api-auth 2.2.1 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +12 -2
- data/.rubocop_todo.yml +51 -9
- data/.travis.yml +9 -25
- data/CHANGELOG.md +36 -0
- data/Gemfile +1 -1
- data/README.md +91 -50
- data/VERSION +1 -1
- data/api_auth.gemspec +7 -5
- data/gemfiles/http4.gemfile +3 -3
- data/gemfiles/rails_52.gemfile +9 -0
- data/gemfiles/rails_60.gemfile +9 -0
- data/gemfiles/rails_61.gemfile +11 -0
- data/lib/api_auth.rb +1 -0
- data/lib/api_auth/base.rb +4 -4
- data/lib/api_auth/headers.rb +22 -11
- data/lib/api_auth/helpers.rb +2 -2
- data/lib/api_auth/railtie.rb +13 -5
- data/lib/api_auth/request_drivers/action_controller.rb +9 -8
- data/lib/api_auth/request_drivers/curb.rb +4 -4
- data/lib/api_auth/request_drivers/faraday.rb +13 -12
- data/lib/api_auth/request_drivers/grape_request.rb +87 -0
- data/lib/api_auth/request_drivers/http.rb +13 -8
- data/lib/api_auth/request_drivers/httpi.rb +9 -8
- data/lib/api_auth/request_drivers/net_http.rb +9 -8
- data/lib/api_auth/request_drivers/rack.rb +9 -8
- data/lib/api_auth/request_drivers/rest_client.rb +9 -8
- data/spec/api_auth_spec.rb +15 -8
- data/spec/headers_spec.rb +51 -25
- data/spec/helpers_spec.rb +1 -1
- data/spec/railtie_spec.rb +3 -3
- data/spec/request_drivers/action_controller_spec.rb +45 -39
- data/spec/request_drivers/action_dispatch_spec.rb +51 -45
- data/spec/request_drivers/curb_spec.rb +16 -10
- data/spec/request_drivers/faraday_spec.rb +49 -43
- data/spec/request_drivers/grape_request_spec.rb +280 -0
- data/spec/request_drivers/http_spec.rb +29 -23
- data/spec/request_drivers/httpi_spec.rb +28 -22
- data/spec/request_drivers/net_http_spec.rb +29 -23
- data/spec/request_drivers/rack_spec.rb +41 -35
- data/spec/request_drivers/rest_client_spec.rb +42 -36
- data/spec/spec_helper.rb +2 -1
- metadata +51 -26
- data/gemfiles/http2.gemfile +0 -7
- data/gemfiles/http3.gemfile +0 -7
- data/gemfiles/rails_4.gemfile +0 -11
- data/gemfiles/rails_41.gemfile +0 -11
- data/gemfiles/rails_42.gemfile +0 -11
- data/gemfiles/rails_5.gemfile +0 -11
- data/gemfiles/rails_51.gemfile +0 -9
- data/spec/.rubocop.yml +0 -5
@@ -11,7 +11,7 @@ if defined?(ActionController::Request)
|
|
11
11
|
'PATH_INFO' => '/resource.xml',
|
12
12
|
'QUERY_STRING' => 'foo=bar&bar=foo',
|
13
13
|
'REQUEST_METHOD' => 'PUT',
|
14
|
-
'
|
14
|
+
'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
|
15
15
|
'CONTENT_TYPE' => 'text/plain',
|
16
16
|
'CONTENT_LENGTH' => '11',
|
17
17
|
'HTTP_DATE' => timestamp,
|
@@ -26,8 +26,8 @@ if defined?(ActionController::Request)
|
|
26
26
|
expect(driven_request.content_type).to eq('text/plain')
|
27
27
|
end
|
28
28
|
|
29
|
-
it 'gets the
|
30
|
-
expect(driven_request.
