agcod 0.0.6 → 0.1.0

data/lib/agcod/request.rb

@@ -32,14 +32,11 @@ module Agcod
     attr_reader :errors, :request_id, :sent, :action, :request, :parameters, :response, :xml_response, :status, :timestamp
 
     def sign_string(string_to_sign)
-      #remove all the = and & from the serialized string
-      sanitized_string = string_to_sign.gsub(/=|&/, "")
-      # puts sanitized_string
-      digest = OpenSSL::Digest::Digest.new('sha1')
-      sha1 = OpenSSL::HMAC.digest(digest, Agcod::Configuration.secret_key, sanitized_string)
+      digest = OpenSSL::Digest::Digest.new('sha256')
+      sha256 = OpenSSL::HMAC.digest(digest, Agcod::Configuration.secret_key, string_to_sign)
 
       #Base64 encoding adds a linefeed to the end of the string so chop the last character!
-      CGI.escape(Base64.encode64(sha1).chomp)
+      CGI.escape(Base64.encode64(sha256).chomp)
     end
 
     def request_id
@@ -118,7 +115,8 @@ module Agcod
       {
         "Action"                       => self.action,
         "AWSAccessKeyId"               => Agcod::Configuration.access_key,
-        "SignatureVersion"             => "1",
+        "SignatureVersion"             => "2",
+        "SignatureMethod"              => "HmacSHA256",
         "MessageHeader.recipientId"    => "AMAZON",
         "MessageHeader.sourceId"       => Agcod::Configuration.partner_id,
         "MessageHeader.retryCount"     => "0",
@@ -129,27 +127,20 @@ module Agcod
     end
 
     def build_sorted_and_signed_request_string
-      params_to_submit = default_parameters.merge(self.parameters)
-
-      unencoded_key_value_strings = []
+      params_to_submit = default_parameters.merge(self.parameters).sort
+      string_to_sign   = build_v2_string_to_sign(params_to_submit)
       encoded_key_value_strings = []
-      sort_parameters(params_to_submit).each do |p|
-        unencoded_key_value_strings << p[0].to_s + p[1].to_s
-
-        if p[0] =~ /Timestamp/i
-          encoded_value = p[1]
-        else
-          encoded_value = CGI.escape(p[1].to_s)
-        end
+
+      params_to_submit.each do |p|
+        encoded_value = p[0] =~ /Timestamp/i ? p[1] : CGI.escape(p[1].to_s)
         encoded_key_value_strings << p[0].to_s + "=" + encoded_value
       end
 
-      signature = sign_string(unencoded_key_value_strings.join(""))
-      encoded_key_value_strings.insert(encoded_key_value_strings.index("SignatureVersion=1") + 1 , "Signature=" + signature)
+      signature = sign_string(string_to_sign)
+      encoded_key_value_strings.insert(encoded_key_value_strings.index("SignatureVersion=2") + 1 , "Signature=" + signature)
       encoded_key_value_strings.join("&")
     end
 
-
     def sort_parameters(params)
       params.sort{|a, b| a[0].downcase <=> b[0].downcase }
     end
@@ -164,5 +155,23 @@ module Agcod
       Agcod::Configuration.logger.debug log_string
     end
 
+    def build_v2_string_to_sign(parameters)
+      parsed_uri = URI.parse(Agcod::Configuration.uri)
+
+      string_to_sign = "GET\n#{parsed_uri.host.downcase}\n#{parsed_uri.request_uri}\n"
+
+      parameters.sort.each_with_index do |v, i|
+        string_to_sign << '&' unless i == 0
+
+        string_to_sign << urlencode(v[0])
+        string_to_sign << "=#{urlencode(v[1])}" if !v[1].nil?
+      end
+
+      return string_to_sign
+    end
+
+    def urlencode(plaintext)
+      CGI.escape(plaintext.to_s).gsub("+", "%20").gsub("%7E", "~")
+    end
   end
 end

data/lib/agcod/version.rb

@@ -1,3 +1,3 @@
 module Agcod
-  VERSION = "0.0.6"
+  VERSION = "0.1.0"
 end

data/test/agcod/request_test.rb

@@ -42,4 +42,36 @@ class Agcod::RequestTest < Test::Unit::TestCase
       assert(@request.errors.count > 0)
     end
   end
+
+  context 'signature version 2' do
+    setup do
+      Agcod::Configuration.load(File.join(File.dirname(__FILE__), "..", "app_root"), "test")
+      @request = Agcod::HealthCheck.new
+      register_response @request.request_url, "health_check/success"
+    end
+
+    should "sort params using lexicographic byte ordering" do
+      @request.submit
+      proper_order = %w(AWSAccessKeyId Action MessageHeader.contentVersion MessageHeader.messageType MessageHeader.recipientId MessageHeader.retryCount MessageHeader.sourceId SignatureMethod SignatureVersion Signature Timestamp)
+      assert_equal proper_order, @request.request.split("&").map{|param| param.split('=').first}
+    end
+
+    should "include SignatureMethod=HmacSHA256&SignatureVersion=2 in the query string" do
+      @request.submit
+      assert @request.request.include?("SignatureMethod=HmacSHA256&SignatureVersion=2")
+    end
+
+    should 'begin with the request method, http host, and path in the string to sign' do
+      @request.submit
+      request_string_to_sign = @request.send(:build_v2_string_to_sign, @request.send(:default_parameters).merge(@request.parameters).sort)
+      assert request_string_to_sign.include?("GET\nagcws-gamma.amazon.com\n/\n")
+    end
+
+    should "use a sha256 digest" do
+      d = mock('digest')
+      OpenSSL::Digest::Digest.expects(:new).twice.with('sha256').returns(d)
+      OpenSSL::HMAC.expects(:digest).twice.returns ""
+      @request.submit
+    end
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: agcod
 version: !ruby/object:Gem::Version
-  version: 0.0.6
+  version: 0.1.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-01-09 00:00:00.000000000 Z
+date: 2013-03-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cucumber
@@ -165,7 +165,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 2406941575318541167
+      hash: -651393828966612354
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -174,10 +174,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 2406941575318541167
+      hash: -651393828966612354
 requirements: []
 rubyforge_project: agcod
-rubygems_version: 1.8.23
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: A Wrapper for Amazon Gift Codes On Demand