api-auth 2.5.0 → 2.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cdc2295825296be5b720b2df6ca984f247a71f549af9f4a8397a68e37e08707e
-  data.tar.gz: 9171431679afa0ab3bc8ab74a06a0bd14424034b0fb3af4202bfb45458f6b7a0
+  metadata.gz: 232d1199b2fd74328e77ba9dd3362789798585b3d88df7c6d4688cf843475190
+  data.tar.gz: 879689b7f0b691212e0c14a80e087a041769241221b7a88f094c1003b29cfa9c
 SHA512:
-  metadata.gz: e07b3ad4db78a4f12339dc542827b0c43ee4aa3c7c1068f1ee639ca88c67ead6953e4158b6f9950127ab200fff06f7ee66312cc54dd6b3a59810ee1ceeb987b4
-  data.tar.gz: '051628373d800d5248fa1d9bdd6f3b57ba27ad898199dc84a241be2b551f22468e79facf208ba47141ef2d6591d462bf2f279233d7f8df4d7cef05b179e87da7'
+  metadata.gz: 2cb0fbdf6f5984f7334bdfa8a16309837c35b146eab39cd723203cd6861c9ce1e51d66fa2f73a3bb6a9490eaec2af0e3c73b34a03726d26360fc664aa7095f32
+  data.tar.gz: 9a1e90785610686db8c1a84943d138f9528dd5ce28965774cfe3112ea74850d898694a7a2bd458ef513f0fd48db56015b8662c53ec78ec38d714080b6f59ed68

data/.github/workflows/main.yml

@@ -0,0 +1,67 @@
+name: main
+on:
+  - push
+  - pull_request
+jobs:
+  rspec:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+      matrix:
+        ruby-version:
+          - 2.5
+          - 2.6
+          - 2.7
+          - 3.0
+        gemfile:
+          - rails_52.gemfile
+          - rails_60.gemfile
+          - rails_61.gemfile
+        exclude:
+          - ruby-version: [ 2.6, 2.7, 3.0 ]
+            gemfile: rails_52.gemfile
+          - ruby-version: 3.0
+            gemfile: rails_60.gemfile
+    steps:
+      - name: Install packages required for `curb` gem
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libcurl4 libcurl3-gnutls libcurl4-openssl-dev
+
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Install Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+          bundler-cache: true
+
+      - name: Install required gems
+        run: BUNDLE_GEMFILE=gemfiles/${{ matrix.gemfile }} bundle install
+
+      - name: Run rspec tests
+        run: BUNDLE_GEMFILE=gemfiles/${{ matrix.gemfile }} bundle exec rspec
+
+  rubocop:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install packages required for `curb` gem
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libcurl4 libcurl3-gnutls libcurl4-openssl-dev
+
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Install Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.0
+          bundler-cache: true
+
+      - name: Install required gems
+        run: bundle install
+
+      - name: Run rubocop
+        run: bundle exec rubocop

data/.gitignore

@@ -8,4 +8,6 @@
 /doc
 /.yardoc
 gemfiles/*.lock
+gemfiles/.bundle/
 /.idea
+*.gem

data/.rubocop.yml

@@ -1,6 +1,7 @@
 inherit_from: .rubocop_todo.yml
 
 AllCops:
+  NewCops: enable
   TargetRubyVersion: 2.5
 
 Metrics/AbcSize:
@@ -17,6 +18,7 @@ Metrics/MethodLength:
 Metrics/BlockLength:
   Exclude:
     - 'spec/**/*.rb'
+    - 'api_auth.gemspec'
 
 Naming/FileName:
   Exclude:
@@ -24,3 +26,10 @@ Naming/FileName:
 
 Style/FrozenStringLiteralComment:
   Enabled: false
+
+Style/StringLiterals:
+  Exclude:
+    - 'gemfiles/*.gemfile'
+
+Lint/DuplicateBranch:
+  Enabled: false

data/Appraisals

@@ -1,23 +1,17 @@
-appraise 'rails-5' do
-  gem 'actionpack', '~> 5.0.2'
-  gem 'activeresource', '~> 5.0.2'
-  gem 'activesupport', '~> 5.0.2'
+appraise 'rails-52' do
+  gem 'actionpack', '~> 5.2'
+  gem 'activeresource', '~> 5.1'
+  gem 'activesupport', '~> 5.2'
 end
 
-appraise 'rails-42' do
-  gem 'actionpack', '~> 4.2.0'
-  gem 'activeresource', '~> 4.0.0'
-  gem 'activesupport', '~> 4.2.0'
+appraise 'rails-60' do
+  gem 'actionpack', '~> 6.0'
+  gem 'activeresource', '~> 5.1'
+  gem 'activesupport', '~> 6.0'
 end
 
-appraise 'rails-41' do
-  gem 'actionpack', '~> 4.1.0'
-  gem 'activeresource', '~> 4.0.0'
-  gem 'activesupport', '~> 4.1.0'
-end
-
-appraise 'rails-4' do
-  gem 'actionpack', '~> 4.0.4'
-  gem 'activeresource', '~> 4.0.0'
-  gem 'activesupport', '~> 4.0.4'
+appraise 'rails-61' do
+  gem 'actionpack', '~> 6.1'
+  gem 'activeresource', '~> 5.1'
+  gem 'activesupport', '~> 6.1'
 end

data/Gemfile

@@ -1,4 +1,2 @@
 source 'https://rubygems.org'
 gemspec
-
-gem 'rubocop'

data/README.md

@@ -1,6 +1,6 @@
 # ApiAuth
 
-[![Build Status](https://travis-ci.org/mgomes/api_auth.svg?branch=master)](https://travis-ci.org/mgomes/api_auth)
+[![Build Status](https://github.com/mgomes/api_auth/actions/workflows/main.yml/badge.svg?branch=master)](https://github.com/mgomes/api_auth/actions)
 [![Gem Version](https://badge.fury.io/rb/api-auth.svg)](https://badge.fury.io/rb/api-auth)
 
 Logins and passwords are for humans. Communication between applications need to

data/VERSION

@@ -1 +1 @@
-2.5.0
+2.5.1

data/api_auth.gemspec

@@ -8,6 +8,11 @@ Gem::Specification.new do |s|
   s.version = File.read(File.join(File.dirname(__FILE__), 'VERSION'))
   s.authors = ['Mauricio Gomes']
   s.email = 'mauricio@edge14.com'
+  s.license = 'MIT'
+
+  s.metadata = {
+    'rubygems_mfa_required' => 'true'
+  }
 
   s.required_ruby_version = '>= 2.5.0'
 
@@ -27,6 +32,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'grape', '~> 1.1.0'
   s.add_development_dependency 'rspec', '~> 3.4'
   s.add_development_dependency 'rexml'
+  s.add_development_dependency 'rubocop'
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")

data/gemfiles/rails_52.gemfile

@@ -1,9 +1,9 @@
 # This file was generated by Appraisal
 
-source 'https://rubygems.org'
+source "https://rubygems.org"
 
-gem 'actionpack', '~> 5.2.1'
-gem 'activeresource', '~> 5.1.0'
-gem 'activesupport', '~> 5.2.1'
+gem "actionpack", "~> 5.2"
+gem "activeresource", "~> 5.1"
+gem "activesupport", "~> 5.2"
 
-gemspec path: '../'
+gemspec path: "../"

data/gemfiles/rails_60.gemfile

@@ -1,9 +1,9 @@
 # This file was generated by Appraisal
 
-source 'https://rubygems.org'
+source "https://rubygems.org"
 
-gem 'actionpack', '~> 6.0.0'
-gem 'activeresource', '~> 5.1.0'
-gem 'activesupport', '~> 6.0.0'
+gem "actionpack", "~> 6.0"
+gem "activeresource", "~> 5.1"
+gem "activesupport", "~> 6.0"
 
-gemspec path: '../'
+gemspec path: "../"

data/gemfiles/rails_61.gemfile

@@ -1,11 +1,9 @@
 # This file was generated by Appraisal
 
-source 'https://rubygems.org'
+source "https://rubygems.org"
 
-gem 'actionpack', '~> 6.1.0'
-gem 'activeresource', '~> 5.1.0'
-gem 'activesupport', '~> 6.1.0'
+gem "actionpack", "~> 6.1"
+gem "activeresource", "~> 5.1"
+gem "activesupport", "~> 6.1"
 
-gem 'rubocop'
-
-gemspec path: '../'
+gemspec path: "../"

data/lib/api_auth/request_drivers/action_controller.rb

@@ -48,7 +48,7 @@ module ApiAuth
       end
 
       def content_hash
-        find_header(%w[X-AUTHORIZATION-CONTENT-SHA256])
+        find_header(%w[X-AUTHORIZATION-CONTENT-SHA256 X_AUTHORIZATION_CONTENT_SHA256 HTTP_X_AUTHORIZATION_CONTENT_SHA256])
       end
 
       def original_uri

data/spec/request_drivers/action_controller_spec.rb

@@ -4,6 +4,7 @@ if defined?(ActionController::Request)
 
   describe ApiAuth::RequestDrivers::ActionControllerRequest do
     let(:timestamp) { Time.now.utc.httpdate }
+    let(:content_sha256) { '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' }
 
     let(:request) do
       ActionController::Request.new(
@@ -11,7 +12,35 @@ if defined?(ActionController::Request)
         'PATH_INFO' => '/resource.xml',
         'QUERY_STRING' => 'foo=bar&bar=foo',
         'REQUEST_METHOD' => 'PUT',
-        'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
+        'HTTP_X_AUTHORIZATION_CONTENT_SHA256' => content_sha256,
+        'CONTENT_TYPE' => 'text/plain',
+        'CONTENT_LENGTH' => '11',
+        'HTTP_DATE' => timestamp,
+        'rack.input' => StringIO.new("hello\nworld")
+      )
+    end
+
+    let(:request2) do
+      ActionController::Request.new(
+        'AUTHORIZATION' => 'APIAuth 1044:12345',
+        'PATH_INFO' => '/resource.xml',
+        'QUERY_STRING' => 'foo=bar&bar=foo',
+        'REQUEST_METHOD' => 'PUT',
+        'X_AUTHORIZATION_CONTENT_SHA256' => content_sha256,
+        'CONTENT_TYPE' => 'text/plain',
+        'CONTENT_LENGTH' => '11',
+        'HTTP_DATE' => timestamp,
+        'rack.input' => StringIO.new("hello\nworld")
+      )
+    end
+
+    let(:request3) do
+      ActionController::Request.new(
+        'AUTHORIZATION' => 'APIAuth 1044:12345',
+        'PATH_INFO' => '/resource.xml',
+        'QUERY_STRING' => 'foo=bar&bar=foo',
+        'REQUEST_METHOD' => 'PUT',
+        'X-AUTHORIZATION-CONTENT-SHA256' => content_sha256,
         'CONTENT_TYPE' => 'text/plain',
         'CONTENT_LENGTH' => '11',
         'HTTP_DATE' => timestamp,
@@ -27,7 +56,17 @@ if defined?(ActionController::Request)
       end
 
       it 'gets the content_hash' do
-        expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
+        expect(driven_request.content_hash).to eq(content_sha256)
+      end
+
+      it 'gets the content_hash for request 2' do
+        example_request = ApiAuth::RequestDrivers::ActionControllerRequest.new(request2)
+        expect(example_request.content_hash).to eq(content_sha256)
+      end
+
+      it 'gets the content_hash for request 3' do
+        example_request = ApiAuth::RequestDrivers::ActionControllerRequest.new(request3)
+        expect(example_request.content_hash).to eq(content_sha256)
       end
 
       it 'gets the request_uri' do
@@ -50,7 +89,7 @@ if defined?(ActionController::Request)
         it 'treats no body as empty string' do
           request.env['rack.input'] = StringIO.new
           request.env['CONTENT_LENGTH'] = 0
-          expect(driven_request.calculated_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
+          expect(driven_request.calculated_hash).to eq(content_sha256)
         end
       end
 

data/spec/request_drivers/action_dispatch_spec.rb

@@ -4,6 +4,7 @@ if defined?(ActionDispatch::Request)
 
   describe ApiAuth::RequestDrivers::ActionDispatchRequest do
     let(:timestamp) { Time.now.utc.httpdate }
+    let(:content_sha256) { '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' }
 
