api-auth 2.3.1 → 2.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/main.yml +67 -0
  3. data/.gitignore +2 -0
  4. data/.rubocop.yml +16 -3
  5. data/.rubocop_todo.yml +30 -20
  6. data/Appraisals +12 -18
  7. data/CHANGELOG.md +16 -0
  8. data/Gemfile +0 -2
  9. data/README.md +82 -50
  10. data/VERSION +1 -1
  11. data/api_auth.gemspec +11 -4
  12. data/gemfiles/rails_52.gemfile +5 -5
  13. data/gemfiles/rails_60.gemfile +9 -0
  14. data/gemfiles/rails_61.gemfile +9 -0
  15. data/lib/api_auth/base.rb +2 -2
  16. data/lib/api_auth/headers.rb +6 -6
  17. data/lib/api_auth/helpers.rb +2 -2
  18. data/lib/api_auth/railtie.rb +13 -5
  19. data/lib/api_auth/request_drivers/action_controller.rb +8 -8
  20. data/lib/api_auth/request_drivers/curb.rb +4 -4
  21. data/lib/api_auth/request_drivers/faraday.rb +11 -11
  22. data/lib/api_auth/request_drivers/grape_request.rb +8 -8
  23. data/lib/api_auth/request_drivers/http.rb +8 -8
  24. data/lib/api_auth/request_drivers/httpi.rb +8 -8
  25. data/lib/api_auth/request_drivers/net_http.rb +8 -8
  26. data/lib/api_auth/request_drivers/rack.rb +8 -8
  27. data/lib/api_auth/request_drivers/rest_client.rb +8 -8
  28. data/spec/api_auth_spec.rb +8 -8
  29. data/spec/headers_spec.rb +26 -26
  30. data/spec/helpers_spec.rb +1 -1
  31. data/spec/railtie_spec.rb +3 -3
  32. data/spec/request_drivers/action_controller_spec.rb +74 -35
  33. data/spec/request_drivers/action_dispatch_spec.rb +74 -35
  34. data/spec/request_drivers/curb_spec.rb +8 -8
  35. data/spec/request_drivers/faraday_spec.rb +43 -43
  36. data/spec/request_drivers/grape_request_spec.rb +33 -32
  37. data/spec/request_drivers/http_spec.rb +23 -23
  38. data/spec/request_drivers/httpi_spec.rb +22 -22
  39. data/spec/request_drivers/net_http_spec.rb +23 -23
  40. data/spec/request_drivers/rack_spec.rb +35 -35
  41. data/spec/request_drivers/rest_client_spec.rb +36 -36
  42. data/spec/spec_helper.rb +1 -1
  43. metadata +52 -30
  44. data/.travis.yml +0 -34
  45. data/gemfiles/http2.gemfile +0 -7
  46. data/gemfiles/http3.gemfile +0 -7
  47. data/gemfiles/http4.gemfile +0 -7
  48. data/gemfiles/rails_4.gemfile +0 -11
  49. data/gemfiles/rails_41.gemfile +0 -11
  50. data/gemfiles/rails_42.gemfile +0 -11
  51. data/gemfiles/rails_5.gemfile +0 -11
  52. data/gemfiles/rails_51.gemfile +0 -9
  53. data/spec/.rubocop.yml +0 -5
@@ -4,6 +4,7 @@ if defined?(ActionController::Request)
4
4
 
5
5
  describe ApiAuth::RequestDrivers::ActionControllerRequest do
6
6
  let(:timestamp) { Time.now.utc.httpdate }
7
+ let(:content_sha256) { '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' }
7
8
 
