RubyGems - exact4r - Versions diffs - 1.6 → 1.7 - Mend

exact4r 1.6 → 1.7

Files changed (11) hide show

data/CHANGELOG +3 -0
data/VERSION +1 -1
data/lib/ews/certificate_helper.rb +6 -1
data/lib/ews/transporter.rb +7 -1
data/prod.log +49 -0
data/test/general/client_certificate_test.rb +64 -0
data/test/samples/dsa_cert.pem +22 -0
data/test/samples/dsa_key.pem +12 -0
data/test/samples/rsa_cert.pem +63 -0
data/test/samples/rsa_key.pem +15 -0
metadata +10 -4

data/CHANGELOG CHANGED

@@ -1,3 +1,6 @@
+== v1.7
+  Added support for setting a client certificate/key pair for use w/ SSL connections.
 == v1.6
   Added support for use w/ ActiveSupport v3.

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 1.6
1	+ 1.7

data/lib/ews/certificate_helper.rb CHANGED

@@ -4,12 +4,17 @@ module EWS # :nodoc:
     EXACT_ISSUER_CERT_FILE = File.dirname(__FILE__)+"/../../certs/valicert_class2_root.crt" unless defined?(EXACT_ISSUER_CERT_FILE)
     EXACT_SERVER_CERT_FILE = File.dirname(__FILE__)+"/../../certs/e-xact.com.crt" unless defined?(EXACT_SERVER_CERT_FILE)
-    attr_accessor :issuer_cert_file, :server_cert
+    attr_accessor :issuer_cert_file, :server_cert, :client_cert, :client_key
     def configure_certificates(options)
       self.issuer_cert_file = (options[:issuer_cert] || EXACT_ISSUER_CERT_FILE)
       server_cert_file = (options[:server_cert] || EXACT_SERVER_CERT_FILE)
       self.server_cert = File.new(server_cert_file).read
+      if options[:client_cert]
+        raise ArgumentError.new "Key file not supplied" if options[:client_key].blank?
+        self.client_cert = OpenSSL::X509::Certificate.new(File.new(options[:client_cert]).read)
+        self.client_key = client_cert.public_key.class.send(:new, File.new(options[:client_key]).read)
+      end
     end
     private :configure_certificates

data/lib/ews/transporter.rb CHANGED

@@ -28,6 +28,8 @@ module EWS # :nodoc:
     #   :transport_type   the transport_type for this transporter (defaults to :rest)
     #   :server_cert      the path to the server's certificate file (defaults to E-xact's Server Cert)
     #   :issuer_cert      the path to the issuer's certificate file (defaults to E-xact's Issuer's Cert)
+    #   :client_cert      the path to the client's X.509 certificate file (optional)
+    #   :client_key       the path to the client's key file (optional)
     #
     # The default certificates are those required to connect to https://api.e-xact.com and the
     # default <tt>transport_type</tt> is <tt>:rest</tt>. The default <tt>transport_type</tt> can be overridden on a per-transaction
@@ -56,7 +58,7 @@ module EWS # :nodoc:
       request = build_http_request(transaction, transport_type, transport_details[:suffix])
       request.basic_auth(transaction.gateway_id, transaction.password)
       request.add_field "Accept", transport_details[:content_type]
-      request.add_field "User-Agent", "exact4r v1.6"
+      request.add_field "User-Agent", "exact4r v1.7"
       request.add_field "Content-type", "#{transport_details[:content_type]}; charset=UTF-8"
       response = get_connection.request(request)
@@ -118,6 +120,10 @@ private
         @connection.verify_mode = OpenSSL::SSL::VERIFY_PEER
         @connection.verify_callback = method(:validate_certificate)
         @connection.ca_file = self.issuer_cert_file
+        unless self.client_cert.nil?
+          @connection.cert = self.client_cert
+          @connection.key = self.client_key
+        end
       end
       @connection
     end

