RubyGems - authograph - Versions diffs - 1.0.0 → 1.0.4 - Mend

authograph 1.0.0 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +5 -5
data/README.md +17 -1
data/authograph.gemspec +4 -1
data/lib/authograph/adapters/faraday.rb +5 -3
data/lib/authograph/adapters/http.rb +9 -4
data/lib/authograph/adapters/webmock.rb +31 -0
data/lib/authograph/rspec.rb +27 -0
data/lib/authograph/signer.rb +7 -8
data/lib/authograph/version.rb +1 -1
metadata +49 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 2fa21ab9df699ee62947bfb58d37e05d55ae3eef
-  data.tar.gz: 64eacefff4e51281f71126ff9d89faa2ce0ad4c8
+SHA256:
+  metadata.gz: 1e2d276ebb575ae0fcc406969081707cb0881d1e03cbf85faed974ea138a1156
+  data.tar.gz: 5edd29503ee10afdc2f3c45dd29146eea0cdc6f01f9a16a171d1911586b23978
 SHA512:
-  metadata.gz: 498b424873a5b7d2aaefc8f0d4c2990bde82e0219cbccb6cffc039b8549b9370bc696c805e7b6825669b605d25a69fe6ed4319064d0c593b33fbd47ee63730ba
-  data.tar.gz: 7c08538b13cbe9ab33ef66f9df03721b195825950126868252e49be754d6dd214182c7d7253fae3fb7cdccfd7787d925969522c662ea029cf2ff4d2b3a8bb3c5
+  metadata.gz: 06fc0da12f0a5307a310727c11996955dae55a8dc9c17b3686f57f780c4cec8104a6ad66a35b24dce3b4e3be236fbacee5fe39daaa538b7df2f986b2d123442a
+  data.tar.gz: 14bd1ade83ce55820c7ced42d4f5ad9724e11421f78bb0972eac7f793cc5828b0319afdd048042bb39a8eb08e07106c99a35606529875e38639a98635f9969fd