|
29
|
+
it 'gets the content_hash' do
|
30
|
+
expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
|
31
31
|
end
|
32
32
|
|
33
33
|
it 'gets the request_uri' do
|
@@ -42,15 +42,15 @@ if defined?(ActionController::Request)
|
|
42
42
|
expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
|
43
43
|
end
|
44
44
|
|
45
|
-
describe '#
|
46
|
-
it 'calculates
|
47
|
-
expect(driven_request.
|
45
|
+
describe '#calculated_hash' do
|
46
|
+
it 'calculates hash from the body' do
|
47
|
+
expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
48
48
|
end
|
49
49
|
|
50
50
|
it 'treats no body as empty string' do
|
51
51
|
request.env['rack.input'] = StringIO.new
|
52
52
|
request.env['CONTENT_LENGTH'] = 0
|
53
|
-
expect(driven_request.
|
53
|
+
expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
|
54
54
|
end
|
55
55
|
end
|
56
56
|
|
@@ -80,55 +80,55 @@ if defined?(ActionController::Request)
|
|
80
80
|
describe 'setting headers correctly' do
|
81
81
|
let(:request) do
|
82
82
|
ActionController::Request.new(
|
83
|
-
'PATH_INFO'
|
84
|
-
'QUERY_STRING'
|
83
|
+
'PATH_INFO' => '/resource.xml',
|
84
|
+
'QUERY_STRING' => 'foo=bar&bar=foo',
|
85
85
|
'REQUEST_METHOD' => 'PUT',
|
86
|
-
'CONTENT_TYPE'
|
86
|
+
'CONTENT_TYPE' => 'text/plain',
|
87
87
|
'CONTENT_LENGTH' => '11',
|
88
|
-
'rack.input'
|
88
|
+
'rack.input' => StringIO.new("hello\nworld")
|
89
89
|
)
|
90
90
|
end
|
91
91
|
|
92
|
-
describe '#
|
92
|
+
describe '#populate_content_hash' do
|
93
93
|
context 'when getting' do
|
94
|
-
it "doesn't populate content
|
94
|
+
it "doesn't populate content hash" do
|
95
95
|
request.env['REQUEST_METHOD'] = 'GET'
|
96
|
-
driven_request.
|
97
|
-
expect(request.env['Content-
|
96
|
+
driven_request.populate_content_hash
|
97
|
+
expect(request.env['X-Authorization-Content-SHA256']).to be_nil
|
98
98
|
end
|
99
99
|
end
|
100
100
|
|
101
101
|
context 'when posting' do
|
102
|
-
it 'populates content
|
102
|
+
it 'populates content hash' do
|
103
103
|
request.env['REQUEST_METHOD'] = 'POST'
|
104
|
-
driven_request.
|
105
|
-
expect(request.env['Content-
|
104
|
+
driven_request.populate_content_hash
|
105
|
+
expect(request.env['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
106
106
|
end
|
107
107
|
|
108
108
|
it 'refreshes the cached headers' do
|
109
|
-
driven_request.
|
110
|
-
expect(driven_request.
|
109
|
+
driven_request.populate_content_hash
|
110
|
+
expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
111
111
|
end
|
112
112
|
end
|
113
113
|
|
114
114
|
context 'when putting' do
|
115
|
-
it 'populates content
|
115
|
+
it 'populates content hash' do
|
116
116
|
request.env['REQUEST_METHOD'] = 'PUT'
|
117
|
-
driven_request.
|
118
|
-
expect(request.env['Content-
|
117
|
+
driven_request.populate_content_hash
|
118
|
+
expect(request.env['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
119
119
|
end
|
120
120
|
|
121
121
|
it 'refreshes the cached headers' do
|
122
|
-
driven_request.
|
123
|
-
expect(driven_request.
|
122
|
+
driven_request.populate_content_hash
|
123
|
+
expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
124
124
|
end
|
125
125
|
end
|
126
126
|
|
127
127
|
context 'when deleting' do
|
128
|
-
it "doesn't populate content
|
128
|
+
it "doesn't populate content hash" do
|
129
129
|
request.env['REQUEST_METHOD'] = 'DELETE'
|
130
|
-
driven_request.
