api-auth 2.2.0 → 2.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 51fee150bf8e85fbaa3195608e96a25ad4ef7cb19bcc026137c1831c94f652c1
-  data.tar.gz: 7c0aeeefdf36f93e53cef4ac76f0015efa587c5a7b572dafe6670276d786e92a
+  metadata.gz: 74847c2470f870ce0206badfda86189773a6bb96b109d0fca6ab276f5bb70523
+  data.tar.gz: 5b24a84ec9a7617b3dfe33e9c97cccf5edc7caa627b51b76b3044f2952e32e80
 SHA512:
-  metadata.gz: 4cf7349cdbed677337b82e3c0ad87ce1271ce0a92c65a9bda8514dadde6c3a6fd40e962fc9b23cb937e0b1b804d456930d6ddeb245d5d3d5ed021639c077a3c8
-  data.tar.gz: c4935420257b03f3f90460c7caffb64d0da2792f9793c24c02bf00e7abdc1a80a509d73c3ed86a95098de3cb5aaeb96776e383a537dfab3233fd043a6077c928
+  metadata.gz: 507f3c7f5e1570c9014e953179a42c13c5502ea50483172fd7650a6b9853297e9220cb096599c4498a95f1873bf06d37852355cb2bc566481c2b93c61a4a9cb6
+  data.tar.gz: 05515f1bd95793f5c0497e2d3e0ea9cd65d9d14015f8f2abe151aa40ea0dfb849250505f0a132ba6b161d31d0839ebaec6adb7e8cef91dc286d123f7b04a1f37

data/.rubocop.yml

@@ -1,63 +1,16 @@
-# This configuration was generated by
-# `rubocop --auto-gen-config`
-# on 2016-02-10 17:06:30 +0100 using RuboCop version 0.37.1.
-# The point is for the user to remove these configuration records
-# one by one as the offenses are removed from the code base.
-# Note that changes in the inspected code, or installation of new
-# versions of RuboCop, may require this file to be generated again.
+inherit_from: .rubocop_todo.yml
 
-# Offense count: 1
-# Configuration parameters: AllowSafeAssignment.
-Lint/AssignmentInCondition:
-  Exclude:
-    - 'lib/api_auth/base.rb'
-
-# Offense count: 2
 Metrics/AbcSize:
   Max: 25
 
-# Offense count: 2
-Metrics/CyclomaticComplexity:
-  Max: 13
-
-# Offense count: 74
-# Configuration parameters: AllowHeredoc, AllowURI, URISchemes.
+# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
 # URISchemes: http, https
 Metrics/LineLength:
-  Max: 137
+  Max: 140
 
-# Offense count: 4
-# Configuration parameters: CountComments.
 Metrics/MethodLength:
-  Max: 30
-
-# Offense count: 1
-Metrics/PerceivedComplexity:
-  Max: 8
-
-# Offense count: 8
-Style/AccessorMethodName:
-  Exclude:
-    - 'lib/api_auth/railtie.rb'
-    - 'lib/api_auth/request_drivers/action_controller.rb'
-    - 'lib/api_auth/request_drivers/curb.rb'
-    - 'lib/api_auth/request_drivers/faraday.rb'
-    - 'lib/api_auth/request_drivers/httpi.rb'
-    - 'lib/api_auth/request_drivers/net_http.rb'
-    - 'lib/api_auth/request_drivers/rack.rb'
-    - 'lib/api_auth/request_drivers/rest_client.rb'
-
-# Offense count: 4
-Style/Documentation:
-  Exclude:
-    - 'spec/**/*'
-    - 'test/**/*'
-    - 'lib/api_auth/railtie.rb'
-    - 'lib/api_auth/request_drivers/rest_client.rb'
+  Max: 40
 
-# Offense count: 1
-# Configuration parameters: ExpectMatchingDefinition, Regex, IgnoreExecutableScripts.
-Style/FileName:
+Naming/FileName:
   Exclude:
     - 'lib/api-auth.rb'
-    - 'Appraisals'

data/.rubocop_todo.yml

@@ -0,0 +1,60 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2018-02-12 13:27:16 +0300 using RuboCop version 0.52.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 1
+# Configuration parameters: AllowSafeAssignment.
+Lint/AssignmentInCondition:
+  Exclude:
+    - 'lib/api_auth/base.rb'
+
+# Offense count: 8
+Lint/Void:
+  Exclude:
+    - 'lib/api_auth/headers.rb'
+    - 'lib/api_auth/request_drivers/action_controller.rb'
+    - 'lib/api_auth/request_drivers/curb.rb'
+    - 'lib/api_auth/request_drivers/faraday.rb'
+    - 'lib/api_auth/request_drivers/httpi.rb'
+    - 'lib/api_auth/request_drivers/net_http.rb'
+    - 'lib/api_auth/request_drivers/rack.rb'
+    - 'lib/api_auth/request_drivers/rest_client.rb'
+
+# Offense count: 1
+Metrics/CyclomaticComplexity:
+  Max: 14
+
+# Offense count: 1
+Metrics/PerceivedComplexity:
+  Max: 8
+
+# Offense count: 9
+Naming/AccessorMethodName:
+  Exclude:
+    - 'lib/api_auth/railtie.rb'
+    - 'lib/api_auth/request_drivers/action_controller.rb'
+    - 'lib/api_auth/request_drivers/curb.rb'
+    - 'lib/api_auth/request_drivers/faraday.rb'
+    - 'lib/api_auth/request_drivers/http.rb'
+    - 'lib/api_auth/request_drivers/httpi.rb'
+    - 'lib/api_auth/request_drivers/net_http.rb'
+    - 'lib/api_auth/request_drivers/rack.rb'
+    - 'lib/api_auth/request_drivers/rest_client.rb'
+
+# Offense count: 9
+Style/CommentedKeyword:
+  Exclude:
+    - 'lib/api_auth/base.rb'
+    - 'lib/api_auth/railtie.rb'
+
+# Offense count: 4
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+    - 'test/**/*'
+    - 'lib/api_auth/railtie.rb'
+    - 'lib/api_auth/request_drivers/rest_client.rb'

data/.travis.yml

@@ -2,16 +2,20 @@ language: ruby
 sudo: false
 cache: bundler
 rvm:
-  - 2.1.9
-  - 2.2.6
-  - 2.3.3
-  - 2.4.1
+  - 2.1.10
+  - 2.2.9
+  - 2.3.6
+  - 2.4.3
+  - 2.5.0
 gemfile:
   - gemfiles/rails_4.gemfile
   - gemfiles/rails_41.gemfile
   - gemfiles/rails_42.gemfile
   - gemfiles/rails_5.gemfile
   - gemfiles/rails_51.gemfile
+  - gemfiles/http2.gemfile
+  - gemfiles/http3.gemfile
+  - gemfiles/http4.gemfile
 env:
   - TEST_SUITE=rake
 
@@ -23,12 +27,18 @@ script:
 
 matrix:
   exclude:
-    - rvm: 2.1.9
+    - rvm: 2.1.10
       gemfile: gemfiles/rails_5.gemfile
-    - rvm: 2.1.9
+    - rvm: 2.1.10
       gemfile: gemfiles/rails_51.gemfile
+    - rvm: 2.1.9
+      gemfile: gemfiles/http2.gemfile
+    - rvm: 2.1.9
+      gemfile: gemfiles/http3.gemfile
+    - rvm: 2.1.9
+      gemfile: gemfiles/http4.gemfile
   include:
-    - rvm: 2.4.1
+    - rvm: 2.5.0
       gemfile: gemfiles/rails_5.gemfile
       env: TEST_SUITE="rubocop lib/ spec/"
 

data/README.md

@@ -51,7 +51,7 @@ minutes in order to avoid replay attacks.
 
 ## Requirement
 
-v3.X require Ruby 2.X and if you use Rails at least Rails 4.0.
+v3.X require Ruby >= 2.1 and Rails >= 4.0 if you use rails.
 
 For older version of Ruby or Rails, please use ApiAuth v2.X.
 
