authograph 1.0.0 → 1.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 2fa21ab9df699ee62947bfb58d37e05d55ae3eef
-  data.tar.gz: 64eacefff4e51281f71126ff9d89faa2ce0ad4c8
+SHA256:
+  metadata.gz: 1e2d276ebb575ae0fcc406969081707cb0881d1e03cbf85faed974ea138a1156
+  data.tar.gz: 5edd29503ee10afdc2f3c45dd29146eea0cdc6f01f9a16a171d1911586b23978
 SHA512:
-  metadata.gz: 498b424873a5b7d2aaefc8f0d4c2990bde82e0219cbccb6cffc039b8549b9370bc696c805e7b6825669b605d25a69fe6ed4319064d0c593b33fbd47ee63730ba
-  data.tar.gz: 7c08538b13cbe9ab33ef66f9df03721b195825950126868252e49be754d6dd214182c7d7253fae3fb7cdccfd7787d925969522c662ea029cf2ff4d2b3a8bb3c5
+  metadata.gz: 06fc0da12f0a5307a310727c11996955dae55a8dc9c17b3686f57f780c4cec8104a6ad66a35b24dce3b4e3be236fbacee5fe39daaa538b7df2f986b2d123442a
+  data.tar.gz: 14bd1ade83ce55820c7ced42d4f5ad9724e11421f78bb0972eac7f793cc5828b0319afdd048042bb39a8eb08e07106c99a35606529875e38639a98635f9969fd

data/README.md

@@ -44,7 +44,6 @@ Yo can later validate the request by using `authentic?`
 signer.authentic?(my_request, my_secret) # this will check the signature and the date by default
 ```
 
-
 ### Signer options
 
 **IMPORTANT** Remember to always configure both the signer-signer and the validator-signer using the same paremeters.
@@ -58,6 +57,23 @@ The following parameters are available when calling `Authograph.signer`:
 * `date_header`: header key to store date in (`'X-Date'` by default).
 * `date_max_skew`: maximum difference (in secs) between request time and validaton (`'600'` by default).
 
+### Testing (only rspec)
+
+Sometimes is useful to stub the signing process on tests.
+
+Make sure to include the rspec extensions on your `spec_helper.rb`:
+
+```ruby
+require 'authograph/rspec'
+```
+
+Now you can call the `stub_authograph` inside your tests:
+
+```ruby
+before { stub_authograph(:any, 'mysignature') } }
+before { stub_authograph({ secret: 'my_secret' }, 'mysignature') } # only stub signatures for a given secret (TODO)
+before { stub_authograph({ path: '/my/path' }, 'mysignature') } # only stub signatures for a given path (TODO)
+```
 
 ### Generated signature structure
 

data/authograph.gemspec

@@ -21,9 +21,12 @@ HTTP request signing and validation library with support for header signing and
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 1.12"
+  spec.add_development_dependency "bundler", "~> 2.1"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency "guard", "~> 2.14"
   spec.add_development_dependency "guard-rspec", "~> 4.7"
+  spec.add_development_dependency "webmock", "~> 3.3"
+  spec.add_development_dependency "faraday", "~> 1.7"
+  spec.add_development_dependency "pry"
 end

data/lib/authograph/adapters/faraday.rb

@@ -13,15 +13,17 @@ module Authograph::Adapters
     end
 
     def method
-      @request.method.to_s.upcase
+      @request.http_method.to_s.upcase
     end
 
     def path
-      URI(@request.path).request_uri
+      uri = URI(@request.path)
+      uri.query = ::Faraday::Utils.build_query(@request.params) unless @request.params.empty?
+      uri.request_uri
     end
 
     def content_type
-      @request.headers['Content-Type'] || ''
+      @request.headers['Content-Type'] || 'application/x-www-form-urlencoded'
     end
 
     def body

data/lib/authograph/adapters/http.rb

@@ -25,10 +25,15 @@ module Authograph::Adapters
     end
 
     def body
-      return '' unless @request.body_stream
-      data = @request.body_stream.read
-      @request.body_stream.rewind
-      data
+      if !@request.body_stream.nil?
+        data = @request.body_stream.read
+        @request.body_stream.rewind
+        data
+      elsif !@request.body.nil?
+        @request.body
+      else
+        ''
+      end
     end
   end
 end

data/lib/authograph/adapters/webmock.rb

@@ -0,0 +1,31 @@
+module Authograph::Adapters
+  class Webmock < Base
+    def initialize(_request)
+      @request = _request
+    end
+
+    def get_header(_header)
+      @request.headers[_header]
+    end
+
+    def set_header(_header, _value)
+      raise 'not implemented'
+    end
+
+    def method
+      @request.method.to_s.upcase
+    end
+
+    def path
+      @request.uri.request_uri
+    end
+
+    def content_type
+      get_header('Content-Type') || ''
+    end
+
+    def body
+      @request.body
+    end
+  end
+end

data/lib/authograph/rspec.rb

@@ -0,0 +1,27 @@
+module Authograph
+  module RSpecHelpers
+    def stub_authograph(_matcher, _signature = nil)
+      if _signature.nil?
+        _signature = _matcher
+        _matcher = :any
+      end
+
+      allow_any_instance_of(Authograph::Signer)
+        .to receive(:calc_signature)
+        .and_wrap_original do |original, request, secret|
+          case _matcher
+          when :any
+            next _signature
+          when Hash
+            # TODO
+          end
+
+          original.call(request, secret) # fallback to original
+        end
+    end
+  end
+end
+
+RSpec.configure do |config|
+  config.include Authograph::RSpecHelpers
+end

data/lib/authograph/signer.rb

@@ -87,22 +87,21 @@ module Authograph
     def build_payload(_request)
       parts = [
         _request.method,
-        _request.path,
-        _request.content_type || '',
-        body_md5(_request)
+        _request.path
       ]
 
+      if %w[POST PUT].include?(_request.method)
+        parts << _request.content_type || ''
+        parts << body_md5(_request)
+      end
+
       # extra headers to be considered
       @sign_headers.each { |h| parts << (_request.get_header(h) || '') }
       parts.join "\n"
     end
 
     def body_md5(_request)
-      if %w[POST PUT].include?(_request.method)
-        Digest::MD5.base64digest _request.body
-      else
-        ''
-      end
+      Digest::MD5.base64digest _request.body
     end
   end
 end

data/lib/authograph/version.rb

@@ -1,3 +1,3 @@
 module Authograph
-  VERSION = "1.0.0"
+  VERSION = "1.0.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authograph
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.4
 platform: ruby
 authors:
 - Ignacio Baixas
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-07-17 00:00:00.000000000 Z
+date: 2021-10-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -80,6 +80,48 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '4.7'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.3'
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: |2
 
   HTTP request signing and validation library with support for header signing and multiple backends.
@@ -106,6 +148,8 @@ files:
 - lib/authograph/adapters/faraday.rb
 - lib/authograph/adapters/http.rb
 - lib/authograph/adapters/rack.rb
+- lib/authograph/adapters/webmock.rb
+- lib/authograph/rspec.rb
 - lib/authograph/signer.rb
 - lib/authograph/version.rb
 homepage: https://github.com/SurBTC/authograph
@@ -127,8 +171,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.4
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Flexible HTTP request HMAC signing and validation