dnclabs-auth-hmac 1.1.1.2010090201 → 1.1.1.2011051301
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/auth-hmac.rb +20 -4
- data/spec/auth-hmac_spec.rb +13 -0
- metadata +34 -33
data/lib/auth-hmac.rb
CHANGED
@@ -7,7 +7,6 @@ $:.unshift(File.dirname(__FILE__)) unless
|
|
7
7
|
$:.include?(File.dirname(__FILE__)) || $:.include?(File.expand_path(File.dirname(__FILE__)))
|
8
8
|
|
9
9
|
require 'openssl'
|
10
|
-
require 'base64'
|
11
10
|
|
12
11
|
# This module provides a HMAC Authentication method for HTTP requests. It should work with
|
13
12
|
# net/http request classes and CGIRequest classes and hence Rails.
|
@@ -95,8 +94,15 @@ class AuthHMAC
|
|
95
94
|
|
96
95
|
def header_values(request)
|
97
96
|
headers = headers(request)
|
97
|
+
md5 = content_md5(headers)
|
98
|
+
|
99
|
+
if md5.nil? && ! request_body(request).blank?
|
100
|
+
md5 = generate_content_md5(request)
|
101
|
+
headers['Content-MD5'] = md5
|
102
|
+
end
|
103
|
+
|
98
104
|
[ content_type(headers),
|
99
|
-
|
105
|
+
md5,
|
100
106
|
(date(headers) or headers['Date'] = Time.now.utc.httpdate)
|
101
107
|
].join("\n")
|
102
108
|
end
|
@@ -114,7 +120,17 @@ class AuthHMAC
|
|
114
120
|
end
|
115
121
|
|
116
122
|
def generate_content_md5(request)
|
117
|
-
OpenSSL::Digest::MD5.hexdigest(request
|
123
|
+
OpenSSL::Digest::MD5.hexdigest(request_body(request))
|
124
|
+
end
|
125
|
+
|
126
|
+
def request_body(request)
|
127
|
+
if request.body.respond_to? :read
|
128
|
+
body = request.body.read
|
129
|
+
request.body.rewind
|
130
|
+
body
|
131
|
+
else
|
132
|
+
body = request.body
|
133
|
+
end
|
118
134
|
end
|
119
135
|
|
120
136
|
def request_path(request, authenticate_referrer)
|
@@ -247,7 +263,7 @@ class AuthHMAC
|
|
247
263
|
|
248
264
|
def signature(request, secret)
|
249
265
|
digest = OpenSSL::Digest::Digest.new('sha1')
|
250
|
-
|
266
|
+
[OpenSSL::HMAC.digest(digest, secret, canonical_string(request, @authenticate_referrer))].pack('m').strip
|
251
267
|
end
|
252
268
|
|
253
269
|
def canonical_string(request, authenticate_referrer=false)
|
data/spec/auth-hmac_spec.rb
CHANGED
@@ -286,10 +286,23 @@ describe AuthHMAC do
|
|
286
286
|
AuthHMAC::CanonicalString.new(request).should match(/#{content_md5}/)
|
287
287
|
end
|
288
288
|
|
289
|
+
it "should generate the content-md5 from a rack-compatible body object" do
|
290
|
+
body_str = "foo=bar&baz=qux"
|
291
|
+
request = Net::HTTP::Put.new("/")
|
292
|
+
request.body = mock("Body", :read => body_str, :rewind => nil, :to_str => body_str)
|
293
|
+
content_md5 = OpenSSL::Digest::MD5.hexdigest(request.body)
|
294
|
+
AuthHMAC::CanonicalString.new(request).should match(/#{content_md5}/)
|
295
|
+
end
|
296
|
+
|
289
297
|
it "should not generate a content-md5 when there is no request body" do
|
290
298
|
request = Net::HTTP::Get.new("/")
|
291
299
|
AuthHMAC::CanonicalString.new(request).should match(/^GET\n\n\n/)
|
292
300
|
end
|
301
|
+
|
302
|
+
it "should not generate a content-md5 when there is no request body on POST requests" do
|
303
|
+
request = Net::HTTP::Post.new("/")
|
304
|
+
AuthHMAC::CanonicalString.new(request).should match(/^POST\n\n\n/)
|
305
|
+
end
|
293
306
|
|
294
307
|
it "should include the date" do
|
295
308
|
date = Time.now.httpdate
|
metadata