@@ -78,8 +78,8 @@ Here is the current list of supported request objects:
 * Curb (Curl::Easy)
 * RestClient
 * Faraday
-* HTTParty
-* Httpi
+* HTTPI
+* HTTP
 
 ### HTTP Client Objects
 

data/VERSION

@@ -1 +1 @@
-2.2.0
+2.2.1

data/api_auth.gemspec

@@ -9,19 +9,22 @@ Gem::Specification.new do |s|
   s.authors = ['Mauricio Gomes']
   s.email = 'mauricio@edge14.com'
 
-  s.add_development_dependency 'appraisal'
-  s.add_development_dependency 'rake'
-  s.add_development_dependency 'amatch'
-  s.add_development_dependency 'rspec', '~> 3.4'
+  s.required_ruby_version = '>= 2.1.0'
+
   s.add_development_dependency 'actionpack', '< 6.0', '> 4.0'
+  s.add_development_dependency 'activeresource', '>= 4.0'
   s.add_development_dependency 'activesupport', '< 6.0', '> 4.0'
-  s.add_development_dependency 'activeresource', '~> 4.0'
-  s.add_development_dependency 'rest-client', '~> 1.6.0'
-  s.add_development_dependency 'curb', '~> 0.8.1'
-  s.add_development_dependency 'httpi'
+  s.add_development_dependency 'amatch'
+  s.add_development_dependency 'appraisal'
+  s.add_development_dependency 'curb', '~> 0.8'
   s.add_development_dependency 'faraday', '>= 0.10'
+  s.add_development_dependency 'http'
+  s.add_development_dependency 'httpi'
   s.add_development_dependency 'multipart-post', '~> 2.0'
-  s.add_development_dependency 'httparty', '~> 0.13.0'
+  s.add_development_dependency 'pry'
+  s.add_development_dependency 'rake'
+  s.add_development_dependency 'rest-client', '~> 2.0'
+  s.add_development_dependency 'rspec', '~> 3.4'
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")

data/gemfiles/http2.gemfile

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "http", "~> 2.0"
+
+gemspec :path => "../"

data/gemfiles/http3.gemfile

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "http", "~> 3.0"
+
+gemspec :path => "../"

data/gemfiles/http4.gemfile

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "http", github: "httprb/http"
+
+gemspec :path => "../"

data/lib/api_auth.rb

@@ -1,5 +1,6 @@
 require 'openssl'
 require 'base64'
+require 'time'
 
 require 'api_auth/errors'
 require 'api_auth/helpers'
@@ -12,6 +13,7 @@ require 'api_auth/request_drivers/action_dispatch'
 require 'api_auth/request_drivers/rack'
 require 'api_auth/request_drivers/httpi'
 require 'api_auth/request_drivers/faraday'
+require 'api_auth/request_drivers/http'
 
 require 'api_auth/headers'
 require 'api_auth/base'

data/lib/api_auth/headers.rb

@@ -34,6 +34,8 @@ module ApiAuth
           HttpiRequest.new(request)
         when /Faraday::Request/
           FaradayRequest.new(request)
+        when /HTTP::Request/
+          HttpRequest.new(request)
         end
 
       return new_request if new_request
@@ -50,9 +52,7 @@ module ApiAuth
     def canonical_string(override_method = nil)
       request_method = override_method || @request.http_method
 
-      if request_method.nil?
-        raise ArgumentError, 'unable to determine the http method from the request, please supply an override'
-      end
+      raise ArgumentError, 'unable to determine the http method from the request, please supply an override' if request_method.nil?
 
       [request_method.upcase,
        @request.content_type,

data/lib/api_auth/railtie.rb

@@ -13,9 +13,7 @@ module ApiAuth
         end
       end
 
-      if defined?(ActionController::Base)
-        ActionController::Base.send(:include, ControllerMethods::InstanceMethods)
-      end
+      ActionController::Base.send(:include, ControllerMethods::InstanceMethods) if defined?(ActionController::Base)
     end # ControllerMethods
 
     module ActiveResourceExtension # :nodoc:

data/lib/api_auth/request_drivers/http.rb

@@ -0,0 +1,91 @@
+module ApiAuth
+  module RequestDrivers # :nodoc:
+    class HttpRequest # :nodoc:
+      include ApiAuth::Helpers
+
+      def initialize(request)
+        @request = request
+      end
+
+      def set_auth_header(header)
+        @request['Authorization'] = header
+        @request
+      end
+
+      def calculated_md5
+        md5_base64digest(body)
+      end
+
+      def populate_content_md5
+        return unless %w[POST PUT].include?(http_method)
+        @request['Content-MD5'] = calculated_md5
+      end
+
+      def md5_mismatch?
+        if %w[POST PUT].include?(http_method)
+          calculated_md5 != content_md5
+        else
+          false
+        end
+      end
+
+      def http_method
+        @request.verb.to_s.upcase
+      end
+
+      def content_type
+        find_header(%w[CONTENT-TYPE CONTENT_TYPE HTTP_CONTENT_TYPE])
+      end
+
+      def content_md5
+        find_header(%w[CONTENT-MD5 CONTENT_MD5])
+      end
+
+      def original_uri
+        find_header(%w[X-ORIGINAL-URI X_ORIGINAL_URI HTTP_X_ORIGINAL_URI])
+      end
+
+      def request_uri
+        @request.uri.request_uri
+      end
+
+      def set_date
+        @request['Date'] = Time.now.utc.httpdate
+      end
+
+      def timestamp
+        find_header(%w[DATE HTTP_DATE])
+      end
+
+      def authorization_header
+        find_header %w[Authorization AUTHORIZATION HTTP_AUTHORIZATION]
+      end
+
+      def body
+        if body_source.respond_to?(:read)
+          result = body_source.read
+          body_source.rewind
+          result
+        else
+          body_source.to_s
+        end
+      end
+
+      private
+
+      def find_header(keys)
+        keys.map { |key| @request[key] }.compact.first
+      end
+
+      def body_source
+        body = @request.body
+
+        if defined?(::HTTP::Request::Body)
+          body.respond_to?(:source) ? body.source : body.instance_variable_get(:@body)
+        else
+          body
+        end
+      end
+    end
+  end
+end

data/lib/api_auth/request_drivers/net_http.rb

@@ -1,4 +1,3 @@
-require 'time'
 module ApiAuth
   module RequestDrivers # :nodoc:
     class NetHttpRequest # :nodoc:

data/lib/api_auth/request_drivers/rest_client.rb

@@ -29,13 +29,13 @@ module ApiAuth
       end
 
       def populate_content_md5
-        return unless %i[post put].include?(@request.method)
+        return unless %w[post put].include?(@request.method.to_s)
         @request.headers['Content-MD5'] = calculated_md5
         save_headers
       end
 
       def md5_mismatch?
-        if %i[post put].include?(@request.method)
+        if %w[post put].include?(@request.method.to_s)
           calculated_md5 != content_md5
         else
           false

data/spec/headers_spec.rb

@@ -7,14 +7,6 @@ describe ApiAuth::Headers do
       subject(:headers) { described_class.new(request) }
       let(:uri) { '' }
 
-      context 'empty uri' do
-        let(:uri) { ''.freeze }
-
-        it 'adds / to canonical string' do
-          expect(subject.canonical_string).to eq('GET,,,/,')
-        end
-      end
-
       context 'uri with just host without /' do
         let(:uri) { 'http://google.com'.freeze }
 

