RubyGems - api-auth - Versions diffs - 2.1.0 → 2.2.0 - Mend

api-auth 2.1.0 → 2.2.0

Files changed (34) hide show

checksums.yaml +5 -5
data/.gitignore +1 -0
data/.rubocop.yml +1 -40
data/.travis.yml +10 -41
data/Appraisals +16 -42
data/Gemfile +1 -4
data/README.md +28 -4
data/Rakefile +1 -1
data/VERSION +1 -1
data/api_auth.gemspec +9 -10
data/gemfiles/rails_5.gemfile +2 -2
data/gemfiles/rails_51.gemfile +9 -0
data/lib/api_auth/base.rb +10 -10
data/lib/api_auth/headers.rb +9 -9
data/lib/api_auth/helpers.rb +2 -11
data/lib/api_auth/railtie.rb +5 -13
data/lib/api_auth/request_drivers/action_controller.rb +8 -7
data/lib/api_auth/request_drivers/curb.rb +8 -7
data/lib/api_auth/request_drivers/faraday.rb +10 -9
data/lib/api_auth/request_drivers/httpi.rb +8 -7
data/lib/api_auth/request_drivers/net_http.rb +8 -7
data/lib/api_auth/request_drivers/rack.rb +10 -9
data/lib/api_auth/request_drivers/rest_client.rb +10 -9
data/spec/.rubocop.yml +5 -0
data/spec/api_auth_spec.rb +23 -12
data/spec/headers_spec.rb +49 -12
data/spec/railtie_spec.rb +33 -59
data/spec/request_drivers/rack_spec.rb +17 -17
data/spec/request_drivers/rest_client_spec.rb +44 -45
metadata +27 -15
data/gemfiles/rails_23.gemfile +0 -12
data/gemfiles/rails_30.gemfile +0 -12
data/gemfiles/rails_31.gemfile +0 -14
data/gemfiles/rails_32.gemfile +0 -14

@@ -13,28 +13,26 @@ describe 'Rails integration' do
         end
         respond_to do |format|
-          format.xml { render :xml => 'You are unauthorized to perform this action.', :status => 401 }
-          format.json { render :json => 'You are unauthorized to perform this action.', :status => 401 }
-          format.html { render :text => 'You are unauthorized to perform this action', :status => 401 }
+          format.xml { render xml: 'You are unauthorized to perform this action.', status: 401 }
+          format.json { render json: 'You are unauthorized to perform this action.', status: 401 }
+          format.html { render plain: 'You are unauthorized to perform this action', status: 401 }
         end
       end
     end
     class TestController < ApplicationController
-      before_filter :require_api_auth, :only => [:index]
+      before_action :require_api_auth, only: [:index]
-      if defined?(ActionDispatch)
-        def self._routes
-          ActionDispatch::Routing::RouteSet.new
-        end
+      def self._routes
+        ActionDispatch::Routing::RouteSet.new
       end
       def index
-        render :text => 'OK'
+        render json: 'OK'
       end
       def public
-        render :text => 'OK'
+        render json: 'OK'
       end
       def rescue_action(e)
@@ -42,31 +40,31 @@ describe 'Rails integration' do
       end
     end
-    unless defined?(ActionDispatch)
-      ActionController::Routing::Routes.draw { |map| map.resources :test }
-    end
     def generated_response(request, action = :index)
-      if defined?(ActionDispatch)
-        response = ActionDispatch::TestResponse.new
-        controller = TestController.new
-        controller.request = request
-        controller.response = response
-        controller.process(action)
-        response
-      else
-        request.action = action.to_s
-        request.path = "/#{action}"
-        TestController.new.process(request, ActionController::TestResponse.new)
-      end
+      response = ActionDispatch::TestResponse.new
+      controller = TestController.new
+      controller.request = request
+      controller.response = response
+      controller.process(action)
+      response
     end
-    it 'should permit a request with properly signed headers' do
+    def generated_request
       request = if ActionController::TestRequest.respond_to?(:create)
-                  ActionController::TestRequest.create
+                  if Gem.loaded_specs['actionpack'].version < Gem::Version.new('5.1.0')
+                    ActionController::TestRequest.create
+                  else
+                    ActionController::TestRequest.create(TestController)
+                  end
                 else
                   ActionController::TestRequest.new
                 end
+      request.accept = ['application/json']
+      request
+    end
+    it 'should permit a request with properly signed headers' do
+      request = generated_request
       request.env['DATE'] = Time.now.utc.httpdate
       ApiAuth.sign!(request, '1044', API_KEY_STORE['1044'])
       response = generated_response(request, :index)
@@ -74,11 +72,7 @@ describe 'Rails integration' do
     end
     it 'should forbid a request with properly signed headers but timestamp > 15 minutes ago' do
-      request = if ActionController::TestRequest.respond_to?(:create)
-                  ActionController::TestRequest.create
-                else
-                  ActionController::TestRequest.new
-                end
+      request = generated_request
       request.env['DATE'] = 'Mon, 23 Jan 1984 03:29:56 GMT'
       ApiAuth.sign!(request, '1044', API_KEY_STORE['1044'])
       response = generated_response(request, :index)
@@ -86,11 +80,7 @@ describe 'Rails integration' do
     end
     it 'should forbid a request with properly signed headers but timestamp > 15 minutes in the future' do
-      request = if ActionController::TestRequest.respond_to?(:create)
-                  ActionController::TestRequest.create
-                else
-                  ActionController::TestRequest.new
-                end
+      request = generated_request
       request.env['DATE'] = 'Mon, 23 Jan 2100 03:29:56 GMT'
       ApiAuth.sign!(request, '1044', API_KEY_STORE['1044'])
       response = generated_response(request, :index)
@@ -98,42 +88,26 @@ describe 'Rails integration' do
     end
     it "should insert a DATE header in the request when one hasn't been specified" do
-      request = if ActionController::TestRequest.respond_to?(:create)
-                  ActionController::TestRequest.create
-                else
-                  ActionController::TestRequest.new
-                end
+      request = generated_request
       ApiAuth.sign!(request, '1044', API_KEY_STORE['1044'])
       expect(request.headers['DATE']).not_to be_nil
     end
     it 'should forbid an unsigned request to a protected controller action' do
-      request = if ActionController::TestRequest.respond_to?(:create)
-                  ActionController::TestRequest.create
-                else
-                  ActionController::TestRequest.new
-                end
+      request = generated_request
       response = generated_response(request, :index)
       expect(response.code).to eq('401')
     end
     it 'should forbid a request with a bogus signature' do
-      request = if ActionController::TestRequest.respond_to?(:create)
-                  ActionController::TestRequest.create
-                else
-                  ActionController::TestRequest.new
-                end
+      request = generated_request
       request.env['Authorization'] = 'APIAuth bogus:bogus'
       response = generated_response(request, :index)
       expect(response.code).to eq('401')
     end
     it 'should allow non-protected controller actions to function as before' do
-      request = if ActionController::TestRequest.respond_to?(:create)
-                  ActionController::TestRequest.create
-                else
-                  ActionController::TestRequest.new
-                end
+      request = generated_request
       response = generated_response(request, :public)
       expect(response.code).to eq('200')
     end
@@ -156,7 +130,7 @@ describe 'Rails integration' do
                    'Accept' => 'application/xml',
                    'DATE' => 'Mon, 23 Jan 1984 03:29:56 GMT'
                  },
-                 { :id => '1' }.to_xml(:root => 'test_resource')
+                 { id: '1' }.to_xml(root: 'test_resource')
       end
       expect(ApiAuth).to receive(:sign!).with(anything, '1044', API_KEY_STORE['1044'], {}).and_call_original
       TestResource.find(1)

