wp-hmac 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: cf1d6de791dc384d8d18884a533f1880c958a6a1
+  data.tar.gz: b133c48a1c83199ac676619288ff35d4d603507a
+SHA512:
+  metadata.gz: 7397578368f49eb3e0f8de78044b0c05f1b7398eb6d8b4314b2dfa29f714b7388747eb906a2eb4235c52cf30f5ed9fcef83b439fbce8a3b3f812b6f6885dc851
+  data.tar.gz: e16bf36a546695951d9dc532cbd09392321efbdfa403513f8980f0e8c0b04a62f7c748c8113170b0ca12319791ac82601eff16b97c2d1b82224740ac53093872

data/.gitignore

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in wp-hmac.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Andrew Nagi
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,91 @@
+# Wp::Hmac
+
+This gem wraps EY::ApiHMAC and attempts to make it easy to:
+  - Enable HMAC for specific routes in your Rack application.
+  - Add different secret keys for different customers, servers, routes or users.
+
+It works with Rack applications like Ruby on Rails.
+
+You should also consider using
+[ey_api_hmac](https://github.com/engineyard/ey_api_hmac) directly, especially
+if you only have one secret key or want HMAC enabled for every request.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'wp-hmac'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install wp-hmac
+
+## Usage
+
+### Configuration
+
+You need to:
+
+1. Add at least one key
+1. Add at least one regex to match routes that will require HMAC
+1. Provide a mechanism to ascertain the correct key to use (via `get_auth_id_for_request`)
+
+``` ruby
+WP::HMAC.configure do
+  add_key(id: 'esso', auth_key: key['auth_key'])
+  add_key(id: 'texaco', auth_key: 'super_secr3t_key'])
+
+  add_hmac_enabled_route %r{^/texaco-api/}
+  add_hmac_enabled_route %r{^/esso-api/}
+
+  # This will be used by both the Server and Client
+  # in this `CurrentCustomer.name` returns either 'esso' or 'texaco'
+  #
+  # This method must be available at the Rack layer and wherever you
+  # use the client.
+  get_auth_id_for_request -> { CurrentCustomer.name }
+end
+```
+
+You then need to slot the middleware into your rack stack. For Rails:
+
+``` ruby
+use WP::HMAC::Server
+```
+
+### Using the client
+
+Use like this ...
+``` ruby
+   HMAC::Client.get('https://www.example.com/api/staff')
+   HMAC::Client.post('https://www.example.com/api/schedules, {'HEADER' => 'foo'}, StringIO.new('data'))
+```
+ ... or like this:
+``` ruby
+   client = HMAC::Client.new('https://www.example.com')
+   client.get('api/staff')
+   client.post('api/schedules', {}, StringIO.new('data'))
+```
+See Rack::Client docs for more.
+
+## Testing
+
+You can use the client and server to test at the Rack layer without transporting over HTTP. See the `spec/hmac_spec.rb` for the detail.
+
+## Contributing
+
+1. Fork it ( https://github.com/[my-github-username]/wp-hmac/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request
+
+### Thanks
+
+Many thanks to [Engine Yard](https://github.com/engineyard) for [https://github.com/engineyard/ey_api_hmac](Engine Yard HMAC api implementation).

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/lib/wp/hmac/client.rb

@@ -0,0 +1,40 @@
+module WP
+  module HMAC
+    class Client
+      def initialize(url = nil, app = Rack::Client::Handler::NetHTTP)
+        build_rack_client(url, app)
+      end
+
+      def build_rack_client(url, app)
+        id = key_cabinet.id
+        auth_key = key_cabinet.auth_key
+
+        @client = Rack::Client.new(url) do
+          use Rack::Config do |env|
+            env['HTTP_DATE'] = Time.zone.now.httpdate
+          end
+          use EY::ApiHMAC::ApiAuth::Client, id, auth_key
+          run app
+        end
+        @client
+      end
+
+      def method_missing(method_missing, *args, &block)
+        @client.send(method_missing, *args, &block)
+      end
+
+      def key_cabinet
+        @key_cabinet ||= HMAC::KeyCabinet.find_by_auth_id(HMAC.auth_id)
+      end
+
+      class << self
+        %i(delete get head options post put).each do |method|
+          define_method(method) do |*args|
+            client = Client.new
+            client.send(method, *args)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/wp/hmac/key_cabinet.rb

