RubyGems - crashlog-auth-hmac - Versions diffs - 1.1.6 → 1.1.7 - Mend

crashlog-auth-hmac 1.1.6 → 1.1.7

Files changed (8) hide show

data/.travis.yml +3 -4
data/Gemfile +2 -0
data/Gemfile.lock +6 -1
data/lib/crash_log/auth_hmac.rb +4 -2
data/lib/crash_log/auth_hmac/version.rb +1 -1
data/spec/crash_log/auth_hmac_spec.rb +12 -13
data/spec/crash_log/rack_test_request_spec.rb +16 -4
metadata +20 -12

data/.travis.yml CHANGED

@@ -3,10 +3,9 @@ rvm:
   - 1.9.3
   - 1.9.2
   - 1.8.7
-  # - jruby-18mode
-  # - jruby-19mode
-  # - jruby-head
+  - jruby-18mode
+  - jruby-19mode
+  - jruby-head
   - rbx-18mode
   - rbx-19mode
   - ree

data/Gemfile CHANGED

@@ -9,3 +9,5 @@ gem 'rack-test'
 gem 'delorean'
 gem 'rspec', '>= 2.7.0'
 gem 'activesupport', '~> 3.2.0'
+gem 'jruby-openssl', :platform => :jruby

data/Gemfile.lock CHANGED

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    crashlog-auth-hmac (1.1.5)
+    crashlog-auth-hmac (1.1.7)
 GEM
   remote: https://rubygems.org/
@@ -9,11 +9,14 @@ GEM
     activesupport (3.2.7)
       i18n (~> 0.6)
       multi_json (~> 1.0)
+    bouncy-castle-java (1.5.0146.1)
     chronic (0.6.7)
     delorean (2.0.0)
       chronic
     diff-lcs (1.1.3)
     i18n (0.6.0)
+    jruby-openssl (0.7.7)
+      bouncy-castle-java (>= 1.5.0146.1)
     multi_json (1.3.6)
     rack (1.4.1)
     rack-test (0.6.1)
@@ -29,12 +32,14 @@ GEM
     rspec-mocks (2.11.1)
 PLATFORMS
+  java
   ruby
 DEPENDENCIES
   activesupport (~> 3.2.0)
   crashlog-auth-hmac!
   delorean
+  jruby-openssl
   rack-test
   rake
   rspec (>= 2.7.0)

data/lib/crash_log/auth_hmac.rb CHANGED

@@ -75,7 +75,7 @@ module CrashLog
           request.request_method
         elsif request.is_a?(Hash) && request.has_key?(:method)
           request[:method].to_s
-        elsif request.respond_to?(:env) && request.env
+        elsif request.respond_to?(:env)
           request.env['REQUEST_METHOD']
         elsif request.is_a?(Hash) && request.has_key?('REQUEST_METHOD')
           request['REQUEST_METHOD']
@@ -231,7 +231,9 @@ module CrashLog
     def signature(request, secret)
       digest = OpenSSL::Digest::Digest.new('sha1')
       string = canonical_string(request)
-      Base64.strict_encode64(OpenSSL::HMAC.digest(digest, secret, string)).strip
+      hmac = OpenSSL::HMAC.digest(digest, secret, string)
+      encoded_signature = Base64.encode64(hmac)
+      encoded_signature.gsub(/\n/, '').strip
     end
     def canonical_string(request)

data/lib/crash_log/auth_hmac/version.rb CHANGED

@@ -1,5 +1,5 @@
 module CrashLog
   class AuthHMAC
-    VERSION = "1.1.6"
+    VERSION = "1.1.7"
   end
 end