data/spec/request_drivers/rack_spec.rb CHANGED

@@ -18,8 +18,8 @@ describe ApiAuth::RequestDrivers::RackRequest do
     Rack::Request.new(
       Rack::MockRequest.env_for(
         request_path,
-        :method => :put,
-        :input => "hello\nworld"
+        method: :put,
+        input: "hello\nworld"
       ).merge!(request_headers)
     )
   end
@@ -56,7 +56,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
         request = Rack::Request.new(
           Rack::MockRequest.env_for(
             request_path,
-            :method => :put
+            method: :put
           ).merge!(request_headers)
         )
         driven_request = ApiAuth::RequestDrivers::RackRequest.new(request)
@@ -70,7 +70,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
           Rack::Request.new(
             Rack::MockRequest.env_for(
               request_path,
-              :method => :put
+              method: :put
             ).merge!(request_headers)
           )
         end
@@ -85,7 +85,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
           Rack::Request.new(
             Rack::MockRequest.env_for(
               request_path,
-              :method => :get
+              method: :get
             ).merge!(request_headers)
           )
         end
@@ -110,7 +110,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
           Rack::Request.new(
             Rack::MockRequest.env_for(
               request_path,
-              :method => :get
+              method: :get
             ).merge!(request_headers)
           )
         end
@@ -126,8 +126,8 @@ describe ApiAuth::RequestDrivers::RackRequest do
           Rack::Request.new(
             Rack::MockRequest.env_for(
               request_path,
-              :method => :post,
-              :input => "hello\nworld"
+              method: :post,
+              input: "hello\nworld"
             ).merge!(request_headers)
           )
         end
@@ -148,8 +148,8 @@ describe ApiAuth::RequestDrivers::RackRequest do
           Rack::Request.new(
             Rack::MockRequest.env_for(
               request_path,
-              :method => :put,
-              :input => "hello\nworld"
+              method: :put,
+              input: "hello\nworld"
             ).merge!(request_headers)
           )
         end
@@ -170,7 +170,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
           Rack::Request.new(
             Rack::MockRequest.env_for(
               request_path,
-              :method => :delete
+              method: :delete
             ).merge!(request_headers)
           )
         end
@@ -212,7 +212,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
         Rack::Request.new(
           Rack::MockRequest.env_for(
             request_path,
-            :method => :get
+            method: :get
           ).merge!(request_headers)
         )
       end
@@ -227,8 +227,8 @@ describe ApiAuth::RequestDrivers::RackRequest do
         Rack::Request.new(
           Rack::MockRequest.env_for(
             request_path,
-            :method => :post,
-            :input => "hello\nworld"
+            method: :post,
+            input: "hello\nworld"
           ).merge!(request_headers)
         )
       end
@@ -259,8 +259,8 @@ describe ApiAuth::RequestDrivers::RackRequest do
         Rack::Request.new(
           Rack::MockRequest.env_for(
             request_path,
-            :method => :put,
-            :input => "hello\nworld"
+            method: :put,
+            input: "hello\nworld"
           ).merge!(request_headers)
         )
       end
@@ -291,7 +291,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
         Rack::Request.new(
           Rack::MockRequest.env_for(
             request_path,
-            :method => :delete
+            method: :delete
           ).merge!(request_headers)
         )
       end

data/spec/request_drivers/rest_client_spec.rb CHANGED

@@ -16,10 +16,10 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
   let(:request) do
     RestClient::Request.new(
-      :url => '/resource.xml?foo=bar&bar=foo',
-      :headers => request_headers,
-      :method => :put,
-      :payload => "hello\nworld"
+      url: '/resource.xml?foo=bar&bar=foo',
+      headers: request_headers,
+      method: :put,
+      payload: "hello\nworld"
     )
   end
@@ -53,9 +53,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       it 'treats no body as empty string' do
         request = RestClient::Request.new(
-          :url => '/resource.xml?foo=bar&bar=foo',
-          :headers => request_headers,
-          :method => :put
+          url: '/resource.xml?foo=bar&bar=foo',
+          headers: request_headers,
+          method: :put
         )
         driven_request = ApiAuth::RequestDrivers::RestClientRequest.new(request)
         expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
@@ -66,9 +66,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when put request' do
         let(:request) do
           RestClient::Request.new(
-            :url => '/resource.xml?foo=bar&bar=foo',
-            :headers => request_headers,
-            :method => :put
+            url: '/resource.xml?foo=bar&bar=foo',
+            headers: request_headers,
+            method: :put
           )
         end
@@ -80,9 +80,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when get request' do
         let(:request) do
           RestClient::Request.new(
-            :url => '/resource.xml?foo=bar&bar=foo',
-            :headers => request_headers,
-            :method => :get
+            url: '/resource.xml?foo=bar&bar=foo',
+            headers: request_headers,
+            method: :get
           )
         end
@@ -104,9 +104,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when getting' do
         let(:request) do
           RestClient::Request.new(
-            :url => '/resource.xml?foo=bar&bar=foo',
-            :headers => request_headers,
-            :method => :get
+            url: '/resource.xml?foo=bar&bar=foo',
+            headers: request_headers,
+            method: :get
           )
         end
@@ -119,10 +119,10 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when posting' do
         let(:request) do
           RestClient::Request.new(
-            :url => '/resource.xml?foo=bar&bar=foo',
-            :headers => request_headers,
-            :method => :post,
-            :payload => "hello\nworld"
+            url: '/resource.xml?foo=bar&bar=foo',
+            headers: request_headers,
+            method: :post,
+            payload: "hello\nworld"
           )
         end
@@ -140,10 +140,10 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when putting' do
         let(:request) do
           RestClient::Request.new(
-            :url => '/resource.xml?foo=bar&bar=foo',
-            :headers => request_headers,
-            :method => :put,
-            :payload => "hello\nworld"
+            url: '/resource.xml?foo=bar&bar=foo',
+            headers: request_headers,
+            method: :put,
+            payload: "hello\nworld"
           )
         end
@@ -161,9 +161,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when deleting' do
         let(:request) do
           RestClient::Request.new(
-            :url => '/resource.xml?foo=bar&bar=foo',
-            :headers => request_headers,
-            :method => :delete
+            url: '/resource.xml?foo=bar&bar=foo',
+            headers: request_headers,
+            method: :delete
           )
         end
@@ -203,9 +203,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     context 'when getting' do
       let(:request) do
         RestClient::Request.new(
-          :url => '/resource.xml?foo=bar&bar=foo',
-          :headers => request_headers,
-          :method => :get
+          url: '/resource.xml?foo=bar&bar=foo',
+          headers: request_headers,
+          method: :get
         )
       end
@@ -217,10 +217,10 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     context 'when posting' do
       let(:request) do
         RestClient::Request.new(
-          :url => '/resource.xml?foo=bar&bar=foo',
-          :headers => request_headers,
-          :method => :post,
-          :payload => "hello\nworld"
+          url: '/resource.xml?foo=bar&bar=foo',
+          headers: request_headers,
+          method: :post,
+          payload: "hello\nworld"
         )
       end
@@ -258,10 +258,10 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     context 'when putting' do
       let(:request) do
         RestClient::Request.new(
-          :url => '/resource.xml?foo=bar&bar=foo',
-          :headers => request_headers,
-          :method => :put,
-          :payload => "hello\nworld"
+          url: '/resource.xml?foo=bar&bar=foo',
+          headers: request_headers,
+          method: :put,
+          payload: "hello\nworld"
         )
       end
@@ -299,9 +299,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     context 'when deleting' do
       let(:request) do
         RestClient::Request.new(
-          :url => '/resource.xml?foo=bar&bar=foo',
-          :headers => request_headers,
-          :method => :delete
+          url: '/resource.xml?foo=bar&bar=foo',
+          headers: request_headers,
+          method: :delete
         )
       end
@@ -316,10 +316,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       headers = { 'Content-MD5' => 'e59ff97941044f85df5297e1c302d260',
                   :content_type => 'text/plain',
                   'Date' => 'Mon, 23 Jan 1984 03:29:56 GMT' }
-      request = RestClient::Request.new(:url => '/resource.xml?foo=bar&bar=foo',
-                                        :headers => headers,
-                                        :method => :put)
-      headers = ApiAuth::Headers.new(request)
+      request = RestClient::Request.new(url: '/resource.xml?foo=bar&bar=foo',
+                                        headers: headers,
+                                        method: :put)
       ApiAuth.sign!(request, 'some access id', 'some secret key')
       expect(request.processed_headers).to have_key('Content-Type')
     end