distack-urlsign 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/distack-urlsign.gemspec +3 -1
- data/lib/distack/urlsign.rb +1 -0
- data/lib/distack/urlsign/signer.rb +34 -5
- data/lib/distack/urlsign/version.rb +2 -2
- metadata +15 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bde30f8bddc0975bcd335a8168978b2cb955b0d2
|
4
|
+
data.tar.gz: 6d4c08ccf86e571e7256b220d2dffd37179bc77c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c03f0fdefa293cc1754dc8bc122882e0f09d1009fb505d884fdb070de00602bb3250848390d9d557d774842aa67456192e53c3b9d71937778dd49570a07e7129
|
7
|
+
data.tar.gz: f0b417d94280566133290179ecfc7945edb9f8a0c7054e439f1998bc9302a3a76086ae66703c15873cc35b6caeb8e9f84c08f4c0b2a8211b42a6f92c77008248
|
data/distack-urlsign.gemspec
CHANGED
@@ -5,7 +5,7 @@ require 'distack/urlsign/version'
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |spec|
|
7
7
|
spec.name = "distack-urlsign"
|
8
|
-
spec.version = Distack::
|
8
|
+
spec.version = Distack::URLSign::VERSION
|
9
9
|
spec.authors = ["Rodrigo Kochenburger"]
|
10
10
|
spec.email = ["divoxx@gmail.com"]
|
11
11
|
|
@@ -18,6 +18,8 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
19
19
|
spec.require_paths = ["lib"]
|
20
20
|
|
21
|
+
spec.add_dependency "rack"
|
22
|
+
|
21
23
|
spec.add_development_dependency "bundler", "~> 1.9"
|
22
24
|
spec.add_development_dependency "rake", "~> 10.0"
|
23
25
|
spec.add_development_dependency "pry", "~> 0.10.1"
|
data/lib/distack/urlsign.rb
CHANGED
@@ -1,4 +1,6 @@
|
|
1
1
|
module Distack::URLSign
|
2
|
+
InvalidSignatureError = Class.new(StandardError)
|
3
|
+
|
2
4
|
class Signer
|
3
5
|
KEY_REGEX = /^[0-9A-f]+$/
|
4
6
|
|
@@ -12,7 +14,7 @@ module Distack::URLSign
|
|
12
14
|
|
13
15
|
def sign(url)
|
14
16
|
if url.opaque
|
15
|
-
raise "can't sign
|
17
|
+
raise "can't sign opaque URL"
|
16
18
|
end
|
17
19
|
|
18
20
|
chunks = [url.scheme, "#{url.host}:#{url.port}", url.path, url.query, url.userinfo].compact
|
@@ -22,16 +24,43 @@ module Distack::URLSign
|
|
22
24
|
signature = Base64.urlsafe_encode64(rawsig)
|
23
25
|
|
24
26
|
if url.query
|
25
|
-
q =
|
27
|
+
q = Rack::Utils.parse_nested_query(url.query)
|
26
28
|
else
|
27
|
-
q =
|
29
|
+
q = {}
|
28
30
|
end
|
29
31
|
|
30
|
-
q
|
32
|
+
q ["_signature"] = signature
|
31
33
|
|
32
34
|
new_url = url.dup
|
33
|
-
new_url.query =
|
35
|
+
new_url.query = Rack::Utils.build_nested_query(q)
|
34
36
|
new_url
|
35
37
|
end
|
38
|
+
|
39
|
+
def verify(url)
|
40
|
+
if url.opaque
|
41
|
+
raise "can't verify opaque URL"
|
42
|
+
end
|
43
|
+
|
44
|
+
q = Rack::Utils.parse_nested_query(url.query)
|
45
|
+
|
46
|
+
original_q = q.dup
|
47
|
+
original_q.delete("_signature")
|
48
|
+
|
49
|
+
original_qs = Rack::Utils.build_nested_query(original_q)
|
50
|
+
|
51
|
+
chunks = [url.scheme, "#{url.host}:#{url.port}", url.path, original_qs, url.userinfo].compact
|
52
|
+
digest = OpenSSL::Digest.new("sha512")
|
53
|
+
|
54
|
+
rawsig = OpenSSL::HMAC.digest(digest, @key, chunks.join)
|
55
|
+
signature = Base64.urlsafe_encode64(rawsig)
|
56
|
+
|
57
|
+
if signature == q["_signature"]
|
58
|
+
new_url = url.dup
|
59
|
+
new_url.query = original_qs
|
60
|
+
new_url
|
61
|
+
else
|
62
|
+
raise InvalidSignatureError, "signature is invalid for #{url}"
|
63
|
+
end
|
64
|
+
end
|
36
65
|
end
|
37
66
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: distack-urlsign
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rodrigo Kochenburger
|
@@ -10,6 +10,20 @@ bindir: exe
|
|
10
10
|
cert_chain: []
|
11
11
|
date: 2016-02-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: rack
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
13
27
|
- !ruby/object:Gem::Dependency
|
14
28
|
name: bundler
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|