|
131
|
-
expect(request.env['Content-
|
130
|
+
driven_request.populate_content_hash
|
131
|
+
expect(request.env['X-Authorization-Content-SHA256']).to be_nil
|
132
132
|
end
|
133
133
|
end
|
134
134
|
end
|
@@ -157,14 +157,14 @@ if defined?(ActionController::Request)
|
|
157
157
|
end
|
158
158
|
end
|
159
159
|
|
160
|
-
describe '
|
160
|
+
describe 'content_hash_mismatch?' do
|
161
161
|
context 'when getting' do
|
162
162
|
before do
|
163
163
|
request.env['REQUEST_METHOD'] = 'GET'
|
164
164
|
end
|
165
165
|
|
166
166
|
it 'is false' do
|
167
|
-
expect(driven_request.
|
167
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
168
168
|
end
|
169
169
|
end
|
170
170
|
|
@@ -175,21 +175,21 @@ if defined?(ActionController::Request)
|
|
175
175
|
|
176
176
|
context 'when calculated matches sent' do
|
177
177
|
before do
|
178
|
-
request.env['
|
178
|
+
request.env['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
|
179
179
|
end
|
180
180
|
|
181
181
|
it 'is false' do
|
182
|
-
expect(driven_request.
|
182
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
183
183
|
end
|
184
184
|
end
|
185
185
|
|
186
186
|
context "when calculated doesn't match sent" do
|
187
187
|
before do
|
188
|
-
request.env['
|
188
|
+
request.env['X-Authorization-Content-SHA256'] = '3'
|
189
189
|
end
|
190
190
|
|
191
191
|
it 'is true' do
|
192
|
-
expect(driven_request.
|
192
|
+
expect(driven_request.content_hash_mismatch?).to be true
|
193
193
|
end
|
194
194
|
end
|
195
195
|
end
|
@@ -201,21 +201,21 @@ if defined?(ActionController::Request)
|
|
201
201
|
|
202
202
|
context 'when calculated matches sent' do
|
203
203
|
before do
|
204
|
-
request.env['
|
204
|
+
request.env['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
|
205
205
|
end
|
206
206
|
|
207
207
|
it 'is false' do
|
208
|
-
expect(driven_request.
|
208
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
209
209
|
end
|
210
210
|
end
|
211
211
|
|
212
212
|
context "when calculated doesn't match sent" do
|
213
213
|
before do
|
214
|
-
request.env['
|
214
|
+
request.env['X-Authorization-Content-SHA256'] = '3'
|
215
215
|
end
|
216
216
|
|
217
217
|
it 'is true' do
|
218
|
-
expect(driven_request.
|
218
|
+
expect(driven_request.content_hash_mismatch?).to be true
|
219
219
|
end
|
220
220
|
end
|
221
221
|
end
|
@@ -226,9 +226,15 @@ if defined?(ActionController::Request)
|
|
226
226
|
end
|
227
227
|
|
228
228
|
it 'is false' do
|
229
|
-
expect(driven_request.
|
229
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
230
230
|
end
|
231
231
|
end
|
232
232
|
end
|
233
233
|
end
|
234
|
+
|
235
|
+
describe 'fetch_headers' do
|
236
|
+
it 'returns request headers' do
|
237
|
+
expect(driven_request.fetch_headers).to include('CONTENT-TYPE' => 'text/plain')
|
238
|
+
end
|
239
|
+
end
|
234
240
|
end
|
@@ -7,15 +7,15 @@ if defined?(ActionDispatch::Request)
|
|
7
7
|
|
8
8
|
let(:request) do
|
9
9
|
ActionDispatch::Request.new(
|
10
|
-
'AUTHORIZATION'
|
11
|
-
'PATH_INFO'
|
12
|
-
'QUERY_STRING'
|
10
|
+
'AUTHORIZATION' => 'APIAuth 1044:12345',
|
11
|
+
'PATH_INFO' => '/resource.xml',
|
12
|
+
'QUERY_STRING' => 'foo=bar&bar=foo',
|
13
13
|
'REQUEST_METHOD' => 'PUT',
|
14
|
-
'
|
15
|
-
'CONTENT_TYPE'
|
14
|
+
'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
|
15
|
+
'CONTENT_TYPE' => 'text/plain',
|
16
16
|
'CONTENT_LENGTH' => '11',
|
17
|
-
'HTTP_DATE'
|
18
|
-
'rack.input'
|
17
|
+
'HTTP_DATE' => timestamp,
|
18
|
+
'rack.input' => StringIO.new("hello\nworld")
|
19
19
|
)
|
20
20
|
end
|
21
21
|
|
@@ -26,8 +26,8 @@ if defined?(ActionDispatch::Request)
|
|
26
26
|
expect(driven_request.content_type).to eq('text/plain')
|
27
27
|
end
|
28
28
|
|
29
|
-
it 'gets the
|
30
|
-
expect(driven_request.
|
29
|
+
it 'gets the content_hash' do
|
30
|
+
expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
|
31
31
|
end
|
32
32
|
|
33
33
|
it 'gets the request_uri' do
|
@@ -42,15 +42,15 @@ if defined?(ActionDispatch::Request)
|
|
42
42
|
expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
|
43
43
|
end
|
44
44
|
|
45
|
-
describe '#
|
46
|
-
it 'calculates
|
47
|
-
expect(driven_request.
|
45
|
+
describe '#calculated_hash' do
|
46
|
+
it 'calculates hash from the body' do
|
47
|
+
expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
48
48
|
end
|
49
49
|
|
50
50
|
it 'treats no body as empty string' do
|
51
51
|
request.env['rack.input'] = StringIO.new
|
52
52
|
request.env['CONTENT_LENGTH'] = 0
|
53
|
-
expect(driven_request.
|
53
|
+
expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
|
54
54
|
end
|
55
55
|
end
|
56
56
|
|
@@ -80,55 +80,55 @@ if defined?(ActionDispatch::Request)
|
|
80
80
|
describe 'setting headers correctly' do
|
81
81
|
let(:request) do
|
82
82
|
ActionDispatch::Request.new(
|
83
|
-
'PATH_INFO'
|
84
|
-
'QUERY_STRING'
|
83
|
+
'PATH_INFO' => '/resource.xml',
|
84
|
+
'QUERY_STRING' => 'foo=bar&bar=foo',
|
85
85
|
'REQUEST_METHOD' => 'PUT',
|
86
|
-
'CONTENT_TYPE'
|
86
|
+
'CONTENT_TYPE' => 'text/plain',
|
87
87
|
'CONTENT_LENGTH' => '11',
|
88
|
-
'rack.input'
|
88
|
+
'rack.input' => StringIO.new("hello\nworld")
|
89
89
|
)
|
90
90
|
end
|
91
91
|
|
92
|
-
describe '#
|
92
|
+
describe '#populate_content_hash' do
|
93
93
|
context 'when getting' do
|
94
|
-
it "doesn't populate content
|
94
|
+
it "doesn't populate content hash" do
|
95
95
|
request.env['REQUEST_METHOD'] = 'GET'
|
96
|
-
driven_request.
|
97
|
-
expect(request.env['
|
96
|
+
driven_request.populate_content_hash
|
97
|
+
expect(request.env['X-AUTHORIZATION-CONTENT-SHA256']).to be_nil
|
98
98
|
end
|
99
99
|
end
|
100
100
|
|
101
101
|
context 'when posting' do
|
102
|
-
it 'populates content
|
102
|
+
it 'populates content hash' do
|
103
103
|
request.env['REQUEST_METHOD'] = 'POST'
|
104
|
-
driven_request.