data/prod.log ADDED

@@ -0,0 +1,49 @@
+(in /Users/donch/Development/Exact/WebService/exact4r)
+#-----------------------
+# Testing: chase
+#-----------------------
+Loaded suite /usr/local/rvm/gems/ruby-1.8.7-p302@global/gems/rake-0.8.7/lib/rake/rake_test_loader
+Started
+........................................................................................................................................................................
+Finished in 752.738656 seconds.
+168 tests, 2879 assertions, 0 failures, 0 errors
+#-----------------------
+# Testing: tsys
+#-----------------------
+Loaded suite /usr/local/rvm/gems/ruby-1.8.7-p302@global/gems/rake-0.8.7/lib/rake/rake_test_loader
+Started
+........................................................................................................................................................................
+Finished in 557.41933 seconds.
+168 tests, 2535 assertions, 0 failures, 0 errors
+#-----------------------
+# Testing: emergis
+#-----------------------
+Loaded suite /usr/local/rvm/gems/ruby-1.8.7-p302@global/gems/rake-0.8.7/lib/rake/rake_test_loader
+Started
+........................................................................................................................................................................
+Finished in 713.15915 seconds.
+168 tests, 2608 assertions, 0 failures, 0 errors
+#-----------------------
+# Testing: moneris
+#-----------------------
+Loaded suite /usr/local/rvm/gems/ruby-1.8.7-p302@global/gems/rake-0.8.7/lib/rake/rake_test_loader
+Started
+........................................................................................................................................................................
+Finished in 623.618679 seconds.
+168 tests, 2452 assertions, 0 failures, 0 errors

data/test/general/client_certificate_test.rb ADDED

@@ -0,0 +1,64 @@
+require File.dirname(__FILE__) + "/../test_helper"
+class ClientCertificateTest < Test::Unit::TestCase
+  def setup
+    # skip the tests if we're not sending to a HTTPS location (i.e PROD)
+    return true if @@credentials.config['location'].match(/https/i).nil?
+  end
+  def test_cert_raises_without_key
+    assert_raises(ArgumentError) {
+      transporter = ::EWS::Transporter.new(@@credentials.config['location'], {
+        :client_cert => File.dirname(__FILE__)+"/../samples/rsa_cert.pem",
+      })
+    }
+  end
+  def test_rsa_raises_with_non_matching_key
+    assert_raises(OpenSSL::PKey::RSAError) {
+      transporter = ::EWS::Transporter.new(@@credentials.config['location'], {
+        :client_cert => File.dirname(__FILE__)+"/../samples/rsa_cert.pem",
+        :client_key => File.dirname(__FILE__)+"/../samples/dsa_key.pem"
+      })
+    }
+  end
+  def test_dsa_raises_with_non_matching_key
+    assert_raises(OpenSSL::PKey::DSAError) {
+      transporter = ::EWS::Transporter.new(@@credentials.config['location'], {
+        :client_cert => File.dirname(__FILE__)+"/../samples/dsa_cert.pem",
+        :client_key => File.dirname(__FILE__)+"/../samples/rsa_key.pem"
+      })
+    }
+  end
+  def test_rsa_certificate
+    transporter = nil
+    assert_nothing_raised {
+      transporter = ::EWS::Transporter.new(@@credentials.config['location'], {
+        :client_cert => File.dirname(__FILE__)+"/../samples/rsa_cert.pem",
+        :client_key => File.dirname(__FILE__)+"/../samples/rsa_key.pem"
+      })
+    }
+    request = EWS::Transaction::Request.new(basic_params)
+    response = transporter.submit(request)
+    assert response.approved?
+  end
+  def test_dsa_certificate
+    transporter = nil
+    assert_nothing_raised {
+      transporter = ::EWS::Transporter.new(@@credentials.config['location'], {
+        :client_cert => File.dirname(__FILE__)+"/../samples/dsa_cert.pem",
+        :client_key => File.dirname(__FILE__)+"/../samples/dsa_key.pem"
+      })
+    }
+    request = EWS::Transaction::Request.new(basic_params)
+    response = transporter.submit(request)
+    assert response.approved?
+  end
+end

