alexa_ruby 1.4.1 → 1.4.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 885185ced0feaf9f7c29b5fa510c4fb2d2302975
|
|
4
|
+
data.tar.gz: 6794b8781a17ab9b4f35a0200ee12fcc5ae3b70f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7850181557fff914087ec7b67ea40a07531c8ef5045bf9f864ff4b37c250d8b6314e48fff19437a690f54a8603f9b3470b0c081bae861f37e72ee0680cf5ac36
|
|
7
|
+
data.tar.gz: 344ab79e1fda1fd9df2cc2a0ab66911a2269e0f18433a0549c442d8026093b14035a9a5f640ef2795b27fdb79ba7f64c1b7e65910d50619fc226b4dd69630771
|
data/CHANGELOG
CHANGED
|
@@ -20,10 +20,7 @@ module AlexaRuby
|
|
|
20
20
|
#
|
|
21
21
|
# @return [Boolean]
|
|
22
22
|
def valid?
|
|
23
|
-
|
|
24
|
-
raise ArgumentError, 'Inactive host in SSL certificate' unless amazon?
|
|
25
|
-
raise ArgumentError, 'Signature and request mismatch' unless verified?
|
|
26
|
-
true
|
|
23
|
+
active? && amazon? && verified?
|
|
27
24
|
end
|
|
28
25
|
|
|
29
26
|
private
|
|
@@ -42,14 +39,24 @@ module AlexaRuby
|
|
|
42
39
|
# @return [Boolean]
|
|
43
40
|
def active?
|
|
44
41
|
now = Time.now
|
|
45
|
-
@cert.not_before < now && @cert.not_after > now
|
|
42
|
+
(@cert.not_before < now && @cert.not_after > now) ||
|
|
43
|
+
raise(
|
|
44
|
+
ArgumentError,
|
|
45
|
+
'Amazon SSL certificate is outdated ' \
|
|
46
|
+
"specified dates: #{@cert.not_before} - #{@cert.not_after}"
|
|
47
|
+
)
|
|
46
48
|
end
|
|
47
49
|
|
|
48
50
|
# Check if Subject Alternative Names includes Amazon domain name
|
|
49
51
|
#
|
|
50
52
|
# @return [Boolean]
|
|
51
53
|
def amazon?
|
|
52
|
-
@cert.subject.to_a.flatten.include?
|
|
54
|
+
@cert.subject.to_a.flatten.include?('echo-api.amazon.com') ||
|
|
55
|
+
raise(
|
|
56
|
+
ArgumentError,
|
|
57
|
+
'Certificate must be issued for "echo-api.amazon.com" ' \
|
|
58
|
+
"(given certificate subject: #{@cert.subject.to_a})"
|
|
59
|
+
)
|
|
53
60
|
end
|
|
54
61
|
|
|
55
62
|
# Check if given signature matches given request
|
|
@@ -58,7 +65,12 @@ module AlexaRuby
|
|
|
58
65
|
def verified?
|
|
59
66
|
sign = decode_signature
|
|
60
67
|
pkey = public_key
|
|
61
|
-
pkey.verify(hash, sign, @request)
|
|
68
|
+
pkey.verify(hash, sign, @request) ||
|
|
69
|
+
raise(
|
|
70
|
+
ArgumentError,
|
|
71
|
+
'Given request signature does not match with request SHA1 hash ' \
|
|
72
|
+
"(signature: #{sign})"
|
|
73
|
+
)
|
|
62
74
|
end
|
|
63
75
|
|
|
64
76
|
# Decode base64-encoded signature
|
|
@@ -14,11 +14,7 @@ module AlexaRuby
|
|
|
14
14
|
#
|
|
15
15
|
# @return [Boolean]
|
|
16
16
|
def valid?
|
|
17
|
-
|
|
18
|
-
raise ArgumentError, 'Not Amazon host in certificates URL' unless amazon?
|
|
19
|
-
raise ArgumentError, 'Invalid certificates chain URL' unless echo_api?
|
|
20
|
-
raise ArgumentError, 'Certificates chain URL must be HTTPS' unless port?
