alexa_ruby 1.4.1 → 1.4.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8a7ea50bc683ff688100129201ce17620283cf54
-  data.tar.gz: d68478364ba07687ee418b122c61375edf561e7d
+  metadata.gz: 885185ced0feaf9f7c29b5fa510c4fb2d2302975
+  data.tar.gz: 6794b8781a17ab9b4f35a0200ee12fcc5ae3b70f
 SHA512:
-  metadata.gz: c20b5bb37916591ac567ef848e58a406113c91b1dacc89c87250a0ba6237822206e4a4e4f10c4339b08273dd52d207840d5a393f56abfb1e3e915089c758490b
-  data.tar.gz: 729cc97caa2021000bfaacaaa59e0a673793b47accc95624f200ec66949b9d746f00747fdbdbfe6e0dd21bd44bd2f2d046496c013db1514a41025c1d055b48c9
+  metadata.gz: 7850181557fff914087ec7b67ea40a07531c8ef5045bf9f864ff4b37c250d8b6314e48fff19437a690f54a8603f9b3470b0c081bae861f37e72ee0680cf5ac36
+  data.tar.gz: 344ab79e1fda1fd9df2cc2a0ab66911a2269e0f18433a0549c442d8026093b14035a9a5f640ef2795b27fdb79ba7f64c1b7e65910d50619fc226b4dd69630771

data/CHANGELOG

@@ -1,3 +1,6 @@
+[1.4.2]
+- More verbose errors
+
 [1.4.1]
 - Use Time from stdlib
 

data/lib/alexa_ruby/request/base_request/validator/certificates.rb

@@ -20,10 +20,7 @@ module AlexaRuby
     #
     # @return [Boolean]
     def valid?
-      raise ArgumentError, 'Inactive Amazon SSL certificate' unless active?
-      raise ArgumentError, 'Inactive host in SSL certificate' unless amazon?
-      raise ArgumentError, 'Signature and request mismatch' unless verified?
-      true
+      active? && amazon? && verified?
     end
 
     private
@@ -42,14 +39,24 @@ module AlexaRuby
     # @return [Boolean]
     def active?
       now = Time.now
-      @cert.not_before < now && @cert.not_after > now
+      (@cert.not_before < now && @cert.not_after > now) ||
+        raise(
+          ArgumentError,
+          'Amazon SSL certificate is outdated ' \
+          "specified dates: #{@cert.not_before} - #{@cert.not_after}"
+        )
     end
 
     # Check if Subject Alternative Names includes Amazon domain name
     #
     # @return [Boolean]
     def amazon?
-      @cert.subject.to_a.flatten.include? 'echo-api.amazon.com'
+      @cert.subject.to_a.flatten.include?('echo-api.amazon.com') ||
+        raise(
+          ArgumentError,
+          'Certificate must be issued for "echo-api.amazon.com" ' \
+          "(given certificate subject: #{@cert.subject.to_a})"
+        )
     end
 
     # Check if given signature matches given request
@@ -58,7 +65,12 @@ module AlexaRuby
     def verified?
       sign = decode_signature
       pkey = public_key
-      pkey.verify(hash, sign, @request)
+      pkey.verify(hash, sign, @request) ||
+        raise(
+          ArgumentError,
+          'Given request signature does not match with request SHA1 hash ' \
+          "(signature: #{sign})"
+        )
     end
 
     # Decode base64-encoded signature

data/lib/alexa_ruby/request/base_request/validator/uri.rb

@@ -14,11 +14,7 @@ module AlexaRuby
     #
     # @return [Boolean]
     def valid?
-      raise ArgumentError, 'Certificates chain URL must be HTTPS' unless https?
-      raise ArgumentError, 'Not Amazon host in certificates URL' unless amazon?
-      raise ArgumentError, 'Invalid certificates chain URL' unless echo_api?
-      raise ArgumentError, 'Certificates chain URL must be HTTPS' unless port?
-      true
+      https? && amazon? && echo_api? && port?
     end
 
     private
@@ -27,28 +23,48 @@ module AlexaRuby
     #
     # @return [Boolean]
     def https?
-      @uri.scheme == 'https'
+      @uri.scheme == 'https' ||
+        raise(
+          ArgumentError,
+          'Certificates chain URL must be an HTTPS-enabled endpoint ' \
+          "(current endpoint: #{@uri})"
+        )
     end
 
     # Check if URI host is a valid Amazon host
     #
     # @return [Boolean]
     def amazon?
-      @uri.host.casecmp('s3.amazonaws.com').zero?
+      @uri.host.casecmp('s3.amazonaws.com').zero? ||
+        raise(
+          ArgumentError,
+          'Certificates chain host must be equal to "s3.amazonaws.com" ' \
+          "(current host: #{@uri.host})"
+        )
     end
 
     # Check if URI path starts with /echo.api/
     #
     # @return [Boolean]
     def echo_api?
-      @uri.path[0..9] == '/echo.api/'
+      @uri.path[0..9] == '/echo.api/' ||
+        raise(
+          ArgumentError,
+          'Certificates chain URL path must start with "/echo.api/" ' \
+          "(current path: #{@uri.path})"
+        )
     end
 
     # Check if URI port is 443 if port is present
     #
     # @return [Boolean]
     def port?
-      @uri.port.nil? || @uri.port == 443
+      @uri.port.nil? || @uri.port == 443 ||
+        raise(
+          ArgumentError,
+          'If certificates chain URL has a port specified, it must be 443 ' \
+          "(current port: #{@uri.port})"
+        )
     end
   end
 end

data/lib/alexa_ruby/request/base_request/validator.rb

@@ -25,7 +25,11 @@ module AlexaRuby
     #
     # @return [Boolean]
     def valid_request?
-      raise ArgumentError, 'Outdated request' unless timestamp_tolerant?
+      unless timestamp_tolerant?
+        raise ArgumentError,
+              'Outdated request: request timestamp is more than ' \
+              "#{@timestamp_diff} seconds later than current time"
+      end
       valid_uri? && valid_certificates?
     end
 

data/lib/alexa_ruby/version.rb

@@ -1,3 +1,3 @@
 module AlexaRuby
-  VERSION = '1.4.1'.freeze
+  VERSION = '1.4.2'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: alexa_ruby
 version: !ruby/object:Gem::Version
-  version: 1.4.1
+  version: 1.4.2
 platform: ruby
 authors:
 - Mike Mulev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-08-08 00:00:00.000000000 Z
+date: 2017-08-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -173,7 +173,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.12
+rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
 summary: Ruby toolkit for Amazon Alexa API