8
9
  let(:request) do
9
10
  ActionController::Request.new(
@@ -11,7 +12,35 @@ if defined?(ActionController::Request)
11
12
  'PATH_INFO' => '/resource.xml',
12
13
  'QUERY_STRING' => 'foo=bar&bar=foo',
13
14
  'REQUEST_METHOD' => 'PUT',
14
- 'CONTENT_MD5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
15
+ 'HTTP_X_AUTHORIZATION_CONTENT_SHA256' => content_sha256,
16
+ 'CONTENT_TYPE' => 'text/plain',
17
+ 'CONTENT_LENGTH' => '11',
18
+ 'HTTP_DATE' => timestamp,
19
+ 'rack.input' => StringIO.new("hello\nworld")
20
+ )
21
+ end
22
+
23
+ let(:request2) do
24
+ ActionController::Request.new(
25
+ 'AUTHORIZATION' => 'APIAuth 1044:12345',
26
+ 'PATH_INFO' => '/resource.xml',
27
+ 'QUERY_STRING' => 'foo=bar&bar=foo',
28
+ 'REQUEST_METHOD' => 'PUT',
29
+ 'X_AUTHORIZATION_CONTENT_SHA256' => content_sha256,
30
+ 'CONTENT_TYPE' => 'text/plain',
31
+ 'CONTENT_LENGTH' => '11',
32
+ 'HTTP_DATE' => timestamp,
33
+ 'rack.input' => StringIO.new("hello\nworld")
34
+ )
35
+ end
36
+
37
+ let(:request3) do
38
+ ActionController::Request.new(
39
+ 'AUTHORIZATION' => 'APIAuth 1044:12345',
40
+ 'PATH_INFO' => '/resource.xml',
41
+ 'QUERY_STRING' => 'foo=bar&bar=foo',
42
+ 'REQUEST_METHOD' => 'PUT',
43
+ 'X-AUTHORIZATION-CONTENT-SHA256' => content_sha256,
15
44
  'CONTENT_TYPE' => 'text/plain',
16
45
  'CONTENT_LENGTH' => '11',
17
46
  'HTTP_DATE' => timestamp,
@@ -26,8 +55,18 @@ if defined?(ActionController::Request)
26
55
  expect(driven_request.content_type).to eq('text/plain')
27
56
  end
28
57
 
29
- it 'gets the content_md5' do
30
- expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
58
+ it 'gets the content_hash' do
59
+ expect(driven_request.content_hash).to eq(content_sha256)
60
+ end
61
+
62
+ it 'gets the content_hash for request 2' do
63
+ example_request = ApiAuth::RequestDrivers::ActionControllerRequest.new(request2)
64
+ expect(example_request.content_hash).to eq(content_sha256)
65
+ end
66
+
67
+ it 'gets the content_hash for request 3' do
68
+ example_request = ApiAuth::RequestDrivers::ActionControllerRequest.new(request3)
69
+ expect(example_request.content_hash).to eq(content_sha256)
31
70
  end
32
71
 
33
72
  it 'gets the request_uri' do
@@ -42,15 +81,15 @@ if defined?(ActionController::Request)
42
81
  expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
43
82
  end
44
83
 
45
- describe '#calculated_md5' do
46
- it 'calculates md5 from the body' do
47
- expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
84
+ describe '#calculated_hash' do
85
+ it 'calculates hash from the body' do
86
+ expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
48
87
  end
49
88
 
50
89
  it 'treats no body as empty string' do
51
90
  request.env['rack.input'] = StringIO.new
52
91
  request.env['CONTENT_LENGTH'] = 0
53
- expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
92
+ expect(driven_request.calculated_hash).to eq(content_sha256)
54
93
  end
55
94
  end
56
95
 
@@ -89,46 +128,46 @@ if defined?(ActionController::Request)
89
128
  )
90
129
  end
91
130
 
92
- describe '#populate_content_md5' do
131
+ describe '#populate_content_hash' do
93
132
  context 'when getting' do
94
- it "doesn't populate content-md5" do
133
+ it "doesn't populate content hash" do
95
134
  request.env['REQUEST_METHOD'] = 'GET'
96
- driven_request.populate_content_md5
97
- expect(request.env['Content-MD5']).to be_nil
135
+ driven_request.populate_content_hash
136
+ expect(request.env['X-Authorization-Content-SHA256']).to be_nil
98
137
  end
99
138
  end
100
139
 
