api-auth 2.2.1 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +12 -2
  3. data/.rubocop_todo.yml +51 -9
  4. data/.travis.yml +9 -25
  5. data/CHANGELOG.md +36 -0
  6. data/Gemfile +1 -1
  7. data/README.md +91 -50
  8. data/VERSION +1 -1
  9. data/api_auth.gemspec +7 -5
  10. data/gemfiles/http4.gemfile +3 -3
  11. data/gemfiles/rails_52.gemfile +9 -0
  12. data/gemfiles/rails_60.gemfile +9 -0
  13. data/gemfiles/rails_61.gemfile +11 -0
  14. data/lib/api_auth.rb +1 -0
  15. data/lib/api_auth/base.rb +4 -4
  16. data/lib/api_auth/headers.rb +22 -11
  17. data/lib/api_auth/helpers.rb +2 -2
  18. data/lib/api_auth/railtie.rb +13 -5
  19. data/lib/api_auth/request_drivers/action_controller.rb +9 -8
  20. data/lib/api_auth/request_drivers/curb.rb +4 -4
  21. data/lib/api_auth/request_drivers/faraday.rb +13 -12
  22. data/lib/api_auth/request_drivers/grape_request.rb +87 -0
  23. data/lib/api_auth/request_drivers/http.rb +13 -8
  24. data/lib/api_auth/request_drivers/httpi.rb +9 -8
  25. data/lib/api_auth/request_drivers/net_http.rb +9 -8
  26. data/lib/api_auth/request_drivers/rack.rb +9 -8
  27. data/lib/api_auth/request_drivers/rest_client.rb +9 -8
  28. data/spec/api_auth_spec.rb +15 -8
  29. data/spec/headers_spec.rb +51 -25
  30. data/spec/helpers_spec.rb +1 -1
  31. data/spec/railtie_spec.rb +3 -3
  32. data/spec/request_drivers/action_controller_spec.rb +45 -39
  33. data/spec/request_drivers/action_dispatch_spec.rb +51 -45
  34. data/spec/request_drivers/curb_spec.rb +16 -10
  35. data/spec/request_drivers/faraday_spec.rb +49 -43
  36. data/spec/request_drivers/grape_request_spec.rb +280 -0
  37. data/spec/request_drivers/http_spec.rb +29 -23
  38. data/spec/request_drivers/httpi_spec.rb +28 -22
  39. data/spec/request_drivers/net_http_spec.rb +29 -23
  40. data/spec/request_drivers/rack_spec.rb +41 -35
  41. data/spec/request_drivers/rest_client_spec.rb +42 -36
  42. data/spec/spec_helper.rb +2 -1
  43. metadata +51 -26
  44. data/gemfiles/http2.gemfile +0 -7
  45. data/gemfiles/http3.gemfile +0 -7
  46. data/gemfiles/rails_4.gemfile +0 -11
  47. data/gemfiles/rails_41.gemfile +0 -11
  48. data/gemfiles/rails_42.gemfile +0 -11
  49. data/gemfiles/rails_5.gemfile +0 -11
  50. data/gemfiles/rails_51.gemfile +0 -9
  51. data/spec/.rubocop.yml +0 -5
@@ -19,7 +19,7 @@ describe ApiAuth::RequestDrivers::HttpRequest do
19
19
  let(:headers) do
20
20
  {
21
21
  'Authorization' => 'APIAuth 1044:12345',
22
- 'content-md5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
22
+ 'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
23
23
  'content-type' => 'text/plain',
24
24
  'date' => timestamp
25
25
  }
@@ -32,8 +32,8 @@ describe ApiAuth::RequestDrivers::HttpRequest do
32
32
  expect(driven_request.content_type).to eq('text/plain')
33
33
  end
34
34
 
35
- it 'gets the content_md5' do
36
- expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
35
+ it 'gets the content_hash' do
36
+ expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
37
37
  end
38
38
 
39
39
  it 'gets the request_uri' do
@@ -48,9 +48,9 @@ describe ApiAuth::RequestDrivers::HttpRequest do
48
48
  expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
49
49
  end
50
50
 
