RubyGems - authorization_header_parser - Versions diffs - 1.0.0 → 1.1.1 - Mend

authorization_header_parser 1.0.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +5 -5
data/.gitignore +50 -0
data/.rubocop.yml +4 -0
data/.travis.yml +5 -0
data/Gemfile +1 -6
data/README.md +4 -2
data/Rakefile +5 -50
data/authorization_header_parser.gemspec +28 -0
data/lib/authorization_header_parser.rb +38 -25
data/spec/authorization_header_parser_spec.rb +61 -50
metadata +25 -22

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: a0d2bce662c12e178c65f990a14c46707b764e1d
-  data.tar.gz: 0e21e001e47900e9f848bcdc5fc0d4cbb3a71f27
+SHA256:
+  metadata.gz: 250103e9c99ee4a6be24cd0f88c6c12232fd351b2f0025954c5ab1092cd9d853
+  data.tar.gz: 75ffead6c93f30c5a6c264edc3f40e17d519fd540a356a0896b58327036f7ae0
 SHA512:
-  metadata.gz: 222f8060cd448acf936f047d249808fe23620fbf8d01bd4b0107e71d1a006bb5831a4e86a70076fd2c72e54560eac2d318f3cc95452f8a91cc42001fa34fea46
-  data.tar.gz: 834ddcfd2bb39c40ad8cb213a06b537aa3c5914376e0e46b8b6ca70201f29431dda174a1e92ee60c7b67097346f75e94ba5871f2facf451713eadfa8677742e7
+  metadata.gz: 357ae1add710a6b2c32d86baf0e308c417d4a78ea1b3793ae18bb1ffe6e72906e6cfa9002655b0054d020fc5e6e544f78a61bb35b47b07a32f9ec3d31d6151db
+  data.tar.gz: 273c99a97f5c3630c2106d53c52262078fd3d749d23edd88513a47ba3435b3ed27f6cdc215f853c5d420c50f52ce8ae86d705ea32089a61b776bab8a306c9386

data/.gitignore ADDED

@@ -0,0 +1,50 @@
+# rcov generated
+coverage
+coverage.data
+# rdoc generated
+rdoc
+# yard generated
+doc
+.yardoc
+# bundler
+.bundle
+Gemfile.lock
+# jeweler generated
+pkg
+# Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore:
+#
+# * Create a file at ~/.gitignore
+# * Include files you want ignored
+# * Run: git config --global core.excludesfile ~/.gitignore
+#
+# After doing this, these files will be ignored in all your git projects,
+# saving you from having to 'pollute' every project you touch with them
+#
+# Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line)
+#
+# For MacOS:
+#
+#.DS_Store
+# For TextMate
+#*.tmproj
+#tmtags
+# For emacs:
+#*~
+#\#*
+#.\#*
+# For vim:
+#*.swp
+# For redcar:
+#.redcar
+# For rubinius:
+#*.rbc

data/.rubocop.yml ADDED

@@ -0,0 +1,4 @@
+inherit_gem:
+  wetransfer_style: ruby/default.yml
+AllCops:
+  TargetRubyVersion: 2.1

data/.travis.yml ADDED

@@ -0,0 +1,5 @@
+rvm:
+  - 2.1.0
+  - 2.6.3
+cache: bundler
+sudo: false

data/Gemfile CHANGED

@@ -1,8 +1,3 @@
 source "http://rubygems.org"
-group :development do
-  gem "rspec", "~> 3"
-  gem "rdoc", "~> 3.12"
-  gem "bundler", "~> 1.0"
-  gem "jeweler", "~> 2.0.1"
-end
+gemspec

