agcod 0.0.6 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
data/lib/agcod/request.rb CHANGED
@@ -32,14 +32,11 @@ module Agcod
32
32
  attr_reader :errors, :request_id, :sent, :action, :request, :parameters, :response, :xml_response, :status, :timestamp
33
33
 
34
34
  def sign_string(string_to_sign)
35
- #remove all the = and & from the serialized string
36
- sanitized_string = string_to_sign.gsub(/=|&/, "")
37
- # puts sanitized_string
38
- digest = OpenSSL::Digest::Digest.new('sha1')
39
- sha1 = OpenSSL::HMAC.digest(digest, Agcod::Configuration.secret_key, sanitized_string)
35
+ digest = OpenSSL::Digest::Digest.new('sha256')
36
+ sha256 = OpenSSL::HMAC.digest(digest, Agcod::Configuration.secret_key, string_to_sign)
40
37
 
41
38
  #Base64 encoding adds a linefeed to the end of the string so chop the last character!
42
- CGI.escape(Base64.encode64(sha1).chomp)
39
+ CGI.escape(Base64.encode64(sha256).chomp)
43
40
  end
44
41
 
45
42
  def request_id
@@ -118,7 +115,8 @@ module Agcod
118
115
  {
119
116
  "Action" => self.action,
120
117
  "AWSAccessKeyId" => Agcod::Configuration.access_key,
121
- "SignatureVersion" => "1",
118
+ "SignatureVersion" => "2",
119
+ "SignatureMethod" => "HmacSHA256",
122
120
  "MessageHeader.recipientId" => "AMAZON",
123
121
  "MessageHeader.sourceId" => Agcod::Configuration.partner_id,
124
122
  "MessageHeader.retryCount" => "0",
@@ -129,27 +127,20 @@ module Agcod
129
127
  end
130
128
 
131
129
  def build_sorted_and_signed_request_string
132
- params_to_submit = default_parameters.merge(self.parameters)
133
-
134
- unencoded_key_value_strings = []
130
+ params_to_submit = default_parameters.merge(self.parameters).sort
131
+ string_to_sign = build_v2_string_to_sign(params_to_submit)
135
132
  encoded_key_value_strings = []
136
- sort_parameters(params_to_submit).each do |p|
137
- unencoded_key_value_strings << p[0].to_s + p[1].to_s
138
-
139
- if p[0] =~ /Timestamp/i
140
- encoded_value = p[1]
141
- else
142
- encoded_value = CGI.escape(p[1].to_s)
143
- end
133
+
134
+ params_to_submit.each do |p|
135
+ encoded_value = p[0] =~ /Timestamp/i ? p[1] : CGI.escape(p[1].to_s)
144
136
  encoded_key_value_strings << p[0].to_s + "=" + encoded_value
145
137
  end
146
138
 
147
- signature = sign_string(unencoded_key_value_strings.join(""))
148
- encoded_key_value_strings.insert(encoded_key_value_strings.index("SignatureVersion=1") + 1 , "Signature=" + signature)
139
+ signature = sign_string(string_to_sign)
140
+ encoded_key_value_strings.insert(encoded_key_value_strings.index("SignatureVersion=2") + 1 , "Signature=" + signature)
149
141
  encoded_key_value_strings.join("&")
150
142
  end
151
143
 
152
-
153
144
  def sort_parameters(params)
154
145
  params.sort{|a, b| a[0].downcase <=> b[0].downcase }
155
146
  end
@@ -164,5 +155,23 @@ module Agcod
164
155
  Agcod::Configuration.logger.debug log_string
165
156
  end
166
157
 
158
+ def build_v2_string_to_sign(parameters)
159
+ parsed_uri = URI.parse(Agcod::Configuration.uri)
160
+
161
+ string_to_sign = "GET\n#{parsed_uri.host.downcase}\n#{parsed_uri.request_uri}\n"
162
+
163
+ parameters.sort.each_with_index do |v, i|
164
+ string_to_sign << '&' unless i == 0
165
+
166
+ string_to_sign << urlencode(v[0])
167
+ string_to_sign << "=#{urlencode(v[1])}" if !v[1].nil?
168
+ end
169
+
170
+ return string_to_sign
171
+ end
172
+
173
+ def urlencode(plaintext)
174
+ CGI.escape(plaintext.to_s).gsub("+", "%20").gsub("%7E", "~")
175
+ end
167
176
  end
168
177
  end
data/lib/agcod/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Agcod
2
- VERSION = "0.0.6"
2
+ VERSION = "0.1.0"
3
3
  end
@@ -42,4 +42,36 @@ class Agcod::RequestTest < Test::Unit::TestCase
42
42
  assert(@request.errors.count > 0)
43
43
  end
44
44
  end
45
+
46
+ context 'signature version 2' do
47
+ setup do
48
+ Agcod::Configuration.load(File.join(File.dirname(__FILE__), "..", "app_root"), "test")
49
+ @request = Agcod::HealthCheck.new
50
+ register_response @request.request_url, "health_check/success"
51
+ end
52
+
53
+ should "sort params using lexicographic byte ordering" do
54
+ @request.submit
55
+ proper_order = %w(AWSAccessKeyId Action MessageHeader.contentVersion MessageHeader.messageType MessageHeader.recipientId MessageHeader.retryCount MessageHeader.sourceId SignatureMethod SignatureVersion Signature Timestamp)
56
+ assert_equal proper_order, @request.request.split("&").map{|param| param.split('=').first}
57
+ end
58
+
59
+ should "include SignatureMethod=HmacSHA256&SignatureVersion=2 in the query string" do
60
+ @request.submit
61
+ assert @request.request.include?("SignatureMethod=HmacSHA256&SignatureVersion=2")
62
+ end
63
+
64
+ should 'begin with the request method, http host, and path in the string to sign' do
65
+ @request.submit
66
+ request_string_to_sign = @request.send(:build_v2_string_to_sign, @request.send(:default_parameters).merge(@request.parameters).sort)
67
+ assert request_string_to_sign.include?("GET\nagcws-gamma.amazon.com\n/\n")
68
+ end
69
+
70
+ should "use a sha256 digest" do
71
+ d = mock('digest')
72
+ OpenSSL::Digest::Digest.expects(:new).twice.with('sha256').returns(d)
73
+ OpenSSL::HMAC.expects(:digest).twice.returns ""
74
+ @request.submit
75
+ end
76
+ end
45
77
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: agcod
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.6
4
+ version: 0.1.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-01-09 00:00:00.000000000 Z
12
+ date: 2013-03-01 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: cucumber
@@ -165,7 +165,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
165
165
  version: '0'
166
166
  segments:
167
167
  - 0
168
- hash: 2406941575318541167
168
+ hash: -651393828966612354
169
169
  required_rubygems_version: !ruby/object:Gem::Requirement
170
170
  none: false
171
171
  requirements:
@@ -174,10 +174,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
174
174
  version: '0'
175
175
  segments:
176
176
  - 0
177
- hash: 2406941575318541167
177
+ hash: -651393828966612354
178
178
  requirements: []
179
179
  rubyforge_project: agcod
180
- rubygems_version: 1.8.23
180
+ rubygems_version: 1.8.24
181
181
  signing_key:
182
182
  specification_version: 3
183
183
  summary: A Wrapper for Amazon Gift Codes On Demand