RubyGems - diaspora_federation - Versions diffs - 0.1.3 → 0.1.4 - Mend

diaspora_federation 0.1.3 → 0.1.4

Files changed (7) hide show

checksums.yaml +4 -4
data/Changelog.md +7 -0
data/lib/diaspora_federation/entity.rb +1 -1
data/lib/diaspora_federation/salmon/exceptions.rb +4 -0
data/lib/diaspora_federation/salmon/magic_envelope.rb +39 -17
data/lib/diaspora_federation/version.rb +1 -1
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e56eee6e871dc16abaa0da7c604f9f9143e71871
-  data.tar.gz: 224950a212f0264c89ef06f9424562890402f241
+  metadata.gz: 98960499491bf5fa4f32f9b26b07d251be8feb1e
+  data.tar.gz: 0769440c0da228ac91ac6129ce7129bb81a144ef
 SHA512:
-  metadata.gz: 5312e34a58235295100cb3ab411c9d98f02a176eb269d9a17e1dc1d4ba3f758c4709aa4be7412beb69d46f16f4c5b9a0fc26f9064d7d19e3c0412a1415b2a7cd
-  data.tar.gz: c8d038df9fb247670cbdc94385e80a758fc03a2ef2e37a3a9dd26ebc6c42973fa83234a2e2173110a0f74524a7ec256d0b54f8f31f8062d1286422c8afe6be4a
+  metadata.gz: d0237ce04699644b5925a6a80350070305d16addbbd1c032c802dcc527d6fd648668f97834349e43ec1711fac469a571379a0951cb551f39998ded04528ce9de
+  data.tar.gz: a6a930e63aea294c0a0437cb831a0607de17361e8e00fb7ecc4f25bd76a453cb55a6010eb12e5fed2e3e331f122d1f5b44e31a997c8f76fad4a953628b69e028

data/Changelog.md CHANGED Viewed

@@ -1,3 +1,10 @@
+# 0.1.4
+## Refactor
+* Improve magic envelope validation [90d12e7](https://github.com/diaspora/diaspora_federation/commit/90d12e71d00bd4874c09f81cde968360111933f9)
+* Raise ValidationError if properties are missing [4295237](https://github.com/diaspora/diaspora_federation/commit/4295237e9e6e8e0ff23a5d8d732654b865f44944)
 # 0.1.3
 ## Refactor

data/lib/diaspora_federation/entity.rb CHANGED Viewed

@@ -153,7 +153,7 @@ module DiasporaFederation
     def validate_missing_props(entity_data)
       missing_props = self.class.missing_props(entity_data)
-      raise ArgumentError, "missing required properties: #{missing_props.join(', ')}" unless missing_props.empty?
+      raise ValidationError, "missing required properties: #{missing_props.join(', ')}" unless missing_props.empty?
     end
     def setable?(name, val)

data/lib/diaspora_federation/salmon/exceptions.rb CHANGED Viewed

@@ -33,6 +33,10 @@ module DiasporaFederation
     class InvalidSignature < RuntimeError
     end
+    # Raised, if the parsed Magic Envelope specifies an unhandled data type.
+    class InvalidDataType < RuntimeError
+    end
     # Raised, if the parsed Magic Envelope specifies an unhandled algorithm.
     class InvalidAlgorithm < RuntimeError
     end