data/README.md CHANGED

@@ -1,5 +1,7 @@
 # authorization_header_parser
+[![Build Status](https://travis-ci.org/WeTransfer/authorization_header_parser.svg?branch=master)](https://travis-ci.org/WeTransfer/authorization_header_parser)
 Parse custom authorization parameters from `Authorization:` HTTP headers into a neat
 Ruby Hash. Works best in combination with `Rack::Auth::AbstractRequest`
@@ -16,7 +18,7 @@ or for both scheme and params:
 Works well for token, Digest, OAuth and other schemes using custom authorization parameters.
 ## Contributing to authorization_header_parser
 * Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet.
 * Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it.
 * Fork the project.
@@ -27,6 +29,6 @@ Works well for token, Digest, OAuth and other schemes using custom authorization
 ## Copyright
-Copyright (c) 2015 Julik Tarkhanov. See LICENSE.txt for
+Copyright (c) 2019 WeTransfer. See LICENSE.txt for
 further details.

data/Rakefile CHANGED

@@ -1,52 +1,7 @@
-# encoding: utf-8
-require 'rubygems'
-require 'bundler'
-begin
-  Bundler.setup(:default, :development)
-rescue Bundler::BundlerError => e
-  $stderr.puts e.message
-  $stderr.puts "Run `bundle install` to install missing gems"
-  exit e.status_code
-end
-require 'rake'
-require_relative 'lib/authorization_header_parser'
-require 'jeweler'
-Jeweler::Tasks.new do |gem|
-  gem.version = AuthorizationHeaderParser::VERSION
-  gem.name = "authorization_header_parser"
-  gem.homepage = "http://github.com/julik/authorization_header_parser"
-  gem.license = "MIT"
-  gem.description = %Q{Parses parametrized  HTTP Authorization headers}
-  gem.summary = %Q{such as OAuth and Digest}
-  gem.email = "me@julik.nl"
-  gem.authors = ["Julik Tarkhanov"]
-  # dependencies defined in Gemfile
-end
-Jeweler::RubygemsDotOrgTasks.new
-require 'rspec/core'
+require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
-RSpec::Core::RakeTask.new(:spec) do |spec|
-  spec.pattern = FileList['spec/**/*_spec.rb']
-end
-desc "Code coverage detail"
-task :simplecov do
-  ENV['COVERAGE'] = "true"
-  Rake::Task['spec'].execute
-end
-task :default => :spec
-require 'rdoc/task'
-Rake::RDocTask.new do |rdoc|
-  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+require 'rubocop/rake_task'
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title = "authorization_header_parser #{version}"
-  rdoc.rdoc_files.include('README*')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
+RSpec::Core::RakeTask.new(:spec)
+RuboCop::RakeTask.new(:rubocop)
+task default: [:spec, :rubocop]

data/authorization_header_parser.gemspec ADDED

@@ -0,0 +1,28 @@
+require File.join(File.expand_path('../lib', __FILE__), 'authorization_header_parser')
+Gem::Specification.new do |s|
+  s.name = "authorization_header_parser"
+  s.version = AuthorizationHeaderParser::VERSION
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.require_paths = ["lib"]
+  s.authors = ["WeTransfer"]
+  s.date = "2015-06-29"
+  s.description = "Parses parametrized  HTTP Authorization headers"
+  s.email = "info@wetransfer.com"
+  s.extra_rdoc_files = [
+    "LICENSE.txt",
+    "README.md"
+  ]
+  s.files = `git ls-files -z`.split("\x0")
+  s.homepage = "http://github.com/wetransfer/authorization_header_parser"
+  s.licenses = ["MIT"]
+  s.rubygems_version = "2.2.2"
+  s.summary = "such as OAuth and Digest"
+  s.specification_version = 4
+  s.add_development_dependency 'bundler'
+  s.add_development_dependency 'rspec', '~> 3'
+  s.add_development_dependency 'rake', '~> 10'
+  s.add_development_dependency 'wetransfer_style', '0.6.0'
+end

data/lib/authorization_header_parser.rb CHANGED

@@ -1,22 +1,33 @@
 require 'strscan'
 module AuthorizationHeaderParser
-  VERSION = '1.0.0'
-  InvalidHeader = Class.new(StandardError)
+  VERSION = '1.1.1'
+  class InvalidHeader < StandardError
+  end
+  class ParseError < InvalidHeader
+    def initialize(message, scanner)
+      str = scanner.string
+      from = [(scanner.pos - 5), 0].sort.pop
+      upto = [(scanner.pos + 5), str.length].sort.shift
+      piece = str[from..upto]
+      super "#{message} - at #{scanner.pos} (around #{piece.inspect})"
+    end
+  end
   # Parse a custom scheme + params Authorization header.
   #
-  #   parse('absurd-auth token="12345"') #=> ['absurd-auth', {'token' => '12345}]
+  #   parse('absurd-auth token="12345"') #=> ['absurd-auth', {'token' => '12345'}]
   def parse(value)
     scanner = StringScanner.new(value)
     scheme = scanner.scan(NON_WHITESPACE)
-    raise InvalidHeader.new("Scheme not provided") unless scheme
+    raise InvalidHeader, "Scheme not provided" unless scheme
     scanner.skip(WHITESPACE)
     [scheme.strip, extract_params_from_scanner(scanner)]
   end
   # Parse Authorization params. Most useful in combination with Rack::Auth::AbstractRequest
   #
   # For instance, with 'Authorization: absurd-auth token="12345"':
@@ -26,33 +37,37 @@ module AuthorizationHeaderParser
   def parse_params(string)
     extract_params_from_scanner(StringScanner.new(string))
   end
   extend self
   private
   ANYTHING_BUT_EQ = /[^\s\=]+/
   EQ = /=/
-  UNTIL_FWD_SLASH_OR_QUOTE = /[^\\"]+/
+  UNTIL_BACKSLASH_OR_QUOTE = /[^\\"]+/
   ESCAPED_QUOTE = /\\"/
   QUOTE = /"/
   WHITESPACE = /\s+/
   COMMA = /,/
   NON_WHITESPACE = /[^\s]+/
   # http://codereview.stackexchange.com/questions/41270
   # http://stackoverflow.com/questions/134936
   def extract_params_from_scanner(scanner)
     params = {}
-    until scanner.eos? do
+    until scanner.eos?
       key = scanner.scan(ANYTHING_BUT_EQ)
-      raise InvalidHeader, "Expected =, but found none at #{scanner.pos}" unless scanner.scan(EQ)
-      value_opener = scanner.get_byte
-      raise InvalidHeader, "Expected opening of a parameter at #{scanner.pos}" unless value_opener
-      if value_opener == '"' # Quoted value
+      raise ParseError.new("Expected =, but found none", scanner) unless scanner.skip(EQ)
+      if scanner.eos? # Last parameter was empty, return
+        params[key] = ''
+        return params
+      end
+      if scanner.skip(QUOTE) # Quoted value
         buf = ''
         until scanner.eos?
-          if scanner.scan(UNTIL_FWD_SLASH_OR_QUOTE)
+          if scanner.scan(UNTIL_BACKSLASH_OR_QUOTE)
             buf << scanner.matched
           elsif scanner.scan(ESCAPED_QUOTE)
             buf << '"'
@@ -61,16 +76,14 @@ module AuthorizationHeaderParser
             break
           end
         end
-      else
-        scanner.unscan # Bare parameter, backtrack 1 byte
-        unless bare_value = scanner.scan(/[^,"]+/)
-          raise InvalidHeader, "Expected a bare parameter value at #{scanner.pos}"
-        end
+      elsif bare_value = scanner.scan(/[^,"]+/) # Bare parameter
         params[key] = bare_value
+      else # Empty parameter
+        params[key] = ''
       end
       scanner.skip(WHITESPACE)
       if !scanner.eos? && !scanner.skip(COMMA)
-        raise InvalidHeader, "Expected end of header or a comma, at #{scanner.pos}"
+        raise ParseError.new("Expected end of header or a comma", scanner)
       end
       scanner.skip(WHITESPACE)
     end

