warden-hmac-authentication 0.5.4 → 0.5.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/bin/warden-hmac-authentication +64 -12
- data/lib/hmac/strategies/base.rb +4 -4
- data/lib/hmac/strategies/header.rb +3 -3
- metadata +22 -22
@@ -1,16 +1,68 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
-
#
|
3
|
-
# This file was generated by Bundler.
|
4
|
-
#
|
5
|
-
# The application 'warden-hmac-authentication' is installed as part of a gem, and
|
6
|
-
# this file is here to facilitate running it.
|
7
|
-
#
|
8
2
|
|
9
|
-
|
10
|
-
|
11
|
-
|
3
|
+
begin
|
4
|
+
require 'trollop'
|
5
|
+
rescue LoadError => e
|
6
|
+
puts ""
|
7
|
+
puts ""
|
8
|
+
puts "============= ERROR ================"
|
9
|
+
puts ""
|
10
|
+
puts "You need trollop installed or in your gemfile to use the signer"
|
11
|
+
puts ""
|
12
|
+
puts "============= ERROR ================"
|
13
|
+
puts ""
|
14
|
+
puts ""
|
15
|
+
exit(-1)
|
16
|
+
end
|
12
17
|
|
13
|
-
require '
|
14
|
-
require 'bundler/setup'
|
18
|
+
require 'hmac/signer'
|
15
19
|
|
16
|
-
|
20
|
+
opts = Trollop::options do
|
21
|
+
|
22
|
+
version "warden-hmac-sign 0.3.0 (c) 2011 Felix Gilcher, Florian Gilcher"
|
23
|
+
banner <<-EOS
|
24
|
+
warden-hmac-authentication is used to create and validate signed urls for
|
25
|
+
usage with the HMAC authentication scheme used by
|
26
|
+
https://github.com/Asquera/warden-hmac-authentication
|
27
|
+
|
28
|
+
Usage:
|
29
|
+
warden-hmac-authentication [options] <command> url
|
30
|
+
|
31
|
+
where command is one of
|
32
|
+
|
33
|
+
sign: signs the given url
|
34
|
+
validate: validates the given url
|
35
|
+
|
36
|
+
and where [options] are:
|
37
|
+
|
38
|
+
EOS
|
39
|
+
|
40
|
+
opt :algorithm, "The hashing algorithm to use for the HMAC", :type => :string, :default => "sha1"
|
41
|
+
opt :secret, "The shared secret for the HMAC", :type => :string, :required => true
|
42
|
+
opt :"auth-param", "The name for the auth param in the url", :default => "auth"
|
43
|
+
opt :"date", "The date to use for the signature (defaults to now)"
|
44
|
+
end
|
45
|
+
|
46
|
+
cmd = ARGV.shift
|
47
|
+
Trollop::die "You must give a command" if cmd.nil?
|
48
|
+
Trollop::die "You command must be one of [sign, validate]" unless ["sign", "validate"].include? cmd
|
49
|
+
Trollop::die "You must provide a URL" if ARGV.empty?
