ey-hmac 2.1.0 → 2.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 993156b2650af65ee323f3a1f5715c6fff44508d
-  data.tar.gz: 464d21118f68dc3513db89c2fcbaff3ddbf677d4
+SHA256:
+  metadata.gz: 1ea57d603aa108a1bf510fcf6e61aa45b1d1d0fca0ba7aa1b97681396fae9a7c
+  data.tar.gz: 7ad6caf49126be2b2a4b75acbc97ecf9d1898307a896f909493850be26d8261e
 SHA512:
-  metadata.gz: 16ded2fdf25966104d2dfe09ddfdf19a6a5a1ef6b1e140d9ea6aecb3b721826a288055b106266b56cb2594a31606eaeae49503fa4590b7e779212e5885956b80
-  data.tar.gz: 0a3b84006e99a02540e5e4a90f61015d2ad336652f63055f9c1c666e28ff86b11fce45ac86bad23ea7e4da4fffb526b18c0e7cf84eb6f22db78adccdde18c807
+  metadata.gz: 6c790db93637c36fe752759cdb1aac1a70d3f1378ca5c2ae6b4132b8115d97b5e75b15e75de7dc069800980846d83524dbbe58903d9fd4b2006499e0ff8f9826
+  data.tar.gz: 6d8745e27b9c8d01d01d9f6bc608eba2f6fd6f8476a28eba9097dda9765944b8d5ba535be0901f151e69f4b66b9e1a2d022bdd29cbc38fc68a3ec9cacfaf2500

data/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,70 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '36 16 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'ruby' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

data/.github/workflows/ruby.yml

@@ -0,0 +1,37 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: Ruby
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: ['2.5', '2.6', '2.7', '3.0']
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
+    # change this to (see https://github.com/ruby/setup-ruby#versioning):
+    # uses: ruby/setup-ruby@v1
+      uses: ruby/setup-ruby@473e4d8fe5dd94ee328fdfca9f8c9c7afc9dae5e
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+    - name: Lint
+      run: bundle exec rubocop -D
+    - name: Run tests
+      run: bundle exec rspec

data/.rubocop.yml

@@ -0,0 +1,31 @@
+inherit_from: .rubocop_todo.yml
+
+# The behavior of RuboCop can be controlled via the .rubocop.yml
+# configuration file. It makes it possible to enable/disable
+# certain cops (checks) and to alter their behavior if they accept
+# any parameters. The file can be placed either in your home
+# directory or in some project directory.
+#
+# RuboCop will start looking for the configuration file in the directory
+# where the inspected file is and continue its way up to the root directory.
+#
+# See https://docs.rubocop.org/rubocop/configuration
+AllCops:
+  SuggestExtensions: false
+  NewCops: 'disable'
+require:
+  - rubocop-rspec
+Metrics/BlockLength:
+  Enabled: false
+Metrics/AbcSize:
+  Enabled: false
+Style/ClassAndModuleChildren:
+  EnforcedStyle: compact
+Metrics/MethodLength:
+  Enabled: false
+Metrics/ClassLength:
+  Enabled: false
+RSpec/ExampleLength:
+  Enabled: false
+RSpec/MultipleExpectations:
+  Enabled: false

