api-auth 2.4.1 → 2.5.1

data/spec/request_drivers/net_http_spec.rb

@@ -8,7 +8,7 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
   let(:request_headers) do
     {
       'Authorization' => 'APIAuth 1044:12345',
-      'content-md5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
+      'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
       'content-type' => 'text/plain',
       'date' => timestamp
     }
@@ -36,8 +36,8 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
       end
     end
 
-    it 'gets the content_md5' do
-      expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
+    it 'gets the content_hash' do
+      expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
     end
 
     it 'gets the request_uri' do
@@ -52,20 +52,20 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
       expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
     end
 
-    describe '#calculated_md5' do
-      it 'calculates md5 from the body' do
-        expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+    describe '#calculated_hash' do
+      it 'calculate content hash from the body' do
+        expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
       end
 
       it 'treats no body as empty string' do
         request.body = nil
-        expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
+        expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
       end
 
       it 'calculates correctly for multipart content' do
         request.body = nil
         request.body_stream = File.new('spec/fixtures/upload.png')
-        expect(driven_request.calculated_md5).to eq('k4U8MTA3RHDcewBzymVNEQ==')
+        expect(driven_request.calculated_hash).to eq('AlKDe7kjMQhuKgKuNG8I7GA93MasHcaVJkJLaUT7+dY=')
       end
     end
 
@@ -99,15 +99,15 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
       Net::HTTP::Put.new(request_path, request_headers)
     end
 
-    describe '#populate_content_md5' do
+    describe '#populate_content_hash' do
       context 'when request type has no body' do
         let(:request) do
           Net::HTTP::Get.new(request_path, request_headers)
         end
 
-        it "doesn't populate content-md5" do
-          driven_request.populate_content_md5
-          expect(request['Content-MD5']).to be_nil
+        it "doesn't populate content hash" do
+          driven_request.populate_content_hash
+          expect(request['X-Authorization-Content-SHA256']).to be_nil
         end
       end
 
@@ -118,14 +118,14 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
           net_http_request
         end
 
-        it 'populates content-md5' do
-          driven_request.populate_content_md5
-          expect(request['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
+        it 'populates content hash' do
+          driven_request.populate_content_hash
+          expect(request['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
 
         it 'refreshes the cached headers' do
-          driven_request.populate_content_md5
-          expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+          driven_request.populate_content_hash
+          expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
       end
     end
@@ -154,14 +154,14 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
     end
   end
 
-  describe 'md5_mismatch?' do
+  describe 'content_hash_mismatch?' do
     context 'when request type has no body' do
       let(:request) do
         Net::HTTP::Get.new(request_path, request_headers)
       end
 
       it 'is false' do
-        expect(driven_request.md5_mismatch?).to be false
+        expect(driven_request.content_hash_mismatch?).to be false
       end
     end
 
@@ -174,21 +174,21 @@ describe ApiAuth::RequestDrivers::NetHttpRequest do
 
       context 'when calculated matches sent' do
         before do
-          request['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
+          request['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
         end
 
         it 'is false' do
-          expect(driven_request.md5_mismatch?).to be false
+          expect(driven_request.content_hash_mismatch?).to be false
         end
       end
 
       context "when calculated doesn't match sent" do
         before do
-          request['Content-MD5'] = '3'
+          request['X-Authorization-Content-SHA256'] = '3'
         end
 
         it 'is true' do
-          expect(driven_request.md5_mismatch?).to be true
+          expect(driven_request.content_hash_mismatch?).to be true
         end
       end
     end

data/spec/request_drivers/rack_spec.rb

@@ -8,7 +8,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
   let(:request_headers) do
     {
       'Authorization' => 'APIAuth 1044:12345',
-      'Content-MD5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
+      'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
       'Content-Type' => 'text/plain',
       'Date' => timestamp
     }
@@ -31,8 +31,8 @@ describe ApiAuth::RequestDrivers::RackRequest do
       expect(driven_request.content_type).to eq('text/plain')
     end
 
-    it 'gets the content_md5' do
-      expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
+    it 'gets the content_hash' do
+      expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
     end
 
     it 'gets the request_uri' do
@@ -47,9 +47,9 @@ describe ApiAuth::RequestDrivers::RackRequest do
       expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
     end
 
-    describe '#calculated_md5' do
-      it 'calculates md5 from the body' do
-        expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+    describe '#calculated_hash' do
+      it 'calculates hash from the body' do
+        expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
       end
 
       it 'treats no body as empty string' do
@@ -60,7 +60,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
           ).merge!(request_headers)
         )
         driven_request = ApiAuth::RequestDrivers::RackRequest.new(request)
-        expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
+        expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
       end
     end
 
@@ -104,7 +104,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
       }
     end
 
-    describe '#populate_content_md5' do
+    describe '#populate_content_hash' do
       context 'when getting' do
         let(:request) do
           Rack::Request.new(
@@ -115,9 +115,9 @@ describe ApiAuth::RequestDrivers::RackRequest do
           )
         end
 