data/README.md CHANGED Viewed

@@ -44,7 +44,6 @@ Yo can later validate the request by using `authentic?`
 signer.authentic?(my_request, my_secret) # this will check the signature and the date by default
 ```
 ### Signer options
 **IMPORTANT** Remember to always configure both the signer-signer and the validator-signer using the same paremeters.
@@ -58,6 +57,23 @@ The following parameters are available when calling `Authograph.signer`:
 * `date_header`: header key to store date in (`'X-Date'` by default).
 * `date_max_skew`: maximum difference (in secs) between request time and validaton (`'600'` by default).
+### Testing (only rspec)
+Sometimes is useful to stub the signing process on tests.
+Make sure to include the rspec extensions on your `spec_helper.rb`:
+```ruby
+require 'authograph/rspec'
+```
+Now you can call the `stub_authograph` inside your tests:
+```ruby
+before { stub_authograph(:any, 'mysignature') } }
+before { stub_authograph({ secret: 'my_secret' }, 'mysignature') } # only stub signatures for a given secret (TODO)
+before { stub_authograph({ path: '/my/path' }, 'mysignature') } # only stub signatures for a given path (TODO)
+```
 ### Generated signature structure

data/authograph.gemspec CHANGED Viewed

@@ -21,9 +21,12 @@ HTTP request signing and validation library with support for header signing and
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
-  spec.add_development_dependency "bundler", "~> 1.12"
+  spec.add_development_dependency "bundler", "~> 2.1"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency "guard", "~> 2.14"
   spec.add_development_dependency "guard-rspec", "~> 4.7"
+  spec.add_development_dependency "webmock", "~> 3.3"
+  spec.add_development_dependency "faraday", "~> 1.7"
+  spec.add_development_dependency "pry"
 end

data/lib/authograph/adapters/faraday.rb CHANGED Viewed

@@ -13,15 +13,17 @@ module Authograph::Adapters
     end
     def method
-      @request.method.to_s.upcase
+      @request.http_method.to_s.upcase
     end
     def path
-      URI(@request.path).request_uri
+      uri = URI(@request.path)
+      uri.query = ::Faraday::Utils.build_query(@request.params) unless @request.params.empty?
+      uri.request_uri
     end
     def content_type
-      @request.headers['Content-Type'] || ''
+      @request.headers['Content-Type'] || 'application/x-www-form-urlencoded'
     end
     def body

data/lib/authograph/adapters/http.rb CHANGED Viewed

@@ -25,10 +25,15 @@ module Authograph::Adapters
     end
     def body
-      return '' unless @request.body_stream
-      data = @request.body_stream.read
-      @request.body_stream.rewind
-      data
+      if !@request.body_stream.nil?
+        data = @request.body_stream.read
+        @request.body_stream.rewind
+        data
+      elsif !@request.body.nil?
+        @request.body
+      else
+        ''
+      end
     end
   end
 end

data/lib/authograph/adapters/webmock.rb ADDED Viewed

@@ -0,0 +1,31 @@
+module Authograph::Adapters
+  class Webmock < Base
+    def initialize(_request)
+      @request = _request
+    end
+    def get_header(_header)
+      @request.headers[_header]
+    end
+    def set_header(_header, _value)
+      raise 'not implemented'
+    end
+    def method
+      @request.method.to_s.upcase
+    end
+    def path
+      @request.uri.request_uri
+    end
+    def content_type
+      get_header('Content-Type') || ''
+    end
+    def body
+      @request.body
+    end
+  end
+end

data/lib/authograph/rspec.rb ADDED Viewed

@@ -0,0 +1,27 @@
+module Authograph
+  module RSpecHelpers
+    def stub_authograph(_matcher, _signature = nil)
+      if _signature.nil?
+        _signature = _matcher
+        _matcher = :any
+      end
+      allow_any_instance_of(Authograph::Signer)
+        .to receive(:calc_signature)
+        .and_wrap_original do |original, request, secret|
+          case _matcher
+          when :any
+            next _signature
+          when Hash
+            # TODO
+          end
+          original.call(request, secret) # fallback to original
+        end
+    end
+  end
+end
+RSpec.configure do |config|
+  config.include Authograph::RSpecHelpers
+end

data/lib/authograph/signer.rb CHANGED Viewed

@@ -87,22 +87,21 @@ module Authograph
     def build_payload(_request)
       parts = [
         _request.method,
-        _request.path,
-        _request.content_type || '',
-        body_md5(_request)
+        _request.path
       ]
+      if %w[POST PUT].include?(_request.method)
+        parts << _request.content_type || ''
+        parts << body_md5(_request)
+      end
       # extra headers to be considered
       @sign_headers.each { |h| parts << (_request.get_header(h) || '') }
       parts.join "\n"
     end
     def body_md5(_request)
-      if %w[POST PUT].include?(_request.method)
-        Digest::MD5.base64digest _request.body
-      else
-        ''
-      end
+      Digest::MD5.base64digest _request.body
     end
   end
 end

data/lib/authograph/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Authograph
-  VERSION = "1.0.0"
+  VERSION = "1.0.4"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authograph
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.4
 platform: ruby
 authors:
 - Ignacio Baixas
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2017-07-17 00:00:00.000000000 Z
+date: 2021-10-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -80,6 +80,48 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '4.7'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.3'
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: |2
   HTTP request signing and validation library with support for header signing and multiple backends.
@@ -106,6 +148,8 @@ files:
 - lib/authograph/adapters/faraday.rb
 - lib/authograph/adapters/http.rb
 - lib/authograph/adapters/rack.rb
+- lib/authograph/adapters/webmock.rb
+- lib/authograph/rspec.rb
 - lib/authograph/signer.rb
 - lib/authograph/version.rb
 homepage: https://github.com/SurBTC/authograph
@@ -127,8 +171,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.6.4
+rubygems_version: 3.0.3
 signing_key:
 specification_version: 4
 summary: Flexible HTTP request HMAC signing and validation