|
|
21
|
-
true
|
|
17
|
+
https? && amazon? && echo_api? && port?
|
|
22
18
|
end
|
|
23
19
|
|
|
24
20
|
private
|
|
@@ -27,28 +23,48 @@ module AlexaRuby
|
|
|
27
23
|
#
|
|
28
24
|
# @return [Boolean]
|
|
29
25
|
def https?
|
|
30
|
-
@uri.scheme == 'https'
|
|
26
|
+
@uri.scheme == 'https' ||
|
|
27
|
+
raise(
|
|
28
|
+
ArgumentError,
|
|
29
|
+
'Certificates chain URL must be an HTTPS-enabled endpoint ' \
|
|
30
|
+
"(current endpoint: #{@uri})"
|
|
31
|
+
)
|
|
31
32
|
end
|
|
32
33
|
|
|
33
34
|
# Check if URI host is a valid Amazon host
|
|
34
35
|
#
|
|
35
36
|
# @return [Boolean]
|
|
36
37
|
def amazon?
|
|
37
|
-
@uri.host.casecmp('s3.amazonaws.com').zero?
|
|
38
|
+
@uri.host.casecmp('s3.amazonaws.com').zero? ||
|
|
39
|
+
raise(
|
|
40
|
+
ArgumentError,
|
|
41
|
+
'Certificates chain host must be equal to "s3.amazonaws.com" ' \
|
|
42
|
+
"(current host: #{@uri.host})"
|
|
43
|
+
)
|
|
38
44
|
end
|
|
39
45
|
|
|
40
46
|
# Check if URI path starts with /echo.api/
|
|
41
47
|
#
|
|
42
48
|
# @return [Boolean]
|
|
43
49
|
def echo_api?
|
|
44
|
-
@uri.path[0..9] == '/echo.api/'
|
|
50
|
+
@uri.path[0..9] == '/echo.api/' ||
|
|
51
|
+
raise(
|
|
52
|
+
ArgumentError,
|
|
53
|
+
'Certificates chain URL path must start with "/echo.api/" ' \
|
|
54
|
+
"(current path: #{@uri.path})"
|
|
55
|
+
)
|
|
45
56
|
end
|
|
46
57
|
|
|
47
58
|
# Check if URI port is 443 if port is present
|
|
48
59
|
#
|
|
49
60
|
# @return [Boolean]
|
|
50
61
|
def port?
|
|
51
|
-
@uri.port.nil? || @uri.port == 443
|
|
62
|
+
@uri.port.nil? || @uri.port == 443 ||
|
|
63
|
+
raise(
|
|
64
|
+
ArgumentError,
|
|
65
|
+
'If certificates chain URL has a port specified, it must be 443 ' \
|
|
66
|
+
"(current port: #{@uri.port})"
|
|
67
|
+
)
|
|
52
68
|
end
|
|
53
69
|
end
|
|
54
70
|
end
|
|
@@ -25,7 +25,11 @@ module AlexaRuby
|
|
|
25
25
|
#
|
|
26
26
|
# @return [Boolean]
|
|
27
27
|
def valid_request?
|
|
28
|
-
|
|
28
|
+
unless timestamp_tolerant?
|
|
29
|
+
raise ArgumentError,
|
|
30
|
+
'Outdated request: request timestamp is more than ' \
|
|
31
|
+
"#{@timestamp_diff} seconds later than current time"
|
|
32
|
+
end
|
|
29
33
|
valid_uri? && valid_certificates?
|
|
30
34
|
end
|
|
31
35
|
|
data/lib/alexa_ruby/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: alexa_ruby
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.4.
|
|
4
|
+
version: 1.4.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mike Mulev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-08-
|
|
11
|
+
date: 2017-08-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -173,7 +173,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
173
173
|
version: '0'
|
|
174
174
|
requirements: []
|
|
175
175
|
rubyforge_project:
|
|
176
|
-
rubygems_version: 2.
|
|
176
|
+
rubygems_version: 2.2.2
|
|
177
177
|
signing_key:
|
|
178
178
|
specification_version: 4
|
|
179
179
|
summary: Ruby toolkit for Amazon Alexa API
|