data/spec/request_drivers/http_spec.rb

@@ -0,0 +1,184 @@
+require 'spec_helper'
+
+describe ApiAuth::RequestDrivers::HttpRequest do
+  let(:timestamp) { Time.now.utc.httpdate }
+
+  let(:request) do
+    HTTP::Request.new(
+      verb: verb,
+      uri: uri,
+      headers: headers,
+      body: body
+    )
+  end
+
+  let(:verb) { :put }
+  let(:uri) { 'http://localhost/resource.xml?foo=bar&bar=foo' }
+  let(:body) { "hello\nworld" }
+
+  let(:headers) do
+    {
+      'Authorization' => 'APIAuth 1044:12345',
+      'content-md5' => '1B2M2Y8AsgTpgAmY7PhCfg==',
+      'content-type' => 'text/plain',
+      'date' => timestamp
+    }
+  end
+
+  subject(:driven_request) { described_class.new(request) }
+
+  describe 'getting headers correctly' do
+    it 'gets the content_type' do
+      expect(driven_request.content_type).to eq('text/plain')
+    end
+
+    it 'gets the content_md5' do
+      expect(driven_request.content_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
+    end
+
+    it 'gets the request_uri' do
+      expect(driven_request.request_uri).to eq('/resource.xml?foo=bar&bar=foo')
+    end
+
+    it 'gets the timestamp' do
+      expect(driven_request.timestamp).to eq(timestamp)
+    end
+
+    it 'gets the authorization_header' do
+      expect(driven_request.authorization_header).to eq('APIAuth 1044:12345')
+    end
+
+    describe '#calculated_md5' do
+      it 'calculates md5 from the body' do
+        expect(driven_request.calculated_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+        expect(driven_request.body.bytesize).to eq(11)
+      end
+
+      context 'no body' do
+        let(:body) { nil }
+
+        it 'treats no body as empty string' do
+          expect(driven_request.calculated_md5).to eq('1B2M2Y8AsgTpgAmY7PhCfg==')
+          expect(driven_request.body.bytesize).to eq(0)
+        end
+      end
+
+      context 'multipart content' do
+        let(:body) { File.new('spec/fixtures/upload.png') }
+
+        it 'calculates correctly for multipart content' do
+          expect(driven_request.calculated_md5).to eq('k4U8MTA3RHDcewBzymVNEQ==')
+          expect(driven_request.body.bytesize).to eq(5112)
+        end
+      end
+    end
+
+    describe 'http_method' do
+      context 'when put request' do
+        let(:verb) { :put }
+
+        it 'returns upcased put' do
+          expect(driven_request.http_method).to eq('PUT')
+        end
+      end
+
+      context 'when get request' do
+        let(:verb) { :get }
+
+        it 'returns upcased get' do
+          expect(driven_request.http_method).to eq('GET')
+        end
+      end
+    end
+  end
+
+  describe 'setting headers correctly' do
+    let(:headers) do
+      {
+        'content-type' => 'text/plain'
+      }
+    end
+
+    describe '#populate_content_md5' do
+      context 'when request type has no body' do
+        let(:verb) { :get }
+
+        it "doesn't populate content-md5" do
+          driven_request.populate_content_md5
+          expect(request['Content-MD5']).to be_nil
+        end
+      end
+
+      context 'when request type has a body' do
+        let(:verb) { :put }
+
+        it 'populates content-md5' do
+          driven_request.populate_content_md5
+          expect(request['Content-MD5']).to eq('kZXQvrKoieG+Be1rsZVINw==')
+        end
+
+        it 'refreshes the cached headers' do
+          driven_request.populate_content_md5
+          expect(driven_request.content_md5).to eq('kZXQvrKoieG+Be1rsZVINw==')
+        end
+      end
+    end
+
+    describe '#set_date' do
+      before do
+        allow(Time).to receive_message_chain(:now, :utc, :httpdate).and_return(timestamp)
+      end
+
+      it 'sets the date header of the request' do
+        driven_request.set_date
+        expect(request['DATE']).to eq(timestamp)
+      end
+
+      it 'refreshes the cached headers' do
+        driven_request.set_date
+        expect(driven_request.timestamp).to eq(timestamp)
+      end
+    end
+
+    describe '#set_auth_header' do
+      it 'sets the auth header' do
+        driven_request.set_auth_header('APIAuth 1044:54321')
+        expect(request['Authorization']).to eq('APIAuth 1044:54321')
+      end
+    end
+  end
+
+  describe 'md5_mismatch?' do
+    context 'when request type has no body' do
+      let(:verb) { :get }
+
+      it 'is false' do
+        expect(driven_request.md5_mismatch?).to be false
+      end
+    end
+
+    context 'when request type has a body' do
+      let(:verb) { :put }
+
+      context 'when calculated matches sent' do
+        before do
+          request['Content-MD5'] = 'kZXQvrKoieG+Be1rsZVINw=='
+        end
+
+        it 'is false' do
+          expect(driven_request.md5_mismatch?).to be false
+        end
+      end
+
+      context "when calculated doesn't match sent" do
+        before do
+          request['Content-MD5'] = '3'
+        end
+
+        it 'is true' do
+          expect(driven_request.md5_mismatch?).to be true
+        end
+      end
+    end
+  end
+end

data/spec/request_drivers/rest_client_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper'
 describe ApiAuth::RequestDrivers::RestClientRequest do
   let(:timestamp) { Time.now.utc.httpdate }
 
