diaspora_federation 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e56eee6e871dc16abaa0da7c604f9f9143e71871
4
- data.tar.gz: 224950a212f0264c89ef06f9424562890402f241
3
+ metadata.gz: 98960499491bf5fa4f32f9b26b07d251be8feb1e
4
+ data.tar.gz: 0769440c0da228ac91ac6129ce7129bb81a144ef
5
5
  SHA512:
6
- metadata.gz: 5312e34a58235295100cb3ab411c9d98f02a176eb269d9a17e1dc1d4ba3f758c4709aa4be7412beb69d46f16f4c5b9a0fc26f9064d7d19e3c0412a1415b2a7cd
7
- data.tar.gz: c8d038df9fb247670cbdc94385e80a758fc03a2ef2e37a3a9dd26ebc6c42973fa83234a2e2173110a0f74524a7ec256d0b54f8f31f8062d1286422c8afe6be4a
6
+ metadata.gz: d0237ce04699644b5925a6a80350070305d16addbbd1c032c802dcc527d6fd648668f97834349e43ec1711fac469a571379a0951cb551f39998ded04528ce9de
7
+ data.tar.gz: a6a930e63aea294c0a0437cb831a0607de17361e8e00fb7ecc4f25bd76a453cb55a6010eb12e5fed2e3e331f122d1f5b44e31a997c8f76fad4a953628b69e028
data/Changelog.md CHANGED
@@ -1,3 +1,10 @@
1
+ # 0.1.4
2
+
3
+ ## Refactor
4
+
5
+ * Improve magic envelope validation [90d12e7](https://github.com/diaspora/diaspora_federation/commit/90d12e71d00bd4874c09f81cde968360111933f9)
6
+ * Raise ValidationError if properties are missing [4295237](https://github.com/diaspora/diaspora_federation/commit/4295237e9e6e8e0ff23a5d8d732654b865f44944)
7
+
1
8
  # 0.1.3
2
9
 
3
10
  ## Refactor
@@ -153,7 +153,7 @@ module DiasporaFederation
153
153
 
154
154
  def validate_missing_props(entity_data)
155
155
  missing_props = self.class.missing_props(entity_data)
156
- raise ArgumentError, "missing required properties: #{missing_props.join(', ')}" unless missing_props.empty?
156
+ raise ValidationError, "missing required properties: #{missing_props.join(', ')}" unless missing_props.empty?
157
157
  end
158
158
 
159
159
  def setable?(name, val)
@@ -33,6 +33,10 @@ module DiasporaFederation
33
33
  class InvalidSignature < RuntimeError
34
34
  end
35
35
 
36
+ # Raised, if the parsed Magic Envelope specifies an unhandled data type.
37
+ class InvalidDataType < RuntimeError
38
+ end
39
+
36
40
  # Raised, if the parsed Magic Envelope specifies an unhandled algorithm.
37
41
  class InvalidAlgorithm < RuntimeError
38
42
  end
@@ -110,19 +110,20 @@ module DiasporaFederation
110
110
  # @raise [ArgumentError] if any of the arguments is of invalid type
111
111
  # @raise [InvalidEnvelope] if the envelope XML structure is malformed
112
112
  # @raise [InvalidSignature] if the signature can't be verified
113
- # @raise [InvalidEncoding] if the data is wrongly encoded
114
- # @raise [InvalidAlgorithm] if the algorithm used doesn't match
113
+ # @raise [InvalidDataType] if the data is missing or unsupported
114
+ # @raise [InvalidEncoding] if the data is wrongly encoded or encoding is missing
115
+ # @raise [InvalidAlgorithm] if the algorithm is missing or doesn't match
115
116
  def self.unenvelop(magic_env, sender=nil, cipher_params=nil)
116
117
  raise ArgumentError unless magic_env.instance_of?(Nokogiri::XML::Element)
117
118
 
118
- raise InvalidEnvelope unless envelope_valid?(magic_env)
119
+ validate_envelope(magic_env)
120
+ validate_type(magic_env)
121
+ validate_encoding(magic_env)
122
+ validate_algorithm(magic_env)
119
123
 
120
124
  sender ||= sender(magic_env)
121
125
  raise InvalidSignature unless signature_valid?(magic_env, sender)
122
126
 
123
- raise InvalidEncoding unless encoding_valid?(magic_env)
124
- raise InvalidAlgorithm unless algorithm_valid?(magic_env)
125
-
126
127
  data = read_and_decrypt_data(magic_env, cipher_params)
127
128
 