data/spec/crash_log/auth_hmac_spec.rb CHANGED

@@ -79,39 +79,38 @@ describe CrashLog::AuthHMAC do
         'content-type' => 'text/plain',
         'content-md5' => 'blahblah',
         'date' => "Thu, 10 Jul 2008 03:29:56 GMT")
-       @store = mock('store')
-      @store.stub!(:[]).and_return("")
+      @store = {'my-key-id' => 'secret'}
       @authhmac = CrashLog::AuthHMAC.new(@store)
     end
     describe "default AuthHMAC with CanonicalString signature" do
       it "should add an Authorization header" do
-        @authhmac.sign!(@get_request, 'key-id')
+        @authhmac.sign!(@get_request, 'my-key-id')
         @get_request.key?("Authorization").should be_true
       end
       it "should fetch the secret from the store" do
-        @store.should_receive(:[]).with('key-id').and_return('secret')
-        @authhmac.sign!(@get_request, 'key-id')
+        @store.should_receive(:[]).with('my-key-id').and_return('secret')
+        @authhmac.sign!(@get_request, 'my-key-id')
       end
       it "should prefix the Authorization Header with AuthHMAC" do
-        @authhmac.sign!(@get_request, 'key-id')
+        @authhmac.sign!(@get_request, 'my-key-id')
         @get_request['Authorization'].should match(/^AuthHMAC /)
       end
       it "should include the key id as the first part of the Authorization header value" do
-        @authhmac.sign!(@get_request, 'key-id')
-        @get_request['Authorization'].should match(/^AuthHMAC key-id:/)
+        @authhmac.sign!(@get_request, 'my-key-id')
+        @get_request['Authorization'].should match(/^AuthHMAC my-key-id:/)
       end
       it "should include the base64 encoded HMAC signature as the last part of the header value" do
-        @authhmac.sign!(@get_request, 'key-id')
+        @authhmac.sign!(@get_request, 'my-key-id')
         @get_request['Authorization'].should match(/:[A-Za-z0-9+\/]{26,28}[=]{0,2}$/)
       end
       it "should create a complete signature" do
-        @store.should_receive(:[]).with('my-key-id').and_return('secret')
         @authhmac.sign!(@put_request, "my-key-id")
         @put_request['Authorization'].should == "AuthHMAC my-key-id:71wAJM4IIu/3o6lcqx/tw7XnAJs="
       end
@@ -123,16 +122,16 @@ describe CrashLog::AuthHMAC do
           :service_id => 'MyService',
           :signature => CustomSignature
         }
-        @authhmac = CrashLog::AuthHMAC.new(@store, @options)
+        store = {'my-key-id' => 'secret'}
+        @authhmac = CrashLog::AuthHMAC.new(store, @options)
       end
       it "should prefix the Authorization header with custom service id" do
-        @authhmac.sign!(@get_request, 'key-id')
+        @authhmac.sign!(@get_request, 'my-key-id')
         @get_request['Authorization'].should match(/^MyService /)
       end
       it "should create a complete signature using options" do
-        @store.should_receive(:[]).with('my-key-id').and_return('secret')
         @authhmac.sign!(@put_request, "my-key-id")
         @put_request['Authorization'].should == "MyService my-key-id:/L4N1v1BZSHfAYkQjsvZn696D9c="
       end

data/spec/crash_log/rack_test_request_spec.rb CHANGED

@@ -23,11 +23,11 @@ describe CrashLog::AuthHMAC do
   it 'can process rack test requests' do
     # HMAC uses date to validate request signature, we need to fix the date so
     # that it matches.
-    Delorean.time_travel_to(Date.parse("Thu, 10 Jul 2008 03:29:56 GMT"))
+    Delorean.time_travel_to(Time.utc(2012,10,04,8,31,16))
-    env = current_session.__send__(:env_for, '/notify', {}.merge(:method => "POST", :params => {token: 'my-key-id'}))
-    signature = CrashLog::AuthHMAC.sign!(env, "my-key-id", "secret")
-    signature.should == "AuthHMAC my-key-id:nt0VFUekBB3Ci5cCyaqy9fQnaK0="
+    env = current_session.__send__(:env_for, '/events', {:method => "POST", 'CONTENT_TYPE' => "application/json; charset=UTF-8"})
+    signature = CrashLog::AuthHMAC.signature(env, "2Xbz25UpU8nQxaSAKuixJQMDxuiqryxzArzSJJ8Ci3Mr")
+    signature.should == "Rqj0DdG4/jNrzOXdybz13CaKzXU="
   end
   it 'can handle hash requests' do
@@ -49,4 +49,16 @@ describe CrashLog::AuthHMAC do
     sig = CrashLog::AuthHMAC.signature(request_hash, 'secret')
     sig.should == CrashLog::AuthHMAC.signature(standard_request, 'secret')
   end
+  it 'accepts real request without content md5' do
+    Delorean.time_travel_to(Date.parse("Thu, 04 Oct 2012 08:31:16 GMT"))
+    request = Net::HTTP::Post.new("/events",
+      'content-type' => 'application/json; charset=UTF-8',
+      'date' => "Thu, 04 Oct 2012 08:31:16 GMT")
+    sig = CrashLog::AuthHMAC.signature(request, '2Xbz25UpU8nQxaSAKuixJQMDxuiqryxzArzSJJ8Ci3Mr')
+    sig.should == 'Rqj0DdG4/jNrzOXdybz13CaKzXU='
+  end
 end

metadata CHANGED

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: crashlog-auth-hmac
 version: !ruby/object:Gem::Version
-  version: 1.1.6
-  prerelease:
+  prerelease:
+  version: 1.1.7
 platform: ruby
 authors:
 - Ivan Vanderbyl
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-10-04 00:00:00.000000000 Z
+date: 2012-11-19 00:00:00.000000000 Z
 dependencies: []
 description: A Ruby Gem for authenticating HTTP requests using a HMAC
 email:
@@ -36,26 +36,34 @@ files:
 - spec/spec_helper.rb
 homepage: http://crashlog.io
 licenses: []
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
+      segments:
+      - 0
+      hash: 2
+      version: !binary |-
+        MA==
   none: false
+required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
-      version: '0'
+      segments:
+      - 0
+      hash: 2
+      version: !binary |-
+        MA==
+  none: false
 requirements: []
-rubyforge_project:
-rubygems_version: 1.8.15
-signing_key:
+rubyforge_project:
+rubygems_version: 1.8.24
+signing_key:
 specification_version: 3
 summary: A Ruby Gem for authenticating HTTP requests using a HMAC
 test_files: