api-auth 2.2.1 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +12 -2
  3. data/.rubocop_todo.yml +51 -9
  4. data/.travis.yml +9 -25
  5. data/CHANGELOG.md +36 -0
  6. data/Gemfile +1 -1
  7. data/README.md +91 -50
  8. data/VERSION +1 -1
  9. data/api_auth.gemspec +7 -5
  10. data/gemfiles/http4.gemfile +3 -3
  11. data/gemfiles/rails_52.gemfile +9 -0
  12. data/gemfiles/rails_60.gemfile +9 -0
  13. data/gemfiles/rails_61.gemfile +11 -0
  14. data/lib/api_auth.rb +1 -0
  15. data/lib/api_auth/base.rb +4 -4
  16. data/lib/api_auth/headers.rb +22 -11
  17. data/lib/api_auth/helpers.rb +2 -2
  18. data/lib/api_auth/railtie.rb +13 -5
  19. data/lib/api_auth/request_drivers/action_controller.rb +9 -8
  20. data/lib/api_auth/request_drivers/curb.rb +4 -4
  21. data/lib/api_auth/request_drivers/faraday.rb +13 -12
  22. data/lib/api_auth/request_drivers/grape_request.rb +87 -0
  23. data/lib/api_auth/request_drivers/http.rb +13 -8
  24. data/lib/api_auth/request_drivers/httpi.rb +9 -8
  25. data/lib/api_auth/request_drivers/net_http.rb +9 -8
  26. data/lib/api_auth/request_drivers/rack.rb +9 -8
  27. data/lib/api_auth/request_drivers/rest_client.rb +9 -8
  28. data/spec/api_auth_spec.rb +15 -8
  29. data/spec/headers_spec.rb +51 -25
  30. data/spec/helpers_spec.rb +1 -1
  31. data/spec/railtie_spec.rb +3 -3
  32. data/spec/request_drivers/action_controller_spec.rb +45 -39
  33. data/spec/request_drivers/action_dispatch_spec.rb +51 -45
  34. data/spec/request_drivers/curb_spec.rb +16 -10
  35. data/spec/request_drivers/faraday_spec.rb +49 -43
  36. data/spec/request_drivers/grape_request_spec.rb +280 -0
  37. data/spec/request_drivers/http_spec.rb +29 -23
  38. data/spec/request_drivers/httpi_spec.rb +28 -22
  39. data/spec/request_drivers/net_http_spec.rb +29 -23
  40. data/spec/request_drivers/rack_spec.rb +41 -35
  41. data/spec/request_drivers/rest_client_spec.rb +42 -36
  42. data/spec/spec_helper.rb +2 -1
  43. metadata +51 -26
  44. data/gemfiles/http2.gemfile +0 -7
  45. data/gemfiles/http3.gemfile +0 -7
  46. data/gemfiles/rails_4.gemfile +0 -11
  47. data/gemfiles/rails_41.gemfile +0 -11
  48. data/gemfiles/rails_42.gemfile +0 -11
  49. data/gemfiles/rails_5.gemfile +0 -11
  50. data/gemfiles/rails_51.gemfile +0 -9
  51. data/spec/.rubocop.yml +0 -5
@@ -8,7 +8,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
8
8
  let(:request_headers) do
9
9
  {
10
10
  'Authorization' => 'APIAuth 1044:12345',
11
- 'Content-MD5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
11
+ 'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
12
12
  'Content-Type' => 'text/plain',
13
13
  'Date' => timestamp
14
14
  }
@@ -30,8 +30,8 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
30
30
  expect(driven_request.content_type).to eq('text/plain')
31
31
  end
32
32
 
33
- it 'gets the content_md5' do
34
- expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
33
+ it 'gets the content_hash' do
34
+ expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
35
35
  end
36
36
 
37
37
  it 'gets the request_uri' do
@@ -46,9 +46,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
46
46
  expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
47
47
  end
48
48
 