data/.rubocop_todo.yml

@@ -0,0 +1,82 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config --auto-gen-only-exclude`
+# on 2022-02-08 03:20:19 UTC using RuboCop version 1.25.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 1
+# Configuration parameters: Include.
+# Include: **/*.gemspec
+Gemspec/RequiredRubyVersion:
+  Exclude:
+    - 'ey-hmac.gemspec'
+
+# Offense count: 1
+# Configuration parameters: ExpectMatchingDefinition, CheckDefinitionPathHierarchy, CheckDefinitionPathHierarchyRoots, Regex, IgnoreExecutableScripts, AllowedAcronyms.
+# CheckDefinitionPathHierarchyRoots: lib, spec, test, src
+# AllowedAcronyms: CLI, DSL, ACL, API, ASCII, CPU, CSS, DNS, EOF, GUID, HTML, HTTP, HTTPS, ID, IP, JSON, LHS, QPS, RAM, RHS, RPC, SLA, SMTP, SQL, SSH, TCP, TLS, TTL, UDP, UI, UID, UUID, URI, URL, UTF8, VM, XML, XMPP, XSRF, XSS
+Naming/FileName:
+  Exclude:
+    - 'lib/ey-hmac.rb'
+
+# Offense count: 2
+# Configuration parameters: MinNameLength, AllowNamesEndingInNumbers, AllowedNames, ForbiddenNames.
+# AllowedNames: at, by, db, id, in, io, ip, of, on, os, pp, to
+Naming/MethodParameterName:
+  Exclude:
+    - 'lib/ey-hmac/adapter.rb'
+
+# Offense count: 2
+RSpec/BeforeAfterAll:
+  Exclude:
+    - 'spec/spec_helper.rb'
+    - 'spec/rails_helper.rb'
+    - 'spec/support/**/*.rb'
+    - 'spec/faraday_spec.rb'
+    - 'spec/rack_spec.rb'
+
+# Offense count: 2
+# Configuration parameters: IgnoredMetadata.
+RSpec/DescribeClass:
+  Exclude:
+    - '**/spec/features/**/*'
+    - '**/spec/requests/**/*'
+    - '**/spec/routing/**/*'
+    - '**/spec/system/**/*'
+    - '**/spec/views/**/*'
+    - 'spec/faraday_spec.rb'
+    - 'spec/rack_spec.rb'
+
+# Offense count: 1
+RSpec/LetSetup:
+  Exclude:
+    - 'spec/faraday_spec.rb'
+
+# Offense count: 4
+# Configuration parameters: AllowedConstants.
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+    - 'test/**/*'
+    - 'lib/ey-hmac.rb'
+    - 'lib/ey-hmac/adapter/faraday.rb'
+    - 'lib/ey-hmac/adapter/rack.rb'
+    - 'lib/ey-hmac/faraday.rb'
+
+# Offense count: 3
+# Configuration parameters: MinBodyLength.
+Style/GuardClause:
+  Exclude:
+    - 'lib/ey-hmac/adapter.rb'
+    - 'lib/ey-hmac/adapter/faraday.rb'
+    - 'lib/ey-hmac/adapter/rack.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+# Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# URISchemes: http, https
+Layout/LineLength:
+  Exclude:
+    - 'lib/ey-hmac/adapter.rb'

data/CHANGELOG.md

@@ -0,0 +1,68 @@
+# Change Log
+
+## [v2.2.0](https://github.com/engineyard/hmac/tree/v2.2.0) (2017-01-09)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v2.1.0...v2.2.0)
+
+**Closed issues:**
+
+- :sha512 and :sha384 [\#4](https://github.com/engineyard/hmac/issues/4)
+
+**Merged pull requests:**
+
+- use Base64\#strict\_encode64 when signing requests [\#5](https://github.com/engineyard/hmac/pull/5) ([lanej](https://github.com/lanej))
+
+## [v2.1.0](https://github.com/engineyard/hmac/tree/v2.1.0) (2015-12-03)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v2.0.2...v2.1.0)
+
+**Merged pull requests:**
+
+- add optional server-side HMAC TTL to prevent replay attacks [\#3](https://github.com/engineyard/hmac/pull/3) ([hudon](https://github.com/hudon))
+
+## [v2.0.2](https://github.com/engineyard/hmac/tree/v2.0.2) (2015-09-17)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v2.0.1...v2.0.2)
+
+## [v2.0.1](https://github.com/engineyard/hmac/tree/v2.0.1) (2015-09-17)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v2.0.0...v2.0.1)
+
+**Merged pull requests:**
+
+- update faraday usage in the readme [\#2](https://github.com/engineyard/hmac/pull/2) ([svarks](https://github.com/svarks))
+
+## [v2.0.0](https://github.com/engineyard/hmac/tree/v2.0.0) (2014-08-09)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v1.0.0...v2.0.0)
+
+## [v1.0.0](https://github.com/engineyard/hmac/tree/v1.0.0) (2014-04-29)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.1.3...v1.0.0)
+
+## [v0.1.3](https://github.com/engineyard/hmac/tree/v0.1.3) (2014-04-29)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.1.2...v0.1.3)
+
+## [v0.1.2](https://github.com/engineyard/hmac/tree/v0.1.2) (2014-04-01)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.1.1...v0.1.2)
+
+**Merged pull requests:**
+
+- Fix deprecated usage of Digest::Digest. [\#1](https://github.com/engineyard/hmac/pull/1) ([ericlathrop](https://github.com/ericlathrop))
+
+## [v0.1.1](https://github.com/engineyard/hmac/tree/v0.1.1) (2014-02-19)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.1.0...v0.1.1)
+
+## [v0.1.0](https://github.com/engineyard/hmac/tree/v0.1.0) (2014-02-18)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.0.5...v0.1.0)
+
+## [v0.0.5](https://github.com/engineyard/hmac/tree/v0.0.5) (2013-10-18)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.0.4...v0.0.5)
+
+## [v0.0.4](https://github.com/engineyard/hmac/tree/v0.0.4) (2013-02-08)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.0.3...v0.0.4)
+
+## [v0.0.3](https://github.com/engineyard/hmac/tree/v0.0.3) (2013-02-06)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.0.2...v0.0.3)
+
+## [v0.0.2](https://github.com/engineyard/hmac/tree/v0.0.2) (2013-02-05)
+[Full Changelog](https://github.com/engineyard/hmac/compare/v0.0.1...v0.0.2)
+
+## [v0.0.1](https://github.com/engineyard/hmac/tree/v0.0.1) (2013-02-05)
+
+
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*

data/Gemfile

@@ -1,8 +1,13 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 # Specify your gem's dependencies in ey-hmac.gemspec
 gemspec
 
+gem 'rubocop', require: false
+gem 'rubocop-rspec', require: false
+
 group(:test) do
   gem 'pry-nav'
   gem 'rspec', '~> 3.3'
@@ -10,11 +15,11 @@ end
 
 group(:rack) do
   gem 'rack'
-  gem 'rack-test'
   gem 'rack-client'
+  gem 'rack-test'
 end
 
 group(:faraday) do
-  gem 'faraday', '~> 0.9'
+  gem 'faraday', '>= 1.3'
   gem 'faraday_middleware'
 end

data/Rakefile

@@ -1 +1,3 @@
-require "bundler/gem_tasks"
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'

data/ey-hmac.gemspec

@@ -1,21 +1,25 @@
-# -*- encoding: utf-8 -*-
-require File.expand_path('../lib/ey-hmac/version', __FILE__)
+# frozen_string_literal: true
+
+require 'English'
+require File.expand_path('lib/ey-hmac/version', __dir__)
 
 Gem::Specification.new do |gem|
-  gem.name          = "ey-hmac"
+  gem.name          = 'ey-hmac'
   gem.version       = Ey::Hmac::VERSION
-  gem.authors       = ["Josh Lane & Jason Hansen"]
-  gem.email         = ["jlane@engineyard.com"]
-  gem.description   = %q{Lightweight HMAC signing libraries and middleware for Farday and Rack}
-  gem.summary       = %q{Lightweight HMAC signing libraries and middleware for Farday and Rack}
-  gem.homepage      = ""
+  gem.authors       = ['Josh Lane']
+  gem.email         = ['me@joshualane.com']
+  gem.description   = 'Lightweight HMAC signing libraries and middleware for Farday and Rack'
+  gem.summary       = 'Lightweight HMAC signing libraries and middleware for Farday and Rack'
+  gem.homepage      = ''
 
-  gem.files         = `git ls-files`.split($/)
-  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
+  gem.executables   = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
-  gem.require_paths = ["lib"]
-  gem.license       = "MIT"
+  gem.require_paths = ['lib']
+  gem.license       = 'MIT'
+
+  gem.required_ruby_version = '>= 2.5'
 
-  gem.add_development_dependency "rake"
-  gem.add_development_dependency "bundler", "~> 1.3"
+  gem.add_development_dependency 'bundler', '~> 2.3'
+  gem.add_development_dependency 'rake'
 end

data/lib/ey-hmac/adapter/faraday.rb

@@ -1,36 +1,47 @@
+# frozen_string_literal: true
+
 class Ey::Hmac::Adapter::Faraday < Ey::Hmac::Adapter
   def method
     request[:method].to_s.upcase
   end
 
   def content_type
-    %w[CONTENT-TYPE CONTENT_TYPE Content-Type Content_Type].inject(nil) { |r,h| r || request[:request_headers][h] }
+    @content_type ||= find_header(
+      'CONTENT-TYPE', 'CONTENT_TYPE', 'Content-Type', 'Content_Type'
+    )
   end
 