51
- describe '#calculated_md5' do
52
- it 'calculates md5 from the body' do
53
- expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
51
+ describe '#calculated_hash' do
52
+ it 'calculates hash from the body' do
53
+ expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
54
54
  expect(driven_request.body.bytesize).to eq(11)
55
55
  end
56
56
 
@@ -58,7 +58,7 @@ describe ApiAuth::RequestDrivers::HttpRequest do
58
58
  let(:body) { nil }
59
59
 
60
60
  it 'treats no body as empty string' do
61
- expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
61
+ expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
62
62
  expect(driven_request.body.bytesize).to eq(0)
63
63
  end
64
64
  end
@@ -67,7 +67,7 @@ describe ApiAuth::RequestDrivers::HttpRequest do
67
67
  let(:body) { File.new('spec/fixtures/upload.png') }
68
68
 
69
69
  it 'calculates correctly for multipart content' do
70
- expect(driven_request.calculated_md5).to eq('k4U8MTA3RHDcewBzymVNEQ==')
70
+ expect(driven_request.calculated_hash).to eq('AlKDe7kjMQhuKgKuNG8I7GA93MasHcaVJkJLaUT7+dY=')
71
71
  expect(driven_request.body.bytesize).to eq(5112)
72
72
  end
73
73
  end
@@ -99,27 +99,27 @@ describe ApiAuth::RequestDrivers::HttpRequest do
99
99
  }
100
100
  end
101
101
 
102
- describe '#populate_content_md5' do
102
+ describe '#populate_content_hash' do
103
103
  context 'when request type has no body' do
104
104
  let(:verb) { :get }
105
105
 
106
- it "doesn't populate content-md5" do
107
- driven_request.populate_content_md5
108
- expect(request['Content-MD5']).to be_nil
106
+ it "doesn't populate content hash" do
107
+ driven_request.populate_content_hash
108
+ expect(request['X-Authorization-Content-SHA256']).to be_nil
109
109
  end
110
110
  end
111
111
 
112
112
  context 'when request type has a body' do
113
113
  let(:verb) { :put }
114
114
 
115
- it 'populates content-md5' do
116
- driven_request.populate_content_md5
117
- expect(request['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
115
+ it 'populates content hash' do
116
+ driven_request.populate_content_hash
117
+ expect(request['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
118
118
  end
119
119
 
120
120
  it 'refreshes the cached headers' do
121
- driven_request.populate_content_md5
122
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
121
+ driven_request.populate_content_hash
122
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
123
123
  end
124
124
  end
125
125
  end
@@ -148,12 +148,12 @@ describe ApiAuth::RequestDrivers::HttpRequest do
148
148
  end
149
149
  end
150
150
 
151
- describe 'md5_mismatch?' do
151
+ describe 'content_hash_mismatch?' do
152
152
  context 'when request type has no body' do
153
153
  let(:verb) { :get }
154
154
 
155
155
  it 'is false' do
156
- expect(driven_request.md5_mismatch?).to be false
156
+ expect(driven_request.content_hash_mismatch?).to be false
157
157
  end
158
158
  end
159
159
 
@@ -162,23 +162,29 @@ describe ApiAuth::RequestDrivers::HttpRequest do
162
162
 
163
163
  context 'when calculated matches sent' do
164
164
  before do
165
- request['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
165
+ request['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
166
166
  end
167
167
 
168
168
  it 'is false' do
169
- expect(driven_request.md5_mismatch?).to be false
169
+ expect(driven_request.content_hash_mismatch?).to be false
170
170
  end
171
171
  end
172
172
 
173
173
  context "when calculated doesn't match sent" do
174
174
  before do
175
- request['Content-MD5'] = '3'
175
+ request['X-Authorization-Content-SHA256'] = '3'
176
176
  end
177
177
 