101
140
  context 'when posting' do
102
- it 'populates content-md5' do
141
+ it 'populates content hash' do
103
142
  request.env['REQUEST_METHOD'] = 'POST'
104
- driven_request.populate_content_md5
105
- expect(request.env['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
143
+ driven_request.populate_content_hash
144
+ expect(request.env['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
106
145
  end
107
146
 
108
147
  it 'refreshes the cached headers' do
109
- driven_request.populate_content_md5
110
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
148
+ driven_request.populate_content_hash
149
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
111
150
  end
112
151
  end
113
152
 
114
153
  context 'when putting' do
115
- it 'populates content-md5' do
154
+ it 'populates content hash' do
116
155
  request.env['REQUEST_METHOD'] = 'PUT'
117
- driven_request.populate_content_md5
118
- expect(request.env['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
156
+ driven_request.populate_content_hash
157
+ expect(request.env['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
119
158
  end
120
159
 
121
160
  it 'refreshes the cached headers' do
122
- driven_request.populate_content_md5
123
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
161
+ driven_request.populate_content_hash
162
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
124
163
  end
125
164
  end
126
165
 
127
166
  context 'when deleting' do
128
- it "doesn't populate content-md5" do
167
+ it "doesn't populate content hash" do
129
168
  request.env['REQUEST_METHOD'] = 'DELETE'
130
- driven_request.populate_content_md5
131
- expect(request.env['Content-MD5']).to be_nil
169
+ driven_request.populate_content_hash
170
+ expect(request.env['X-Authorization-Content-SHA256']).to be_nil
132
171
  end
133
172
  end
134
173
  end
@@ -157,14 +196,14 @@ if defined?(ActionController::Request)
157
196
  end
158
197
  end
159
198
 
160
- describe 'md5_mismatch?' do
199
+ describe 'content_hash_mismatch?' do
161
200
  context 'when getting' do
162
201
  before do
163
202
  request.env['REQUEST_METHOD'] = 'GET'
164
203
  end
165
204
 
166
205
  it 'is false' do
167
- expect(driven_request.md5_mismatch?).to be false
206
+ expect(driven_request.content_hash_mismatch?).to be false
168
207
  end
169
208
  end
170
209
 
@@ -175,21 +214,21 @@ if defined?(ActionController::Request)
175
214
 
176
215
  context 'when calculated matches sent' do
177
216
  before do
178
- request.env['CONTENT_MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
217
+ request.env['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
179
218
  end
180
219
 
181
220
  it 'is false' do
182
- expect(driven_request.md5_mismatch?).to be false
221
+ expect(driven_request.content_hash_mismatch?).to be false
183
222
  end
184
223
  end
185
224
 
186
225
  context "when calculated doesn't match sent" do
187
226
  before do
188
- request.env['CONTENT_MD5'] = '3'
227
+ request.env['X-Authorization-Content-SHA256'] = '3'
189
228
  end
190
229
 
191
230
  it 'is true' do
192
- expect(driven_request.md5_mismatch?).to be true
231
+ expect(driven_request.content_hash_mismatch?).to be true
193
232
  end
194
233
  end
195
234
  end
@@ -201,21 +240,21 @@ if defined?(ActionController::Request)
201
240
 
202
241
  context 'when calculated matches sent' do
203
242
  before do
204
- request.env['CONTENT_MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
243
+ request.env['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
205
244
  end
206
245
 
207
246
  it 'is false' do
208
- expect(driven_request.md5_mismatch?).to be false
247
+ expect(driven_request.content_hash_mismatch?).to be false
209
248
  end
210
249
  end
211
250
 
212
251
  context "when calculated doesn't match sent" do
213
252
  before do
214
- request.env['CONTENT_MD5'] = '3'
253
+ request.env['X-Authorization-Content-SHA256'] = '3'
215
254
  end
216
255
 
