whispler-signature 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. data/Manifest +4 -0
  2. data/README.rdoc +2 -0
  3. data/Rakefile +12 -0
  4. data/lib/whispler-signature.rb +59 -0
  5. data/whispler-signature.gemspec +30 -0
  6. metadata +65 -0
data/Manifest ADDED
@@ -0,0 +1,4 @@
1
+ Manifest
2
+ README.rdoc
3
+ Rakefile
4
+ lib/whispler-signature.rb
data/README.rdoc ADDED
@@ -0,0 +1,2 @@
1
+ Whispler signatures
2
+ ===================
data/Rakefile ADDED
@@ -0,0 +1,12 @@
1
+ require 'rubygems'
2
+ require 'rake'
3
+ require 'echoe'
4
+
5
+ Echoe.new('whispler-signature', '0.1.0') do |p|
6
+ p.description = "Implements whispler signatures"
7
+ p.url = "http://github.com/pboy/whispler-signature"
8
+ p.author = "Whispler"
9
+ p.email = "developers@whispler.com"
10
+ p.ignore_pattern = ["tmp/*", "script/*"]
11
+ p.development_dependencies = []
12
+ end
data/lib/whispler-signature.rb ADDED
@@ -0,0 +1,59 @@
1
+ module WhisplerSignature
2
+
3
+ HEADER = "X-W-Signature"
4
+
5
+ #
6
+ # calculate outgoing signature; returns as a hash
7
+ #
8
+ # { "X-W-Signature", "ajhgdkhjgd:kjhgsjkhsgjhksgs" }
9
+ def self.calculate(api_key, verb, path, headers, body)
10
+ api_key = api_key.api_key if api_key.respond_to?(:api_key)
11
+ return {} unless api_key
12
+
13
+ salt = salt!
14
+ signature = calc_signature verb, path, api_key, salt, body
15
+ { HEADER => "#{salt}:#{signature}" }
16
+ end
17
+
18
+ #
19
+ # validates incoming signature
20
+ #
21
+ # - true: valid request signature
22
+ # - false: no request signature
23
+ #
24
+ # Raises an exception (ArgumentError) is the signature exists, but
25
+ # is invalid.
26
+ def self.validate?(api_key, req)
27
+ api_key = api_key.api_key if api_key.respond_to?(:api_key)
28
+ return false unless api_key && signature = req.headers[HEADER]
29
+
30
+ raise ArgumentError, "Invalid signature format" unless signature =~ /^(.+):([^:]+)$/
31
+
32
+ salt, checksum = $1, $2
33
+ sig = calc_signature req.method, req.env["REQUEST_URI"], req.raw_post, api_key, salt
34
+
35
+ raise ArgumentError, "Invalid signature" unless checksum == sig
36
+
37
+ true
38
+ end
39
+
40
+ private
41
+
42
+ # this is not a cryptographically strong salt generator
43
+ def self.salt!
44
+ "#{Time.now.to_i % 10177}-#{rand(0xffffff)}"
45
+ end
46
+
47
+ HEADER_ONLY_VERBS = [ :get, :head, :options ]
48
+
49
+ def self.calc_signature(verb, path, body, api_key, salt)
50
+ data = verb.to_s.upcase + "\n" +
51
+ path + "\n" +
52
+ api_key + "\n" +
53
+ salt + "\n"
54
+
55
+ data += body unless HEADER_ONLY_VERBS.include?(verb)
56
+
57
+ Digest::SHA1.hexdigest(data)
58
+ end
59
+ end
data/whispler-signature.gemspec ADDED
@@ -0,0 +1,30 @@
1
+ # -*- encoding: utf-8 -*-
2
+
3
+ Gem::Specification.new do |s|
4
+ s.name = %q{whispler-signature}
5
+ s.version = "0.1.0"
6
+
7
+ s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
8
+ s.authors = ["Whispler"]
9
+ s.date = %q{2009-12-12}
10
+ s.description = %q{Implements whispler signatures}
11
+ s.email = %q{developers@whispler.com}
12
+ s.extra_rdoc_files = ["README.rdoc", "lib/whispler-signature.rb"]
13
+ s.files = ["Manifest", "README.rdoc", "Rakefile", "lib/whispler-signature.rb", "whispler-signature.gemspec"]
14
+ s.homepage = %q{http://github.com/pboy/whispler-signature}
15
+ s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Whispler-signature", "--main", "README.rdoc"]
16
+ s.require_paths = ["lib"]
17
+ s.rubyforge_project = %q{whispler-signature}
18
+ s.rubygems_version = %q{1.3.5}
19
+ s.summary = %q{Implements whispler signatures}
20
+
21
+ if s.respond_to? :specification_version then
22
+ current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
23
+ s.specification_version = 3
24
+
25
+ if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
26
+ else
27
+ end
28
+ else
29
+ end
30
+ end
metadata ADDED
@@ -0,0 +1,65 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: whispler-signature
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Whispler
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+
12
+ date: 2009-12-12 00:00:00 +01:00
13
+ default_executable:
14
+ dependencies: []
15
+
16
+ description: Implements whispler signatures
17
+ email: developers@whispler.com
18
+ executables: []
19
+
20
+ extensions: []
21
+
22
+ extra_rdoc_files:
23
+ - README.rdoc
24
+ - lib/whispler-signature.rb
25
+ files:
26
+ - Manifest
27
+ - README.rdoc
28
+ - Rakefile
29
+ - lib/whispler-signature.rb
30
+ - whispler-signature.gemspec
31
+ has_rdoc: true
32
+ homepage: http://github.com/pboy/whispler-signature
33
+ licenses: []
34
+
35
+ post_install_message:
36
+ rdoc_options:
37
+ - --line-numbers
38
+ - --inline-source
39
+ - --title
40
+ - Whispler-signature
41
+ - --main
42
+ - README.rdoc
43
+ require_paths:
44
+ - lib
45
+ required_ruby_version: !ruby/object:Gem::Requirement
46
+ requirements:
47
+ - - ">="
48
+ - !ruby/object:Gem::Version
49
+ version: "0"
50
+ version:
51
+ required_rubygems_version: !ruby/object:Gem::Requirement
52
+ requirements:
53
+ - - ">="
54
+ - !ruby/object:Gem::Version
55
+ version: "1.2"
56
+ version:
57
+ requirements: []
58
+
59
+ rubyforge_project: whispler-signature
60
+ rubygems_version: 1.3.5
61
+ signing_key:
62
+ specification_version: 3
63
+ summary: Implements whispler signatures
64
+ test_files: []
65
+