Project

uri_signature

0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
uri_signaturedgvz/uri_signatureHomepageDocumentationSource CodeBug TrackerWiki
A general purpose way of signing a URL when you need the signature to be added to the URL.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
3,319
Stars
1
Forks
0
Watchers
3
 Releases
Current version
0.1.0
Total releases
1
First release
2015-10-12
Latest release
2015-10-12
 Development
Primary Language
Ruby
Average date of last 50 commits
2015-10-13
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.10
rake
~> 10.0
rspec
>= 0

Runtime

addressable
>= 0
 Project Readme

UriSignature

A general purpose way of signing a URL when you need the signature to be added to the URL. This is useful when you need to redirect a user from one service to another and communicate information without any risk of tampering. It's based on a shared secret and HMAC being used to sign the URL.

This could be used in techniques described in http://broadcast.oreilly.com/2009/12/principles-for-standardized-rest-authentication.html

Installation

Add this line to your application's Gemfile:

gem 'uri_signature'

And then execute:

$ bundle

Or install it yourself as:

$ gem install uri_signature

Usage

pry(main)> require 'uri_signature'

pry(main)> signed_uri = URISignature.sign("http://foobar.com?my_trusted_information=helloworld", expiry: 300, key: "my_shared_secret_key")
=> "http://foobar.com?my_trusted_information=helloworld&signature=b99f3d00610361be49327938b82802c933aa4fac&signature_expires=1444691758"

pry(main)> URISignature.valid?(signed_uri, key: "my_shared_secret_key")
=> true

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/dgvz/uri_signature.