api-auth 1.4.1 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -1
- data/Gemfile.lock +1 -1
- data/VERSION +1 -1
- data/gemfiles/rails_23.gemfile.lock +1 -1
- data/gemfiles/rails_30.gemfile.lock +1 -1
- data/gemfiles/rails_31.gemfile.lock +1 -1
- data/gemfiles/rails_32.gemfile.lock +1 -1
- data/gemfiles/rails_4.gemfile.lock +1 -1
- data/gemfiles/rails_41.gemfile.lock +1 -1
- data/gemfiles/rails_42.gemfile.lock +1 -1
- data/lib/api_auth/railtie.rb +45 -39
- data/spec/railtie_spec.rb +26 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 79cbdc86c27b9748d521ca8e0efe2038efa0641b
|
|
4
|
+
data.tar.gz: 2cc39d41382118e60496a8c9ca9693fb6a4baf02
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f6f7a9271d443ffc86bb0cbb3f674febbe860832429e677a54c7e03cea418597768b746b8ce90f51789be20f21f97011be1e6ff50f1ba4ec3e665cc4351c6da7
|
|
7
|
+
data.tar.gz: 28873d74e56b7e7cb9b8aee01811841971a79a2d3fa459ca399ac28088495e9e29f26d35216369db5fd626e9f8917877dbcc53d40cb08a23c66bb48f5a6f4975
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
|
+
# 1.5.0 (2016-01-21)
|
|
2
|
+
- Added a sign_with_http_method configuration option to the ActiveResource
|
|
3
|
+
rails tie to correspond to passing the `:with_http_method => true` into
|
|
4
|
+
`ApiAuth.sign!`
|
|
5
|
+
|
|
1
6
|
# 1.4.1 (2016-01-04)
|
|
2
|
-
- Fixed an issue where getters wouldn't
|
|
7
|
+
- Fixed an issue where getters wouldn't immediately have the correct value after
|
|
3
8
|
setting a date or content md5 in some of the request drivers (#91)
|
|
4
9
|
|
|
5
10
|
# 1.4 (2015-12-16)
|
data/Gemfile.lock
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.5.0
|
data/lib/api_auth/railtie.rb
CHANGED
|
@@ -3,21 +3,21 @@ module ApiAuth
|
|
|
3
3
|
# Integration with Rails
|
|
4
4
|
#
|
|
5
5
|
class Rails # :nodoc:
|
|
6
|
-
|
|
6
|
+
|
|
7
7
|
module ControllerMethods # :nodoc:
|
|
8
|
-
|
|
8
|
+
|
|
9
9
|
module InstanceMethods # :nodoc:
|
|
10
|
-
|
|
10
|
+
|
|
11
11
|
def get_api_access_id_from_request
|
|
12
12
|
ApiAuth.access_id(request)
|
|
13
13
|
end
|
|
14
|
-
|
|
14
|
+
|
|
15
15
|
def api_authenticated?(secret_key)
|
|
16
16
|
ApiAuth.authentic?(request, secret_key)
|
|
17
17
|
end
|
|
18
|
-
|
|
18
|
+
|
|
19
19
|
end
|
|
20
|
-
|
|
20
|
+
|
|
21
21
|
unless defined?(ActionController)
|
|
22
22
|
begin
|
|
23
23
|
require 'rubygems'
|
|
@@ -29,65 +29,71 @@ module ApiAuth
|
|
|
29
29
|
nil
|
|
30
30
|
end
|
|
31
31
|
end
|
|
32
|
-
|
|
33
|
-
if defined?(ActionController::Base)
|
|
32
|
+
|
|
33
|
+
if defined?(ActionController::Base)
|
|
34
34
|
ActionController::Base.send(:include, ControllerMethods::InstanceMethods)
|
|
35
35
|
end
|
|
36
|
-
|
|
36
|
+
|
|
37
37
|
end # ControllerMethods
|
|
38
|
-
|
|
38
|
+
|
|
39
39
|
module ActiveResourceExtension # :nodoc:
|
|
40
|
-
|
|
40
|
+
|
|
41
41
|
module ActiveResourceApiAuth # :nodoc:
|
|
42
|
-
|
|
42
|
+
|
|
43
43
|
def self.included(base)
|
|
44
44
|
base.extend(ClassMethods)
|
|
45
|
-
|
|
45
|
+
|
|
46
46
|
if base.respond_to?('class_attribute')
|
|
47
47
|