128
129
  logger.debug "unenvelop message from #{sender}:\n#{data}"
@@ -165,11 +166,20 @@ module DiasporaFederation
165
166
  end
166
167
 
167
168
  # @param [Nokogiri::XML::Element] env magic envelope XML
168
- private_class_method def self.envelope_valid?(env)
169
- (env.instance_of?(Nokogiri::XML::Element) &&
170
- env.name == "env" &&
171
- !env.at_xpath("me:data").content.empty? &&
172
- !env.at_xpath("me:sig").content.empty?)
169
+ # @raise [InvalidEnvelope] if the envelope XML structure is malformed
170
+ private_class_method def self.validate_envelope(env)
171
+ raise InvalidEnvelope unless env.instance_of?(Nokogiri::XML::Element) && env.name == "env"
172
+ validate_element(env, "me:data")
173
+ validate_element(env, "me:sig")
174
+ end
175
+
176
+ # @param [Nokogiri::XML::Element] env magic envelope XML
177
+ # @param [String] xpath the element to validate
178
+ # @raise [InvalidEnvelope] if the element is missing or empty
179
+ private_class_method def self.validate_element(env, xpath)
180
+ element = env.at_xpath(xpath)
181
+ raise InvalidEnvelope, "missing #{xpath}" unless element
182
+ raise InvalidEnvelope, "empty #{xpath}" if element.content.empty?
173
183
  end
174
184
 
175
185
  # @param [Nokogiri::XML::Element] env magic envelope XML
@@ -207,15 +217,27 @@ module DiasporaFederation
207
217
  end
208
218
 
209
219
  # @param [Nokogiri::XML::Element] magic_env magic envelope XML
210
- # @return [Boolean]
211
- private_class_method def self.encoding_valid?(magic_env)
212
- magic_env.at_xpath("me:encoding").content == ENCODING
220
+ # @raise [InvalidDataType] if the data is missing or unsupported
221
+ private_class_method def self.validate_type(magic_env)
222
+ type = magic_env.at_xpath("me:data")["type"]
223
+ raise InvalidDataType, "missing data type" if type.nil?
224
+ raise InvalidDataType, "invalid data type: #{type}" unless type == DATA_TYPE
213
225
  end
214
226
 
215
227
  # @param [Nokogiri::XML::Element] magic_env magic envelope XML
216
- # @return [Boolean]
217
- private_class_method def self.algorithm_valid?(magic_env)
218
- magic_env.at_xpath("me:alg").content == ALGORITHM
228
+ # @raise [InvalidEncoding] if the data is wrongly encoded or encoding is missing
229
+ private_class_method def self.validate_encoding(magic_env)
230
+ enc = magic_env.at_xpath("me:encoding")
231
+ raise InvalidEncoding, "missing encoding" unless enc
232
+ raise InvalidEncoding, "invalid encoding: #{enc.content}" unless enc.content == ENCODING
233
+ end
234
+
235
+ # @param [Nokogiri::XML::Element] magic_env magic envelope XML
236
+ # @raise [InvalidAlgorithm] if the algorithm is missing or doesn't match
237
+ private_class_method def self.validate_algorithm(magic_env)
238
+ alg = magic_env.at_xpath("me:alg")
239
+ raise InvalidAlgorithm, "missing algorithm" unless alg
240
+ raise InvalidAlgorithm, "invalid algorithm: #{alg.content}" unless alg.content == ALGORITHM
219
241
  end
220
242
 
221
243
  # @param [Nokogiri::XML::Element] magic_env magic envelope XML
@@ -1,4 +1,4 @@
1
1
  module DiasporaFederation
2
2
  # the gem version
3
- VERSION = "0.1.3".freeze
3
+ VERSION = "0.1.4".freeze
4
4
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: diaspora_federation
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benjamin Neff
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-28 00:00:00.000000000 Z
11
+ date: 2016-08-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -191,7 +191,7 @@ files:
191
191
  - lib/tasks/tests.rake
192
192
  homepage: https://github.com/diaspora/diaspora_federation
193
193
  licenses:
194
- - AGPL 3.0 - http://www.gnu.org/licenses/agpl-3.0.html
194
+ - AGPL-3.0
195
195
  metadata: {}
196
196
  post_install_message:
197
197
  rdoc_options: []
@@ -209,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
209
209
  version: '0'
210
210
  requirements: []
211
211
  rubyforge_project:
212
- rubygems_version: 2.4.8
212
+ rubygems_version: 2.5.1
213
213
  signing_key:
214
214
  specification_version: 4
215
215
  summary: diaspora* federation library