-  let(:request_path) { '/resource.xml?foo=bar&bar=foo' }
+  let(:request_path) { 'http://localhost/resource.xml?foo=bar&bar=foo' }
 
   let(:request_headers) do
     {
@@ -16,7 +16,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
 
   let(:request) do
     RestClient::Request.new(
-      url: '/resource.xml?foo=bar&bar=foo',
+      url: 'http://localhost/resource.xml?foo=bar&bar=foo',
       headers: request_headers,
       method: :put,
       payload: "hello\nworld"
@@ -35,7 +35,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     end
 
     it 'gets the request_uri' do
-      expect(driven_request.request_uri).to eq('/resource.xml?foo=bar&bar=foo')
+      expect(driven_request.request_uri).to eq('http://localhost/resource.xml?foo=bar&bar=foo')
     end
 
     it 'gets the timestamp' do
@@ -53,7 +53,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
 
       it 'treats no body as empty string' do
         request = RestClient::Request.new(
-          url: '/resource.xml?foo=bar&bar=foo',
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :put
         )
@@ -66,7 +66,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when put request' do
         let(:request) do
           RestClient::Request.new(
-            url: '/resource.xml?foo=bar&bar=foo',
+            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :put
           )
@@ -80,7 +80,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when get request' do
         let(:request) do
           RestClient::Request.new(
-            url: '/resource.xml?foo=bar&bar=foo',
+            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :get
           )
@@ -104,7 +104,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when getting' do
         let(:request) do
           RestClient::Request.new(
-            url: '/resource.xml?foo=bar&bar=foo',
+            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :get
           )
@@ -119,7 +119,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when posting' do
         let(:request) do
           RestClient::Request.new(
-            url: '/resource.xml?foo=bar&bar=foo',
+            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :post,
             payload: "hello\nworld"
@@ -140,7 +140,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when putting' do
         let(:request) do
           RestClient::Request.new(
-            url: '/resource.xml?foo=bar&bar=foo',
+            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :put,
             payload: "hello\nworld"
@@ -161,7 +161,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
       context 'when deleting' do
         let(:request) do
           RestClient::Request.new(
-            url: '/resource.xml?foo=bar&bar=foo',
+            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :delete
           )
@@ -203,7 +203,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     context 'when getting' do
       let(:request) do
         RestClient::Request.new(
-          url: '/resource.xml?foo=bar&bar=foo',
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :get
         )
@@ -217,7 +217,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     context 'when posting' do
       let(:request) do
         RestClient::Request.new(
-          url: '/resource.xml?foo=bar&bar=foo',
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :post,
           payload: "hello\nworld"
@@ -258,7 +258,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     context 'when putting' do
       let(:request) do
         RestClient::Request.new(
-          url: '/resource.xml?foo=bar&bar=foo',
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :put,
           payload: "hello\nworld"
@@ -299,7 +299,7 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     context 'when deleting' do
       let(:request) do
         RestClient::Request.new(
-          url: '/resource.xml?foo=bar&bar=foo',
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :delete
         )
@@ -311,12 +311,84 @@ describe ApiAuth::RequestDrivers::RestClientRequest do
     end
   end
 
+  describe 'authentics?' do
+    context 'when getting' do
+      let(:request) do
+        RestClient::Request.new(
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          method: :get
+        )
+      end
+
+      let(:signed_request) do
+        ApiAuth.sign!(request, '1044', '123')
+      end
+
+      it 'validates that the signature in the request header matches the way we sign it' do
+        expect(ApiAuth.authentic?(signed_request, '123')).to eq true
+      end
+    end
+
+    context 'when posting' do
+      let(:request) do
+        RestClient::Request.new(
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          method: :post,
+          payload: "hello\nworld"
+        )
+      end
+
+      let(:signed_request) do
+        ApiAuth.sign!(request, '1044', '123')
+      end
+
+      it 'validates that the signature in the request header matches the way we sign it' do
+        expect(ApiAuth.authentic?(signed_request, '123')).to eq true
+      end
+    end
+
+    context 'when putting' do
+      let(:request) do
+        RestClient::Request.new(
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          method: :put,
+          payload: "hello\nworld"
+        )
+      end
+
+      let(:signed_request) do
+        ApiAuth.sign!(request, '1044', '123')
+      end
+
+      it 'validates that the signature in the request header matches the way we sign it' do
+        expect(ApiAuth.authentic?(signed_request, '123')).to eq true
+      end
+    end
+
+    context 'when deleting' do
+      let(:request) do
+        RestClient::Request.new(
+          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          method: :delete
+        )
+      end
+
+      let(:signed_request) do
+        ApiAuth.sign!(request, '1044', '123')
+      end
+
+      it 'validates that the signature in the request header matches the way we sign it' do
+        expect(ApiAuth.authentic?(signed_request, '123')).to eq true
+      end
+    end
+  end
+
   describe 'edge cases' do
     it "doesn't mess up symbol based headers" do
       headers = { 'Content-MD5' => 'e59ff97941044f85df5297e1c302d260',
                   :content_type => 'text/plain',
                   'Date' => 'Mon, 23 Jan 1984 03:29:56 GMT' }
-      request = RestClient::Request.new(url: '/resource.xml?foo=bar&bar=foo',
+      request = RestClient::Request.new(url: 'http://localhost/resource.xml?foo=bar&bar=foo',
                                         headers: headers,
                                         method: :put)
       ApiAuth.sign!(request, 'some access id', 'some secret key')

data/spec/spec_helper.rb

@@ -13,6 +13,7 @@ require 'api_auth'
 require 'amatch'
 require 'rest_client'
 require 'curb'
+require 'http'
 require 'httpi'
 require 'faraday'
 require 'net/http/post/multipart'
@@ -20,6 +21,3 @@ require 'net/http/post/multipart'
 # Requires supporting files with custom matchers and macros, etc,
 # in ./support/ and its subdirectories.
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
-
-RSpec.configure do |config|
-end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: api-auth
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.2.1
 platform: ruby
 authors:
 - Mauricio Gomes
@@ -11,33 +11,59 @@ cert_chain: []
 date: 2018-03-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: appraisal
+  name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6.0'
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '4.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6.0'
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '4.0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: activeresource
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '4.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: amatch
   requirement: !ruby/object:Gem::Requirement
@@ -53,103 +79,91 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: appraisal
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: actionpack
+  name: curb
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.0'
-    - - ">"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.0'
-    - - ">"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0.8'
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: faraday
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.0'
-    - - ">"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.0'
-    - - ">"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0.10'
 - !ruby/object:Gem::Dependency
-  name: activeresource
+  name: http
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rest-client
+  name: httpi
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: curb
+  name: multipart-post
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.1
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.1
+        version: '2.0'
 - !ruby/object:Gem::Dependency
-  name: httpi
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -163,21 +177,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: faraday
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: multipart-post
+  name: rest-client
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -191,19 +205,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.0'
 - !ruby/object:Gem::Dependency
-  name: httparty
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.13.0
+        version: '3.4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.13.0
+        version: '3.4'
 description: Full HMAC auth implementation for use in your gems and Rails apps.
 email: mauricio@edge14.com
 executables: []
@@ -214,6 +228,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
+- ".rubocop_todo.yml"
 - ".travis.yml"
 - Appraisals
 - CHANGELOG.md
@@ -223,6 +238,9 @@ files:
 - Rakefile
 - VERSION
 - api_auth.gemspec
+- gemfiles/http2.gemfile
+- gemfiles/http3.gemfile
+- gemfiles/http4.gemfile
 - gemfiles/rails_4.gemfile
 - gemfiles/rails_41.gemfile
 - gemfiles/rails_42.gemfile
@@ -239,6 +257,7 @@ files:
 - lib/api_auth/request_drivers/action_dispatch.rb
 - lib/api_auth/request_drivers/curb.rb
 - lib/api_auth/request_drivers/faraday.rb
+- lib/api_auth/request_drivers/http.rb
 - lib/api_auth/request_drivers/httpi.rb
 - lib/api_auth/request_drivers/net_http.rb
 - lib/api_auth/request_drivers/rack.rb
@@ -253,6 +272,7 @@ files:
 - spec/request_drivers/action_dispatch_spec.rb
 - spec/request_drivers/curb_spec.rb
 - spec/request_drivers/faraday_spec.rb
+- spec/request_drivers/http_spec.rb
 - spec/request_drivers/httpi_spec.rb
 - spec/request_drivers/net_http_spec.rb
 - spec/request_drivers/rack_spec.rb
@@ -269,7 +289,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -291,6 +311,7 @@ test_files:
 - spec/request_drivers/action_dispatch_spec.rb
 - spec/request_drivers/curb_spec.rb
 - spec/request_drivers/faraday_spec.rb
+- spec/request_drivers/http_spec.rb
 - spec/request_drivers/httpi_spec.rb
 - spec/request_drivers/net_http_spec.rb
 - spec/request_drivers/rack_spec.rb