An authorization mixin for the Faye pubsub server.

This is still a work in progress.

After a client connects, it posts a message to /service/authorize with a signed array of authorized channel patterns. All attempts to post or subscribe to a channel must match at least one of the authorized patterns.

The pattern signature hash is verified with a shared secret set in the Faye options.

post /service/authorize
  patterns: ['publish/chats/**', 'subscribe/chats/**']
  hash: '...'

Post/subscribe to any channel: */** or just **

Post/subscribe to a specific channel: */user/1234

The signature hash is a SHA256 HMAC digest of the comma-separated list of authorized channel patterns.

OpenSSL::HMAC.hexdigest('sha256', @secret, patterns.join(','))