base.class_attribute :hmac_access_id
|
|
48
48
|
base.class_attribute :hmac_secret_key
|
|
49
49
|
base.class_attribute :use_hmac
|
|
50
|
+
base.class_attribute :sign_with_http_method
|
|
50
51
|
else
|
|
51
|
-
base.class_inheritable_accessor :hmac_access_id
|
|
52
|
-
base.class_inheritable_accessor :hmac_secret_key
|
|
53
|
-
base.class_inheritable_accessor :use_hmac
|
|
52
|
+
base.class_inheritable_accessor :hmac_access_id
|
|
53
|
+
base.class_inheritable_accessor :hmac_secret_key
|
|
54
|
+
base.class_inheritable_accessor :use_hmac
|
|
55
|
+
base.class_inheritable_accessor :sign_with_http_method
|
|
54
56
|
end
|
|
55
|
-
|
|
57
|
+
|
|
56
58
|
end
|
|
57
|
-
|
|
59
|
+
|
|
58
60
|
module ClassMethods
|
|
59
61
|
|
|
60
|
-
def with_api_auth(access_id, secret_key)
|
|
62
|
+
def with_api_auth(access_id, secret_key, options = {})
|
|
63
|
+
sign_with_http_method = options[:sign_with_http_method] || false
|
|
64
|
+
|
|
61
65
|
self.hmac_access_id = access_id
|
|
62
66
|
self.hmac_secret_key = secret_key
|
|
67
|
+
self.sign_with_http_method = sign_with_http_method
|
|
63
68
|
self.use_hmac = true
|
|
64
|
-
|
|
69
|
+
|
|
65
70
|
class << self
|
|
66
71
|
alias_method_chain :connection, :auth
|
|
67
72
|
end
|
|
68
73
|
end
|
|
69
|
-
|
|
70
|
-
def connection_with_auth(refresh = false)
|
|
74
|
+
|
|
75
|
+
def connection_with_auth(refresh = false)
|
|
71
76
|
c = connection_without_auth(refresh)
|
|
72
77
|
c.hmac_access_id = self.hmac_access_id
|
|
73
78
|
c.hmac_secret_key = self.hmac_secret_key
|
|
74
79
|
c.use_hmac = self.use_hmac
|
|
80
|
+
c.sign_with_http_method = self.sign_with_http_method
|
|
75
81
|
c
|
|
76
|
-
end
|
|
77
|
-
|
|
82
|
+
end
|
|
83
|
+
|
|
78
84
|
end # class methods
|
|
79
|
-
|
|
85
|
+
|
|
80
86
|
module InstanceMethods
|
|
81
87
|
end
|
|
82
|
-
|
|
88
|
+
|
|
83
89
|
end # BaseApiAuth
|
|
84
|
-
|
|
90
|
+
|
|
85
91
|
module Connection
|
|
86
|
-
|
|
92
|
+
|
|
87
93
|
def self.included(base)
|
|
88
94
|
base.send :alias_method_chain, :request, :auth
|
|
89
95
|
base.class_eval do
|
|
90
|
-
attr_accessor :hmac_secret_key, :hmac_access_id, :use_hmac
|
|
96
|
+
attr_accessor :hmac_secret_key, :hmac_access_id, :use_hmac, :sign_with_http_method
|
|
91
97
|
end
|
|
92
98
|
end
|
|
93
99
|
|
|
@@ -96,17 +102,17 @@ module ApiAuth
|
|
|
96
102
|
h = arguments.last
|
|
97
103
|
tmp = "Net::HTTP::#{method.to_s.capitalize}".constantize.new(path, h)
|
|
98
104
|
tmp.body = arguments[0] if arguments.length > 1
|
|
99
|
-
ApiAuth.sign!(tmp, hmac_access_id, hmac_secret_key)
|
|
105
|
+
ApiAuth.sign!(tmp, hmac_access_id, hmac_secret_key, {:with_http_method => (sign_with_http_method || false)})
|
|
100
106
|
arguments.last['Content-MD5'] = tmp['Content-MD5'] if tmp['Content-MD5']
|
|
101
107
|
arguments.last['DATE'] = tmp['DATE']
|
|
102
108
|
arguments.last['Authorization'] = tmp['Authorization']
|
|
103
109
|
end
|
|
104
|
-
|
|
110
|
+
|
|
105
111
|
request_without_auth(method, path, *arguments)
|
|
106
112
|
end
|
|
107
|
-
|
|
113
|
+
|
|
108
114
|