data/spec/authorization_header_parser_spec.rb CHANGED

@@ -4,68 +4,84 @@ describe "AuthorizationHeaderParser" do
   context '.parse_params' do
     it 'parses only the parameter string' do
       params = AuthorizationHeaderParser.parse_params('foo=bar, baz=bad')
-      expect(params).to eq({"foo"=>"bar", "baz"=>"bad"})
+      expect(params).to eq("foo" => "bar", "baz" => "bad")
     end
   end
   context '.parse' do
+    it 'parses a simple Token header with empty parameters' do
+      header = 'Token foo=, baz='
+      parsed = AuthorizationHeaderParser.parse(header)
+      scheme, params = parsed
+      expect(scheme).to eq('Token')
+      expect(params).to eq("foo" => "", "baz" => "")
+    end
+    it 'parses a simple Token header with some parameters being empty' do
+      header = 'Token foo=, bar="Value", baz='
+      parsed = AuthorizationHeaderParser.parse(header)
+      scheme, params = parsed
+      expect(scheme).to eq('Token')
+      expect(params).to eq("foo" => "", "bar" => "Value", "baz" => "")
+    end
     it 'parses a simple Token header' do
       header = 'Token foo=bar, baz=bad'
       parsed = AuthorizationHeaderParser.parse(header)
       scheme, params = parsed
       expect(scheme).to eq('Token')
-      expect(params).to eq({"foo"=>"bar", "baz"=>"bad"})
+      expect(params).to eq("foo" => "bar", "baz" => "bad")
     end
     it 'parses a header with an escaped quote' do
-      digest_header = 'Custom param="value\"such and such\""'
+      digest_header = 'Custom param="value\"such and such\""'
       parsed = AuthorizationHeaderParser.parse(digest_header)
       scheme, params = parsed
       expect(scheme).to eq('Custom')
-      expect(params).to eq({"param" => 'value"such and such"'})
+      expect(params).to eq("param" => 'value"such and such"')
     end
     it "parses a Digest header" do
       digest_header = 'Digest qop="chap",
         realm="testrealm@host.com",
         username="Foobear",
         response="6629fae49393a05397450978507c4ef1",
         cnonce="5ccc069c403ebaf9f0171e9517f40e41"'
       parsed = AuthorizationHeaderParser.parse(digest_header)
       scheme, params = parsed
       expect(scheme).to eq('Digest')
-      expect(params).to eq({
-        "qop"=>"chap",
-        "realm"=>"testrealm@host.com",
-        "username"=>"Foobear",
-        "response"=>"6629fae49393a05397450978507c4ef1",
-        "cnonce"=>"5ccc069c403ebaf9f0171e9517f40e41"
-      })
+      expect(params).to eq(
+        "qop" => "chap",
+        "realm" => "testrealm@host.com",
+        "username" => "Foobear",
+        "response" => "6629fae49393a05397450978507c4ef1",
+        "cnonce" => "5ccc069c403ebaf9f0171e9517f40e41"
+      )
     end
     it 'parses an OAuth header from Twitter documentation' do
-      twitter_header = 'OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog",
-              oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
-              oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
-              oauth_signature_method="HMAC-SHA1",
-              oauth_timestamp="1318622958",
-              oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
+      twitter_header = 'OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog",
+              oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
+              oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
+              oauth_signature_method="HMAC-SHA1",
+              oauth_timestamp="1318622958",
+              oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
               oauth_version="1.0"'
       parsed = AuthorizationHeaderParser.parse(twitter_header)
       scheme, params = parsed
       expect(scheme).to eq("OAuth")
-      expect(params).to eq({
-        "oauth_consumer_key"=>"xvz1evFS4wEEPTGEFPHBog",
-        "oauth_nonce"=>"kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
-        "oauth_signature"=>"tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
-        "oauth_signature_method"=>"HMAC-SHA1",
-        "oauth_timestamp"=>"1318622958",
-        "oauth_token"=>"370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
-        "oauth_version"=>"1.0"
-      })
+      expect(params).to eq(
+        "oauth_consumer_key" => "xvz1evFS4wEEPTGEFPHBog",
+        "oauth_nonce" => "kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
+        "oauth_signature" => "tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
+        "oauth_signature_method" => "HMAC-SHA1",
+        "oauth_timestamp" => "1318622958",
+        "oauth_token" => "370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
+        "oauth_version" => "1.0"
+      )
     end
     it 'parses another OAuth params example' do
       oauth_header = 'OAuth realm="",
           oauth_nonce="72250409",
@@ -74,40 +90,35 @@ describe "AuthorizationHeaderParser" do
           oauth_signature_method="HMAC-SHA1",
           oauth_version="1.0",
           oauth_signature="IBlWhOm3PuDwaSdxE/Qu4RKPtVE="'
       parsed = AuthorizationHeaderParser.parse(oauth_header)
       scheme, params = parsed
       expect(scheme).to eq("OAuth")
-      expect(params).to eq({
-        "realm"=>"",
-        "oauth_nonce" => "72250409",
-        "oauth_timestamp"=>"1294966759",
-        "oauth_consumer_key"=>"Dummy",
-        "oauth_signature_method"=>"HMAC-SHA1",
-        "oauth_version"=>"1.0",
-        "oauth_signature"=>"IBlWhOm3PuDwaSdxE/Qu4RKPtVE="
-      })
+      expect(params).to eq(
+        "realm" => "",
+        "oauth_nonce" => "72250409",
+        "oauth_timestamp" => "1294966759",
+        "oauth_consumer_key" => "Dummy",
+        "oauth_signature_method" => "HMAC-SHA1",
+        "oauth_version" => "1.0",
+        "oauth_signature" => "IBlWhOm3PuDwaSdxE/Qu4RKPtVE="
+      )
     end
   end
   context 'with invalid headers' do
     it 'raises InvalidHeader' do
-      expect {
-        AuthorizationHeaderParser.parse_params('foo=')
-      }.to raise_error(AuthorizationHeaderParser::InvalidHeader, /Expected opening of a parameter/)
       expect {
         AuthorizationHeaderParser.parse_params('foo=bar"')
       }.to raise_error(AuthorizationHeaderParser::InvalidHeader, /Expected end of header or a comma/)
       expect {
         AuthorizationHeaderParser.parse_params('FONDBSJDJAHJDHAHUYHJHJBDA')
       }.to raise_error(AuthorizationHeaderParser::InvalidHeader, /Expected =, but found none/)
       expect {
         AuthorizationHeaderParser.parse_params('foo="bar"baz"bad" another=123')
       }.to raise_error(AuthorizationHeaderParser::InvalidHeader, /Expected end of header or a comma/)
     end
   end
 end

