RubyGems - authorization_header_parser - Versions diffs - 1.0.0 → 1.1.1 - Mend

authorization_header_parser 1.0.0 → 1.1.1

Files changed (11) hide show

checksums.yaml +5 -5
data/.gitignore +50 -0
data/.rubocop.yml +4 -0
data/.travis.yml +5 -0
data/Gemfile +1 -6
data/README.md +4 -2
data/Rakefile +5 -50
data/authorization_header_parser.gemspec +28 -0
data/lib/authorization_header_parser.rb +38 -25
data/spec/authorization_header_parser_spec.rb +61 -50
metadata +25 -22

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: a0d2bce662c12e178c65f990a14c46707b764e1d
-  data.tar.gz: 0e21e001e47900e9f848bcdc5fc0d4cbb3a71f27
+SHA256:
+  metadata.gz: 250103e9c99ee4a6be24cd0f88c6c12232fd351b2f0025954c5ab1092cd9d853
+  data.tar.gz: 75ffead6c93f30c5a6c264edc3f40e17d519fd540a356a0896b58327036f7ae0
 SHA512:
-  metadata.gz: 222f8060cd448acf936f047d249808fe23620fbf8d01bd4b0107e71d1a006bb5831a4e86a70076fd2c72e54560eac2d318f3cc95452f8a91cc42001fa34fea46
-  data.tar.gz: 834ddcfd2bb39c40ad8cb213a06b537aa3c5914376e0e46b8b6ca70201f29431dda174a1e92ee60c7b67097346f75e94ba5871f2facf451713eadfa8677742e7
+  metadata.gz: 357ae1add710a6b2c32d86baf0e308c417d4a78ea1b3793ae18bb1ffe6e72906e6cfa9002655b0054d020fc5e6e544f78a61bb35b47b07a32f9ec3d31d6151db
+  data.tar.gz: 273c99a97f5c3630c2106d53c52262078fd3d749d23edd88513a47ba3435b3ed27f6cdc215f853c5d420c50f52ce8ae86d705ea32089a61b776bab8a306c9386

data/.gitignore ADDED

@@ -0,0 +1,50 @@
+# rcov generated
+coverage
+coverage.data
+# rdoc generated
+rdoc
+# yard generated
+doc
+.yardoc
+# bundler
+.bundle
+Gemfile.lock
+# jeweler generated
+pkg
+# Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore:
+#
+# * Create a file at ~/.gitignore
+# * Include files you want ignored
+# * Run: git config --global core.excludesfile ~/.gitignore
+#
+# After doing this, these files will be ignored in all your git projects,
+# saving you from having to 'pollute' every project you touch with them
+#
+# Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line)
+#
+# For MacOS:
+#
+#.DS_Store
+# For TextMate
+#*.tmproj
+#tmtags
+# For emacs:
+#*~
+#\#*
+#.\#*
+# For vim:
+#*.swp
+# For redcar:
+#.redcar
+# For rubinius:
+#*.rbc

data/.rubocop.yml ADDED

@@ -0,0 +1,4 @@
+inherit_gem:
+  wetransfer_style: ruby/default.yml
+AllCops:
+  TargetRubyVersion: 2.1

data/.travis.yml ADDED

@@ -0,0 +1,5 @@
+rvm:
+  - 2.1.0
+  - 2.6.3
+cache: bundler
+sudo: false

data/Gemfile CHANGED

@@ -1,8 +1,3 @@
 source "http://rubygems.org"
-group :development do
-  gem "rspec", "~> 3"
-  gem "rdoc", "~> 3.12"
-  gem "bundler", "~> 1.0"
-  gem "jeweler", "~> 2.0.1"
-end
+gemspec

data/README.md CHANGED

@@ -1,5 +1,7 @@
 # authorization_header_parser
+[![Build Status](https://travis-ci.org/WeTransfer/authorization_header_parser.svg?branch=master)](https://travis-ci.org/WeTransfer/authorization_header_parser)
 Parse custom authorization parameters from `Authorization:` HTTP headers into a neat
 Ruby Hash. Works best in combination with `Rack::Auth::AbstractRequest`
@@ -16,7 +18,7 @@ or for both scheme and params:
 Works well for token, Digest, OAuth and other schemes using custom authorization parameters.
 ## Contributing to authorization_header_parser
 * Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet.
 * Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it.
 * Fork the project.
@@ -27,6 +29,6 @@ Works well for token, Digest, OAuth and other schemes using custom authorization
 ## Copyright
-Copyright (c) 2015 Julik Tarkhanov. See LICENSE.txt for
+Copyright (c) 2019 WeTransfer. See LICENSE.txt for
 further details.

data/Rakefile CHANGED

@@ -1,52 +1,7 @@
-# encoding: utf-8
-require 'rubygems'
-require 'bundler'
-begin
-  Bundler.setup(:default, :development)
-rescue Bundler::BundlerError => e
-  $stderr.puts e.message
-  $stderr.puts "Run `bundle install` to install missing gems"
-  exit e.status_code
-end
-require 'rake'
-require_relative 'lib/authorization_header_parser'
-require 'jeweler'
-Jeweler::Tasks.new do |gem|
-  gem.version = AuthorizationHeaderParser::VERSION
-  gem.name = "authorization_header_parser"
-  gem.homepage = "http://github.com/julik/authorization_header_parser"
-  gem.license = "MIT"
-  gem.description = %Q{Parses parametrized  HTTP Authorization headers}
-  gem.summary = %Q{such as OAuth and Digest}
-  gem.email = "me@julik.nl"
-  gem.authors = ["Julik Tarkhanov"]
-  # dependencies defined in Gemfile
-end
-Jeweler::RubygemsDotOrgTasks.new
-require 'rspec/core'
+require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
-RSpec::Core::RakeTask.new(:spec) do |spec|
-  spec.pattern = FileList['spec/**/*_spec.rb']
-end
-desc "Code coverage detail"
-task :simplecov do
-  ENV['COVERAGE'] = "true"
-  Rake::Task['spec'].execute
-end
-task :default => :spec
-require 'rdoc/task'
-Rake::RDocTask.new do |rdoc|
-  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+require 'rubocop/rake_task'
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title = "authorization_header_parser #{version}"
-  rdoc.rdoc_files.include('README*')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
+RSpec::Core::RakeTask.new(:spec)
+RuboCop::RakeTask.new(:rubocop)
+task default: [:spec, :rubocop]

data/authorization_header_parser.gemspec ADDED

@@ -0,0 +1,28 @@
+require File.join(File.expand_path('../lib', __FILE__), 'authorization_header_parser')
+Gem::Specification.new do |s|
+  s.name = "authorization_header_parser"
+  s.version = AuthorizationHeaderParser::VERSION
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.require_paths = ["lib"]
+  s.authors = ["WeTransfer"]
+  s.date = "2015-06-29"
+  s.description = "Parses parametrized  HTTP Authorization headers"
+  s.email = "info@wetransfer.com"
+  s.extra_rdoc_files = [
+    "LICENSE.txt",
+    "README.md"
+  ]
+  s.files = `git ls-files -z`.split("\x0")
+  s.homepage = "http://github.com/wetransfer/authorization_header_parser"
+  s.licenses = ["MIT"]
+  s.rubygems_version = "2.2.2"
+  s.summary = "such as OAuth and Digest"
+  s.specification_version = 4
+  s.add_development_dependency 'bundler'
+  s.add_development_dependency 'rspec', '~> 3'
+  s.add_development_dependency 'rake', '~> 10'
+  s.add_development_dependency 'wetransfer_style', '0.6.0'
+end