   def content_digest
-    if existing = %w[CONTENT-DIGEST CONTENT_DIGEST Content-Digest Content_Digest].inject(nil) { |r,h| r || request[:request_headers][h] }
-      existing
-    elsif body
-      digestable = if body.respond_to?(:rewind)
-                     body.rewind
-                     body.read.tap { |_| body.rewind }
-                   else
-                     body.to_s
-                   end
-
-      request[:request_headers]['Content-Digest'] = Digest::MD5.hexdigest(digestable)
+    @content_digest ||= find_header(
+      'CONTENT-DIGEST', 'CONTENT_DIGEST', 'Content-Digest', 'Content_Digest'
+    )
+  end
+
+  def set_content_digest
+    return if content_digest
+
+    digestable = if body.respond_to?(:rewind)
+                   body.rewind
+                   body.read.tap { |_| body.rewind }
+                 else
+                   body.to_s
+                 end
+
+    if digestable && digestable != ''
+      @content_digest = request[:request_headers]['Content-Digest'] = Digest::MD5.hexdigest(digestable)
     end
   end
 
   def body
-    if request[:body] && request[:body].to_s != ""
-      request[:body]
-    end
+    request[:body] if request[:body] && request[:body].to_s != ''
   end
 
   def date
-    existing = %w[DATE Date].inject(nil) { |r,h| r || request[h] }
-    existing || (request[:request_headers]['Date'] = Time.now.httpdate)
+    find_header('DATE', 'Date')
+  end
+
+  def set_date
+    request[:request_headers]['Date'] = Time.now.httpdate unless date
   end
 
   def path
@@ -38,16 +49,23 @@ class Ey::Hmac::Adapter::Faraday < Ey::Hmac::Adapter
   end
 
   def sign!(key_id, key_secret)
-    %w[CONTENT-TYPE CONTENT_TYPE Content-Type Content_Type].inject(nil) { |r,h| request[:request_headers][h] }
+    set_content_digest
+    set_date
 
-    if options[:version]
-      request[:request_headers]['X-Signature-Version'] = options[:version]
-    end
+    request[:request_headers]['X-Signature-Version'] = options[:version] if options[:version]
 
     request[:request_headers][authorization_header] = authorization(key_id, key_secret)
   end
 
   def authorization_signature
-    %w[Authorization AUTHORIZATION].inject(nil){|r, h| r || request[:request_headers][h]}
+    find_header('Authorization', 'AUTHORIZATION')
+  end
+
+  private
+
+  def find_header(*keys)
+    value = nil
+    keys.find { |k| value = request[:request_headers][k] }
+    value
   end
 end

data/lib/ey-hmac/adapter/rack.rb

@@ -1,12 +1,11 @@
+# frozen_string_literal: true
+
 require 'rack'
 
 class Ey::Hmac::Adapter::Rack < Ey::Hmac::Adapter
   def initialize(request, options)
     super
-    @request = if request.is_a?(Hash)
-                 ::Rack::Request.new(request)
-               else request
-               end
+    @request = request.is_a?(Hash) ? ::Rack::Request.new(request) : request
   end
 
   def method
@@ -18,25 +17,28 @@ class Ey::Hmac::Adapter::Rack < Ey::Hmac::Adapter
   end
 
   def content_digest
-    if existing = request.env['HTTP_CONTENT_DIGEST']
-      existing
-    elsif digest = body && Digest::MD5.hexdigest(body)
-      request.env['HTTP_CONTENT_DIGEST'] = digest
-    end
+    request.env['HTTP_CONTENT_DIGEST']
+  end
+
+  def set_content_digest
+    request.env['HTTP_CONTENT_DIGEST'] = Digest::MD5.hexdigest(body) if body
   end
 
   def body
-    if request.env["rack.input"]
-      request.env["rack.input"].rewind
-      body = request.env["rack.input"].read
-      request.env["rack.input"].rewind
-      body == "" ? nil : body
-    else nil
+    if request.env['rack.input']
+      request.env['rack.input'].rewind
+      body = request.env['rack.input'].read
+      request.env['rack.input'].rewind
+      body == '' ? nil : body
     end
   end
 
   def date
-    request.env['HTTP_DATE'] ||= Time.now.httpdate
+    request.env['HTTP_DATE']
+  end
+
+  def set_date
+    request.env['HTTP_DATE'] = Time.now.httpdate
   end
 
   def path
@@ -44,9 +46,10 @@ class Ey::Hmac::Adapter::Rack < Ey::Hmac::Adapter
   end
 
   def sign!(key_id, key_secret)
-    if options[:version]
-      request.env['HTTP_X_SIGNATURE_VERSION'] = options[:version]
-    end
+    set_date
+    set_content_digest
+
+    request.env['HTTP_X_SIGNATURE_VERSION'] = options[:version] if options[:version]
 
     request.env["HTTP_#{authorization_header.to_s.upcase}"] = authorization(key_id, key_secret)
   end