metadata CHANGED

@@ -1,73 +1,73 @@
 --- !ruby/object:Gem::Specification
 name: authorization_header_parser
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.1
 platform: ruby
 authors:
-- Julik Tarkhanov
+- WeTransfer
 autorequire:
 bindir: bin
 cert_chain: []
 date: 2015-06-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rdoc
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.12'
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.12'
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '10'
 - !ruby/object:Gem::Dependency
-  name: jeweler
+  name: wetransfer_style
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: 0.6.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: 0.6.0
 description: Parses parametrized  HTTP Authorization headers
-email: me@julik.nl
+email: info@wetransfer.com
 executables: []
 extensions: []
 extra_rdoc_files:
@@ -75,15 +75,19 @@ extra_rdoc_files:
 - README.md
 files:
 - ".document"
+- ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
+- authorization_header_parser.gemspec
 - lib/authorization_header_parser.rb
 - spec/authorization_header_parser_spec.rb
 - spec/spec_helper.rb
-homepage: http://github.com/julik/authorization_header_parser
+homepage: http://github.com/wetransfer/authorization_header_parser
 licenses:
 - MIT
 metadata: {}
@@ -102,8 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.2.2
+rubygems_version: 3.0.6
 signing_key:
 specification_version: 4
 summary: such as OAuth and Digest