|
50
|
+
url = ARGV.shift
|
51
|
+
|
52
|
+
secret = opts.delete(:secret)
|
53
|
+
algorithm = opts.delete(:algorithm)
|
54
|
+
|
55
|
+
signer = HMAC::Signer.new(algorithm)
|
56
|
+
|
57
|
+
if "sign" == cmd
|
58
|
+
puts signer.sign_url(url, secret, opts)
|
59
|
+
else
|
60
|
+
success = signer.validate_url_signature(url, secret, opts)
|
61
|
+
if success
|
62
|
+
puts "URL #{url} is valid"
|
63
|
+
exit 0
|
64
|
+
else
|
65
|
+
puts "URL #{url} does not contain a valid signature"
|
66
|
+
exit 1
|
67
|
+
end
|
68
|
+
end
|
data/lib/hmac/strategies/base.rb
CHANGED
@@ -105,7 +105,7 @@ module Warden
|
|
105
105
|
end
|
106
106
|
|
107
107
|
def auth_header
|
108
|
-
config[:auth_header] || "Authorization"
|
108
|
+
(config[:auth_header] || "Authorization").upcase
|
109
109
|
end
|
110
110
|
|
111
111
|
def auth_scheme_name
|
@@ -113,15 +113,15 @@ module Warden
|
|
113
113
|
end
|
114
114
|
|
115
115
|
def nonce_header_name
|
116
|
-
config[:nonce_header] || "X-#{auth_scheme_name}-Nonce"
|
116
|
+
(config[:nonce_header] || "X-#{auth_scheme_name}-Nonce").upcase
|
117
117
|
end
|
118
118
|
|
119
119
|
def alternate_date_header_name
|
120
|
-
config[:alternate_date_header] || "X-#{auth_scheme_name}-Date"
|
120
|
+
(config[:alternate_date_header] || "X-#{auth_scheme_name}-Date").upcase
|
121
121
|
end
|
122
122
|
|
123
123
|
def optional_headers
|
124
|
-
(config[:optional_headers] || []) + ["Content-MD5", "Content-Type"]
|
124
|
+
((config[:optional_headers] || []) + ["Content-MD5", "Content-Type"]).map {|h| h.upcase }
|
125
125
|
end
|
126
126
|
|
127
127
|
def auth_header_format
|
@@ -15,7 +15,7 @@ module Warden
|
|
15
15
|
# @return [Bool] true if all required authentication information is available in the request
|
16
16
|
# @see https://github.com/hassox/warden/wiki/Strategies
|
17
17
|
def valid?
|
18
|
-
valid = required_headers.all? { |h| headers.include?(h) } && headers.include?("
|
18
|
+
valid = required_headers.all? { |h| headers.include?(h) } && headers.include?("AUTHORIZATION") && has_timestamp?
|
19
19
|
valid = valid && scheme_valid?
|
20
20
|
valid
|
21
21
|
end
|
@@ -97,9 +97,9 @@ module Warden
|
|
97
97
|
|
98
98
|
def date_header
|
99
99
|
if headers.include? alternate_date_header_name
|
100
|
-
alternate_date_header_name
|
100
|
+
alternate_date_header_name.upcase
|
101
101
|
else
|
102
|
-
"
|
102
|
+
"DATE"
|
103
103
|
end
|
104
104
|
end
|
105
105
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warden-hmac-authentication
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.5
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,11 +10,11 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-01-
|
13
|
+
date: 2012-01-15 00:00:00.000000000Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: addressable
|
17
|
-
requirement: &
|
17
|
+
requirement: &2157827400 !ruby/object:Gem::Requirement
|
18
18
|
none: false
|
19
19
|
requirements:
|
20
20
|
- - ! '>='
|
@@ -22,10 +22,10 @@ dependencies:
|
|
22
22
|
version: '0'
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
|
-
version_requirements: *
|
25
|
+
version_requirements: *2157827400
|
26
26
|
- !ruby/object:Gem::Dependency
|
27
27
|
name: rack
|
28
|
-
requirement: &
|
28
|
+
requirement: &2157826460 !ruby/object:Gem::Requirement
|
29
29
|
none: false
|
30
30
|
requirements:
|
31
31
|
- - ! '>='
|
@@ -33,10 +33,10 @@ dependencies:
|
|
33
33
|
version: '0'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
|
-
version_requirements: *
|
36
|
+
version_requirements: *2157826460
|
37
37
|
- !ruby/object:Gem::Dependency
|
38
38
|
name: warden
|
39
|
-
requirement: &
|
39
|
+
requirement: &2157825640 !ruby/object:Gem::Requirement
|
40
40
|
none: false
|
41
41
|
requirements:
|
42
42
|
- - ! '>='
|
@@ -44,10 +44,10 @@ dependencies:
|
|
44
44
|
version: '0'
|
45
45
|
type: :runtime
|
46
46
|
prerelease: false
|
47
|
-
version_requirements: *
|
47
|
+
version_requirements: *2157825640
|
48
48
|
- !ruby/object:Gem::Dependency
|
49
49
|
name: rake
|
50
|
-
requirement: &
|
50
|
+
requirement: &2157824460 !ruby/object:Gem::Requirement
|
51
51
|
none: false
|
52
52
|
requirements:
|
53
53
|
- - ! '>='
|
@@ -55,10 +55,10 @@ dependencies:
|
|
55
55
|
version: '0'
|
56
56
|
type: :development
|
57
57
|
prerelease: false
|
58
|
-
version_requirements: *
|
58
|
+
version_requirements: *2157824460
|
59
59
|
- !ruby/object:Gem::Dependency
|
60
60
|
name: rack-test
|
61
|
-
requirement: &
|
61
|
+
requirement: &2157823380 !ruby/object:Gem::Requirement
|
62
62
|
none: false
|
63
63
|
requirements:
|
64
64
|
- - ! '>='
|
@@ -66,10 +66,10 @@ dependencies:
|
|
66
66
|
version: '0'
|
67
67
|
type: :development
|
68
68
|
prerelease: false
|
69
|
-
version_requirements: *
|
69
|
+
version_requirements: *2157823380
|
70
70
|
- !ruby/object:Gem::Dependency
|
71
71
|
name: riot
|
72
|
-
requirement: &
|
72
|
+
requirement: &2157822860 !ruby/object:Gem::Requirement
|
73
73
|
none: false
|
74
74
|
requirements:
|
75
75
|
- - ! '>='
|
@@ -77,10 +77,10 @@ dependencies:
|
|
77
77
|
version: '0'
|
78
78
|
type: :development
|
79
79
|
prerelease: false
|
80
|
-
version_requirements: *
|
80
|
+
version_requirements: *2157822860
|
81
81
|
- !ruby/object:Gem::Dependency
|
82
82
|
name: timecop
|
83
|
-
requirement: &
|
83
|
+
requirement: &2157822400 !ruby/object:Gem::Requirement
|
84
84
|
none: false
|
85
85
|
requirements:
|
86
86
|
- - ! '>='
|
@@ -88,10 +88,10 @@ dependencies:
|
|
88
88
|
version: '0'
|
89
89
|
type: :development
|
90
90
|
prerelease: false
|
91
|
-
version_requirements: *
|
91
|
+
version_requirements: *2157822400
|
92
92
|
- !ruby/object:Gem::Dependency
|
93
93
|
name: simplecov
|
94
|
-
requirement: &
|
94
|
+
requirement: &2157821680 !ruby/object:Gem::Requirement
|
95
95
|
none: false
|
96
96
|
requirements:
|
97
97
|
- - ! '>='
|
@@ -99,10 +99,10 @@ dependencies:
|
|
99
99
|
version: '0'
|
100
100
|
type: :development
|
101
101
|
prerelease: false
|
102
|
-
version_requirements: *
|
102
|
+
version_requirements: *2157821680
|
103
103
|
- !ruby/object:Gem::Dependency
|
104
104
|
name: simplecov-html
|
105
|
-
requirement: &
|
105
|
+
requirement: &2157820800 !ruby/object:Gem::Requirement
|
106
106
|
none: false
|
107
107
|
requirements:
|
108
108
|
- - ! '>='
|
@@ -110,10 +110,10 @@ dependencies:
|
|
110
110
|
version: '0'
|
111
111
|
type: :development
|
112
112
|
prerelease: false
|
113
|
-
version_requirements: *
|
113
|
+
version_requirements: *2157820800
|
114
114
|
- !ruby/object:Gem::Dependency
|
115
115
|
name: trollop
|
116
|
-
requirement: &
|
116
|
+
requirement: &2157820020 !ruby/object:Gem::Requirement
|
117
117
|
none: false
|
118
118
|
requirements:
|
119
119
|
- - ! '>='
|
@@ -121,7 +121,7 @@ dependencies:
|
|
121
121
|
version: '0'
|
122
122
|
type: :development
|
123
123
|
prerelease: false
|
124
|
-
version_requirements: *
|
124
|
+
version_requirements: *2157820020
|
125
125
|
description: ! "This gem provides request authentication via [HMAC](http://en.wikipedia.org/wiki/Hmac).
|
126
126
|
The main usage is request based, noninteractive\n authentication for API implementations.
|
127
127
|
Two strategies are supported that differ mainly in how the authentication information
|