-        it "doesn't populate content-md5" do
-          driven_request.populate_content_md5
-          expect(request.env['Content-MD5']).to be_nil
+        it "doesn't populate content hash" do
+          driven_request.populate_content_hash
+          expect(request.env['X-Authorization-Content-SHA256']).to be_nil
         end
       end
 
@@ -132,14 +132,14 @@ describe ApiAuth::RequestDrivers::RackRequest do
           )
         end
 
-        it 'populates content-md5' do
-          driven_request.populate_content_md5
-          expect(request.env['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
+        it 'populates content hash' do
+          driven_request.populate_content_hash
+          expect(request.env['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
 
         it 'refreshes the cached headers' do
-          driven_request.populate_content_md5
-          expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+          driven_request.populate_content_hash
+          expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
       end
 
@@ -154,14 +154,14 @@ describe ApiAuth::RequestDrivers::RackRequest do
           )
         end
 
-        it 'populates content-md5' do
-          driven_request.populate_content_md5
-          expect(request.env['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
+        it 'populates content hash' do
+          driven_request.populate_content_hash
+          expect(request.env['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
 
         it 'refreshes the cached headers' do
-          driven_request.populate_content_md5
-          expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+          driven_request.populate_content_hash
+          expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
       end
 
@@ -175,9 +175,9 @@ describe ApiAuth::RequestDrivers::RackRequest do
           )
         end
 
-        it "doesn't populate content-md5" do
-          driven_request.populate_content_md5
-          expect(request.env['Content-MD5']).to be_nil
+        it "doesn't populate content hash" do
+          driven_request.populate_content_hash
+          expect(request.env['X-Authorization-Content-SHA256']).to be_nil
         end
       end
     end
@@ -206,7 +206,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
     end
   end
 
-  describe 'md5_mismatch?' do
+  describe 'content_hash_mismatch?' do
     context 'when getting' do
       let(:request) do
         Rack::Request.new(
@@ -218,7 +218,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
       end
 
       it 'is false' do
-        expect(driven_request.md5_mismatch?).to be false
+        expect(driven_request.content_hash_mismatch?).to be false
       end
     end
 
@@ -235,21 +235,21 @@ describe ApiAuth::RequestDrivers::RackRequest do
 
       context 'when calculated matches sent' do
         before do
-          request.env['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
+          request.env['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
         end
 
         it 'is false' do
-          expect(driven_request.md5_mismatch?).to be false
+          expect(driven_request.content_hash_mismatch?).to be false
         end
       end
 
       context "when calculated doesn't match sent" do
         before do
-          request.env['Content-MD5'] = '3'
+          request.env['X-Authorization-Content-SHA256'] = '3'
         end
 
         it 'is true' do
-          expect(driven_request.md5_mismatch?).to be true
+          expect(driven_request.content_hash_mismatch?).to be true
         end
       end
     end
@@ -267,21 +267,21 @@ describe ApiAuth::RequestDrivers::RackRequest do
 
       context 'when calculated matches sent' do
         before do
-          request.env['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
+          request.env['X-Authorization-Content-SHA256'] = 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g='
         end
 
         it 'is false' do
-          expect(driven_request.md5_mismatch?).to be false
+          expect(driven_request.content_hash_mismatch?).to be false
         end
       end
 
       context "when calculated doesn't match sent" do
         before do
-          request.env['Content-MD5'] = '3'
+          request.env['X-Authorization-Content-SHA256'] = '3'
         end
 
         it 'is true' do
-          expect(driven_request.md5_mismatch?).to be true
+          expect(driven_request.content_hash_mismatch?).to be true
         end
       end
     end
@@ -297,7 +297,7 @@ describe ApiAuth::RequestDrivers::RackRequest do
       end
 
       it 'is false' do
-        expect(driven_request.md5_mismatch?).to be false
+        expect(driven_request.content_hash_mismatch?).to be false
       end
     end
   end

data/spec/request_drivers/rest_client_spec.rb

@@ -8,7 +8,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
   let(:request_headers) do
     {
       'Authorization' => 'APIAuth 1044:12345',
-      'Content-MD5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
+      'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
       'Content-Type' => 'text/plain',
       'Date' => timestamp
     }
@@ -30,8 +30,8 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       expect(driven_request.content_type).to eq('text/plain')
     end
 
-    it 'gets the content_md5' do
-      expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
+    it 'gets the content_hash' do
+      expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
     end
 
     it 'gets the request_uri' do
@@ -46,9 +46,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
     end
 
-    describe '#calculated_md5' do
-      it 'calculates md5 from the body' do
-        expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+    describe '#calculated_hash' do
+      it 'calculates hash from the body' do
+        expect(driven_request.calculated_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
       end
 
       it 'treats no body as empty string' do
@@ -58,7 +58,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
           method: :put
         )
         driven_request = ApiAuth::RequestDrivers::RestClientRequest.new(request)
-        expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
+        expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
       end
     end
 
@@ -100,7 +100,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       }
     end
 