data/test/samples/dsa_cert.pem ADDED

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDtTCCAx4CCQCN5PcdH8ZKnDANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
+QVUxDDAKBgNVBAgMA05TVzEcMBoGA1UECgwTRS14YWN0IFRyYW5zYWN0aW9uczEU
+MBIGA1UECwwLRGV2ZWxvcG1lbnQxFTATBgNVBAMMDERvbm5jaGEncyBDQTEiMCAG
+CSqGSIb3DQEJARYTZHJlZG1vbmRAZS14YWN0LmNvbTAeFw0xMTAxMjYyMzE3MTFa
+Fw0xMTAyMjUyMzE3MTFaMIGaMQswCQYDVQQGEwJBVTEMMAoGA1UECAwDTlNXMQ8w
+DQYDVQQHDAZTeWRuZXkxHDAaBgNVBAoME0UteGFjdCBUcmFuc2FjdGlvbnMxFDAS
+BgNVBAsMC0RldmVsb3BtZW50MRQwEgYDVQQDDAtEb25uY2hhIERTQTEiMCAGCSqG
+SIb3DQEJARYTZHJlZG1vbmRAZS14YWN0LmNvbTCCAbYwggErBgcqhkjOOAQBMIIB
+HgKBgQDVZ3X+TJSgurQFGmr+rZsO94z5b8sZlQ4PVjqpdndxlaUOHv5RgYY92TPD
+Rm7j2LGbBwaMSIsfySqVsX7S3BTMhVo1MO2lEDwTgtTieEosYImrBdhYXLjWlllq
+bmom6J/HBxZblJYYdVSeCNbVgjBrs2yR/BrRLHDJpT81JB3s2wIVALUnrTdHQ4XP
+8BwCjWGQAnttud6BAoGAAxMDMYIxUc7R1RmEX7dLmQrXrcOtMW6VVqGqo1f+SVbv
+XT0R3LANCX7WOyDYRePxWj3HEKnYRrwMmOTDLB7pdfcgzw2xkAWt4iuNYENDRrS4
+DuDPBBZDIJc9oRpR+8X7yFaoXttvqx4GOrz/0FpWdp30SnSoO+ksuyq4dFimGUED
+gYQAAoGAXjmul+axaJP6W7EYJl9tedoZW+GBarA4M18biqXxnsyVce2VjYIpSxux
+FQZjgMgR0d27iQVwzamzoF2x4Khm00vgZRXiPJlgQ7FSfK6WeM1n0l0hrxfvPpvD
+BgEhP9geXQ+1sbnn6Sa+FDlrtK7oFhFDge3Iaw2UZ2aUOeUYHB4wDQYJKoZIhvcN
+AQEFBQADgYEA08u9dKckW8Q7+nTj49jWic1PfiuXW1OWlH71nEIXq13R05CuaZKH
+Y0LN1Yqd1Nd74MZSFL3xfwwlycpDOzo/mJgVghJx3DZu9171BJ+knOrojgvZ3A13
+wTYC6gWK/d0TPhORKnwSqwrB/c+Qgyfe783AS15EW7juEUYElpKbEPQ=
+-----END CERTIFICATE-----

data/test/samples/dsa_key.pem ADDED

@@ -0,0 +1,12 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBugIBAAKBgQDVZ3X+TJSgurQFGmr+rZsO94z5b8sZlQ4PVjqpdndxlaUOHv5R
+gYY92TPDRm7j2LGbBwaMSIsfySqVsX7S3BTMhVo1MO2lEDwTgtTieEosYImrBdhY
+XLjWlllqbmom6J/HBxZblJYYdVSeCNbVgjBrs2yR/BrRLHDJpT81JB3s2wIVALUn
+rTdHQ4XP8BwCjWGQAnttud6BAoGAAxMDMYIxUc7R1RmEX7dLmQrXrcOtMW6VVqGq
+o1f+SVbvXT0R3LANCX7WOyDYRePxWj3HEKnYRrwMmOTDLB7pdfcgzw2xkAWt4iuN
+YENDRrS4DuDPBBZDIJc9oRpR+8X7yFaoXttvqx4GOrz/0FpWdp30SnSoO+ksuyq4
+dFimGUECgYBeOa6X5rFok/pbsRgmX2152hlb4YFqsDgzXxuKpfGezJVx7ZWNgilL
+G7EVBmOAyBHR3buJBXDNqbOgXbHgqGbTS+BlFeI8mWBDsVJ8rpZ4zWfSXSGvF+8+
+m8MGASE/2B5dD7WxuefpJr4UOWu0rugWEUOB7chrDZRnZpQ55RgcHgIUMvlYodvs
+EGrvWVqYN3JiZsYxLaU=
+-----END DSA PRIVATE KEY-----

