akami 1.2.0 → 1.2.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 4d17edac634460b7b9cee2f6113d89c2713813a4
4
+ data.tar.gz: f5e4aea68fbb2c589b4016998244180a0a124e3f
5
+ SHA512:
6
+ metadata.gz: db43635bac8d3f6246bc5c265ee90ba55d258cd22fa2522a6f2c8c328973bf09d8e1bcb8991e3aef978076a68be28a6beda9a3d22e0cbd4170730b1698ebff35
7
+ data.tar.gz: c7d2242e8205bf0952dfc058026aa37544941c6cda31efc67329baa283aa90229736066ddf00832a9d80f93bcb3336314f801c9b2b2d8e0b17daf8635d642fca
@@ -1,8 +1,8 @@
1
+ # https://github.com/travis-ci/travis-ci/wiki/.travis.yml-options
2
+ language: "ruby"
3
+ script: "bundle exec rake"
1
4
  rvm:
2
- - 1.8.7
3
5
  - 1.9.2
4
- - ruby-head
5
- - ree
6
+ - 1.9.3
7
+ - jruby-19mode
6
8
  - rbx
7
- - rbx-2.0
8
- - jruby
@@ -1,10 +1,16 @@
1
+ ## master
2
+
3
+ ## 1.2.1 (2014-01-31)
4
+ * Fix: [#2](https://github.com/savonrb/akami/pull/2) Fixes related to WS-Security,
5
+ UserToken authentication.
6
+
1
7
  ## 1.2.0 (2012-06-28)
2
8
 
3
9
  * Fix: Lowered the version of Nokogiri required to use Akami.
4
10
 
5
11
  ## 1.1.0 (2012-06-06)
6
12
 
7
- * Feature: [#3](https://github.com/rubiii/akami/pull/3) - WSSE signing.
13
+ * Feature: [#3](https://github.com/savonrb/akami/pull/3) - WSSE signing.
8
14
 
9
15
  ## 1.0.0 (2011-07-03)
10
16
 
data/Gemfile CHANGED
@@ -1,2 +1,10 @@
1
- source "http://rubygems.org"
1
+ source 'https://rubygems.org'
2
2
  gemspec
3
+
4
+ platform :rbx do
5
+ gem 'json'
6
+ gem 'racc'
7
+ gem 'rubysl'
8
+ gem 'rubinius-coverage'
9
+ end
10
+
data/README.md CHANGED
@@ -1,4 +1,4 @@
1
- Akami [![Build Status](http://travis-ci.org/rubiii/akami.png)](http://travis-ci.org/rubiii/akami)
1
+ Akami [![Build Status](http://travis-ci.org/savonrb/akami.png)](http://travis-ci.org/savonrb/akami)
2
2
  =====
3
3
 
4
4
  Building Web Service Security.
@@ -7,20 +7,20 @@ Gem::Specification.new do |s|
7
7
  s.version = Akami::VERSION
8
8
  s.authors = ["Daniel Harrington"]
9
9
  s.email = ["me@rubiii.com"]
10
- s.homepage = "https://github.com/rubiii/#{s.name}"
10
+ s.homepage = "https://github.com/savonrb/#{s.name}"
11
11
  s.summary = "Web Service Security"
12
12
  s.description = "Building Web Service Security"
13
13
 
14
14
  s.rubyforge_project = s.name
15
+ s.license = "MIT"
15
16
 
16
17
  s.add_dependency "gyoku", ">= 0.4.0"
17
- s.add_dependency "nokogiri", ">= 1.4.0"
18
+ s.add_dependency "nokogiri"
18
19
 
19
- s.add_development_dependency "rake", "~> 0.8.7"
20
- s.add_development_dependency "rspec", "~> 2.5.0"
21
- s.add_development_dependency "mocha", "~> 0.9.8"
22
- s.add_development_dependency "timecop", "~> 0.3.5"
23
- s.add_development_dependency "autotest"
20
+ s.add_development_dependency "rake", "~> 10.0"
21
+ s.add_development_dependency "rspec", "~> 2.12"
22
+ s.add_development_dependency "mocha", "~> 0.13"
23
+ s.add_development_dependency "timecop", "~> 0.5"
24
24
 
