cerner-oauth1a 2.5.3 → 2.5.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/lib/cerner/oauth1a/access_token.rb +7 -7
  4. data/lib/cerner/oauth1a/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a554af1b8a4a44ff14a05c9fb71517046cdb1a5bf677b5a4792eaa7d01423b83
4
- data.tar.gz: 3f16a0c5584bae17e6edfcecb277c92d04da581fcc883f687b91719089543b8e
3
+ metadata.gz: 7c216d39c6c458e3987b9b46dbedf8cd58c462fd336d1042d1f7f827e0be71f3
4
+ data.tar.gz: 79166e522691bbac84d2190bad3f824441eb3b2c8448c6547c1874a627703f4e
5
5
  SHA512:
6
- metadata.gz: 6b501e8559461f9a2a24aa9515403f6ee3d071786005f56eb1e466560b5b53a78f4992fc8c4b8ae9c17a819263c401b7474b732a21b261bb7890902e88a69f05
7
- data.tar.gz: 0ee901ddfa558db983229086f6f5e4cd20de2c9575c20a6457e09862b5e2d1eeadd662e856de1851e6528b834a0a5dcfe714f01a8b521d542a2927e14aac4552
6
+ metadata.gz: 298d94d966ff6bed04ab29f8ee8ad3076507e9cc950517eff5bf0fb9c31d15b89924fa5c1fe384b1fd20f16688327b90267178b7bcf80b9958dcd6e0cb2d0b2d
7
+ data.tar.gz: d3e0c95062ed21513a20c47c2115f0385260173f60ed9c7676c320084b787c2488d301f7436330ebdae9f78d044790837c2694197e34ef70f2ba3d769bb61cad
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ # v2.5.4
2
+ Replace invalid usage of `oauth_parameters_rejected` and `oauth_parameters_absent`
3
+ OAuth problem values with correct values `parameter_rejected` and `parameter_absent`
4
+ when reporting certain errors.
5
+
1
6
  # v2.5.3
2
7
  Use a constant time compare algorithm for checking a signature
3
8
 
data/lib/cerner/oauth1a/access_token.rb CHANGED
@@ -368,7 +368,7 @@ module Cerner
368
368
  # Internal: Used by #authenticate to verify the expiration time.
369
369
  def verify_expiration(expires_on)
370
370
  unless expires_on
371
- raise OAuthError.new('token missing ExpiresOn', nil, 'oauth_parameters_rejected', 'oauth_token', @realm)
371
+ raise OAuthError.new('token missing ExpiresOn', nil, 'parameter_rejected', 'oauth_token', @realm)
372
372
  end
373
373
 
374
374
  expires_on = Internal.convert_to_time(time: expires_on, name: 'expires_on')
@@ -380,7 +380,7 @@ module Cerner
380
380
  # Internal: Used by #authenticate to load the keys
381
381
  def load_keys(access_token_agent, keys_version)
382
382
  unless keys_version
383
- raise OAuthError.new('token missing KeysVersion', nil, 'oauth_parameters_rejected', 'oauth_token', @realm)
383
+ raise OAuthError.new('token missing KeysVersion', nil, 'parameter_rejected', 'oauth_token', @realm)
384
384
  end
385
385
 
386
386
  begin
@@ -389,7 +389,7 @@ module Cerner
389
389
  raise OAuthError.new(
390
390
  'token references invalid keys version',
391
391
  nil,
392
- 'oauth_parameters_rejected',
392
+ 'parameter_rejected',
393
393
  'oauth_token',
394
394
  @realm
395
395
  )
@@ -400,16 +400,16 @@ module Cerner
400
400
  def verify_token(keys)
401
401
  return if keys.verify_rsasha1_signature(@token)
402
402
 
403
- raise OAuthError.new('token is not authentic', nil, 'oauth_parameters_rejected', 'oauth_token', @realm)
403
+ raise OAuthError.new('token is not authentic', nil, 'parameter_rejected', 'oauth_token', @realm)
404
404
  end
405
405
 
406
406
  # Internal: Used by #authenticate to verify the request signature.
407
407
  def verify_signature(keys:, hmac_secrets:, http_method:, fully_qualified_url:, request_params:)
408
408
  unless @signature
409
- raise OAuthError.new('missing signature', nil, 'oauth_parameters_absent', 'oauth_signature', @realm)
409
+ raise OAuthError.new('missing signature', nil, 'parameter_absent', 'oauth_signature', @realm)
410
410
  end
411
411
  unless hmac_secrets
412
- raise OAuthError.new('missing HMACSecrets', nil, 'oauth_parameters_rejected', 'oauth_token', @realm)
412
+ raise OAuthError.new('missing HMACSecrets', nil, 'parameter_rejected', 'oauth_token', @realm)
413
413
  end
414
414
 
415
415
  begin
@@ -418,7 +418,7 @@ module Cerner
418
418
  raise OAuthError.new(
419
419
  "unable to decrypt HMACSecrets: #{e.message}",
420
420
  nil,
421
- 'oauth_parameters_rejected',
421
+ 'parameter_rejected',
422
422
  'oauth_token',
423
423
  @realm
424
424
  )
data/lib/cerner/oauth1a/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Cerner
4
4
  module OAuth1a
5
- VERSION = '2.5.3'
5
+ VERSION = '2.5.4'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cerner-oauth1a
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.5.3
4
+ version: 2.5.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nathan Beyer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-28 00:00:00.000000000 Z
11
+ date: 2021-06-28 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: |
14
14
  A minimal dependency library for interacting with a Cerner OAuth 1.0a Access