escher 1.0.2 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed681ad1ed9b0e334edab0c608c10beee1ea80f655340a2020853f924a473953
4
- data.tar.gz: 5d5674e195e7189d2c6f7e398388a00b6cc759c360cfe5a4a9f0d91f7c2eac6f
3
+ metadata.gz: 0e9adef418399b017241a5708d72d6534986e864521e207c2e97e540882f9e77
4
+ data.tar.gz: 9a3f0b959bdf4de1ae44a15d611e6210e08239f1cbb30e3a11e61313e0b2d344
5
5
  SHA512:
6
- metadata.gz: d8d0d08e443b6bc9aad9d8935b0da925df5a7130c41d1b1c9d7657f36dc7678cdb8bb7199cc456b09bb5f88d61af530eb447889e5b13de37bc677993e14548f0
7
- data.tar.gz: 18102fee551348688aa7614ddf065dfbd12fc0d02c9a174c5debbebe743de0a82ad809e8657e0bda773ea5d460ce0055bc0f88e2b2a11476c5ca87bbaa8cb94b
6
+ metadata.gz: fbca5bfd946d189c4ce3c86fa1d04eaa186ac286e989c63ab732bd121d0075944ea402f68963eee5ea8be49c447450d322ed39a29be00f4514417942c368003a
7
+ data.tar.gz: 5a8c876bbcaf5128f49e9f6a0e639be263597ebbbf241ef56b67a35e07bb7758a2d32a509d4fd435d66a7eecddadf699775c71e5dd400d98bb193e85c8d4b3b5
@@ -17,15 +17,17 @@ module Escher
17
17
 
18
18
 
19
19
  def sign!(req, client, headers_to_sign = [])
20
+ current_time = @current_time || Time.now
21
+
20
22
  headers_to_sign |= [@date_header_name.downcase, 'host']
21
23
 
22
24
  request = wrap_request req
23
25
  raise EscherError, 'The host header is missing' unless request.has_header? 'host'
24
26
 
25
- request.set_header(@date_header_name.downcase, format_date_for_header) unless request.has_header? @date_header_name
27
+ request.set_header(@date_header_name.downcase, format_date_for_header(current_time)) unless request.has_header? @date_header_name
26
28
 
27
- signature = generate_signature(client[:api_secret], request.body, request.headers, request.method, headers_to_sign, request.path, request.query_values)
28
- request.set_header(@auth_header_name, "#{@algo_id} Credential=#{client[:api_key_id]}/#{short_date(@current_time)}/#{@credential_scope}, SignedHeaders=#{prepare_headers_to_sign headers_to_sign}, Signature=#{signature}")
29
+ signature = generate_signature(client[:api_secret], request.body, request.headers, request.method, headers_to_sign, request.path, request.query_values, current_time)
30
+ request.set_header(@auth_header_name, "#{@algo_id} Credential=#{client[:api_key_id]}/#{short_date(current_time)}/#{@credential_scope}, SignedHeaders=#{prepare_headers_to_sign headers_to_sign}, Signature=#{signature}")
29
31
 
30
32
  request.request
31
33
  end
@@ -44,6 +46,7 @@ module Escher
44
46
 
45
47
 
46
48
  def authenticate(req, key_db, mandatory_signed_headers = nil)
49
+ current_time = @current_time || Time.now
47
50
  request = wrap_request req
48
51
  method = request.method
49
52
  body = request.body
@@ -80,7 +83,7 @@ module Escher
80
83
  raise EscherError, 'The request method is invalid' unless valid_request_method?(method)
81
84
  raise EscherError, "The request url shouldn't contains http or https" if path.match /^https?:\/\//
82
85
  raise EscherError, 'Invalid date in authorization header, it should equal with date header' unless short_date(date) == short_date
83
- raise EscherError, 'The request date is not within the accepted time range' unless is_date_within_range?(date, expires, @current_time || Time.now)
86
+ raise EscherError, 'The request date is not within the accepted time range' unless is_date_within_range?(date, expires, current_time)
84
87
  raise EscherError, 'Invalid Credential Scope' unless credential_scope == @credential_scope
85
88
  raise EscherError, 'The mandatorySignedHeaders parameter must be undefined or array of strings' unless mandatory_signed_headers_valid?(mandatory_signed_headers)
86
89
  raise EscherError, 'The host header is not signed' unless signed_headers.include? 'host'
@@ -93,7 +96,7 @@ module Escher
93
96
  raise EscherError, 'The date header is not signed' if !signature_from_query && !signed_headers.include?(@date_header_name.downcase)
94
97
 
95
98
  escher = reconfig(algorithm, credential_scope, date)
96
- expected_signature = escher.generate_signature(api_secret, body, headers, method, signed_headers, path, query_parts)
99
+ expected_signature = escher.generate_signature(api_secret, body, headers, method, signed_headers, path, query_parts, date)
97
100
  raise EscherError, 'The signatures do not match' unless signature == expected_signature
98
101
  api_key_id
99
102
  end
@@ -115,6 +118,7 @@ module Escher
115
118
 
116
119
 
117
120
  def generate_signed_url(url_to_sign, client, expires = 86400)
121
+ current_time = @current_time || Time.now
118
122
  uri = Addressable::URI.parse(url_to_sign)
119
123
 