25
25
  s.files = `git ls-files`.split("\n")
26
26
  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
@@ -1,5 +1,5 @@
1
1
  module Akami
2
2
 
3
- VERSION = "1.2.0"
3
+ VERSION = "1.2.1"
4
4
 
5
5
  end
@@ -111,18 +111,21 @@ module Akami
111
111
  # Returns a Hash containing wsse:UsernameToken details.
112
112
  def wsse_username_token
113
113
  if digest?
114
- security_hash :wsse, "UsernameToken",
114
+ token = security_hash :wsse, "UsernameToken",
115
115
  "wsse:Username" => username,
116
- "wsse:Nonce" => nonce,
116
+ "wsse:Nonce" => Base64.encode64(nonce),
117
117
  "wsu:Created" => timestamp,
118
118
  "wsse:Password" => digest_password,
119
119
  :attributes! => { "wsse:Password" => { "Type" => PASSWORD_DIGEST_URI } }
120
+ # clear the nonce after each use
121
+ @nonce = nil
120
122
  else
121
- security_hash :wsse, "UsernameToken",
123
+ token = security_hash :wsse, "UsernameToken",
122
124
  "wsse:Username" => username,
123
125
  "wsse:Password" => password,
124
126
  :attributes! => { "wsse:Password" => { "Type" => PASSWORD_TEXT_URI } }
125
127
  end
128
+ token
126
129
  end
127
130
 
128
131
  def wsse_signature
@@ -169,7 +172,7 @@ module Akami
169
172
  # Returns the WSSE password, encrypted for digest authentication.
170
173
  def digest_password
171
174
  token = nonce + timestamp + password
172
- Base64.encode64(Digest::SHA1.hexdigest(token)).chomp!
175
+ Base64.encode64(Digest::SHA1.digest(token)).chomp!
173
176
  end
174
177
 
175
178
  # Returns a WSSE nonce.
@@ -184,7 +187,7 @@ module Akami
184
187
 
185
188
  # Returns a WSSE timestamp.
186
189
  def timestamp
187
- @timestamp ||= Time.now.xmlschema
190
+ @timestamp ||= Time.now.utc.xmlschema
188
191
  end
189
192
 
190
193
  # Returns a new number with every call.
@@ -1,4 +1,6 @@
1
- require "spec_helper"
1
+ require 'spec_helper'
2
+ require 'base64'
3
+ require 'nokogiri'
2
4
 
3
5
  describe Akami do
4
6
  let(:wsse) { Akami.wsse }
@@ -147,17 +149,38 @@ describe Akami do
147
149
  end
148
150
 
149
151
  it "contains a wsse:Nonce tag" do
150
- wsse.to_xml.should match(/<wsse:Nonce>\w+<\/wsse:Nonce>/)
152
+ wsse.to_xml.should match(/<wsse:Nonce>[^<]+<\/wsse:Nonce>/)
151
153
  end
152
154
 
153
155
  it "contains a wsu:Created tag" do
154
- datetime_regexp = /\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}/
155
- wsse.to_xml.should match(/<wsu:Created>#{datetime_regexp}.+<\/wsu:Created>/)
156
+ created_at = Time.now
157
+ Timecop.freeze created_at do
158
+ wsse.to_xml.should include("<wsu:Created>#{created_at.utc.xmlschema}</wsu:Created>")
159
+ end
156
160
  end
157
161
 