217
256
  it 'is true' do
218
- expect(driven_request.md5_mismatch?).to be true
257
+ expect(driven_request.content_hash_mismatch?).to be true
219
258
  end
220
259
  end
221
260
  end
@@ -226,7 +265,7 @@ if defined?(ActionController::Request)
226
265
  end
227
266
 
228
267
  it 'is false' do
229
- expect(driven_request.md5_mismatch?).to be false
268
+ expect(driven_request.content_hash_mismatch?).to be false
230
269
  end
231
270
  end
232
271
  end
@@ -4,6 +4,7 @@ if defined?(ActionDispatch::Request)
4
4
 
5
5
  describe ApiAuth::RequestDrivers::ActionDispatchRequest do
6
6
  let(:timestamp) { Time.now.utc.httpdate }
7
+ let(:content_sha256) { '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' }
7
8
 
8
9
  let(:request) do
9
10
  ActionDispatch::Request.new(
@@ -11,7 +12,35 @@ if defined?(ActionDispatch::Request)
11
12
  'PATH_INFO' => '/resource.xml',
12
13
  'QUERY_STRING' => 'foo=bar&bar=foo',
13
14
  'REQUEST_METHOD' => 'PUT',
14
- 'CONTENT_MD5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
15
+ 'HTTP_X_AUTHORIZATION_CONTENT_SHA256' => content_sha256,
16
+ 'CONTENT_TYPE' => 'text/plain',
17
+ 'CONTENT_LENGTH' => '11',
18
+ 'HTTP_DATE' => timestamp,
19
+ 'rack.input' => StringIO.new("hello\nworld")
20
+ )
21
+ end
22
+
23
+ let(:request2) do
24
+ ActionDispatch::Request.new(
25
+ 'AUTHORIZATION' => 'APIAuth 1044:12345',
26
+ 'PATH_INFO' => '/resource.xml',
27
+ 'QUERY_STRING' => 'foo=bar&bar=foo',
28
+ 'REQUEST_METHOD' => 'PUT',
29
+ 'X_AUTHORIZATION_CONTENT_SHA256' => content_sha256,
30
+ 'CONTENT_TYPE' => 'text/plain',
31
+ 'CONTENT_LENGTH' => '11',
32
+ 'HTTP_DATE' => timestamp,
33
+ 'rack.input' => StringIO.new("hello\nworld")
34
+ )
35
+ end
36
+
37
+ let(:request3) do
38
+ ActionDispatch::Request.new(
39
+ 'AUTHORIZATION' => 'APIAuth 1044:12345',
40
+ 'PATH_INFO' => '/resource.xml',
41
+ 'QUERY_STRING' => 'foo=bar&bar=foo',
42
+ 'REQUEST_METHOD' => 'PUT',
43
+ 'X-AUTHORIZATION-CONTENT-SHA256' => content_sha256,
15
44
  'CONTENT_TYPE' => 'text/plain',
16
45
  'CONTENT_LENGTH' => '11',
17
46
  'HTTP_DATE' => timestamp,
@@ -26,8 +55,18 @@ if defined?(ActionDispatch::Request)
26
55
  expect(driven_request.content_type).to eq('text/plain')
27
56
  end
28
57
 
29
- it 'gets the content_md5' do
30
- expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
58
+ it 'gets the content_hash' do
59
+ expect(driven_request.content_hash).to eq(content_sha256)
60
+ end
61
+
62
+ it 'gets the content_hash for request 2' do
63
+ example_request = ApiAuth::RequestDrivers::ActionDispatchRequest.new(request2)
64
+ expect(example_request.content_hash).to eq(content_sha256)
65
+ end
66
+
67
+ it 'gets the content_hash for request 3' do
68
+ example_request = ApiAuth::RequestDrivers::ActionDispatchRequest.new(request3)
69
+ expect(example_request.content_hash).to eq(content_sha256)
31
70
  end
32
71
 