data/lib/authorization_header_parser.rb CHANGED

@@ -1,22 +1,33 @@
 require 'strscan'
 module AuthorizationHeaderParser
-  VERSION = '1.0.0'
-  InvalidHeader = Class.new(StandardError)
+  VERSION = '1.1.1'
+  class InvalidHeader < StandardError
+  end
+  class ParseError < InvalidHeader
+    def initialize(message, scanner)
+      str = scanner.string
+      from = [(scanner.pos - 5), 0].sort.pop
+      upto = [(scanner.pos + 5), str.length].sort.shift
+      piece = str[from..upto]
+      super "#{message} - at #{scanner.pos} (around #{piece.inspect})"
+    end
+  end
   # Parse a custom scheme + params Authorization header.
   #
-  #   parse('absurd-auth token="12345"') #=> ['absurd-auth', {'token' => '12345}]
+  #   parse('absurd-auth token="12345"') #=> ['absurd-auth', {'token' => '12345'}]
   def parse(value)
     scanner = StringScanner.new(value)
     scheme = scanner.scan(NON_WHITESPACE)
-    raise InvalidHeader.new("Scheme not provided") unless scheme
+    raise InvalidHeader, "Scheme not provided" unless scheme
     scanner.skip(WHITESPACE)
     [scheme.strip, extract_params_from_scanner(scanner)]
   end
   # Parse Authorization params. Most useful in combination with Rack::Auth::AbstractRequest
   #
   # For instance, with 'Authorization: absurd-auth token="12345"':
@@ -26,33 +37,37 @@ module AuthorizationHeaderParser
   def parse_params(string)
     extract_params_from_scanner(StringScanner.new(string))
   end
   extend self
   private
   ANYTHING_BUT_EQ = /[^\s\=]+/
   EQ = /=/
-  UNTIL_FWD_SLASH_OR_QUOTE = /[^\\"]+/
+  UNTIL_BACKSLASH_OR_QUOTE = /[^\\"]+/
   ESCAPED_QUOTE = /\\"/
   QUOTE = /"/
   WHITESPACE = /\s+/
   COMMA = /,/
   NON_WHITESPACE = /[^\s]+/
   # http://codereview.stackexchange.com/questions/41270
   # http://stackoverflow.com/questions/134936
   def extract_params_from_scanner(scanner)
     params = {}
-    until scanner.eos? do
+    until scanner.eos?
       key = scanner.scan(ANYTHING_BUT_EQ)
-      raise InvalidHeader, "Expected =, but found none at #{scanner.pos}" unless scanner.scan(EQ)
-      value_opener = scanner.get_byte
-      raise InvalidHeader, "Expected opening of a parameter at #{scanner.pos}" unless value_opener
-      if value_opener == '"' # Quoted value
+      raise ParseError.new("Expected =, but found none", scanner) unless scanner.skip(EQ)
+      if scanner.eos? # Last parameter was empty, return
+        params[key] = ''
+        return params
+      end
+      if scanner.skip(QUOTE) # Quoted value
         buf = ''
         until scanner.eos?
-          if scanner.scan(UNTIL_FWD_SLASH_OR_QUOTE)
+          if scanner.scan(UNTIL_BACKSLASH_OR_QUOTE)
             buf << scanner.matched
           elsif scanner.scan(ESCAPED_QUOTE)
             buf << '"'
@@ -61,16 +76,14 @@ module AuthorizationHeaderParser
             break
           end
         end
-      else
-        scanner.unscan # Bare parameter, backtrack 1 byte
-        unless bare_value = scanner.scan(/[^,"]+/)
-          raise InvalidHeader, "Expected a bare parameter value at #{scanner.pos}"
-        end
+      elsif bare_value = scanner.scan(/[^,"]+/) # Bare parameter
         params[key] = bare_value
+      else # Empty parameter
+        params[key] = ''
       end
       scanner.skip(WHITESPACE)
       if !scanner.eos? && !scanner.skip(COMMA)
-        raise InvalidHeader, "Expected end of header or a comma, at #{scanner.pos}"
+        raise ParseError.new("Expected end of header or a comma", scanner)
       end
       scanner.skip(WHITESPACE)
     end

data/spec/authorization_header_parser_spec.rb CHANGED

@@ -4,68 +4,84 @@ describe "AuthorizationHeaderParser" do
   context '.parse_params' do
     it 'parses only the parameter string' do
       params = AuthorizationHeaderParser.parse_params('foo=bar, baz=bad')
-      expect(params).to eq({"foo"=>"bar", "baz"=>"bad"})
+      expect(params).to eq("foo" => "bar", "baz" => "bad")
     end
   end
   context '.parse' do
+    it 'parses a simple Token header with empty parameters' do
+      header = 'Token foo=, baz='
+      parsed = AuthorizationHeaderParser.parse(header)
+      scheme, params = parsed
+      expect(scheme).to eq('Token')
+      expect(params).to eq("foo" => "", "baz" => "")
+    end
+    it 'parses a simple Token header with some parameters being empty' do
+      header = 'Token foo=, bar="Value", baz='
+      parsed = AuthorizationHeaderParser.parse(header)
+      scheme, params = parsed
+      expect(scheme).to eq('Token')
+      expect(params).to eq("foo" => "", "bar" => "Value", "baz" => "")
+    end
     it 'parses a simple Token header' do
       header = 'Token foo=bar, baz=bad'
       parsed = AuthorizationHeaderParser.parse(header)
       scheme, params = parsed
       expect(scheme).to eq('Token')
-      expect(params).to eq({"foo"=>"bar", "baz"=>"bad"})
+      expect(params).to eq("foo" => "bar", "baz" => "bad")
     end
     it 'parses a header with an escaped quote' do
-      digest_header = 'Custom param="value\"such and such\""'
+      digest_header = 'Custom param="value\"such and such\""'
       parsed = AuthorizationHeaderParser.parse(digest_header)
       scheme, params = parsed
       expect(scheme).to eq('Custom')
-      expect(params).to eq({"param" => 'value"such and such"'})
+      expect(params).to eq("param" => 'value"such and such"')
     end
     it "parses a Digest header" do
       digest_header = 'Digest qop="chap",
         realm="testrealm@host.com",
         username="Foobear",
         response="6629fae49393a05397450978507c4ef1",
         cnonce="5ccc069c403ebaf9f0171e9517f40e41"'
       parsed = AuthorizationHeaderParser.parse(digest_header)
       scheme, params = parsed
       expect(scheme).to eq('Digest')
-      expect(params).to eq({
-        "qop"=>"chap",
-        "realm"=>"testrealm@host.com",
-        "username"=>"Foobear",
-        "response"=>"6629fae49393a05397450978507c4ef1",
-        "cnonce"=>"5ccc069c403ebaf9f0171e9517f40e41"
-      })
+      expect(params).to eq(
+        "qop" => "chap",
+        "realm" => "testrealm@host.com",
+        "username" => "Foobear",
+        "response" => "6629fae49393a05397450978507c4ef1",
+        "cnonce" => "5ccc069c403ebaf9f0171e9517f40e41"
+      )
     end
     it 'parses an OAuth header from Twitter documentation' do
-      twitter_header = 'OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog",
-              oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
-              oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
-              oauth_signature_method="HMAC-SHA1",
-              oauth_timestamp="1318622958",
-              oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
+      twitter_header = 'OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog",
+              oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
+              oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
+              oauth_signature_method="HMAC-SHA1",
+              oauth_timestamp="1318622958",
+              oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
               oauth_version="1.0"'
       parsed = AuthorizationHeaderParser.parse(twitter_header)
       scheme, params = parsed
       expect(scheme).to eq("OAuth")
-      expect(params).to eq({
-        "oauth_consumer_key"=>"xvz1evFS4wEEPTGEFPHBog",
-        "oauth_nonce"=>"kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
-        "oauth_signature"=>"tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
-        "oauth_signature_method"=>"HMAC-SHA1",
-        "oauth_timestamp"=>"1318622958",
-        "oauth_token"=>"370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
-        "oauth_version"=>"1.0"
-      })
+      expect(params).to eq(
+        "oauth_consumer_key" => "xvz1evFS4wEEPTGEFPHBog",
+        "oauth_nonce" => "kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
+        "oauth_signature" => "tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
+        "oauth_signature_method" => "HMAC-SHA1",
+        "oauth_timestamp" => "1318622958",
+        "oauth_token" => "370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
+        "oauth_version" => "1.0"
+      )
     end
     it 'parses another OAuth params example' do
       oauth_header = 'OAuth realm="",
           oauth_nonce="72250409",
@@ -74,40 +90,35 @@ describe "AuthorizationHeaderParser" do
           oauth_signature_method="HMAC-SHA1",
           oauth_version="1.0",
           oauth_signature="IBlWhOm3PuDwaSdxE/Qu4RKPtVE="'
       parsed = AuthorizationHeaderParser.parse(oauth_header)
       scheme, params = parsed
       expect(scheme).to eq("OAuth")
-      expect(params).to eq({
-        "realm"=>"",
-        "oauth_nonce" => "72250409",
-        "oauth_timestamp"=>"1294966759",
-        "oauth_consumer_key"=>"Dummy",
-        "oauth_signature_method"=>"HMAC-SHA1",
-        "oauth_version"=>"1.0",
-        "oauth_signature"=>"IBlWhOm3PuDwaSdxE/Qu4RKPtVE="
-      })
+      expect(params).to eq(
+        "realm" => "",
+        "oauth_nonce" => "72250409",
+        "oauth_timestamp" => "1294966759",
+        "oauth_consumer_key" => "Dummy",
+        "oauth_signature_method" => "HMAC-SHA1",
+        "oauth_version" => "1.0",
+        "oauth_signature" => "IBlWhOm3PuDwaSdxE/Qu4RKPtVE="
+      )
     end
   end
   context 'with invalid headers' do
     it 'raises InvalidHeader' do
-      expect {
-        AuthorizationHeaderParser.parse_params('foo=')
-      }.to raise_error(AuthorizationHeaderParser::InvalidHeader, /Expected opening of a parameter/)
       expect {
         AuthorizationHeaderParser.parse_params('foo=bar"')
       }.to raise_error(AuthorizationHeaderParser::InvalidHeader, /Expected end of header or a comma/)
       expect {
         AuthorizationHeaderParser.parse_params('FONDBSJDJAHJDHAHUYHJHJBDA')
       }.to raise_error(AuthorizationHeaderParser::InvalidHeader, /Expected =, but found none/)
       expect {
         AuthorizationHeaderParser.parse_params('foo="bar"baz"bad" another=123')
       }.to raise_error(AuthorizationHeaderParser::InvalidHeader, /Expected end of header or a comma/)
     end
   end
 end

metadata CHANGED

@@ -1,73 +1,73 @@
 --- !ruby/object:Gem::Specification
 name: authorization_header_parser
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.1
 platform: ruby
 authors:
-- Julik Tarkhanov
+- WeTransfer
 autorequire:
 bindir: bin
 cert_chain: []
 date: 2015-06-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rdoc
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.12'
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.12'
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '10'
 - !ruby/object:Gem::Dependency
-  name: jeweler
+  name: wetransfer_style
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: 0.6.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: 0.6.0
 description: Parses parametrized  HTTP Authorization headers
-email: me@julik.nl
+email: info@wetransfer.com
 executables: []
 extensions: []
 extra_rdoc_files:
@@ -75,15 +75,19 @@ extra_rdoc_files:
 - README.md
 files:
 - ".document"
+- ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
+- authorization_header_parser.gemspec
 - lib/authorization_header_parser.rb
 - spec/authorization_header_parser_spec.rb
 - spec/spec_helper.rb
-homepage: http://github.com/julik/authorization_header_parser
+homepage: http://github.com/wetransfer/authorization_header_parser
 licenses:
 - MIT
 metadata: {}
@@ -102,8 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.2.2
+rubygems_version: 3.0.6
 signing_key:
 specification_version: 4
 summary: such as OAuth and Digest