158
162
  it "contains the PasswordDigest type attribute" do
159
163
  wsse.to_xml.should include(Akami::WSSE::PASSWORD_DIGEST_URI)
160
164
  end
165
+
166
+ it "should reset the nonce every time" do
167
+ created_at = Time.now
168
+ Timecop.freeze created_at do
169
+ nonce_regexp = /<wsse:Nonce>([^<]+)<\/wsse:Nonce>/
170
+ nonce_first = Base64.decode64(nonce_regexp.match(wsse.to_xml)[1])
171
+ nonce_second = Base64.decode64(nonce_regexp.match(wsse.to_xml)[1])
172
+ nonce_first.should_not == nonce_second
173
+ end
174
+ end
175
+
176
+ it "has contains a properly hashed password" do
177
+ xml_header = Nokogiri::XML(wsse.to_xml)
178
+ xml_header.remove_namespaces!
179
+ nonce = Base64.decode64(xml_header.xpath('//Nonce').first.content)
180
+ created_at = xml_header.xpath('//Created').first.content
181
+ password_hash = Base64.decode64(xml_header.xpath('//Password').first.content)
182
+ password_hash.should == Digest::SHA1.digest((nonce + created_at + "password"))
183
+ end
161
184
  end
162
185
 
163
186
  context "with #timestamp set to true" do
metadata CHANGED
@@ -1,142 +1,106 @@
1
- --- !ruby/object:Gem::Specification
1
+ --- !ruby/object:Gem::Specification
2
2
  name: akami
3
- version: !ruby/object:Gem::Version
4
- hash: 31
5
- prerelease:
6
- segments:
7
- - 1
8
- - 2
9
- - 0
10
- version: 1.2.0
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.2.1
11
5
  platform: ruby
12
- authors:
6
+ authors:
13
7
  - Daniel Harrington
14
8
  autorequire:
15
9
  bindir: bin
16
10
  cert_chain: []
17
-
18
- date: 2012-06-28 00:00:00 Z
19
- dependencies:
20
- - !ruby/object:Gem::Dependency
21
- version_requirements: &id001 !ruby/object:Gem::Requirement
22
- none: false
23
- requirements:
24
- - - ">="
25
- - !ruby/object:Gem::Version
26
- hash: 15
27
- segments:
28
- - 0
29
- - 4
30
- - 0
31
- version: 0.4.0
11
+ date: 2014-02-01 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
32
14
  name: gyoku
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '>='
18
+ - !ruby/object:Gem::Version
19
+ version: 0.4.0
33
20
  type: :runtime
34
21
  prerelease: false
35
- requirement: *id001
36
- - !ruby/object:Gem::Dependency
37
- version_requirements: &id002 !ruby/object:Gem::Requirement
38
- none: false
39
- requirements:
40
- - - ">="
41
- - !ruby/object:Gem::Version
42
- hash: 7
43
- segments:
44
- - 1
45
- - 4
46
- - 0
47
- version: 1.4.0
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '>='
25
+ - !ruby/object:Gem::Version
26
+ version: 0.4.0
27
+ - !ruby/object:Gem::Dependency
48
28
  name: nokogiri
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
49
34
  type: :runtime
50
35
  prerelease: false
51
- requirement: *id002
52
- - !ruby/object:Gem::Dependency
53
- version_requirements: &id003 !ruby/object:Gem::Requirement
54
- none: false
55
- requirements:
56
- - - ~>
57
- - !ruby/object:Gem::Version
58
- hash: 49
59
- segments:
60
- - 0
61
- - 8
62
- - 7
63
- version: 0.8.7
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '>='
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
64
42
  name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ~>
46
+ - !ruby/object:Gem::Version
47
+ version: '10.0'
65
48
  type: :development
66
49
  prerelease: false
67
- requirement: *id003
68
- - !ruby/object:Gem::Dependency
69
- version_requirements: &id004 !ruby/object:Gem::Requirement
70
- none: false
71
- requirements:
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
72
52
  - - ~>
73
- - !ruby/object:Gem::Version
74
- hash: 27
75
- segments:
76
- - 2
77
- - 5
78
- - 0
79
- version: 2.5.0
53
+ - !ruby/object:Gem::Version
54
+ version: '10.0'
55
+ - !ruby/object:Gem::Dependency