@@ -0,0 +1,22 @@
+module WP
+  module HMAC
+    class KeyCabinet
+      class KeyNotFound < Exception; end
+
+      class << self
+        attr_accessor :keys
+
+        def add_key(id:, auth_key:)
+          @keys ||= {}
+          @keys[id] = { id: id, auth_key: auth_key }
+        end
+
+        def find_by_auth_id(id)
+          key = @keys[id]
+          raise KeyNotFound, 'Ensure all secret keys are loaded with `HMAC::KeyCabinet.add_key`' if key.nil?
+          OpenStruct.new(key)
+        end
+      end
+    end
+  end
+end

data/lib/wp/hmac/server.rb

@@ -0,0 +1,39 @@
+module WP
+  module HMAC
+    class Server
+      @hmac_enabled_routes = []
+
+      class << self
+        attr_accessor :hmac_enabled_routes
+      end
+
+      def initialize(app)
+        @app = app
+        @hmac_auth = EY::ApiHMAC::ApiAuth::Server.new(app, HMAC::KeyCabinet)
+      end
+
+      def call(env)
+        if hmac_enabled_route?(env)
+          verify_key!
+          @hmac_auth.call(env)
+        else
+          @app.call(env)
+        end
+      end
+
+      def verify_key!
+        KeyCabinet.find_by_auth_id(id_for_request)
+      end
+
+      def id_for_request
+        HMAC.auth_id
+      end
+
+      private
+
+      def hmac_enabled_route?(env)
+        Server.hmac_enabled_routes.any? { |r| env['PATH_INFO'].match(r) }
+      end
+    end
+  end
+end

data/lib/wp/hmac/version.rb

@@ -0,0 +1,5 @@
+module Wp
+  module Hmac
+    VERSION = "0.0.1"
+  end
+end

data/lib/wp/hmac.rb

@@ -0,0 +1,42 @@
+require "wp/hmac/version"
+require 'rubygems'
+require 'bundler/setup'
+Bundler.require
+require 'rack/client'
+require 'ey_api_hmac'
+
+require File.expand_path('../hmac/server', __FILE__)
+require File.expand_path('../hmac/client', __FILE__)
+require File.expand_path('../hmac/key_cabinet', __FILE__)
+
+module WP
+  module HMAC
+    class MissingConfiguration < StandardError; end
+
+    def self.configure(&block)
+      instance_eval(&block)
+    end
+
+    def self.add_key(id:, auth_key:)
+      KeyCabinet.add_key( { id: id, auth_key: auth_key } )
+    end
+
+    def self.add_hmac_enabled_route(route_regex)
+      Server.hmac_enabled_routes << route_regex
+    end
+
+    def self.get_auth_id_for_request(callable)
+      @callable = callable
+    end
+
+    def self.auth_id
+      raise MissingConfiguration('Set get_auth_id_for_request in the initializer') unless @callable
+      @callable.call
+    end
+
+    def self.reset
+      KeyCabinet.keys = {}
+      Server.hmac_enabled_routes = []
+    end
+  end
+end

data/spec/app/.gitignore

@@ -0,0 +1,16 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-journal
+
+# Ignore all logfiles and tempfiles.
+/log/*.log
+/tmp

data/spec/app/Gemfile

@@ -0,0 +1,40 @@
+source 'https://rubygems.org'
+
+
+# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
+gem 'rails', '4.1.4'
+# Use sqlite3 as the database for Active Record
+gem 'sqlite3'
+# Use SCSS for stylesheets
+gem 'sass-rails', '~> 4.0.3'
+# Use Uglifier as compressor for JavaScript assets
+gem 'uglifier', '>= 1.3.0'
+# Use CoffeeScript for .js.coffee assets and views
+gem 'coffee-rails', '~> 4.0.0'
+# See https://github.com/sstephenson/execjs#readme for more supported runtimes
+# gem 'therubyracer',  platforms: :ruby
+
+# Use jquery as the JavaScript library
+gem 'jquery-rails'
+# Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks
+gem 'turbolinks'
+# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
+gem 'jbuilder', '~> 2.0'
+# bundle exec rake doc:rails generates the API under doc/api.
+gem 'sdoc', '~> 0.4.0',          group: :doc
+
+# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
+gem 'spring',        group: :development
+
+# Use ActiveModel has_secure_password
+# gem 'bcrypt', '~> 3.1.7'
+
+# Use unicorn as the app server
+# gem 'unicorn'
+
+# Use Capistrano for deployment
+# gem 'capistrano-rails', group: :development
+
+# Use debugger
+# gem 'debugger', group: [:development, :test]
+