     let(:request) do
       ActionDispatch::Request.new(
@@ -11,7 +12,35 @@ if defined?(ActionDispatch::Request)
         'PATH_INFO' => '/resource.xml',
         'QUERY_STRING' => 'foo=bar&bar=foo',
         'REQUEST_METHOD' => 'PUT',
-        'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
+        'HTTP_X_AUTHORIZATION_CONTENT_SHA256' => content_sha256,
+        'CONTENT_TYPE' => 'text/plain',
+        'CONTENT_LENGTH' => '11',
+        'HTTP_DATE' => timestamp,
+        'rack.input' => StringIO.new("hello\nworld")
+      )
+    end
+
+    let(:request2) do
+      ActionDispatch::Request.new(
+        'AUTHORIZATION' => 'APIAuth 1044:12345',
+        'PATH_INFO' => '/resource.xml',
+        'QUERY_STRING' => 'foo=bar&bar=foo',
+        'REQUEST_METHOD' => 'PUT',
+        'X_AUTHORIZATION_CONTENT_SHA256' => content_sha256,
+        'CONTENT_TYPE' => 'text/plain',
+        'CONTENT_LENGTH' => '11',
+        'HTTP_DATE' => timestamp,
+        'rack.input' => StringIO.new("hello\nworld")
+      )
+    end
+
+    let(:request3) do
+      ActionDispatch::Request.new(
+        'AUTHORIZATION' => 'APIAuth 1044:12345',
+        'PATH_INFO' => '/resource.xml',
+        'QUERY_STRING' => 'foo=bar&bar=foo',
+        'REQUEST_METHOD' => 'PUT',
+        'X-AUTHORIZATION-CONTENT-SHA256' => content_sha256,
         'CONTENT_TYPE' => 'text/plain',
         'CONTENT_LENGTH' => '11',
         'HTTP_DATE' => timestamp,
@@ -27,7 +56,17 @@ if defined?(ActionDispatch::Request)
       end
 
       it 'gets the content_hash' do
-        expect(driven_request.content_hash).to eq('47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=')
+        expect(driven_request.content_hash).to eq(content_sha256)
+      end
+
+      it 'gets the content_hash for request 2' do
+        example_request = ApiAuth::RequestDrivers::ActionDispatchRequest.new(request2)
+        expect(example_request.content_hash).to eq(content_sha256)
+      end
+
+      it 'gets the content_hash for request 3' do
+        example_request = ApiAuth::RequestDrivers::ActionDispatchRequest.new(request3)
+        expect(example_request.content_hash).to eq(content_sha256)
       end
 
       it 'gets the request_uri' do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: api-auth
 version: !ruby/object:Gem::Version
-  version: 2.5.0
+  version: 2.5.1
 platform: ruby
 authors:
 - Mauricio Gomes
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-11 00:00:00.000000000 Z
+date: 2021-11-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -246,6 +246,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Full HMAC auth implementation for use in your gems and Rails apps.
 email: mauricio@edge14.com
 executables: []
@@ -253,11 +267,11 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".document"
+- ".github/workflows/main.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
 - ".rubocop_todo.yml"
-- ".travis.yml"
 - Appraisals
 - CHANGELOG.md
 - Gemfile
@@ -266,7 +280,6 @@ files:
 - Rakefile
 - VERSION
 - api_auth.gemspec
-- gemfiles/http4.gemfile
 - gemfiles/rails_52.gemfile
 - gemfiles/rails_60.gemfile
 - gemfiles/rails_61.gemfile
@@ -304,8 +317,10 @@ files:
 - spec/request_drivers/rest_client_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/mgomes/api_auth
-licenses: []
-metadata: {}
+licenses:
+- MIT
+metadata:
+  rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -321,7 +336,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Simple HMAC authentication for your APIs

data/.travis.yml

@@ -1,30 +0,0 @@
-language: ruby
-sudo: false
-cache: bundler
-rvm:
-  - 2.5.3
-  - 2.6.1
-  - 2.7.1
-  - 3.0.0
-gemfile:
-  - gemfiles/rails_52.gemfile
-  - gemfiles/rails_60.gemfile
-  - gemfiles/rails_61.gemfile
-  - gemfiles/http4.gemfile
-env:
-  - TEST_SUITE=rake
-
-before_install:
-  - gem update bundler
-
-script:
-  - bundle exec $TEST_SUITE
-
-matrix:
-  include:
-    - rvm: 3.0.0
-      gemfile: gemfiles/rails_61.gemfile
-      env: TEST_SUITE="rubocop lib/ spec/"
-
-notifications:
-  email: false

data/gemfiles/http4.gemfile

@@ -1,7 +0,0 @@
-# This file was generated by Appraisal
-
-source 'https://rubygems.org'
-
-gem 'http', '~> 4.0'
-
-gemspec path: '../'