data/test/samples/rsa_cert.pem ADDED

@@ -0,0 +1,63 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            8d:e4:f7:1d:1f:c6:4a:99
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=AU, ST=NSW, O=E-xact Transactions, OU=Development, CN=Donncha's CA/emailAddress=dredmond@e-xact.com
+        Validity
+            Not Before: Jan 26 20:37:07 2011 GMT
+            Not After : Jan 26 20:37:07 2012 GMT
+        Subject: C=AU, ST=NSW, L=Sydney, O=E-xact Transactions, OU=Development, CN=Donncha Redmond/emailAddress=dredmond@e-xact.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:be:f3:80:e6:54:59:b8:a9:7f:22:e6:a1:80:b2:
+                    27:88:aa:bf:54:8c:aa:02:cf:81:c3:ac:27:65:4e:
+                    07:b2:5b:9c:c7:77:a8:95:55:d4:cb:3c:82:4b:63:
+                    b4:96:79:d6:2b:e0:df:bf:e0:57:fa:e0:ce:68:06:
+                    c4:86:b6:c4:09:4d:b0:81:fc:73:a9:a1:4d:29:6b:
+                    7a:46:be:7f:6b:17:76:d7:45:58:42:48:63:32:5c:
+                    63:58:e8:fa:81:2b:1b:11:60:c2:86:72:ce:19:19:
+                    fe:8b:39:c5:7d:08:b8:e7:cf:32:0f:af:87:c1:a7:
+                    6a:c6:c7:06:1c:1c:ea:e6:6f
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints:
+                CA:FALSE
+            Netscape Comment:
+                OpenSSL Generated Certificate
+            X509v3 Subject Key Identifier:
+                32:4D:C0:F7:5F:6A:48:62:F6:24:DB:90:B4:7C:02:40:C9:FE:AE:C2
+            X509v3 Authority Key Identifier:
+                keyid:DF:4D:FD:27:6A:8C:3B:4F:A8:8C:27:F7:C1:7B:44:0D:C7:50:BA:77
+    Signature Algorithm: sha1WithRSAEncryption
+        5c:bd:be:99:fa:b6:7a:2e:ce:59:b7:7a:d5:01:bf:98:dd:0e:
+        72:dd:10:58:cf:53:e1:2c:62:66:83:9e:83:1b:08:6d:10:86:
+        9d:a4:2a:4e:29:5d:ae:0b:94:25:84:43:bf:aa:de:52:b7:e4:
+        f4:c3:76:93:e4:ea:05:13:61:c6:fc:e0:f0:69:44:e6:cd:76:
+        7f:71:cc:a8:a4:84:ab:a6:17:3d:20:1e:d5:94:9b:8b:ae:8d:
+        1a:8d:30:59:59:8f:50:3a:c5:d6:0f:ab:bd:0c:3b:61:c7:d9:
+        a6:c9:e8:97:c9:65:23:a3:bf:13:8a:ff:53:b1:32:36:50:6d:
+        4a:f3
+-----BEGIN CERTIFICATE-----
+MIIDIzCCAoygAwIBAgIJAI3k9x0fxkqZMA0GCSqGSIb3DQEBBQUAMIGKMQswCQYD
+VQQGEwJBVTEMMAoGA1UECAwDTlNXMRwwGgYDVQQKDBNFLXhhY3QgVHJhbnNhY3Rp
+b25zMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEVMBMGA1UEAwwMRG9ubmNoYSdzIENB
+MSIwIAYJKoZIhvcNAQkBFhNkcmVkbW9uZEBlLXhhY3QuY29tMB4XDTExMDEyNjIw
+MzcwN1oXDTEyMDEyNjIwMzcwN1owgZ4xCzAJBgNVBAYTAkFVMQwwCgYDVQQIDANO
+U1cxDzANBgNVBAcMBlN5ZG5leTEcMBoGA1UECgwTRS14YWN0IFRyYW5zYWN0aW9u
+czEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD0Rvbm5jaGEgUmVkbW9u
+ZDEiMCAGCSqGSIb3DQEJARYTZHJlZG1vbmRAZS14YWN0LmNvbTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAvvOA5lRZuKl/IuahgLIniKq/VIyqAs+Bw6wnZU4H
+slucx3eolVXUyzyCS2O0lnnWK+Dfv+BX+uDOaAbEhrbECU2wgfxzqaFNKWt6Rr5/
+axd210VYQkhjMlxjWOj6gSsbEWDChnLOGRn+iznFfQi4588yD6+HwadqxscGHBzq
+5m8CAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBH
+ZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFDJNwPdfakhi9iTbkLR8AkDJ
+/q7CMB8GA1UdIwQYMBaAFN9N/SdqjDtPqIwn98F7RA3HULp3MA0GCSqGSIb3DQEB
+BQUAA4GBAFy9vpn6tnouzlm3etUBv5jdDnLdEFjPU+EsYmaDnoMbCG0Qhp2kKk4p
+Xa4LlCWEQ7+q3lK35PTDdpPk6gUTYcb84PBpRObNdn9xzKikhKumFz0gHtWUm4uu
+jRqNMFlZj1A6xdYPq70MO2HH2abJ6JfJZSOjvxOK/1OxMjZQbUrz
+-----END CERTIFICATE-----

data/test/samples/rsa_key.pem ADDED

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC+84DmVFm4qX8i5qGAsieIqr9UjKoCz4HDrCdlTgeyW5zHd6iV
+VdTLPIJLY7SWedYr4N+/4Ff64M5oBsSGtsQJTbCB/HOpoU0pa3pGvn9rF3bXRVhC
+SGMyXGNY6PqBKxsRYMKGcs4ZGf6LOcV9CLjnzzIPr4fBp2rGxwYcHOrmbwIDAQAB
+AoGAc7EfCO5USfDP6bpoYYwPLdud/sEXBIrq6T31xIgpW6Pr8mKKTqhpPBXWL40i
+TgVVgNJHXn6zb3ojNJ3dFm3HiXuLdhnB+qu7zLh7dXB/f8GYnaFHnWjYIVsoavfZ
+8rIQ/r1BmtoncFV7ghWI5WgWOipOLsY5L5bKTJZka6m0UzkCQQDf9aoCMYnlXAZT
+VjWN7To2Vd7dsM+ivF9acV0cZWv+9lNz29zoA8xvAYNVtnbs2vfsMTjAZoQ8iNPW
+jsV3ZqV1AkEA2kTuwRPMQd+i6kl8wxC4+Slh675Hi16JYoaxyipJjlmDgWXTn+9t
+CJPNT6MhQhuYwWeQDp/yzc2ZXrhaGFKL0wJAIuMg7aCL65evQJIgW5CFzesIgZ5G
+agJQFEWujHrcHOaAT38DZX0Z/nzM2bBHzFO75SYxwf72QHvMDBNHfXcW9QJATEVs
+PNHjPV2de0skqrFMQd0BF7TNIVlunpw8wk1WmMSU3IGtmqS6sBWd1+dENuqXzXWX
+9FRWLy5aGqxG51ro+wJBALzmX/dPSxETIA2sN97iNkhDa1Pzg6NyaoajL381rwgg
+4MzykW7e6TKbTtDlou4ZerzJ+UfcUeipn1cZuz1uxUk=
+-----END RSA PRIVATE KEY-----

metadata CHANGED

@@ -1,12 +1,12 @@
 --- !ruby/object:Gem::Specification
 name: exact4r
 version: !ruby/object:Gem::Version
-  hash: 3
+  hash: 1
   prerelease: false
   segments:
   - 1
-  - 6
-  version: "1.6"
+  - 7
+  version: "1.7"
 platform: ruby
 authors:
 - E-xact Transactions Ltd.
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-01-05 00:00:00 +11:00
+date: 2011-02-03 00:00:00 +11:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -76,6 +76,7 @@ files:
 - ./lib/ews/transporter.rb
 - ./lib/exact4r.rb
 - ./LICENCE
+- ./prod.log
 - ./Rakefile
 - ./README
 - ./test/credentials.rb
@@ -105,15 +106,20 @@ files:
 - ./test/exhaustive/transaction_details_test.rb
 - ./test/exhaustive/void_test.rb
 - ./test/general/avs_test.rb
+- ./test/general/client_certificate_test.rb
 - ./test/general/json_encoding_test.rb
 - ./test/general/request_test.rb
 - ./test/general/rest_encoding_test.rb
 - ./test/general/soap_encoding_test.rb
 - ./test/general/transporter_test.rb
 - ./test/general/validator_test.rb
+- ./test/samples/dsa_cert.pem
+- ./test/samples/dsa_key.pem
 - ./test/samples/rest.dodgy.response.xml
 - ./test/samples/rest.everything.response.xml
 - ./test/samples/rest.response.xml
+- ./test/samples/rsa_cert.pem
+- ./test/samples/rsa_key.pem
 - ./test/samples/soap.deserialization.fault.xml
 - ./test/samples/soap.dodgy.response.xml
 - ./test/samples/soap.everything.response.xml