escher 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +5 -5
  2. data/.travis.yml +8 -0
  3. data/lib/escher/auth.rb +5 -6
  4. data/lib/escher/version.rb +1 -1
  5. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: f5d7892a58786fb9802e66a734ddc2f7f84a4b42
4
- data.tar.gz: 18bf4433e019a4581eb6980f9819f2b336c3495a
2
+ SHA256:
3
+ metadata.gz: ed681ad1ed9b0e334edab0c608c10beee1ea80f655340a2020853f924a473953
4
+ data.tar.gz: 5d5674e195e7189d2c6f7e398388a00b6cc759c360cfe5a4a9f0d91f7c2eac6f
5
5
  SHA512:
6
- metadata.gz: 006d627eddd82e86ef6e803019bee58183314d85b299a82a62da7e2579b069bd11e247d20d444822dd87acba7276612d19af415f608d5f55ccb88e532bdc36e4
7
- data.tar.gz: 6d7cabbbaba10921751b255dcd9865f9bdc6abb08b1a7114190aac257f168f1118f9ea40b8399ac6502530ae3f04b38ebc7ef43cdc044eedf9f5eee9c4fcc71b
6
+ metadata.gz: d8d0d08e443b6bc9aad9d8935b0da925df5a7130c41d1b1c9d7657f36dc7678cdb8bb7199cc456b09bb5f88d61af530eb447889e5b13de37bc677993e14548f0
7
+ data.tar.gz: 18102fee551348688aa7614ddf065dfbd12fc0d02c9a174c5debbebe743de0a82ad809e8657e0bda773ea5d460ce0055bc0f88e2b2a11476c5ca87bbaa8cb94b
data/.travis.yml CHANGED
@@ -3,3 +3,11 @@ rvm:
3
3
  - 2.2.3
4
4
  - 2.3.0
5
5
  before_script: ./scripts/checkout_test_suite.sh
6
+ deploy:
7
+ provider: rubygems
8
+ api_key: ${RUBYGEMS_API_KEY}
9
+ gem: escher
10
+ gemspec: escher.gemspec
11
+ skip_cleanup: true
12
+ on:
13
+ tags: true
data/lib/escher/auth.rb CHANGED
@@ -6,7 +6,7 @@ module Escher
6
6
  @algo_prefix = options[:algo_prefix] || 'ESR'
7
7
  @vendor_key = options[:vendor_key] || 'Escher'
8
8
  @hash_algo = options[:hash_algo] || 'SHA256'
9
- @current_time = options[:current_time] || Time.now
9
+ @current_time = options[:current_time]
10
10
  @auth_header_name = options[:auth_header_name] || 'X-Escher-Auth'
11
11
  @date_header_name = options[:date_header_name] || 'X-Escher-Date'
12
12
  @clock_skew = options[:clock_skew] || 300
@@ -78,10 +78,9 @@ module Escher
78
78
  raise EscherError, 'Invalid Escher key' unless api_secret
79
79
  raise EscherError, 'Invalid hash algorithm, only SHA256 and SHA512 are allowed' unless %w(SHA256 SHA512).include?(algorithm)
80
80
  raise EscherError, 'The request method is invalid' unless valid_request_method?(method)
81
- raise EscherError, "The request body shouldn't be empty if the request method is POST" if (method.upcase == 'POST' && body.empty?)
82
81
  raise EscherError, "The request url shouldn't contains http or https" if path.match /^https?:\/\//
83
82
  raise EscherError, 'Invalid date in authorization header, it should equal with date header' unless short_date(date) == short_date
84
- raise EscherError, 'The request date is not within the accepted time range' unless is_date_within_range?(date, expires)
83
+ raise EscherError, 'The request date is not within the accepted time range' unless is_date_within_range?(date, expires, @current_time || Time.now)
85
84
  raise EscherError, 'Invalid Credential Scope' unless credential_scope == @credential_scope
86
85
  raise EscherError, 'The mandatorySignedHeaders parameter must be undefined or array of strings' unless mandatory_signed_headers_valid?(mandatory_signed_headers)
87
86
  raise EscherError, 'The host header is not signed' unless signed_headers.include? 'host'
@@ -255,7 +254,7 @@ module Escher
255
254
  when 'SHA256'
256
255
  @algo = OpenSSL::Digest::SHA256.new
257
256
  when 'SHA512'
258
- @algo = OpenSSL::Digest::SHA521.new
257
+ @algo = OpenSSL::Digest::SHA512.new
259
258
  else
260
259
  raise EscherError, 'Unidentified hash algorithm'
261
260
  end
@@ -275,8 +274,8 @@ module Escher
275
274
 
276
275
 
277
276
 
278
- def is_date_within_range?(request_date, expires)
279
- (request_date - @clock_skew .. request_date + expires + @clock_skew).cover? @current_time
277
+ def is_date_within_range?(request_date, expires, current_time)
278
+ (request_date - @clock_skew .. request_date + expires + @clock_skew).cover? current_time
280
279
  end
281
280
 
282
281
 
data/lib/escher/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Escher
2
- VERSION = '1.0.0'
2
+ VERSION = '1.0.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: escher
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andras Barthazi
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-01-23 00:00:00.000000000 Z
11
+ date: 2019-07-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -341,7 +341,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
341
341
  version: '0'
342
342
  requirements: []
343
343
  rubyforge_project:
344
- rubygems_version: 2.6.8
344
+ rubygems_version: 2.7.7
345
345
  signing_key:
346
346
  specification_version: 4
347
347
  summary: Library for HTTP request signing (Ruby implementation)