Project

wp-hmac

0.0
No commit activity in last 3 years
No release in over 3 years
wp-hmacworkplacesystems/wp-hmacHomepageDocumentationSource CodeBug TrackerWiki
Enable different HMAC keys on different routes / subdomains.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
20,030
Stars
0
Forks
0
Watchers
10
 Releases
Current version
0.2.5
Total releases
7
First release
2014-09-09
Latest release
2015-09-25
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
5
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2015-05-12
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.6
fuubar
~> 2.0
pry
>= 0
rails
= 4.1.4
rake
~> 10.0
rspec
~> 3.0
rubocop
~> 0.29
sqlite3
>= 0

Runtime

ey_api_hmac
= 0.4.12
 Project Readme

Wp::Hmac

This gem wraps EY::ApiHMAC and attempts to make it easy to:

  • Enable HMAC for specific routes in your Rack application.
  • Add different secret keys for different customers, servers, routes or users.

It works with Rack applications like Ruby on Rails.

You should also consider using ey_api_hmac directly, especially if you only have one secret key or want HMAC enabled for every request.

Installation

Add this line to your application's Gemfile:

gem 'wp-hmac'

And then execute:

$ bundle

Or install it yourself as:

$ gem install wp-hmac

Usage

Configuration

You need to:

  1. Add at least one key
  2. Add at least one regex to match routes that will require HMAC
  3. Provide a mechanism to ascertain the correct key to use (via get_auth_id_for_request)
WP::HMAC.configure do
  add_key(id: 'esso', auth_key: key['auth_key'])
  add_key(id: 'texaco', auth_key: 'super_secr3t_key'])

  add_hmac_enabled_route %r{^/texaco-api/}
  add_hmac_enabled_route %r{^/esso-api/}

  # This will be used by both the Server and Client
  # in this `CurrentCustomer.name` returns either 'esso' or 'texaco'
  #
  # This method must be available at the Rack layer and wherever you
  # use the client.
  get_auth_id_for_request -> { CurrentCustomer.name }
end

You then need to slot the middleware into your rack stack. For Rails:

use WP::HMAC::Server

Using the client

Use like this ...

   WP::HMAC::Client.get('https://www.example.com/api/staff')
   WP::HMAC::Client.post('https://www.example.com/api/schedules, {'HEADER' => 'foo'}, 'data')

... or like this:

   client = WP::HMAC::Client.new('https://www.example.com')
   client.get('api/staff')
   client.post('api/schedules', {}, 'data')

See Rack::Client docs for more.

Testing

You can use the client and server to test at the Rack layer without transporting over HTTP. See the spec/hmac_spec.rb for the detail.

Contributing

  1. Fork it ( https://github.com/[my-github-username]/wp-hmac/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request

Thanks

Many thanks to Engine Yard for [https://github.com/engineyard/ey_api_hmac](Engine Yard HMAC api implementation).