|
105
|
-
expect(request.env['
|
104
|
+
driven_request.populate_content_hash
|
105
|
+
expect(request.env['X-AUTHORIZATION-CONTENT-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
106
106
|
end
|
107
107
|
|
108
108
|
it 'refreshes the cached headers' do
|
109
|
-
driven_request.
|
110
|
-
expect(driven_request.
|
109
|
+
driven_request.populate_content_hash
|
110
|
+
expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
111
111
|
end
|
112
112
|
end
|
113
113
|
|
114
114
|
context 'when putting' do
|
115
|
-
it 'populates content
|
115
|
+
it 'populates content hash' do
|
116
116
|
request.env['REQUEST_METHOD'] = 'PUT'
|
117
|
-
driven_request.
|
118
|
-
expect(request.env['
|
117
|
+
driven_request.populate_content_hash
|
118
|
+
expect(request.env['X-AUTHORIZATION-CONTENT-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
119
119
|
end
|
120
120
|
|
121
121
|
it 'refreshes the cached headers' do
|
122
|
-
driven_request.
|
123
|
-
expect(driven_request.
|
122
|
+
driven_request.populate_content_hash
|
123
|
+
expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
|
124
124
|
end
|
125
125
|
end
|
126
126
|
|
127
127
|
context 'when deleting' do
|
128
|
-
it "doesn't populate content
|
128
|
+
it "doesn't populate content hash" do
|
129
129
|
request.env['REQUEST_METHOD'] = 'DELETE'
|
130
|
-
driven_request.
|
131
|
-
expect(request.env['
|
130
|
+
driven_request.populate_content_hash
|
131
|
+
expect(request.env['X-AUTHORIZATION-CONTENT-SHA256']).to be_nil
|
132
132
|
end
|
133
133
|
end
|
134
134
|
end
|
@@ -157,14 +157,14 @@ if defined?(ActionDispatch::Request)
|
|
157
157
|
end
|
158
158
|
end
|
159
159
|
|
160
|
-
describe '
|
160
|
+
describe 'content_hash_mismatch?' do
|
161
161
|
context 'when getting' do
|
162
162
|
before do
|
163
163
|
request.env['REQUEST_METHOD'] = 'GET'
|
164
164
|
end
|
165
165
|
|
166
166
|
it 'is false' do
|
167
|
-
expect(driven_request.
|
167
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
168
168
|
end
|
169
169
|
end
|
170
170
|
|
@@ -175,21 +175,21 @@ if defined?(ActionDispatch::Request)
|
|
175
175
|
|
176
176
|
context 'when calculated matches sent' do
|
177
177
|
before do
|
178
|
-
request.env['
|
178
|
+
request.env['X-AUTHORIZATION-CONTENT-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
|
179
179
|
end
|
180
180
|
|
181
181
|
it 'is false' do
|
182
|
-
expect(driven_request.
|
182
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
183
183
|
end
|
184
184
|
end
|
185
185
|
|
186
186
|
context "when calculated doesn't match sent" do
|
187
187
|
before do
|
188
|
-
request.env['
|
188
|
+
request.env['X-AUTHORIZATION-CONTENT-SHA256'] = '3'
|
189
189
|
end
|
190
190
|
|
191
191
|
it 'is true' do
|
192
|
-
expect(driven_request.
|
192
|
+
expect(driven_request.content_hash_mismatch?).to be true
|
193
193
|
end
|
194
194
|
end
|
195
195
|
end
|
@@ -201,21 +201,21 @@ if defined?(ActionDispatch::Request)
|
|
201
201
|
|
202
202
|
context 'when calculated matches sent' do
|
203
203
|
before do
|
204
|
-
request.env['
|
204
|
+
request.env['X-AUTHORIZATION-CONTENT-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
|
205
205
|
end
|
206
206
|
|
207
207
|
it 'is false' do
|
208
|
-
expect(driven_request.