80
56
  name: rspec
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: '2.12'
81
62
  type: :development
82
63
  prerelease: false
83
- requirement: *id004
84
- - !ruby/object:Gem::Dependency
85
- version_requirements: &id005 !ruby/object:Gem::Requirement
86
- none: false
87
- requirements:
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
88
66
  - - ~>
89
- - !ruby/object:Gem::Version
90
- hash: 43
91
- segments:
92
- - 0
93
- - 9
94
- - 8
95
- version: 0.9.8
67
+ - !ruby/object:Gem::Version
68
+ version: '2.12'
69
+ - !ruby/object:Gem::Dependency
96
70
  name: mocha
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ~>
74
+ - !ruby/object:Gem::Version
75
+ version: '0.13'
97
76
  type: :development
98
77
  prerelease: false
99
- requirement: *id005
100
- - !ruby/object:Gem::Dependency
101
- version_requirements: &id006 !ruby/object:Gem::Requirement
102
- none: false
103
- requirements:
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
104
80
  - - ~>
105
- - !ruby/object:Gem::Version
106
- hash: 25
107
- segments:
108
- - 0
109
- - 3
110
- - 5
111
- version: 0.3.5
81
+ - !ruby/object:Gem::Version
82
+ version: '0.13'
83
+ - !ruby/object:Gem::Dependency
112
84
  name: timecop
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ~>
88
+ - !ruby/object:Gem::Version
89
+ version: '0.5'
113
90
  type: :development
114
91
  prerelease: false
115
- requirement: *id006
116
- - !ruby/object:Gem::Dependency
117
- version_requirements: &id007 !ruby/object:Gem::Requirement
118
- none: false
119
- requirements:
120
- - - ">="
121
- - !ruby/object:Gem::Version
122
- hash: 3
123
- segments:
124
- - 0
125
- version: "0"
126
- name: autotest
127
- type: :development
128
- prerelease: false
129
- requirement: *id007
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ~>
95
+ - !ruby/object:Gem::Version
96
+ version: '0.5'
130
97
  description: Building Web Service Security
131
- email:
98
+ email:
132
99
  - me@rubiii.com
133
100
  executables: []
134
-
135
101
  extensions: []
136
-
137
102
  extra_rdoc_files: []
138
-
139
- files:
103
+ files:
140
104
  - .gitignore
141
105
  - .rspec
142
106
  - .travis.yml
@@ -157,39 +121,30 @@ files:
157
121
  - lib/akami/xpath_helper.rb
158
122
  - spec/akami/wsse_spec.rb
159
123
  - spec/spec_helper.rb
160
- homepage: https://github.com/rubiii/akami
161
- licenses: []
162
-
124
+ homepage: https://github.com/savonrb/akami
125
+ licenses:
126
+ - MIT
127
+ metadata: {}
163
128
  post_install_message:
164
129
  rdoc_options: []
165
-
166
- require_paths:
130
+ require_paths:
167
131
  - lib
168
- required_ruby_version: !ruby/object:Gem::Requirement
169
- none: false
170
- requirements:
171
- - - ">="
172
- - !ruby/object:Gem::Version
173
- hash: 3
174
- segments:
175
- - 0
176
- version: "0"
177
- required_rubygems_version: !ruby/object:Gem::Requirement
178
- none: false
179
- requirements:
180
- - - ">="
181
- - !ruby/object:Gem::Version
182
- hash: 3
183
- segments:
184
- - 0
185
- version: "0"
132
+ required_ruby_version: !ruby/object:Gem::Requirement
133
+ requirements:
134
+ - - '>='
135
+ - !ruby/object:Gem::Version
136
+ version: '0'
137
+ required_rubygems_version: !ruby/object:Gem::Requirement
138
+ requirements:
139
+ - - '>='
140
+ - !ruby/object:Gem::Version
141
+ version: '0'
186
142
  requirements: []
187
-
188
143
  rubyforge_project: akami
189
- rubygems_version: 1.8.21
144
+ rubygems_version: 2.1.11
190
145
  signing_key:
191
- specification_version: 3
146
+ specification_version: 4
192
147
  summary: Web Service Security
193
- test_files:
148
+ test_files:
194
149
  - spec/akami/wsse_spec.rb
195
150
  - spec/spec_helper.rb