data/spec/app/Gemfile.lock

@@ -0,0 +1,125 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actionmailer (4.1.4)
+      actionpack (= 4.1.4)
+      actionview (= 4.1.4)
+      mail (~> 2.5.4)
+    actionpack (4.1.4)
+      actionview (= 4.1.4)
+      activesupport (= 4.1.4)
+      rack (~> 1.5.2)
+      rack-test (~> 0.6.2)
+    actionview (4.1.4)
+      activesupport (= 4.1.4)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+    activemodel (4.1.4)
+      activesupport (= 4.1.4)
+      builder (~> 3.1)
+    activerecord (4.1.4)
+      activemodel (= 4.1.4)
+      activesupport (= 4.1.4)
+      arel (~> 5.0.0)
+    activesupport (4.1.4)
+      i18n (~> 0.6, >= 0.6.9)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.1)
+      tzinfo (~> 1.1)
+    arel (5.0.1.20140414130214)
+    builder (3.2.2)
+    coffee-rails (4.0.1)
+      coffee-script (>= 2.2.0)
+      railties (>= 4.0.0, < 5.0)
+    coffee-script (2.3.0)
+      coffee-script-source
+      execjs
+    coffee-script-source (1.8.0)
+    erubis (2.7.0)
+    execjs (2.2.1)
+    hike (1.2.3)
+    i18n (0.6.11)
+    jbuilder (2.1.3)
+      activesupport (>= 3.0.0, < 5)
+      multi_json (~> 1.2)
+    jquery-rails (3.1.2)
+      railties (>= 3.0, < 5.0)
+      thor (>= 0.14, < 2.0)
+    json (1.8.1)
+    mail (2.5.4)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.25.1)
+    minitest (5.4.1)
+    multi_json (1.10.1)
+    polyglot (0.3.5)
+    rack (1.5.2)
+    rack-test (0.6.2)
+      rack (>= 1.0)
+    rails (4.1.4)
+      actionmailer (= 4.1.4)
+      actionpack (= 4.1.4)
+      actionview (= 4.1.4)
+      activemodel (= 4.1.4)
+      activerecord (= 4.1.4)
+      activesupport (= 4.1.4)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 4.1.4)
+      sprockets-rails (~> 2.0)
+    railties (4.1.4)
+      actionpack (= 4.1.4)
+      activesupport (= 4.1.4)
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (10.3.2)
+    rdoc (4.1.1)
+      json (~> 1.4)
+    sass (3.2.19)
+    sass-rails (4.0.3)
+      railties (>= 4.0.0, < 5.0)
+      sass (~> 3.2.0)
+      sprockets (~> 2.8, <= 2.11.0)
+      sprockets-rails (~> 2.0)
+    sdoc (0.4.1)
+      json (~> 1.7, >= 1.7.7)
+      rdoc (~> 4.0)
+    spring (1.1.3)
+    sprockets (2.11.0)
+      hike (~> 1.2)
+      multi_json (~> 1.0)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    sprockets-rails (2.1.4)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      sprockets (~> 2.8)
+    sqlite3 (1.3.9)
+    thor (0.19.1)
+    thread_safe (0.3.4)
+    tilt (1.4.1)
+    treetop (1.4.15)
+      polyglot
+      polyglot (>= 0.3.1)
+    turbolinks (2.3.0)
+      coffee-rails
+    tzinfo (1.2.2)
+      thread_safe (~> 0.1)
+    uglifier (2.5.3)
+      execjs (>= 0.3.0)
+      json (>= 1.8.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  coffee-rails (~> 4.0.0)
+  jbuilder (~> 2.0)
+  jquery-rails
+  rails (= 4.1.4)
+  sass-rails (~> 4.0.3)
+  sdoc (~> 0.4.0)
+  spring
+  sqlite3
+  turbolinks
+  uglifier (>= 1.3.0)

data/spec/app/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/spec/app/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/spec/app/app/assets/javascripts/application.js

@@ -0,0 +1,16 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require jquery
+//= require jquery_ujs
+//= require turbolinks
+//= require_tree .

data/spec/app/app/assets/stylesheets/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/spec/app/app/controllers/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/spec/app/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/app/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>App</title>
+  <%= stylesheet_link_tag    'application', media: 'all', 'data-turbolinks-track' => true %>
+  <%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/spec/app/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/spec/app/bin/rails

@@ -0,0 +1,8 @@
+#!/usr/bin/env ruby
+begin
+  load File.expand_path("../spring", __FILE__)
+rescue LoadError
+end
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/spec/app/bin/rake

@@ -0,0 +1,8 @@
+#!/usr/bin/env ruby
+begin
+  load File.expand_path("../spring", __FILE__)
+rescue LoadError
+end
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/spec/app/bin/spring

@@ -0,0 +1,18 @@
+#!/usr/bin/env ruby
+
+# This file loads spring without using Bundler, in order to be fast
+# It gets overwritten when you run the `spring binstub` command
+
+unless defined?(Spring)
+  require "rubygems"
+  require "bundler"
+
+  if match = Bundler.default_lockfile.read.match(/^GEM$.*?^    spring \((.*?)\)$.*?^$/m)
+    ENV["GEM_PATH"] = ([Bundler.bundle_path.to_s] + Gem.path).join(File::PATH_SEPARATOR)
+    ENV["GEM_HOME"] = ""
+    Gem.paths = ENV
+
+    gem "spring", match[1]
+    require "spring/binstub"
+  end
+end

data/spec/app/config/application.rb

@@ -0,0 +1,24 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(*Rails.groups)
+
+module App
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+    config.middleware.use WP::HMAC::Server
+  end
+end

data/spec/app/config/boot.rb

@@ -0,0 +1,4 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])