178
178
  it 'is true' do
179
- expect(driven_request.md5_mismatch?).to be true
179
+ expect(driven_request.content_hash_mismatch?).to be true
180
180
  end
181
181
  end
182
182
  end
183
183
  end
184
+
185
+ describe 'fetch_headers' do
186
+ it 'returns request headers' do
187
+ expect(driven_request.fetch_headers).to include('CONTENT-TYPE' => 'text/plain')
188
+ end
189
+ end
184
190
  end
@@ -6,7 +6,7 @@ describe ApiAuth::RequestDrivers::HttpiRequest do
6
6
  let(:request) do
7
7
  httpi_request = HTTPI::Request.new('http://localhost/resource.xml?foo=bar&bar=foo')
8
8
  httpi_request.headers.merge!('Authorization' => 'APIAuth 1044:12345',
9
- 'content-md5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
9
+ 'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
10
10
  'content-type' => 'text/plain',
11
11
  'date' => timestamp)
12
12
  httpi_request.body = "hello\nworld"
@@ -20,8 +20,8 @@ describe ApiAuth::RequestDrivers::HttpiRequest do
20
20
  expect(driven_request.content_type).to eq('text/plain')
21
21
  end
22
22
 
23
- it 'gets the content_md5' do
24
- expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
23
+ it 'gets the content_hash' do
24
+ expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
25
25
  end
26
26
 
27
27
  it 'gets the request_uri' do
@@ -36,14 +36,14 @@ describe ApiAuth::RequestDrivers::HttpiRequest do
36
36
  expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
37
37
  end
38
38
 
39
- describe '#calculated_md5' do
40
- it 'calculates md5 from the body' do
41
- expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
39
+ describe '#calculated_hash' do
40
+ it 'calculates hash from the body' do
41
+ expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
42
42
  end
43
43
 
44
44
  it 'treats no body as empty string' do
45
45
  request.body = nil
46
- expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
46
+ expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
47
47
  end
48
48
  end
49
49
 
@@ -61,15 +61,15 @@ describe ApiAuth::RequestDrivers::HttpiRequest do
61
61
  httpi_request
62
62
  end
63
63
 
64
- describe '#populate_content_md5' do
64
+ describe '#populate_content_hash' do
65
65
  context 'when there is no content body' do
66
66
  before do
67
67
  request.body = nil
68
68
  end
69
69
 
70
- it "doesn't populate content-md5" do
71
- driven_request.populate_content_md5
72
- expect(request.headers['Content-MD5']).to be_nil
70
+ it "doesn't populate content hash" do
71
+ driven_request.populate_content_hash
72
+ expect(request.headers['X-Authorization-Content-SHA256']).to be_nil
73
73
  end
74
74
  end
75
75
 
@@ -78,14 +78,14 @@ describe ApiAuth::RequestDrivers::HttpiRequest do
78
78
  request.body = "hello\nworld"
79
79
  end
80
80
 
81
- it 'populates content-md5' do
82
- driven_request.populate_content_md5
83
- expect(request.headers['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
81
+ it 'populates content hash' do
82
+ driven_request.populate_content_hash
83
+ expect(request.headers['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
84
84
  end
85
85
 
86
86
  it 'refreshes the cached headers' do
87
- driven_request.populate_content_md5
88
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
87
+ driven_request.populate_content_hash
88
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
89
89
  end
90
90
  end
91
91
  end
@@ -114,14 +114,14 @@ describe ApiAuth::RequestDrivers::HttpiRequest do
114
114
  end
115
115
  end
116
116
 
117
- describe 'md5_mismatch?' do
117
+ describe 'content_hash_mismatch?' do
118
118
  context 'when there is no content body' do
119
119
  before do
120
120
  request.body = nil
121
121
  end
122
122
 
123
123
  it 'is false' do
124
- expect(driven_request.md5_mismatch?).to be false
124
+ expect(driven_request.content_hash_mismatch?).to be false
125
125
  end
126
126
  end
127
127
 
@@ -132,23 +132,29 @@ describe ApiAuth::RequestDrivers::HttpiRequest do
132
132
 
133
133
  context 'when calculated matches sent' do
134
134
  before do
135
- request.headers['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
135
+ request.headers['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
136
136
  end
137
137
 
138
138
  it 'is false' do
139
- expect(driven_request.md5_mismatch?).to be false
139
+ expect(driven_request.content_hash_mismatch?).to be false
140
140
  end
141
141
  end
142
142
 
143
143
  context "when calculated doesn't match sent" do
144
144
  before do
145
- request.headers['Content-MD5'] = '3'
145
+ request.headers['X-Authorization-Content-SHA256'] = '3'
146
146
  end
147
147
 
148
148
  it 'is true' do
149
- expect(driven_request.md5_mismatch?).to be true
149
+ expect(driven_request.content_hash_mismatch?).to be true
150
150
  end
151
151
  end
152
152
  end
153
153
  end
154
+
155
+ describe 'fetch_headers' do
156
+ it 'returns request headers' do
157
+ expect(driven_request.fetch_headers).to include('CONTENT-TYPE' => 'text/plain')
158
+ end
159
+ end
154
160
  end
@@ -8,7 +8,7 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
8
8
  let(:request_headers) do
9
9
  {
10
10
  'Authorization' => 'APIAuth 1044:12345',
11
- 'content-md5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
11
+ 'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
12
12
  'content-type' => 'text/plain',
13
13
  'date' => timestamp
14
14
  }
@@ -36,8 +36,8 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
36
36
  end
37
37
  end
38
38
 
39
- it 'gets the content_md5' do
40
- expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
39
+ it 'gets the content_hash' do
40
+ expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
41
41
  end
42
42
 
43
43
  it 'gets the request_uri' do
@@ -52,20 +52,20 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
52
52
  expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
53
53
  end
54
54
 
55
- describe '#calculated_md5' do
56
- it 'calculates md5 from the body' do
57
- expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
55
+ describe '#calculated_hash' do
56
+ it 'calculate content hash from the body' do
57
+ expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
58
58
  end
59
59
 
60
60
  it 'treats no body as empty string' do
61
61
  request.body = nil
62
- expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
62
+ expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
63
63
  end
64
64
 
65
65
  it 'calculates correctly for multipart content' do
66
66
  request.body = nil
67
67
  request.body_stream = File.new('spec/fixtures/upload.png')
68
- expect(driven_request.calculated_md5).to eq('k4U8MTA3RHDcewBzymVNEQ==')
68
+ expect(driven_request.calculated_hash).to eq('AlKDe7kjMQhuKgKuNG8I7GA93MasHcaVJkJLaUT7+dY=')
69
69
  end
70
70
  end
71
71
 
@@ -99,15 +99,15 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
99
99
  Net::HTTP::Put.new(request_path, request_headers)
100
100
  end
101
101
 
102
- describe '#populate_content_md5' do
102
+ describe '#populate_content_hash' do
103
103
  context 'when request type has no body' do
104
104
  let(:request) do
105
105
  Net::HTTP::Get.new(request_path, request_headers)
106
106
  end
107
107
 
108
- it "doesn't populate content-md5" do
109
- driven_request.populate_content_md5
110
- expect(request['Content-MD5']).to be_nil
108
+ it "doesn't populate content hash" do
109
+ driven_request.populate_content_hash
110
+ expect(request['X-Authorization-Content-SHA256']).to be_nil
111
111
  end
112
112
  end
113
113
 
@@ -118,14 +118,14 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
118
118
  net_http_request
119
119
  end
120
120
 
121
- it 'populates content-md5' do
122
- driven_request.populate_content_md5
123
- expect(request['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
121
+ it 'populates content hash' do
122
+ driven_request.populate_content_hash
123
+ expect(request['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
124
124
  end
125
125
 
126
126
  it 'refreshes the cached headers' do
127
- driven_request.populate_content_md5
128
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
127
+ driven_request.populate_content_hash
128
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
129
129
  end
130
130
  end
131
131
  end
@@ -154,14 +154,14 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
154
154
  end
155
155
  end
156
156
 
157
- describe 'md5_mismatch?' do
157
+ describe 'content_hash_mismatch?' do
158
158
  context 'when request type has no body' do
159
159
  let(:request) do
160
160
  Net::HTTP::Get.new(request_path, request_headers)
161
161
  end
162
162
 
163
163
  it 'is false' do
164
- expect(driven_request.md5_mismatch?).to be false
164
+ expect(driven_request.content_hash_mismatch?).to be false
165
165
  end
166
166
  end
167
167
 
@@ -174,23 +174,29 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
174
174
 
175
175
  context 'when calculated matches sent' do
176
176
  before do
177
- request['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
177
+ request['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
178
178
  end
179
179
 
180
180
  it 'is false' do
181
- expect(driven_request.md5_mismatch?).to be false
181
+ expect(driven_request.content_hash_mismatch?).to be false
182
182
  end
183
183
  end
184
184
 
185
185
  context "when calculated doesn't match sent" do
186
186
  before do
187
- request['Content-MD5'] = '3'
187
+ request['X-Authorization-Content-SHA256'] = '3'
188
188
  end
189
189
 
190
190
  it 'is true' do
191
- expect(driven_request.md5_mismatch?).to be true
191
+ expect(driven_request.content_hash_mismatch?).to be true
192
192
  end
193
193
  end
194
194
  end
195
195
  end
196
+
197
+ describe 'fetch_headers' do
198
+ it 'returns request headers' do
199
+ expect(driven_request.fetch_headers).to include('content-type' => ['text/plain'])
200
+ end
201
+ end
196
202
  end
@@ -8,7 +8,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
8
8
  let(:request_headers) do
9
9
  {
10
10
  'Authorization' => 'APIAuth 1044:12345',
11
- 'Content-MD5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
11
+ 'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
12
12
  'Content-Type' => 'text/plain',
13
13
  'Date' => timestamp
14
14
  }
@@ -31,8 +31,8 @@ describe ApiAuth::RequestDrivers::RackRequest do
31
31
  expect(driven_request.content_type).to eq('text/plain')
32
32
  end
33
33
 
34
- it 'gets the content_md5' do
35
- expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
34
+ it 'gets the content_hash' do
35
+ expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
36
36
  end
37
37
 
38
38
  it 'gets the request_uri' do
@@ -47,9 +47,9 @@ describe ApiAuth::RequestDrivers::RackRequest do
47
47
  expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
48
48
  end
49
49
 
50
- describe '#calculated_md5' do
51
- it 'calculates md5 from the body' do
52
- expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
50
+ describe '#calculated_hash' do
51
+ it 'calculates hash from the body' do
52
+ expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
53
53
  end
54
54
 
55
55
  it 'treats no body as empty string' do
@@ -60,7 +60,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
60
60
  ).merge!(request_headers)
61
61
  )
62
62
  driven_request = ApiAuth::RequestDrivers::RackRequest.new(request)
63
- expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
63
+ expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
64
64
  end
65
65
  end
66
66
 
@@ -104,7 +104,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
104
104
  }
105
105
  end
106
106
 
107
- describe '#populate_content_md5' do
107
+ describe '#populate_content_hash' do
108
108
  context 'when getting' do
109
109
  let(:request) do
110
110
  Rack::Request.new(
@@ -115,9 +115,9 @@ describe ApiAuth::RequestDrivers::RackRequest do
115
115
  )
116
116
  end
117
117
 
118
- it "doesn't populate content-md5" do
119
- driven_request.populate_content_md5
120
- expect(request.env['Content-MD5']).to be_nil
118
+ it "doesn't populate content hash" do
119
+ driven_request.populate_content_hash
120
+ expect(request.env['X-Authorization-Content-SHA256']).to be_nil
121
121
  end
122
122
  end
123
123
 
@@ -132,14 +132,14 @@ describe ApiAuth::RequestDrivers::RackRequest do
132
132
  )
133
133
  end
134
134
 
135
- it 'populates content-md5' do
136
- driven_request.populate_content_md5
137
- expect(request.env['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
135
+ it 'populates content hash' do
136
+ driven_request.populate_content_hash
137
+ expect(request.env['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
138
138
  end
139
139
 
140
140
  it 'refreshes the cached headers' do
141
- driven_request.populate_content_md5
142
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
141
+ driven_request.populate_content_hash
142
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
143
143
  end
144
144
  end
145
145
 
@@ -154,14 +154,14 @@ describe ApiAuth::RequestDrivers::RackRequest do
154
154
  )
155
155
  end
156
156
 
157
- it 'populates content-md5' do
158
- driven_request.populate_content_md5
159
- expect(request.env['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
157
+ it 'populates content hash' do
158
+ driven_request.populate_content_hash
159
+ expect(request.env['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
160
160
  end
161
161
 
162
162
  it 'refreshes the cached headers' do
163
- driven_request.populate_content_md5
164
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
163
+ driven_request.populate_content_hash
164
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
165
165
  end
166
166
  end
167
167
 
@@ -175,9 +175,9 @@ describe ApiAuth::RequestDrivers::RackRequest do
175
175
  )
176
176
  end
177
177
 
178
- it "doesn't populate content-md5" do
179
- driven_request.populate_content_md5
180
- expect(request.env['Content-MD5']).to be_nil
178
+ it "doesn't populate content hash" do
179
+ driven_request.populate_content_hash
180
+ expect(request.env['X-Authorization-Content-SHA256']).to be_nil
181
181
  end
182
182
  end
183
183
  end
@@ -206,7 +206,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
206
206
  end
207
207
  end
208
208
 
209
- describe 'md5_mismatch?' do
209
+ describe 'content_hash_mismatch?' do
210
210
  context 'when getting' do
211
211
  let(:request) do
212
212
  Rack::Request.new(
@@ -218,7 +218,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
218
218
  end
219
219
 
220
220
  it 'is false' do
221
- expect(driven_request.md5_mismatch?).to be false
221
+ expect(driven_request.content_hash_mismatch?).to be false
222
222
  end
223
223
  end
224
224
 
@@ -235,21 +235,21 @@ describe ApiAuth::RequestDrivers::RackRequest do
235
235
 
236
236
  context 'when calculated matches sent' do
237
237
  before do
238
- request.env['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
238
+ request.env['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
239
239
  end
240
240
 
241
241
  it 'is false' do
242
- expect(driven_request.md5_mismatch?).to be false
242
+ expect(driven_request.content_hash_mismatch?).to be false
243
243
  end
244
244
  end
245
245
 
246
246
  context "when calculated doesn't match sent" do
247
247
  before do
248
- request.env['Content-MD5'] = '3'
248
+ request.env['X-Authorization-Content-SHA256'] = '3'
249
249
  end
250
250
 
251
251
  it 'is true' do
252
- expect(driven_request.md5_mismatch?).to be true
252
+ expect(driven_request.content_hash_mismatch?).to be true
253
253
  end
254
254
  end
255
255
  end
@@ -267,21 +267,21 @@ describe ApiAuth::RequestDrivers::RackRequest do
267
267
 
268
268
  context 'when calculated matches sent' do
269
269
  before do
270
- request.env['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
270
+ request.env['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
271
271
  end
272
272
 
273
273
  it 'is false' do
274
- expect(driven_request.md5_mismatch?).to be false
274
+ expect(driven_request.content_hash_mismatch?).to be false
275
275
  end
276
276
  end
277
277
 
278
278
  context "when calculated doesn't match sent" do
279
279
  before do
280
- request.env['Content-MD5'] = '3'
280
+ request.env['X-Authorization-Content-SHA256'] = '3'
281
281
  end
282
282
 
283
283
  it 'is true' do
284
- expect(driven_request.md5_mismatch?).to be true
284
+ expect(driven_request.content_hash_mismatch?).to be true
285
285
  end
286
286
  end
287
287
  end
@@ -297,8 +297,14 @@ describe ApiAuth::RequestDrivers::RackRequest do
297
297
  end
298
298
 
299
299
  it 'is false' do
300
- expect(driven_request.md5_mismatch?).to be false
300
+ expect(driven_request.content_hash_mismatch?).to be false
301
301
  end
302
302
  end
303
303
  end
304
+
305
+ describe 'fetch_headers' do
306
+ it 'returns request headers' do
307
+ expect(driven_request.fetch_headers).to include('CONTENT-TYPE' => 'text/plain')
308
+ end
309
+ end
304
310
  end