CHANGED
@@ -1,20 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dnclabs-auth-hmac
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
|
5
|
-
|
6
|
-
segments:
|
7
|
-
- 1
|
8
|
-
- 1
|
9
|
-
- 1
|
10
|
-
- 2010090201
|
11
|
-
version: 1.1.1.2010090201
|
4
|
+
prerelease:
|
5
|
+
version: 1.1.1.2011051301
|
12
6
|
platform: ruby
|
13
7
|
authors:
|
14
8
|
- Sean Geoghegan
|
15
9
|
- ascarter
|
16
10
|
- Wes Morgan
|
17
11
|
- Adrian Cushman
|
12
|
+
- Dave Steinberg
|
18
13
|
autorequire:
|
19
14
|
bindir: bin
|
20
15
|
cert_chain: []
|
@@ -23,37 +18,49 @@ date: 2010-09-02 00:00:00 -04:00
|
|
23
18
|
default_executable:
|
24
19
|
dependencies:
|
25
20
|
- !ruby/object:Gem::Dependency
|
26
|
-
name:
|
21
|
+
name: hoe
|
27
22
|
prerelease: false
|
28
23
|
requirement: &id001 !ruby/object:Gem::Requirement
|
29
24
|
none: false
|
30
25
|
requirements:
|
31
26
|
- - ">="
|
32
27
|
- !ruby/object:Gem::Version
|
33
|
-
|
34
|
-
segments:
|
35
|
-
- 2
|
36
|
-
- 0
|
37
|
-
- 4
|
38
|
-
version: 2.0.4
|
28
|
+
version: 1.8.2
|
39
29
|
type: :development
|
40
30
|
version_requirements: *id001
|
41
31
|
- !ruby/object:Gem::Dependency
|
42
|
-
name:
|
32
|
+
name: rails
|
43
33
|
prerelease: false
|
44
34
|
requirement: &id002 !ruby/object:Gem::Requirement
|
45
35
|
none: false
|
46
36
|
requirements:
|
47
|
-
- - "
|
37
|
+
- - "="
|
48
38
|
- !ruby/object:Gem::Version
|
49
|
-
|
50
|
-
segments:
|
51
|
-
- 2
|
52
|
-
- 6
|
53
|
-
- 2
|
54
|
-
version: 2.6.2
|
39
|
+
version: 2.3.8
|
55
40
|
type: :development
|
56
41
|
version_requirements: *id002
|
42
|
+
- !ruby/object:Gem::Dependency
|
43
|
+
name: rspec
|
44
|
+
prerelease: false
|
45
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
46
|
+
none: false
|
47
|
+
requirements:
|
48
|
+
- - "="
|
49
|
+
- !ruby/object:Gem::Version
|
50
|
+
version: 1.3.1
|
51
|
+
type: :development
|
52
|
+
version_requirements: *id003
|
53
|
+
- !ruby/object:Gem::Dependency
|
54
|
+
name: ruby-debug19
|
55
|
+
prerelease: false
|
56
|
+
requirement: &id004 !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: "0"
|
62
|
+
type: :development
|
63
|
+
version_requirements: *id004
|
57
64
|
description: A gem providing HMAC based authentication for HTTP. This is the DNC Labs fork.
|
58
65
|
email: innovationlab@dnc.org
|
59
66
|
executables: []
|
@@ -103,25 +110,19 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
103
110
|
requirements:
|
104
111
|
- - ">="
|
105
112
|
- !ruby/object:Gem::Version
|
106
|
-
hash: 3
|
107
|
-
segments:
|
108
|
-
- 0
|
109
113
|
version: "0"
|
110
114
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
111
115
|
none: false
|
112
116
|
requirements:
|
113
117
|
- - ">="
|
114
118
|
- !ruby/object:Gem::Version
|
115
|
-
hash: 3
|
116
|
-
segments:
|
117
|
-
- 0
|
118
119
|
version: "0"
|
119
120
|
requirements: []
|
120
121
|
|
121
|
-
rubyforge_project:
|
122
|
-
rubygems_version: 1.
|
122
|
+
rubyforge_project: auth-hmac
|
123
|
+
rubygems_version: 1.6.1
|
123
124
|
signing_key:
|
124
|
-
specification_version:
|
125
|
-
summary: A gem providing HMAC based authentication for HTTP
|
125
|
+
specification_version: 2
|
126
|
+
summary: A gem providing HMAC based authentication for HTTP
|
126
127
|
test_files: []
|
127
128
|
|