bunq-client 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bc23bc27575508ac16d6b2c8d897ab8e5e6cfdbec6f01a10909c2e674f3ce3fc
4
- data.tar.gz: dc072e3faf586f7dfc9a3b251a79791836157e9c8e7746310cb1ac009a5155f4
3
+ metadata.gz: 98dbab9b8695c2550142560443bc09a6a3f4db726bb1eb4505c42fd08142cf99
4
+ data.tar.gz: d473fdd5e1c2e42587678a954f030b167af21aebccd1207972f8d51e9caa2e80
5
5
  SHA512:
6
- metadata.gz: 92b3bdff93c25225d6af4dee83f8b29387aa06d113ebf83cce27f6535fcf01f8abe1d1eec4c32571fceda4caf65a24479f1f0df12f009e533883e19b124b51e6
7
- data.tar.gz: 3f7ea8bfd8206605e8391a0334021fe76ad122835618ab1b565c70cb8ec0e17834471accc27ce1131673702fc608cd69a1f70cc8aeb5022bd0373e09c4bf59cd
6
+ metadata.gz: 56ebe10bae8893b8f263347077d2731b4af09f05b5162700e0daedd6debd167d9ee5a8d3ed6d338f8a2ef5233193cbd412bf8cc2c25669393ee1aa48690ab96b
7
+ data.tar.gz: a114dd6b263c1674b45b4ae552b858431cd4161378b771e0383e04fa2e845d6d14deddac55b3e3ff1216ba59fdf33b56b9632052c291ff11dad7d48ef1ec0eec
data/lib/bunq/errors.rb CHANGED
@@ -26,6 +26,7 @@ module Bunq
26
26
  end
27
27
 
28
28
  class UnexpectedResponse < ResponseError; end
29
+ class RequestSignatureRequired < ResponseError; end
29
30
  class AbsentResponseSignature < ResponseError; end
30
31
  class TooManyRequestsResponse < ResponseError; end
31
32
  class UnauthorisedResponse < ResponseError; end
data/lib/bunq/resource.rb CHANGED
@@ -89,12 +89,7 @@ module Bunq
89
89
  end
90
90
 
91
91
  def sign_request(verb, params, headers, payload = nil)
92
- client.signature.create(
93
- verb,
94
- encode_params(@path, params),
95
- resource.headers.merge(headers),
96
- payload
97
- )
92
+ client.signature.create(payload)
98
93
  end
99
94
 
100
95
  def encode_params(path, params)
@@ -5,9 +5,6 @@ module Bunq
5
5
  # headers in raw_headers hash in rest client are all lower case
6
6
  BUNQ_HEADER_PREFIX = 'X-Bunq-'.downcase
7
7
  BUNQ_SERVER_SIGNATURE_RESPONSE_HEADER = 'X-Bunq-Server-Signature'.downcase
8
- CACHE_CONTROL_HEADER = 'Cache-Control'.downcase
9
- USER_AGENT_HEADER = 'User-Agent'.downcase
10
- SIGNABLE_HEADERS = [CACHE_CONTROL_HEADER, USER_AGENT_HEADER]
11
8
 
12
9
  def initialize(private_key, server_public_key)
13
10
  fail ArgumentError.new('private_key is mandatory') unless private_key
@@ -17,11 +14,8 @@ module Bunq
17
14
  @server_public_key = OpenSSL::PKey::RSA.new(server_public_key)
18
15
  end
19
16
 
20
- def create(verb, path, headers, body)
21
- signature = private_key.sign(
22
- digest,
23
- signable_input(verb, path, headers.select { |header_name, _| signable_header?(header_name) }, body)
24
- )
17
+ def create(body)
18
+ signature = private_key.sign(digest, body.to_s)
25
19
 
26
20
  Base64.strict_encode64(signature)
27
21
  end
@@ -29,17 +23,20 @@ module Bunq
29
23
  def verify!(response)
30
24
  return if skip_signature_check(response.code)
31
25
 
32
- sorted_bunq_headers = response.raw_headers.select(&method(:verifiable_header?)).sort.to_h.map { |k, v| "#{k.to_s.split('-').map(&:capitalize).join('-')}: #{v.first}" }
33
- data = %Q{#{response.code}\n#{sorted_bunq_headers.join("\n")}\n\n#{response.body}}
34
-
35
26
  signature_headers = response.raw_headers.find { |k, _| k.to_s.downcase == BUNQ_SERVER_SIGNATURE_RESPONSE_HEADER }
36
- fail AbsentResponseSignature.new(code: response.code, headers: response.raw_headers, body: response.body) unless signature_headers
27
+ unless signature_headers
28
+ fail AbsentResponseSignature.new(code: response.code, headers: response.raw_headers, body: response.body)
29
+ end
37
30
 
38
31
  signature_headers_value = signature_headers[1]
39
- fail AbsentResponseSignature.new(code: response.code, headers: response.raw_headers, body: response.body) unless signature_headers_value
32
+ unless signature_headers_value
33
+ fail AbsentResponseSignature.new(code: response.code, headers: response.raw_headers, body: response.body)
34
+ end
40
35
 
41
36
  signature = Base64.strict_decode64(signature_headers_value.first)
42
- fail UnexpectedResponse.new(code: response.code, headers: response.raw_headers, body: response.body) unless server_public_key.verify(digest, signature, data)
37
+ unless server_public_key.verify(digest, signature, response.body)
38
+ fail RequestSignatureRequired.new(code: response.code, headers: response.raw_headers, body: response.body)
39
+ end
43
40
  end
44
41
 
45
42
  private
@@ -50,20 +47,6 @@ module Bunq
50
47
  OpenSSL::Digest::SHA256.new
51
48
  end
52
49
 
53
- def signable_input(verb, path, headers, body)
54
- sortable_headers = Hash[headers.collect{ |k,v| [k.to_s, v] }]
55
- head = [
56
- [verb, path].join(' '),
57
- sortable_headers.sort.to_h.map { |k,v| "#{k}: #{v}" }.join("\n")
58
- ].join("\n")
59
- "#{head}\n\n#{body}"
60
- end
61
-
62
- def signable_header?(header_name)
63
- _header_name = header_name.to_s.downcase
64
- SIGNABLE_HEADERS.include?(_header_name) || _header_name.start_with?(BUNQ_HEADER_PREFIX)
65
- end
66
-
67
50
  def verifiable_header?(header_name, _)
68
51
  _header_name = header_name.to_s.downcase
69
52
  _header_name.start_with?(BUNQ_HEADER_PREFIX) && _header_name != BUNQ_SERVER_SIGNATURE_RESPONSE_HEADER
data/lib/bunq/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Bunq
2
- VERSION = "0.5.0"
2
+ VERSION = "0.6.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bunq-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lars Vonk
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: exe
13
13
  cert_chain: []
14
- date: 2020-03-05 00:00:00.000000000 Z
14
+ date: 2020-03-09 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: rest-client