data/lib/diaspora_federation/salmon/magic_envelope.rb CHANGED Viewed

@@ -110,19 +110,20 @@ module DiasporaFederation
       # @raise [ArgumentError] if any of the arguments is of invalid type
       # @raise [InvalidEnvelope] if the envelope XML structure is malformed
       # @raise [InvalidSignature] if the signature can't be verified
-      # @raise [InvalidEncoding] if the data is wrongly encoded
-      # @raise [InvalidAlgorithm] if the algorithm used doesn't match
+      # @raise [InvalidDataType] if the data is missing or unsupported
+      # @raise [InvalidEncoding] if the data is wrongly encoded or encoding is missing
+      # @raise [InvalidAlgorithm] if the algorithm is missing or doesn't match
       def self.unenvelop(magic_env, sender=nil, cipher_params=nil)
         raise ArgumentError unless magic_env.instance_of?(Nokogiri::XML::Element)
-        raise InvalidEnvelope unless envelope_valid?(magic_env)
+        validate_envelope(magic_env)
+        validate_type(magic_env)
+        validate_encoding(magic_env)
+        validate_algorithm(magic_env)
         sender ||= sender(magic_env)
         raise InvalidSignature unless signature_valid?(magic_env, sender)
-        raise InvalidEncoding unless encoding_valid?(magic_env)
-        raise InvalidAlgorithm unless algorithm_valid?(magic_env)
         data = read_and_decrypt_data(magic_env, cipher_params)
         logger.debug "unenvelop message from #{sender}:\n#{data}"
@@ -165,11 +166,20 @@ module DiasporaFederation
       end
       # @param [Nokogiri::XML::Element] env magic envelope XML
-      private_class_method def self.envelope_valid?(env)
-        (env.instance_of?(Nokogiri::XML::Element) &&
-          env.name == "env" &&
-          !env.at_xpath("me:data").content.empty? &&
-          !env.at_xpath("me:sig").content.empty?)
+      # @raise [InvalidEnvelope] if the envelope XML structure is malformed
+      private_class_method def self.validate_envelope(env)
+        raise InvalidEnvelope unless env.instance_of?(Nokogiri::XML::Element) && env.name == "env"
+        validate_element(env, "me:data")
+        validate_element(env, "me:sig")
+      end
+      # @param [Nokogiri::XML::Element] env magic envelope XML
+      # @param [String] xpath the element to validate
+      # @raise [InvalidEnvelope] if the element is missing or empty
+      private_class_method def self.validate_element(env, xpath)
+        element = env.at_xpath(xpath)
+        raise InvalidEnvelope, "missing #{xpath}" unless element
+        raise InvalidEnvelope, "empty #{xpath}" if element.content.empty?
       end
       # @param [Nokogiri::XML::Element] env magic envelope XML
@@ -207,15 +217,27 @@ module DiasporaFederation
       end
       # @param [Nokogiri::XML::Element] magic_env magic envelope XML
-      # @return [Boolean]
-      private_class_method def self.encoding_valid?(magic_env)
-        magic_env.at_xpath("me:encoding").content == ENCODING
+      # @raise [InvalidDataType] if the data is missing or unsupported
+      private_class_method def self.validate_type(magic_env)
+        type = magic_env.at_xpath("me:data")["type"]
+        raise InvalidDataType, "missing data type" if type.nil?
+        raise InvalidDataType, "invalid data type: #{type}" unless type == DATA_TYPE
       end
       # @param [Nokogiri::XML::Element] magic_env magic envelope XML
-      # @return [Boolean]
-      private_class_method def self.algorithm_valid?(magic_env)
-        magic_env.at_xpath("me:alg").content == ALGORITHM
+      # @raise [InvalidEncoding] if the data is wrongly encoded or encoding is missing
+      private_class_method def self.validate_encoding(magic_env)
+        enc = magic_env.at_xpath("me:encoding")
+        raise InvalidEncoding, "missing encoding" unless enc
+        raise InvalidEncoding, "invalid encoding: #{enc.content}" unless enc.content == ENCODING
+      end
+      # @param [Nokogiri::XML::Element] magic_env magic envelope XML
+      # @raise [InvalidAlgorithm] if the algorithm is missing or doesn't match
+      private_class_method def self.validate_algorithm(magic_env)
+        alg = magic_env.at_xpath("me:alg")
+        raise InvalidAlgorithm, "missing algorithm" unless alg
+        raise InvalidAlgorithm, "invalid algorithm: #{alg.content}" unless alg.content == ALGORITHM
       end
       # @param [Nokogiri::XML::Element] magic_env magic envelope XML

data/lib/diaspora_federation/version.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 module DiasporaFederation
   # the gem version
-  VERSION = "0.1.3".freeze
+  VERSION = "0.1.4".freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: diaspora_federation
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - Benjamin Neff
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-07-28 00:00:00.000000000 Z
+date: 2016-08-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -191,7 +191,7 @@ files:
 - lib/tasks/tests.rake
 homepage: https://github.com/diaspora/diaspora_federation
 licenses:
-- AGPL 3.0 - http://www.gnu.org/licenses/agpl-3.0.html
+- AGPL-3.0
 metadata: {}
 post_install_message:
 rdoc_options: []
@@ -209,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.8
+rubygems_version: 2.5.1
 signing_key:
 specification_version: 4
 summary: diaspora* federation library