escher 1.0.0 → 1.0.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: f5d7892a58786fb9802e66a734ddc2f7f84a4b42
4
- data.tar.gz: 18bf4433e019a4581eb6980f9819f2b336c3495a
2
+ SHA256:
3
+ metadata.gz: ed681ad1ed9b0e334edab0c608c10beee1ea80f655340a2020853f924a473953
4
+ data.tar.gz: 5d5674e195e7189d2c6f7e398388a00b6cc759c360cfe5a4a9f0d91f7c2eac6f
5
5
  SHA512:
6
- metadata.gz: 006d627eddd82e86ef6e803019bee58183314d85b299a82a62da7e2579b069bd11e247d20d444822dd87acba7276612d19af415f608d5f55ccb88e532bdc36e4
7
- data.tar.gz: 6d7cabbbaba10921751b255dcd9865f9bdc6abb08b1a7114190aac257f168f1118f9ea40b8399ac6502530ae3f04b38ebc7ef43cdc044eedf9f5eee9c4fcc71b
6
+ metadata.gz: d8d0d08e443b6bc9aad9d8935b0da925df5a7130c41d1b1c9d7657f36dc7678cdb8bb7199cc456b09bb5f88d61af530eb447889e5b13de37bc677993e14548f0
7
+ data.tar.gz: 18102fee551348688aa7614ddf065dfbd12fc0d02c9a174c5debbebe743de0a82ad809e8657e0bda773ea5d460ce0055bc0f88e2b2a11476c5ca87bbaa8cb94b
@@ -3,3 +3,11 @@ rvm:
3
3
  - 2.2.3
4
4
  - 2.3.0
5
5
  before_script: ./scripts/checkout_test_suite.sh
6
+ deploy:
7
+ provider: rubygems
8
+ api_key: ${RUBYGEMS_API_KEY}
9
+ gem: escher
10
+ gemspec: escher.gemspec
11
+ skip_cleanup: true
12
+ on:
13
+ tags: true
@@ -6,7 +6,7 @@ module Escher
6
6
  @algo_prefix = options[:algo_prefix] || 'ESR'
7
7
  @vendor_key = options[:vendor_key] || 'Escher'
8
8
  @hash_algo = options[:hash_algo] || 'SHA256'
9
- @current_time = options[:current_time] || Time.now
9
+ @current_time = options[:current_time]
10
10
  @auth_header_name = options[:auth_header_name] || 'X-Escher-Auth'
11
11
  @date_header_name = options[:date_header_name] || 'X-Escher-Date'
12
12
  @clock_skew = options[:clock_skew] || 300
@@ -78,10 +78,9 @@ module Escher
78
78
  raise EscherError, 'Invalid Escher key' unless api_secret
79
79
  raise EscherError, 'Invalid hash algorithm, only SHA256 and SHA512 are allowed' unless %w(SHA256 SHA512).include?(algorithm)
80
80
  raise EscherError, 'The request method is invalid' unless valid_request_method?(method)
81
- raise EscherError, "The request body shouldn't be empty if the request method is POST" if (method.upcase == 'POST' && body.empty?)
82
81
  raise EscherError, "The request url shouldn't contains http or https" if path.match /^https?:\/\//
83
82
  raise EscherError, 'Invalid date in authorization header, it should equal with date header' unless short_date(date) == short_date
84
- raise EscherError, 'The request date is not within the accepted time range' unless is_date_within_range?(date, expires)
83
+ raise EscherError, 'The request date is not within the accepted time range' unless is_date_within_range?(date, expires, @current_time || Time.now)
85
84
  raise EscherError, 'Invalid Credential Scope' unless credential_scope == @credential_scope
86
85
  raise EscherError, 'The mandatorySignedHeaders parameter must be undefined or array of strings' unless mandatory_signed_headers_valid?(mandatory_signed_headers)
87
86
  raise EscherError, 'The host header is not signed' unless signed_headers.include? 'host'
@@ -255,7 +254,7 @@ module Escher
255
254
  when 'SHA256'
256
255
  @algo = OpenSSL::Digest::SHA256.new
257
256
  when 'SHA512'
258
- @algo = OpenSSL::Digest::SHA521.new
257
+ @algo = OpenSSL::Digest::SHA512.new
259
258
  else
260
259
  raise EscherError, 'Unidentified hash algorithm'
261
260
  end
@@ -275,8 +274,8 @@ module Escher
275
274
 
276
275
 
277
276
 
278
- def is_date_within_range?(request_date, expires)
279
- (request_date - @clock_skew .. request_date + expires + @clock_skew).cover? @current_time
277
+ def is_date_within_range?(request_date, expires, current_time)
278
+ (request_date - @clock_skew .. request_date + expires + @clock_skew).cover? current_time
280
279
  end
281
280
 
282
281
 
@@ -1,3 +1,3 @@
1
1
  module Escher
2
- VERSION = '1.0.0'
2
+ VERSION = '1.0.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: escher
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andras Barthazi
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-01-23 00:00:00.000000000 Z
11
+ date: 2019-07-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -341,7 +341,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
341
341
  version: '0'
342
342
  requirements: []
343
343
  rubyforge_project:
344
- rubygems_version: 2.6.8
344
+ rubygems_version: 2.7.7
345
345
  signing_key:
346
346
  specification_version: 4
347
347
  summary: Library for HTTP request signing (Ruby implementation)