49
- describe '#calculated_md5' do
50
- it 'calculates md5 from the body' do
51
- expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
49
+ describe '#calculated_hash' do
50
+ it 'calculates hash from the body' do
51
+ expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
52
52
  end
53
53
 
54
54
  it 'treats no body as empty string' do
@@ -58,7 +58,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
58
58
  method: :put
59
59
  )
60
60
  driven_request = ApiAuth::RequestDrivers::RestClientRequest.new(request)
61
- expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
61
+ expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
62
62
  end
63
63
  end
64
64
 
@@ -100,7 +100,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
100
100
  }
101
101
  end
102
102
 
103
- describe '#populate_content_md5' do
103
+ describe '#populate_content_hash' do
104
104
  context 'when getting' do
105
105
  let(:request) do
106
106
  RestClient::Request.new(
@@ -110,9 +110,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
110
110
  )
111
111
  end
112
112
 
113
- it "doesn't populate content-md5" do
114
- driven_request.populate_content_md5
115
- expect(request.headers['Content-MD5']).to be_nil
113
+ it "doesn't populate content hash" do
114
+ driven_request.populate_content_hash
115
+ expect(request.headers['X-Authorization-Content-SHA256']).to be_nil
116
116
  end
117
117
  end
118
118
 
@@ -126,14 +126,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
126
126
  )
127
127
  end
128
128
 
129
- it 'populates content-md5' do
130
- driven_request.populate_content_md5
131
- expect(request.headers['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
129
+ it 'populates content hash' do
130
+ driven_request.populate_content_hash
131
+ expect(request.headers['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
132
132
  end
133
133
 
134
134
  it 'refreshes the cached headers' do
135
- driven_request.populate_content_md5
136
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
135
+ driven_request.populate_content_hash
136
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
137
137
  end
138
138
  end
139
139
 
@@ -147,14 +147,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
147
147
  )
148
148
  end
149
149
 
150
- it 'populates content-md5' do
151
- driven_request.populate_content_md5
152
- expect(request.headers['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
150
+ it 'populates content hash' do
151
+ driven_request.populate_content_hash
152
+ expect(request.headers['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
153
153
  end
154
154
 
155
155
  it 'refreshes the cached headers' do
156
- driven_request.populate_content_md5
157
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
156
+ driven_request.populate_content_hash
157
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
158
158
  end
159
159
  end
160
160
 
@@ -167,9 +167,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
167
167
  )
168
168
  end
169
169
 
170
- it "doesn't populate content-md5" do
171
- driven_request.populate_content_md5
172
- expect(request.headers['Content-MD5']).to be_nil
170
+ it "doesn't populate content hash" do
171
+ driven_request.populate_content_hash
172
+ expect(request.headers['X-Authorization-Content-SHA256']).to be_nil
173
173
  end
174
174
  end
175
175
  end
@@ -199,7 +199,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
199
199
  end
200
200
  end
201
201
 
202
- describe 'md5_mismatch?' do
202
+ describe 'content_hash_mismatch?' do
203
203
  context 'when getting' do
204
204
  let(:request) do
205
205
  RestClient::Request.new(
@@ -210,7 +210,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
210
210
  end
211
211
 
212
212
  it 'is false' do
213
- expect(driven_request.md5_mismatch?).to be false
213
+ expect(driven_request.content_hash_mismatch?).to be false
214
214
  end
215
215
  end
216
216
 
@@ -228,14 +228,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
228
228
  let(:request_headers) do
229
229
  {
230
230
  'Authorization' => 'APIAuth 1044:12345',
231
- 'Content-MD5' => 'kZXQvrKoieG+Be1rsZVINw==',
231
+ 'X-Authorization-Content-SHA256' => 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=',
232
232
  'Content-Type' => 'text/plain',
233
233
  'Date' => timestamp
234
234
  }
235
235
  end
236
236
 
237
237
  it 'is false' do
238
- expect(driven_request.md5_mismatch?).to be false
238
+ expect(driven_request.content_hash_mismatch?).to be false
239
239
  end
240
240
  end
241
241
 
@@ -243,14 +243,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
243
243
  let(:request_headers) do
244
244
  {
245
245
  'Authorization' => 'APIAuth 1044:12345',
246
- 'Content-MD5' => '3',
246
+ 'X-Authorization-Content-SHA256' => '3',
247
247
  'Content-Type' => 'text/plain',
248
248
  'Date' => timestamp
249
249
  }
250
250
  end
251
251
 
252
252
  it 'is true' do
253
- expect(driven_request.md5_mismatch?).to be true
253
+ expect(driven_request.content_hash_mismatch?).to be true
254
254
  end
255
255
  end
256
256
  end
@@ -269,14 +269,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
269
269
  let(:request_headers) do
270
270
  {
271
271
  'Authorization' => 'APIAuth 1044:12345',
272
- 'Content-MD5' => 'kZXQvrKoieG+Be1rsZVINw==',
272
+ 'X-Authorization-Content-SHA256' => 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=',
273
273
  'Content-Type' => 'text/plain',
274
274
  'Date' => timestamp
275
275
  }
276
276
  end
277
277
 
278
278
  it 'is false' do
279
- expect(driven_request.md5_mismatch?).to be false
279
+ expect(driven_request.content_hash_mismatch?).to be false
280
280
  end
281
281
  end
282
282
 
@@ -284,14 +284,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
284
284
  let(:request_headers) do
285
285
  {
286
286
  'Authorization' => 'APIAuth 1044:12345',
287
- 'Content-MD5' => '3',
287
+ 'X-Authorization-Content-SHA256' => '3',
288
288
  'Content-Type' => 'text/plain',
289
289
  'Date' => timestamp
290
290
  }
291
291
  end
292
292
 
293
293
  it 'is true' do
294
- expect(driven_request.md5_mismatch?).to be true
294
+ expect(driven_request.content_hash_mismatch?).to be true
295
295
  end
296
296
  end
297
297
  end
@@ -306,7 +306,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
306
306
  end
307
307
 
308
308
  it 'is false' do
309
- expect(driven_request.md5_mismatch?).to be false
309
+ expect(driven_request.content_hash_mismatch?).to be false
310
310
  end
311
311
  end
312
312
  end
@@ -385,7 +385,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
385
385
 
386
386
  describe 'edge cases' do
387
387
  it "doesn't mess up symbol based headers" do
388
- headers = { 'Content-MD5' => 'e59ff97941044f85df5297e1c302d260',
388
+ headers = { 'X-Authorization-Content-SHA256' => 'e59ff97941044f85df5297e1c302d260',
389
389
  :content_type => 'text/plain',
390
390
  'Date' => 'Mon, 23 Jan 1984 03:29:56 GMT' }
391
391
  request = RestClient::Request.new(url: 'http://localhost/resource.xml?foo=bar&bar=foo',
@@ -395,4 +395,10 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
395
395
  expect(request.processed_headers).to have_key('Content-Type')
396
396
  end
397
397
  end
398
+
399
+ describe 'fetch_headers' do
400
+ it 'returns request headers' do
401
+ expect(driven_request.fetch_headers).to include('CONTENT-TYPE' => 'text/plain')
402
+ end
403
+ end
398
404
  end
data/spec/spec_helper.rb CHANGED
@@ -16,8 +16,9 @@ require 'curb'
16
16
  require 'http'
17
17
  require 'httpi'
18
18
  require 'faraday'
19
+ require 'grape'
19
20
  require 'net/http/post/multipart'
20
21
 
21
22
  # Requires supporting files with custom matchers and macros, etc,
22
23
  # in ./support/ and its subdirectories.
23
- Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
24
+ Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].sort.each { |f| require f }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: api-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.1
4
+ version: 2.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mauricio Gomes
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-03-12 00:00:00.000000000 Z
11
+ date: 2021-05-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionpack
@@ -16,20 +16,20 @@ dependencies:
16
16
  requirements:
17
17
  - - "<"
18
18
  - !ruby/object:Gem::Version
19
- version: '6.0'
19
+ version: '6.2'
20
20
  - - ">"
21
21
  - !ruby/object:Gem::Version
22
- version: '4.0'
22
+ version: '5.0'
23
23
  type: :development
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  requirements:
27
27
  - - "<"
28
28
  - !ruby/object:Gem::Version
29
- version: '6.0'
29
+ version: '6.2'
30
30
  - - ">"
31
31
  - !ruby/object:Gem::Version
32
- version: '4.0'
32
+ version: '5.0'
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: activeresource
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -50,20 +50,20 @@ dependencies:
50
50
  requirements:
51
51
  - - "<"
52
52
  - !ruby/object:Gem::Version
53
- version: '6.0'
53
+ version: '6.2'
54
54
  - - ">"
55
55
  - !ruby/object:Gem::Version
56
- version: '4.0'
56
+ version: '5.0'
57
57
  type: :development
58
58
  prerelease: false
59
59
  version_requirements: !ruby/object:Gem::Requirement
60
60
  requirements:
61
61
  - - "<"
62
62
  - !ruby/object:Gem::Version
63
- version: '6.0'
63
+ version: '6.2'
64
64
  - - ">"
65
65
  - !ruby/object:Gem::Version
66
- version: '4.0'
66
+ version: '5.0'
67
67
  - !ruby/object:Gem::Dependency
68
68
  name: amatch
69
69
  requirement: !ruby/object:Gem::Requirement
@@ -112,14 +112,14 @@ dependencies:
112
112
  requirements:
113
113
  - - ">="
114
114
  - !ruby/object:Gem::Version
115
- version: '0.10'
115
+ version: 1.1.0
116
116
  type: :development
117
117
  prerelease: false
118
118
  version_requirements: !ruby/object:Gem::Requirement
119
119
  requirements:
120
120
  - - ">="
121
121
  - !ruby/object:Gem::Version
122
- version: '0.10'
122
+ version: 1.1.0
123
123
  - !ruby/object:Gem::Dependency
124
124
  name: http
125
125
  requirement: !ruby/object:Gem::Requirement
@@ -204,6 +204,20 @@ dependencies:
204
204
  - - "~>"
205
205
  - !ruby/object:Gem::Version
206
206
  version: '2.0'
207
+ - !ruby/object:Gem::Dependency
208
+ name: grape
209
+ requirement: !ruby/object:Gem::Requirement
210
+ requirements:
211
+ - - "~>"
212
+ - !ruby/object:Gem::Version
213
+ version: 1.1.0
214
+ type: :development
215
+ prerelease: false
216
+ version_requirements: !ruby/object:Gem::Requirement
217
+ requirements:
218
+ - - "~>"
219
+ - !ruby/object:Gem::Version
220
+ version: 1.1.0
207
221
  - !ruby/object:Gem::Dependency
208
222
  name: rspec
209
223
  requirement: !ruby/object:Gem::Requirement
@@ -218,6 +232,20 @@ dependencies:
218
232
  - - "~>"
219
233
  - !ruby/object:Gem::Version
220
234
  version: '3.4'
235
+ - !ruby/object:Gem::Dependency
236
+ name: rexml
237
+ requirement: !ruby/object:Gem::Requirement
238
+ requirements:
239
+ - - ">="
240
+ - !ruby/object:Gem::Version
241
+ version: '0'
