g91dl.rb

#!/usr/bin/ruby
#-*- coding: utf-8 -*-
require "rubygems"
require "mechanize"
require "hatenaauth.rb"
require "cgi"
####config
params = {
    :api_key => "ここにapiキー",
    :secret => "ここに秘密鍵"
}
#dlfile = "/var/www/giantshop.jpg"
# ["DLしたいファイルの絶対パス1","DLしたいファイルの絶対パス2"] のようにお願いします。
#1番目のファイルをダウンロードさせたければ g91dl.rb?fn=1とリンクを張ってやってください。 2番目なら g91dl.rb?fn=2・・
dlfile = ["DLさせたいファイル1"]
#####
def get_members()
    agent = WWW::Mechanize.new
    ary = []
    page = agent.get("http://generation1991.g.hatena.ne.jp/diarylist")
    while page.at(".next")
        page.search(".refererlist/ul/li/a").each{|m| ary << m["href"].gsub("/","")}
        page = agent.get(page.at(".next")["href"])
    end
    return ary
end
def download(filename)
  
  open(filename) {|fp|
    
    basename = File.basename(filename)
  
    param = {
      'Content-Type'   => "application/octet-stream",
      'Content-Length' => fp.stat.size,
      'Expires' => 0,
      'Cache-Control' => "must-revalidate, post-check=0,pre-check=0",
      'Pragma' => "private",
      'Content-Disposition' => "attachment; filename=\"#{basename}\""
    }
  
    cgi = CGI.new
    cgi.out(param){
      fp.read
    }
  }
  rescue => e
    cgi = CGI.new
    cgi.out(){ e.to_s }
end

#####
cgi = CGI.new
if !cgi.has_key?("fn")
    print "Content-Type: text/html\r\n\r\n"
    print "<h1>error! filenumber missed</h1>"
    exit 0
elsif cgi["fn"].to_i == 0
    print "Content-Type: text/html\r\n\r\n"
    print "<h1>error! filenumber missed</h1>"
    exit 0
end
if cgi["fn"].to_i > dlfile.length
    print "Content-Type: text/html\r\n\r\n"
    print "<h1>error! file missing</h1>"
    exit 0
end
auth = Hatena::API::Auth.new(params)
if !cgi.has_key?("cert")
    print cgi.header({'status' => 'REDIRECT', 'Location' => auth.uri_to_login(:fn => cgi['fn']).to_s})
end
begin
    hatena = auth.login(cgi['cert'])
    if get_members().index(hatena["name"])
        download(dlfile[(cgi['fn'].to_i)-1])
    else
        print "Content-Type: text/html\r\n\r\n"
        print "<h1>You are not g91 member!!</h1>"
    end
rescue Hatena::API::AuthError => e
    print cgi.header({'status' => 'REDIRECT', 'Location' => auth.uri_to_login(:fn => cgi['fn']).to_s})
    
end

hatenaauth.rb

require 'open-uri'
require 'uri'

begin
  require 'md5'
rescue LoadError
end

begin
  require 'json'
rescue LoadError
  require 'rubygems'
  require 'json'
end

module Hatena
  module API
    class AuthError < RuntimeError;end
    class Auth
      BASE_URI = 'http://auth.hatena.ne.jp/'
      PATH = {
        :auth => '/auth',
        :json => '/api/auth.json'
      }.freeze
      VERSION = '0.1.0'

      attr_accessor :api_key, :secret
      def initialize(options = {})
        @api_key = options[:api_key]
        @secret  = options[:secret]
      end

      def uri_to_login(request = {})
        uri = URI.parse BASE_URI
        uri.path = PATH[:auth]
        uri.query = query_with_api_sig(request)
        uri
      end

      def login(cert)
        result = JSON.parse open(
                   uri_to_authcheck(cert),
                   'User-Agent' => "#{self.class}/#{VERSION} - Ruby"
                 ).read

        if result['has_error']
          raise AuthError.new(result['error']['message'])
        else
          result['user']
        end
      end

      private
      def api_sig(hash)
        Digest::MD5.hexdigest(@secret + hash.to_a.map.sort_by {|i| i.first.to_s}.join)
      end

      def uri_to_authcheck(cert)
        uri = URI.parse BASE_URI
        uri.path = PATH[:json]
        uri.query = query_with_api_sig(:cert => cert)
        uri
      end

      def query_with_api_sig(request = {})
        query = request.update(:api_key => @api_key)
        query[:api_sig] = api_sig(query)
        query.map {|i| i.join '=' }.join('&')
      end
    end
  end
end