33
72
  it 'gets the request_uri' do
@@ -42,15 +81,15 @@ if defined?(ActionDispatch::Request)
42
81
  expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
43
82
  end
44
83
 
45
- describe '#calculated_md5' do
46
- it 'calculates md5 from the body' do
47
- expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
84
+ describe '#calculated_hash' do
85
+ it 'calculates hash from the body' do
86
+ expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
48
87
  end
49
88
 
50
89
  it 'treats no body as empty string' do
51
90
  request.env['rack.input'] = StringIO.new
52
91
  request.env['CONTENT_LENGTH'] = 0
53
- expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
92
+ expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
54
93
  end
55
94
  end
56
95
 
@@ -89,46 +128,46 @@ if defined?(ActionDispatch::Request)
89
128
  )
90
129
  end
91
130
 
92
- describe '#populate_content_md5' do
131
+ describe '#populate_content_hash' do
93
132
  context 'when getting' do
94
- it "doesn't populate content-md5" do
133
+ it "doesn't populate content hash" do
95
134
  request.env['REQUEST_METHOD'] = 'GET'
96
- driven_request.populate_content_md5
97
- expect(request.env['Content-MD5']).to be_nil
135
+ driven_request.populate_content_hash
136
+ expect(request.env['X-AUTHORIZATION-CONTENT-SHA256']).to be_nil
98
137
  end
99
138
  end
100
139
 
101
140
  context 'when posting' do
102
- it 'populates content-md5' do
141
+ it 'populates content hash' do
103
142
  request.env['REQUEST_METHOD'] = 'POST'
104
- driven_request.populate_content_md5
105
- expect(request.env['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
143
+ driven_request.populate_content_hash
144
+ expect(request.env['X-AUTHORIZATION-CONTENT-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
106
145
  end
107
146
 
108
147
  it 'refreshes the cached headers' do
109
- driven_request.populate_content_md5
110
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
148
+ driven_request.populate_content_hash
149
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
111
150
  end
112
151
  end
113
152
 
114
153
  context 'when putting' do
115
- it 'populates content-md5' do
154
+ it 'populates content hash' do
116
155
  request.env['REQUEST_METHOD'] = 'PUT'
117
- driven_request.populate_content_md5
118
- expect(request.env['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
156
+ driven_request.populate_content_hash
157
+ expect(request.env['X-AUTHORIZATION-CONTENT-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
119
158
  end
120
159
 
121
160
  it 'refreshes the cached headers' do
122
- driven_request.populate_content_md5
123
- expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
161
+ driven_request.populate_content_hash
162
+ expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
124
163
  end
125
164
  end
126
165
 
127
166
  context 'when deleting' do
128
- it "doesn't populate content-md5" do
167
+ it "doesn't populate content hash" do
129
168
  request.env['REQUEST_METHOD'] = 'DELETE'
130
- driven_request.populate_content_md5
131
- expect(request.env['Content-MD5']).to be_nil
169
+ driven_request.populate_content_hash
170
+ expect(request.env['X-AUTHORIZATION-CONTENT-SHA256']).to be_nil
132
171
  end
133
172
  end
134
173
  end
@@ -157,14 +196,14 @@ if defined?(ActionDispatch::Request)
157
196
  end
158
197
  end
159
198
 
160
- describe 'md5_mismatch?' do
199
+ describe 'content_hash_mismatch?' do
161
200
  context 'when getting' do
162
201
  before do
163
202
  request.env['REQUEST_METHOD'] = 'GET'
164
203
  end
165
204
 
166
205
  it 'is false' do
167
- expect(driven_request.md5_mismatch?).to be false
206
+ expect(driven_request.content_hash_mismatch?).to be false
168
207
  end
169
208
  end
170
209
 
@@ -175,21 +214,21 @@ if defined?(ActionDispatch::Request)
175
214
 
176
215
  context 'when calculated matches sent' do
177
216
  before do
178
- request.env['CONTENT_MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
217
+ request.env['X-AUTHORIZATION-CONTENT-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
179
218
  end
180
219
 