242
+ type: :development
243
+ prerelease: false
244
+ version_requirements: !ruby/object:Gem::Requirement
245
+ requirements:
246
+ - - ">="
247
+ - !ruby/object:Gem::Version
248
+ version: '0'
221
249
  description: Full HMAC auth implementation for use in your gems and Rails apps.
222
250
  email: mauricio@edge14.com
223
251
  executables: []
@@ -238,14 +266,10 @@ files:
238
266
  - Rakefile
239
267
  - VERSION
240
268
  - api_auth.gemspec
241
- - gemfiles/http2.gemfile
242
- - gemfiles/http3.gemfile
243
269
  - gemfiles/http4.gemfile
244
- - gemfiles/rails_4.gemfile
245
- - gemfiles/rails_41.gemfile
246
- - gemfiles/rails_42.gemfile
247
- - gemfiles/rails_5.gemfile
248
- - gemfiles/rails_51.gemfile
270
+ - gemfiles/rails_52.gemfile
271
+ - gemfiles/rails_60.gemfile
272
+ - gemfiles/rails_61.gemfile
249
273
  - lib/api-auth.rb
250
274
  - lib/api_auth.rb
251
275
  - lib/api_auth/base.rb
@@ -257,12 +281,12 @@ files:
257
281
  - lib/api_auth/request_drivers/action_dispatch.rb
258
282
  - lib/api_auth/request_drivers/curb.rb
259
283
  - lib/api_auth/request_drivers/faraday.rb
284
+ - lib/api_auth/request_drivers/grape_request.rb
260
285
  - lib/api_auth/request_drivers/http.rb
261
286
  - lib/api_auth/request_drivers/httpi.rb
262
287
  - lib/api_auth/request_drivers/net_http.rb
263
288
  - lib/api_auth/request_drivers/rack.rb
264
289
  - lib/api_auth/request_drivers/rest_client.rb
265
- - spec/.rubocop.yml
266
290
  - spec/api_auth_spec.rb
267
291
  - spec/fixtures/upload.png
268
292
  - spec/headers_spec.rb
@@ -272,6 +296,7 @@ files:
272
296
  - spec/request_drivers/action_dispatch_spec.rb
273
297
  - spec/request_drivers/curb_spec.rb
274
298
  - spec/request_drivers/faraday_spec.rb
299
+ - spec/request_drivers/grape_request_spec.rb
275
300
  - spec/request_drivers/http_spec.rb
276
301
  - spec/request_drivers/httpi_spec.rb
277
302
  - spec/request_drivers/net_http_spec.rb
@@ -281,7 +306,7 @@ files:
281
306
  homepage: https://github.com/mgomes/api_auth
282
307
  licenses: []
283
308
  metadata: {}
284
- post_install_message:
309
+ post_install_message:
285
310
  rdoc_options: []
286
311
  require_paths:
287
312
  - lib
@@ -289,16 +314,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
289
314
  requirements:
290
315
  - - ">="
291
316
  - !ruby/object:Gem::Version
292
- version: 2.1.0
317
+ version: 2.5.0
293
318
  required_rubygems_version: !ruby/object:Gem::Requirement
294
319
  requirements:
295
320
  - - ">="
296
321
  - !ruby/object:Gem::Version
297
322
  version: '0'
298
323
  requirements: []
299
- rubyforge_project:
300
- rubygems_version: 2.7.3
301
- signing_key:
324
+ rubygems_version: 3.1.4
325
+ signing_key:
302
326
  specification_version: 4
303
327
  summary: Simple HMAC authentication for your APIs
304
328
  test_files:
@@ -311,6 +335,7 @@ test_files:
311
335
  - spec/request_drivers/action_dispatch_spec.rb
312
336
  - spec/request_drivers/curb_spec.rb
313
337
  - spec/request_drivers/faraday_spec.rb
338
+ - spec/request_drivers/grape_request_spec.rb
314
339
  - spec/request_drivers/http_spec.rb
315
340
  - spec/request_drivers/httpi_spec.rb
316
341
  - spec/request_drivers/net_http_spec.rb
@@ -1,7 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "http", "~> 2.0"
6
-
7
- gemspec :path => "../"
@@ -1,7 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "http", "~> 3.0"
6
-
7
- gemspec :path => "../"