:Gem::Dependency
93
93
  name: simplecov
94
- requirement: &2160127140 !ruby/object:Gem::Requirement
94
+ requirement: &2157821680 !ruby/object:Gem::Requirement
95
95
  none: false
96
96
  requirements:
97
97
  - - ! '>='
@@ -99,10 +99,10 @@ dependencies:
99
99
  version: '0'
100
100
  type: :development
101
101
  prerelease: false
102
- version_requirements: *2160127140
102
+ version_requirements: *2157821680
103
103
  - !ruby/object:Gem::Dependency
104
104
  name: simplecov-html
105
- requirement: &2160126080 !ruby/object:Gem::Requirement
105
+ requirement: &2157820800 !ruby/object:Gem::Requirement
106
106
  none: false
107
107
  requirements:
108
108
  - - ! '>='
@@ -110,10 +110,10 @@ dependencies:
110
110
  version: '0'
111
111
  type: :development
112
112
  prerelease: false
113
- version_requirements: *2160126080
113
+ version_requirements: *2157820800
114
114
  - !ruby/object:Gem::Dependency
115
115
  name: trollop
116
- requirement: &2160124740 !ruby/object:Gem::Requirement
116
+ requirement: &2157820020 !ruby/object:Gem::Requirement
117
117
  none: false
118
118
  requirements:
119
119
  - - ! '>='
@@ -121,7 +121,7 @@ dependencies:
121
121
  version: '0'
122
122
  type: :development
123
123
  prerelease: false
124
- version_requirements: *2160124740
124
+ version_requirements: *2157820020
125
125
  description: ! "This gem provides request authentication via [HMAC](http://en.wikipedia.org/wiki/Hmac).
126
126
  The main usage is request based, noninteractive\n authentication for API implementations.
127
127
  Two strategies are supported that differ mainly in how the authentication information