|
208
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
209
209
|
end
|
210
210
|
end
|
211
211
|
|
212
212
|
context "when calculated doesn't match sent" do
|
213
213
|
before do
|
214
|
-
request.env['
|
214
|
+
request.env['X-AUTHORIZATION-CONTENT-SHA256'] = '3'
|
215
215
|
end
|
216
216
|
|
217
217
|
it 'is true' do
|
218
|
-
expect(driven_request.
|
218
|
+
expect(driven_request.content_hash_mismatch?).to be true
|
219
219
|
end
|
220
220
|
end
|
221
221
|
end
|
@@ -226,9 +226,15 @@ if defined?(ActionDispatch::Request)
|
|
226
226
|
end
|
227
227
|
|
228
228
|
it 'is false' do
|
229
|
-
expect(driven_request.
|
229
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
230
230
|
end
|
231
231
|
end
|
232
232
|
end
|
233
|
+
|
234
|
+
describe 'fetch_headers' do
|
235
|
+
it 'returns request headers' do
|
236
|
+
expect(driven_request.fetch_headers).to include('CONTENT_TYPE' => 'text/plain')
|
237
|
+
end
|
238
|
+
end
|
233
239
|
end
|
234
240
|
end
|
@@ -6,9 +6,9 @@ describe ApiAuth::RequestDrivers::CurbRequest do
|
|
6
6
|
let(:request) do
|
7
7
|
headers = {
|
8
8
|
'Authorization' => 'APIAuth 1044:12345',
|
9
|
-
'Content-
|
10
|
-
'Content-Type'
|
11
|
-
'Date'
|
9
|
+
'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
|
10
|
+
'Content-Type' => 'text/plain',
|
11
|
+
'Date' => timestamp
|
12
12
|
}
|
13
13
|
Curl::Easy.new('/resource.xml?foo=bar&bar=foo') do |curl|
|
14
14
|
curl.headers = headers
|
@@ -22,8 +22,8 @@ describe ApiAuth::RequestDrivers::CurbRequest do
|
|
22
22
|
expect(driven_request.content_type).to eq('text/plain')
|
23
23
|
end
|
24
24
|
|
25
|
-
it 'gets the
|
26
|
-
expect(driven_request.
|
25
|
+
it 'gets the content_hash' do
|
26
|
+
expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
|
27
27
|
end
|
28
28
|
|
29
29
|
it 'gets the request_uri' do
|
@@ -55,10 +55,10 @@ describe ApiAuth::RequestDrivers::CurbRequest do
|
|
55
55
|
end
|
56
56
|
end
|
57
57
|
|
58
|
-
describe '#
|
58
|
+
describe '#populate_content_hash' do
|
59
59
|
it 'is a no-op' do
|
60
|
-
expect(driven_request.
|
61
|
-
expect(request.headers['Content-
|
60
|
+
expect(driven_request.populate_content_hash).to be_nil
|
61
|
+
expect(request.headers['X-Authorization-Content-SHA256']).to be_nil
|
62
62
|
end
|
63
63
|
end
|
64
64
|
|
@@ -86,9 +86,15 @@ describe ApiAuth::RequestDrivers::CurbRequest do
|
|
86
86
|
end
|
87
87
|
end
|
88
88
|
|
89
|
-
describe '
|
89
|
+
describe 'content_hash_mismatch?' do
|
90
90
|
it 'is always false' do
|
91
|
-
expect(driven_request.
|
91
|
+
expect(driven_request.content_hash_mismatch?).to be false
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
describe 'fetch_headers' do
|
96
|
+
it 'returns request headers' do
|
97
|
+
expect(driven_request.fetch_headers).to include('CONTENT-TYPE' => 'text/plain')
|
92
98
|
end
|
93
99
|
end
|
94
100
|
end
|