-    describe '#populate_content_md5' do
+    describe '#populate_content_hash' do
       context 'when getting' do
         let(:request) do
           RestClient::Request.new(
@@ -110,9 +110,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
           )
         end
 
-        it "doesn't populate content-md5" do
-          driven_request.populate_content_md5
-          expect(request.headers['Content-MD5']).to be_nil
+        it "doesn't populate content hash" do
+          driven_request.populate_content_hash
+          expect(request.headers['X-Authorization-Content-SHA256']).to be_nil
         end
       end
 
@@ -126,14 +126,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
           )
         end
 
-        it 'populates content-md5' do
-          driven_request.populate_content_md5
-          expect(request.headers['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
+        it 'populates content hash' do
+          driven_request.populate_content_hash
+          expect(request.headers['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
 
         it 'refreshes the cached headers' do
-          driven_request.populate_content_md5
-          expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+          driven_request.populate_content_hash
+          expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
       end
 
@@ -147,14 +147,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
           )
         end
 
-        it 'populates content-md5' do
-          driven_request.populate_content_md5
-          expect(request.headers['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
+        it 'populates content hash' do
+          driven_request.populate_content_hash
+          expect(request.headers['X-Authorization-Content-SHA256']).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
 
         it 'refreshes the cached headers' do
-          driven_request.populate_content_md5
-          expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+          driven_request.populate_content_hash
+          expect(driven_request.content_hash).to eq('JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=')
         end
       end
 
@@ -167,9 +167,9 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
           )
         end
 
-        it "doesn't populate content-md5" do
-          driven_request.populate_content_md5
-          expect(request.headers['Content-MD5']).to be_nil
+        it "doesn't populate content hash" do
+          driven_request.populate_content_hash
+          expect(request.headers['X-Authorization-Content-SHA256']).to be_nil
         end
       end
     end
@@ -199,7 +199,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     end
   end
 
-  describe 'md5_mismatch?' do
+  describe 'content_hash_mismatch?' do
     context 'when getting' do
       let(:request) do
         RestClient::Request.new(
@@ -210,7 +210,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       end
 
       it 'is false' do
-        expect(driven_request.md5_mismatch?).to be false
+        expect(driven_request.content_hash_mismatch?).to be false
       end
     end
 
@@ -228,14 +228,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
         let(:request_headers) do
           {
             'Authorization' => 'APIAuth 1044:12345',
-            'Content-MD5' => 'kZXQvrKoieG+Be1rsZVINw==',
+            'X-Authorization-Content-SHA256' => 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=',
             'Content-Type' => 'text/plain',
             'Date' => timestamp
           }
         end
 
         it 'is false' do
-          expect(driven_request.md5_mismatch?).to be false
+          expect(driven_request.content_hash_mismatch?).to be false
         end
       end
 
@@ -243,14 +243,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
         let(:request_headers) do
           {
             'Authorization' => 'APIAuth 1044:12345',
-            'Content-MD5' => '3',
+            'X-Authorization-Content-SHA256' => '3',
             'Content-Type' => 'text/plain',
             'Date' => timestamp
           }
         end
 
         it 'is true' do
-          expect(driven_request.md5_mismatch?).to be true
+          expect(driven_request.content_hash_mismatch?).to be true
         end
       end
     end
@@ -269,14 +269,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
         let(:request_headers) do
           {
             'Authorization' => 'APIAuth 1044:12345',
-            'Content-MD5' => 'kZXQvrKoieG+Be1rsZVINw==',
+            'X-Authorization-Content-SHA256' => 'JsYKYdAdtYNspw/v1EpqAWYgQTyO9fJZpsVhLU9507g=',
             'Content-Type' => 'text/plain',
             'Date' => timestamp
           }
         end
 
         it 'is false' do
-          expect(driven_request.md5_mismatch?).to be false
+          expect(driven_request.content_hash_mismatch?).to be false
         end
       end
 
@@ -284,14 +284,14 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
         let(:request_headers) do
           {
             'Authorization' => 'APIAuth 1044:12345',
-            'Content-MD5' => '3',
+            'X-Authorization-Content-SHA256' => '3',
             'Content-Type' => 'text/plain',
             'Date' => timestamp
           }
         end
 
         it 'is true' do
-          expect(driven_request.md5_mismatch?).to be true
+          expect(driven_request.content_hash_mismatch?).to be true
         end
       end
     end
@@ -306,7 +306,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       end
 
       it 'is false' do
-        expect(driven_request.md5_mismatch?).to be false
+        expect(driven_request.content_hash_mismatch?).to be false
       end
     end
   end
@@ -385,7 +385,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
 
   describe 'edge cases' do
     it "doesn't mess up symbol based headers" do
-      headers = { 'Content-MD5' => 'e59ff97941044f85df5297e1c302d260',
+      headers = { 'X-Authorization-Content-SHA256' => 'e59ff97941044f85df5297e1c302d260',
                   :content_type => 'text/plain',
                   'Date' => 'Mon, 23 Jan 1984 03:29:56 GMT' }
       request = RestClient::Request.new(url: 'http://localhost/resource.xml?foo=bar&bar=foo',