api-auth 1.0.3 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/Rakefile CHANGED
@@ -10,13 +10,3 @@ RSpec::Core::RakeTask.new(:spec) do |spec|
10
10
  end
11
11
 
12
12
  task :default => :spec
13
-
14
- require 'rake/rdoctask'
15
- Rake::RDocTask.new do |rdoc|
16
- version = File.exist?('VERSION') ? File.read('VERSION') : ""
17
-
18
- rdoc.rdoc_dir = 'rdoc'
19
- rdoc.title = "test #{version}"
20
- rdoc.rdoc_files.include('README*')
21
- rdoc.rdoc_files.include('lib/**/*.rb')
22
- end
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.0.3
1
+ 1.1.0
@@ -80,7 +80,7 @@ module ApiAuth
80
80
  def hmac_signature(request, secret_key)
81
81
  headers = Headers.new(request)
82
82
  canonical_string = headers.canonical_string
83
- digest = OpenSSL::Digest::Digest.new('sha1')
83
+ digest = OpenSSL::Digest.new('sha1')
84
84
  b64_encode(OpenSSL::HMAC.digest(digest, secret_key, canonical_string))
85
85
  end
86
86
 
@@ -27,22 +27,24 @@ module ApiAuth
27
27
  @request = ActionDispatchRequest.new(request)
28
28
  when /Rack::Request/
29
29
  @request = RackRequest.new(request)
30
+ when /ActionController::CgiRequest/
31
+ @request = ActionControllerRequest.new(request)
30
32
  else
31
33
  raise UnknownHTTPRequest, "#{request.class.to_s} is not yet supported."
32
34
  end
33
35
  true
34
36
  end
35
-
37
+
36
38
  # Returns the request timestamp
37
39
  def timestamp
38
- @request.timestamp
40
+ @request.timestamp
39
41
  end
40
42
 
41
43
  # Returns the canonical string computed from the request's headers
42
44
  def canonical_string
43
45
  [ @request.content_type,
44
46
  @request.content_md5,
45
- @request.request_uri.gsub(/http:\/\/[^(,|\?|\/)]*/,''), # remove host
47
+ @request.request_uri.gsub(/https?:\/\/[^(,|\?|\/)]*/,''), # remove host
46
48
  @request.timestamp
47
49
  ].join(",")
48
50
  end
@@ -53,15 +55,15 @@ module ApiAuth
53
55
  end
54
56
 
55
57
  def set_date
56
- @request.set_date if @request.timestamp.blank?
58
+ @request.set_date if @request.timestamp.empty?
57
59
  end
58
60
 
59
61
  def calculate_md5
60
- @request.populate_content_md5 if @request.content_md5.blank?
62
+ @request.populate_content_md5 if @request.content_md5.empty?
61
63
  end
62
64
 
63
65
  def md5_mismatch?
64
- if @request.content_md5.blank?
66
+ if @request.content_md5.empty?
65
67
  false
66
68
  else
67
69
  @request.md5_mismatch?
@@ -2,9 +2,8 @@ module ApiAuth
2
2
 
3
3
  module Helpers # :nodoc:
4
4
 
5
- # Remove the ending new line character added by default
6
5
  def b64_encode(string)
7
- Base64.encode64(string).strip
6
+ Base64.strict_encode64(string)
8
7
  end
9
8
 
10
9
  # Capitalizes the keys of a hash
@@ -21,6 +21,7 @@ module ApiAuth
21
21
  def calculated_md5
22
22
  if @request.body
23
23
  body = @request.body.read
24
+ @request.body.rewind
24
25
  else
25
26
  body = ''
26
27
  end
@@ -51,7 +52,7 @@ module ApiAuth
51
52
  end
52
53
 
53
54
  def content_md5
54
- value = find_header(%w(CONTENT-MD5 CONTENT_MD5))
55
+ value = find_header(%w(CONTENT-MD5 CONTENT_MD5 HTTP-CONTENT-MD5 HTTP_CONTENT_MD5))
55
56
  value.nil? ? "" : value
56
57
  end
57
58
 
@@ -25,6 +25,7 @@ module ApiAuth
25
25
  def calculated_md5
26
26
  if @request.payload
27
27
  body = @request.payload.read
28
+ @request.payload.instance_variable_get(:@stream).seek(0)
28
29
  else
29
30
  body = ''
30
31
  end
@@ -51,7 +52,7 @@ module ApiAuth
51
52
 
52
53
  def content_type
53
54
  value = find_header(%w(CONTENT-TYPE CONTENT_TYPE HTTP_CONTENT_TYPE))
54
- value.nil? ? "" : value
55
+ value.nil? ? "": value
55
56
  end
56
57
 
57
58
  def content_md5
@@ -81,11 +82,11 @@ module ApiAuth
81
82
  def find_header(keys)
82
83
  keys.map {|key| @headers[key] }.compact.first
83
84
  end
84
-
85
+
85
86
  def save_headers
86
87
  @request.processed_headers = @request.make_headers(@headers)
87
88
  end
88
-
89
+
89
90
  end
90
91
 
91
92
  end
@@ -8,8 +8,8 @@ describe "ApiAuth" do
8
8
  ApiAuth.generate_secret_key
9
9
  end
10
10
 
11
- it "should generate secret keys that are 89 characters" do
12
- ApiAuth.generate_secret_key.size.should be(89)
11
+ it "should generate secret keys that are 88 characters" do
12
+ ApiAuth.generate_secret_key.size.should be(88)
13
13
  end
14
14
 
15
15
  it "should generate keys that have a Hamming Distance of at least 65" do
@@ -24,7 +24,7 @@ describe "ApiAuth" do
24
24
 
25
25
  def hmac(secret_key, request)
26
26
  canonical_string = ApiAuth::Headers.new(request).canonical_string
27
- digest = OpenSSL::Digest::Digest.new('sha1')
27
+ digest = OpenSSL::Digest.new('sha1')
28
28
  ApiAuth.b64_encode(OpenSSL::HMAC.digest(digest, secret_key, canonical_string))
29
29
  end
30
30
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: api-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.3
4
+ version: 1.1.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-04-04 00:00:00.000000000 Z
12
+ date: 2014-02-20 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rake
@@ -187,21 +187,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
187
187
  - - ! '>='
188
188
  - !ruby/object:Gem::Version
189
189
  version: '0'
190
- segments:
191
- - 0
192
- hash: 579957539921083557
193
190
  required_rubygems_version: !ruby/object:Gem::Requirement
194
191
  none: false
195
192
  requirements:
196
193
  - - ! '>='
197
194
  - !ruby/object:Gem::Version
198
195
  version: '0'
199
- segments:
200
- - 0
201
- hash: 579957539921083557
202
196
  requirements: []
203
197
  rubyforge_project:
204
- rubygems_version: 1.8.24
198
+ rubygems_version: 1.8.25
205
199
  signing_key:
206
200
  specification_version: 3
207
201
  summary: Simple HMAC authentication for your APIs