end # Connection
|
|
109
|
-
|
|
115
|
+
|
|
110
116
|
unless defined?(ActiveResource)
|
|
111
117
|
begin
|
|
112
118
|
require 'rubygems'
|
|
@@ -116,14 +122,14 @@ module ApiAuth
|
|
|
116
122
|
nil
|
|
117
123
|
end
|
|
118
124
|
end
|
|
119
|
-
|
|
125
|
+
|
|
120
126
|
if defined?(ActiveResource)
|
|
121
|
-
ActiveResource::Base.send(:include, ActiveResourceApiAuth)
|
|
127
|
+
ActiveResource::Base.send(:include, ActiveResourceApiAuth)
|
|
122
128
|
ActiveResource::Connection.send(:include, Connection)
|
|
123
|
-
end
|
|
124
|
-
|
|
129
|
+
end
|
|
130
|
+
|
|
125
131
|
end # ActiveResourceExtension
|
|
126
|
-
|
|
132
|
+
|
|
127
133
|
end # Rails
|
|
128
|
-
|
|
134
|
+
|
|
129
135
|
end # ApiAuth
|
data/spec/railtie_spec.rb
CHANGED
|
@@ -116,7 +116,7 @@ describe "Rails integration" do
|
|
|
116
116
|
|
|
117
117
|
it "should send signed requests automagically" do
|
|
118
118
|
timestamp = Time.parse("Mon, 23 Jan 1984 03:29:56 GMT")
|
|
119
|
-
|
|
119
|
+
allow(Time).to receive(:now).at_least(1).times.and_return(timestamp)
|
|
120
120
|
ActiveResource::HttpMock.respond_to do |mock|
|
|
121
121
|
mock.get "/test_resources/1.xml",
|
|
122
122
|
{
|
|
@@ -126,9 +126,34 @@ describe "Rails integration" do
|
|
|
126
126
|
},
|
|
127
127
|
{ :id => "1" }.to_xml(:root => 'test_resource')
|
|
128
128
|
end
|
|
129
|
+
expect(ApiAuth).to receive(:sign!).with(anything, "1044", API_KEY_STORE["1044"], { :with_http_method => false }).and_call_original
|
|
129
130
|
TestResource.find(1)
|
|
130
131
|
end
|
|
131
132
|
|
|
133
|
+
context "when telling it to include the http method in the signature" do
|
|
134
|
+
class TestResourceForHttpMethod < ActiveResource::Base
|
|
135
|
+
with_api_auth "1044", API_KEY_STORE["1044"], :sign_with_http_method => true
|
|
136
|
+
self.site = "http://localhost/"
|
|
137
|
+
self.format = :xml
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
it "signs with the http method" do
|
|
141
|
+
timestamp = Time.parse("Mon, 23 Jan 1984 03:29:56 GMT")
|
|
142
|
+
allow(Time).to receive(:now).at_least(1).times.and_return(timestamp)
|
|
143
|
+
ActiveResource::HttpMock.respond_to do |mock|
|
|
144
|
+
mock.get "/test_resource_for_http_methods/1.xml",
|
|
145
|
+
{
|
|
146
|
+
'Authorization' => 'APIAuth 1044:Gq190cxgKm7oWH1fc+y8+wmD9ts=',
|
|
147
|
+
'Accept' => 'application/xml',
|
|
148
|
+
'DATE' => "Mon, 23 Jan 1984 03:29:56 GMT"
|
|
149
|
+
},
|
|
150
|
+
{ :id => "1" }.to_xml(:root => 'test_resource')
|
|
151
|
+
end
|
|
152
|
+
expect(ApiAuth).to receive(:sign!).with(anything, "1044", API_KEY_STORE["1044"], { :with_http_method => true }).and_call_original
|
|
153
|
+
TestResourceForHttpMethod.find(1)
|
|
154
|
+
end
|
|
155
|
+
end
|
|
156
|
+
|
|
132
157
|
end
|
|
133
158
|
|
|
134
159
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: api-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mauricio Gomes
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-01-
|
|
11
|
+
date: 2016-01-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: appraisal
|