181
220
  it 'is false' do
182
- expect(driven_request.md5_mismatch?).to be false
221
+ expect(driven_request.content_hash_mismatch?).to be false
183
222
  end
184
223
  end
185
224
 
186
225
  context "when calculated doesn't match sent" do
187
226
  before do
188
- request.env['CONTENT_MD5'] = '3'
227
+ request.env['X-AUTHORIZATION-CONTENT-SHA256'] = '3'
189
228
  end
190
229
 
191
230
  it 'is true' do
192
- expect(driven_request.md5_mismatch?).to be true
231
+ expect(driven_request.content_hash_mismatch?).to be true
193
232
  end
194
233
  end
195
234
  end
@@ -201,21 +240,21 @@ if defined?(ActionDispatch::Request)
201
240
 
202
241
  context 'when calculated matches sent' do
203
242
  before do
204
- request.env['CONTENT_MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
243
+ request.env['X-AUTHORIZATION-CONTENT-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
205
244
  end
206
245
 
207
246
  it 'is false' do
208
- expect(driven_request.md5_mismatch?).to be false
247
+ expect(driven_request.content_hash_mismatch?).to be false
209
248
  end
210
249
  end
211
250
 
212
251
  context "when calculated doesn't match sent" do
213
252
  before do
214
- request.env['CONTENT_MD5'] = '3'
253
+ request.env['X-AUTHORIZATION-CONTENT-SHA256'] = '3'
215
254
  end
216
255
 
217
256
  it 'is true' do
218
- expect(driven_request.md5_mismatch?).to be true
257
+ expect(driven_request.content_hash_mismatch?).to be true
219
258
  end
220
259
  end
221
260
  end
@@ -226,7 +265,7 @@ if defined?(ActionDispatch::Request)
226
265
  end
227
266
 
228
267
  it 'is false' do
229
- expect(driven_request.md5_mismatch?).to be false
268
+ expect(driven_request.content_hash_mismatch?).to be false
230
269
  end
231
270
  end
232
271
  end
@@ -6,7 +6,7 @@ describe ApiAuth::RequestDrivers::CurbRequest do
6
6
  let(:request) do
7
7
  headers = {
8
8
  'Authorization' => 'APIAuth 1044:12345',
9
- 'Content-MD5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
9
+ 'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
10
10
  'Content-Type' => 'text/plain',
11
11
  'Date' => timestamp
12
12
  }
@@ -22,8 +22,8 @@ describe ApiAuth::RequestDrivers::CurbRequest do
22
22
  expect(driven_request.content_type).to eq('text/plain')
23
23
  end
24
24
 
25
- it 'gets the content_md5' do
26
- expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
25
+ it 'gets the content_hash' do
26
+ expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
27
27
  end
28
28
 
29
29
  it 'gets the request_uri' do
@@ -55,10 +55,10 @@ describe ApiAuth::RequestDrivers::CurbRequest do
55
55
  end
56
56
  end
57
57
 
58
- describe '#populate_content_md5' do
58
+ describe '#populate_content_hash' do
59
59
  it 'is a no-op' do
60
- expect(driven_request.populate_content_md5).to be_nil
61
- expect(request.headers['Content-MD5']).to be_nil
60
+ expect(driven_request.populate_content_hash).to be_nil
61
+ expect(request.headers['X-Authorization-Content-SHA256']).to be_nil
62
62
  end
63
63
  end
64
64
 
@@ -86,9 +86,9 @@ describe ApiAuth::RequestDrivers::CurbRequest do
86
86
  end
87
87
  end
88
88
 
89
- describe 'md5_mismatch?' do
89
+ describe 'content_hash_mismatch?' do
90
90
  it 'is always false' do
91
- expect(driven_request.md5_mismatch?).to be false
91
+ expect(driven_request.content_hash_mismatch?).to be false
92
92
  end
93
93
  end
94
94