120
124
  if (not uri.port.nil?) && (uri.port != uri.default_port)
@@ -136,13 +140,13 @@ module Escher
136
140
  body = 'UNSIGNED-PAYLOAD'
137
141
  query_parts += [
138
142
  ['Algorithm', @algo_id],
139
- ['Credentials', "#{client[:api_key_id]}/#{short_date(@current_time)}/#{@credential_scope}"],
140
- ['Date', long_date(@current_time)],
143
+ ['Credentials', "#{client[:api_key_id]}/#{short_date(current_time)}/#{@credential_scope}"],
144
+ ['Date', long_date(current_time)],
141
145
  ['Expires', expires.to_s],
142
146
  ['SignedHeaders', headers_to_sign.join(';')],
143
147
  ].map { |k, v| query_pair(k, v) }
144
148
 
145
- signature = generate_signature(client[:api_secret], body, headers, 'GET', headers_to_sign, path, query_parts)
149
+ signature = generate_signature(client[:api_secret], body, headers, 'GET', headers_to_sign, path, query_parts, current_time)
146
150
  query_parts_with_signature = (query_parts.map { |k, v| [uri_encode(k), uri_encode(v)] } << query_pair('Signature', signature))
147
151
  "#{uri.scheme}://#{host}#{path}?#{query_parts_with_signature.map { |k, v| k + '=' + v }.join('&')}#{(fragment === nil ? '' : '#' + fragment)}"
148
152
  end
@@ -188,11 +192,11 @@ module Escher
188
192
 
189
193
 
190
194
 
191
- def generate_signature(api_secret, body, headers, method, signed_headers, path, query_parts)
195
+ def generate_signature(api_secret, body, headers, method, signed_headers, path, query_parts, current_time)
192
196
  canonicalized_request = canonicalize(method, path, query_parts, body, headers, signed_headers.uniq)
193
- string_to_sign = get_string_to_sign(canonicalized_request)
197
+ string_to_sign = get_string_to_sign(canonicalized_request, current_time)
194
198
 
195
- signing_key = OpenSSL::HMAC.digest(@algo, @algo_prefix + api_secret, short_date(@current_time))
199
+ signing_key = OpenSSL::HMAC.digest(@algo, @algo_prefix + api_secret, short_date(current_time))
196
200
  @credential_scope.split('/').each { |data|
197
201
  signing_key = OpenSSL::HMAC.digest(@algo, signing_key, data)
198
202
  }
@@ -202,8 +206,8 @@ module Escher
202
206
 
203
207
 
204
208
 
205
- def format_date_for_header
206
- @date_header_name.downcase == 'date' ? @current_time.utc.rfc2822.sub('-0000', 'GMT') : long_date(@current_time)
209
+ def format_date_for_header(current_time)
210
+ @date_header_name.downcase == 'date' ? current_time.utc.rfc2822.sub('-0000', 'GMT') : long_date(current_time)
207
211
  end
208
212
 
209
213
 
@@ -238,11 +242,11 @@ module Escher
238
242
 
239
243
 
240
244
 
241
- def get_string_to_sign(canonicalized_request)
245
+ def get_string_to_sign(canonicalized_request, current_time)
242
246
  [
243
247
  @algo_id,
244
- long_date(@current_time),
245
- short_date(@current_time) + '/' + @credential_scope,
248
+ long_date(current_time),
249
+ short_date(current_time) + '/' + @credential_scope,
246
250
  @algo.new.hexdigest(canonicalized_request)
247
251
  ].join("\n")
248
252
  end
@@ -1,3 +1,3 @@
1
1
  module Escher
2
- VERSION = '1.0.2'
2
+ VERSION = '2.0.0'
3
3
  end
@@ -35,11 +35,5 @@ module Escher
35
35
  expect(request).to eq(test_case.expected_request)
36
36
  end
37
37
  end
38
-
39
-
40
- xspecify "every case in the test suite is being used" do
41
- expect(::EmarsysTestSuiteHelpers::TestSuite.in_use_size).to eq ::EmarsysTestSuiteHelpers::TestSuite.size
42
- end
43
-
44
38
  end
45
39
  end
@@ -101,7 +101,7 @@ module Escher
101
101
  headers_to_sign = headers.map { |k| k[0].downcase }
102
102
  path, query_parts = escher.parse_uri(request_uri)
103
103
  canonicalized_request = escher.canonicalize(method, path, query_parts, body, headers, headers_to_sign)
104
- string_to_sign = escher.get_string_to_sign(canonicalized_request)
104
+ string_to_sign = escher.get_string_to_sign(canonicalized_request, Time.parse(date))
105
105
  expect(string_to_sign).to eq(fixture(suite, test, 'sts'))
106
106
  end
107
107
  end
@@ -484,7 +484,7 @@ module Escher
484
484
 
485
485
  it 'should convert dates' do
486
486
  date_str = 'Fri, 09 Sep 2011 23:36:00 GMT'
487
- expect(described_class.new('irrelevant', date_header_name: 'date', current_time: Time.parse(date_str)).format_date_for_header).to eq date_str
487
+ expect(described_class.new('irrelevant', date_header_name: 'date', current_time: Time.parse(date_str)).format_date_for_header(Time.parse(date_str))).to eq date_str
488
488
  end
489
489
 
490
490
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: escher
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andras Barthazi
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-24 00:00:00.000000000 Z
11
+ date: 2019-10-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler