appoxy_rails 0.0.8 → 0.0.9

data/lib/api/api_controller.rb

@@ -26,35 +26,42 @@ module Appoxy
                 end
 
                 #operation = "#{controller_name}/#{action_name}"
-                operation = request.env["PATH_INFO"].gsub(/\/api\//, "")# here we're getting original request url'
-                puts "XXX " + operation
+                #operation = request.env["PATH_INFO"].gsub(/\/api\//, "")# here we're getting original request url'
 
-                #getting clean params (without parsed via routes)
-                params_for_signature = params2||request.query_parameters
-                #removing mandatory params
-                params_for_signature = params_for_signature.delete_if {|key, value| ["access_key", "sigv", "sig", "timestamp"].include? key}
+#                #getting clean params (without parsed via routes)
+#                params_for_signature = params2||request.query_parameters
+#                #removing mandatory params
+#                params_for_signature = params_for_signature.delete_if {|key, value| ["access_key", "sigv", "sig", "timestamp"].include? key}
 
 
-                #p "params " +operation+Appoxy::Api::Signatures.hash_to_s(params_for_signature)
+                #puts "params " +operation+Appoxy::Api::Signatures.hash_to_s(params_for_signature)
                 access_key = params["access_key"]
                 sigv = params["sigv"]
                 timestamp = params["timestamp"]
                 sig = params["sig"]
-
+                signature = ""
+                case sigv
+                    when "0.1"
+                        puts "outdated version of client"
+                        signature = "#{controller_name}/#{action_name}"
+                    when "0.2"
+                        puts "new version of client"
+                        operation = request.env["PATH_INFO"].gsub(/\/api\//, "")# here we're getting original request url'
+                        params_for_signature = params2||request.query_parameters
+                        params_for_signature = params_for_signature.delete_if {|key, value| ["access_key", "sigv", "sig", "timestamp"].include? key}
+                        signature = operation+Appoxy::Api::Signatures.hash_to_s(params_for_signature)
+                end
+#                puts "signature " + signature
                 raise Appoxy::Api::ApiError, "No access_key" if access_key.nil?
                 raise Appoxy::Api::ApiError, "No sigv" if sigv.nil?
                 raise Appoxy::Api::ApiError, "No timestamp" if timestamp.nil?
                 raise Appoxy::Api::ApiError, "No sig" if sig.nil?
                 timestamp2 = Appoxy::Api::Signatures.generate_timestamp(Time.now.gmtime)
                 raise Appoxy::Api::ApiError, "Request timed out!" unless (Time.parse(timestamp2)-Time.parse(timestamp))<60 # deny all requests older than 60 seconds
-                # Get application defined secret_key
-                secret_key = secret_key_for_signature(access_key)
-                sig2 = Appoxy::Api::Signatures.generate_signature(operation+Appoxy::Api::Signatures.hash_to_s(params_for_signature), timestamp, secret_key)
-                #p "signature 1 " + sig2 + " signature 2 " + sig
+                sig2 = Appoxy::Api::Signatures.generate_signature(signature, timestamp, secret_key_for_signature(access_key))
                 raise Appoxy::Api::ApiError, "Invalid signature!" unless sig == sig2
 
-                puts 'Verified OK'
-                true
+                puts 'Signature OK'
 
             end
 
@@ -68,8 +75,8 @@ module Appoxy
                 response_as_string = '' # in case we want to add debugging or something
 #                respond_to do |format|
                 #                format.json { render :json=>msg }
-                response_as_string = render_to_string :json => msg
-                render :json => response_as_string
+#                response_as_string = render_to_string :json => msg
+                render :json => msg
 #                end
                 true
             end

data/lib/api/client.rb

@@ -70,7 +70,7 @@ module Appoxy
                 ts = Appoxy::Api::Signatures.generate_timestamp(Time.now.gmtime)
                 #p "hash_to s" + command_path + Appoxy::Api::Signatures.hash_to_s(hash)
                 sig = Appoxy::Api::Signatures.generate_signature(command_path + Appoxy::Api::Signatures.hash_to_s(hash), ts, secret_key)
-                extra_params = {'sigv'=>"0.1", 'sig' => sig, 'timestamp' => ts, 'access_key' => access_key}
+                extra_params = {'sigv'=>"0.2", 'sig' => sig, 'timestamp' => ts, 'access_key' => access_key}
                 hash.merge!(extra_params)
 
             end

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 0
-  - 8
-  version: 0.0.8
+  - 9
+  version: 0.0.9
 platform: ruby
 authors: 
 - Travis Reeder
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-12-27 00:00:00 -08:00
+date: 2010-12-28 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency