ey-hmac 2.1.0 → 2.4.0

data/spec/faraday_spec.rb

@@ -1,20 +1,22 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
-describe "faraday" do
+describe 'faraday' do
   before(:all) { Bundler.require(:faraday) }
 
   let!(:key_id)     { SecureRandom.hex(8) }
   let!(:key_secret) { SecureRandom.hex(16) }
 
-  describe "adapter" do
+  describe 'adapter' do
     let!(:adapter) { Ey::Hmac::Adapter::Faraday }
 
-    it "signs a multipart post" do
+    it 'signs a multipart post' do
       app = lambda do |env|
         authenticated = Ey::Hmac.authenticate!(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
       require 'ey-hmac/faraday'
@@ -28,117 +30,115 @@ describe "faraday" do
         c.adapter(:rack, app)
       end
 
-      tempfile = Tempfile.new("hmac")
+      tempfile = Tempfile.new('hmac')
       tempfile.write SecureRandom.hex(512)
       tempfile.close
 
       expect(
-        connection.post { |req| req.body = {"output" => Faraday::UploadIO.new(tempfile.path, "text/plain")} }.status
+        connection.post { |req| req.body = { 'output' => Faraday::UploadIO.new(tempfile.path, 'text/plain') } }.status
       ).to eq(200)
     end
 
-    it "signs and reads a request" do
-      request = Faraday::Request.new.tap { |r|
-        r.method  = :get
-        r.path    = "/auth"
-        r.body    = "{1: 2}"
-        r.headers = {"Content-Type" => "application/xml"}
-      }.to_env(
-        Faraday::Connection.new("http://localhost")
+    it 'signs and reads a request' do
+      request = Faraday::Request.create(:get) do |r|
+        r.path    = '/auth'
+        r.body    = '{1: 2}'
+        r.headers = { 'Content-Type' => 'application/xml' }
+      end.to_env(
+        Faraday::Connection.new('http://localhost')
       )
 
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request[:request_headers]['Authorization']).to        start_with("EyHmac")
-      expect(request[:request_headers]['Content-Digest']).to       eq(Digest::MD5.hexdigest(request[:body]))
+      expect(request[:request_headers]['Authorization']).to start_with('EyHmac')
+      expect(request[:request_headers]['Content-Digest']).to eq(Digest::MD5.hexdigest(request[:body]))
       expect(Time.parse(request[:request_headers]['Date'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    it "does not set Content-Digest if body is nil" do
-      request = Faraday::Request.new.tap { |r|
-        r.method  = :get
-        r.path    = "/auth"
+    it 'does not set Content-Digest if body is nil' do
+      request = Faraday::Request.create(:get) do |r|
+        r.path    = '/auth'
         r.body    = nil
-        r.headers = {"Content-Type" => "application/xml"}
-      }.to_env(
-        Faraday::Connection.new("http://localhost")
+        r.headers = { 'Content-Type' => 'application/xml' }
+      end.to_env(
+        Faraday::Connection.new('http://localhost')
       )
 
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request[:request_headers]['Authorization']).to start_with("EyHmac")
+      expect(request[:request_headers]['Authorization']).to start_with('EyHmac')
       expect(request[:request_headers]).not_to have_key('Content-Digest')
       expect(Time.parse(request[:request_headers]['Date'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    it "does not set Content-Digest if body is empty" do
-      request = Faraday::Request.new.tap do |r|
-        r.method = :get
-        r.path = "/auth"
-        r.body = ""
-        r.headers = {"Content-Type" => "application/xml"}
-      end.to_env(Faraday::Connection.new("http://localhost"))
+    it 'does not set Content-Digest if body is empty' do
+      request = Faraday::Request.create(:get) do |r|
+        r.path = '/auth'
+        r.body = ''
+        r.headers = { 'Content-Type' => 'application/xml' }
+      end.to_env(Faraday::Connection.new('http://localhost'))
 
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request[:request_headers]['Authorization']).to        start_with("EyHmac")
+      expect(request[:request_headers]['Authorization']).to        start_with('EyHmac')
       expect(request[:request_headers]).not_to                     have_key('Content-Digest')
-      #expect(Time.parse(request[:request_headers]['Date'])).not_to be_nil
+      # expect(Time.parse(request[:request_headers]['Date'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    context "with a request" do
+    context 'with a request' do
       let!(:request) do
-        Faraday::Request.new.tap do |r|
-          r.method = :get
-          r.path = "/auth"
-          r.body = "{1: 2}"
-          r.headers = {"Content-Type" => "application/xml"}
-        end.to_env(Faraday::Connection.new("http://localhost"))
+        Faraday::Request.create(:get) do |r|
+          r.path = '/auth'
+          r.body = '{1: 2}'
+          r.headers = { 'Content-Type' => 'application/xml' }
+        end.to_env(Faraday::Connection.new('http://localhost'))
       end
-      include_examples "authentication"
+
+      include_examples 'authentication'
     end
   end
 
-  describe "middleware" do
-    it "accepts a SHA1 signature" do
+  describe 'middleware' do
+    it 'accepts a SHA1 signature' do
       require 'ey-hmac/faraday'
       Bundler.require(:rack)
 
       app = lambda do |env|
-        authenticated = Ey::Hmac.authenticated?(env, accept_digests: :sha1, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
+        authenticated = Ey::Hmac.authenticated?(env, accept_digests: :sha1,
+                                                     adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
       connection = Faraday.new do |c|
@@ -146,10 +146,10 @@ describe "faraday" do
         c.adapter(:rack, app)
       end
 
-      expect(connection.get("/resources").status).to eq(200)
+      expect(connection.get('/resources').status).to eq(200)
     end
 
-    it "accepts a SHA256 signature" do # default
+    it 'accepts a SHA256 signature' do # default
       require 'ey-hmac/faraday'
       Bundler.require(:rack)
 
@@ -157,7 +157,7 @@ describe "faraday" do
         authenticated = Ey::Hmac.authenticated?(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
       connection = Faraday.new do |c|
@@ -165,18 +165,19 @@ describe "faraday" do
         c.adapter(:rack, app)
       end
 
-      expect(connection.get("/resources").status).to eq(200)
+      expect(connection.get('/resources').status).to eq(200)
     end
 
-    it "accepts multiple digest signatures" do # default
+    it 'accepts multiple digest signatures' do # default
       require 'ey-hmac/faraday'
       Bundler.require(:rack)
 
       app = lambda do |env|
-        authenticated = Ey::Hmac.authenticated?(env, accept_digests: [:sha1, :sha256], adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
+        authenticated = Ey::Hmac.authenticated?(env, accept_digests: %i[sha1 sha256],
+                                                     adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
       connection = Faraday.new do |c|
@@ -184,23 +185,24 @@ describe "faraday" do
         c.adapter(:rack, app)
       end
 
-      expect(connection.get("/resources").status).to eq(200)
+      expect(connection.get('/resources').status).to eq(200)
     end
 
-    it "signs empty request" do
+    it 'signs empty request' do
       require 'ey-hmac/faraday'
       Bundler.require(:rack)
 
-      _key_id, _key_secret = key_id, key_secret
+      outer_key_id = key_id
+      outer_key_secret = key_secret
       app = Rack::Builder.new do
         use Rack::Config do |env|
-          env["CONTENT_TYPE"] ||= "text/html"
+          env['CONTENT_TYPE'] ||= 'text/html'
         end
-        run(lambda {|env|
+        run(lambda { |env|
           authenticated = Ey::Hmac.authenticate!(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
-            (auth_id == _key_id) && _key_secret
+            (auth_id == outer_key_id) && outer_key_secret
           end
-          [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+          [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
         })
       end
 
@@ -210,10 +212,10 @@ describe "faraday" do
       end
 
       expect(connection.get do |req|
-        req.path    = "/resource"
+        req.path    = '/resource'
         req.body    = nil
-        req.params  = {"a" => "1"}
-        req.headers = {"Content-Type" => "application/x-www-form-urlencoded"}
+        req.params  = { 'a' => '1' }
+        req.headers = { 'Content-Type' => 'application/x-www-form-urlencoded' }
       end.status).to eq(200)
     end
   end

data/spec/rack_spec.rb

@@ -1,130 +1,135 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'securerandom'
 
-describe "rack" do
+describe 'rack' do
   before(:all) { Bundler.require(:rack) }
 
   let!(:key_id)     { SecureRandom.hex(8) }
   let!(:key_secret) { SecureRandom.hex(16) }
 
-  describe "adapter" do
-    let(:adapter)     { Ey::Hmac::Adapter::Rack }
+  describe 'adapter' do
+    let(:adapter) { Ey::Hmac::Adapter::Rack }
 
-    it "should sign and read request" do
+    it 'signs and read request' do
       request = Rack::Request.new(
-        "rack.input"        => StringIO.new("{1: 2}"),
-        "HTTP_CONTENT_TYPE" => "application/json",
+        'rack.input' => StringIO.new('{1: 2}'),
+        'HTTP_CONTENT_TYPE' => 'application/json'
       )
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
+      expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
       expect(request.env['HTTP_CONTENT_DIGEST']).to eq(Digest::MD5.hexdigest(request.body.tap(&:rewind).read))
       expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    it "should not set Content-Digest if body is nil" do
+    it 'does not set Content-Digest if body is nil' do
       request = Rack::Request.new(
-        "HTTP_CONTENT_TYPE" => "application/json",
+        'HTTP_CONTENT_TYPE' => 'application/json'
       )
 
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
+      expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
       expect(request.env).not_to have_key('HTTP_CONTENT_DIGEST')
       expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    it "should not set Content-Digest if body is empty" do
+    it 'does not set Content-Digest if body is empty' do
       request = Rack::Request.new(
-        "rack.input"        => StringIO.new(""),
-        "HTTP_CONTENT_TYPE" => "application/json",
+        'rack.input' => StringIO.new(''),
+        'HTTP_CONTENT_TYPE' => 'application/json'
       )
 
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
+      expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
       expect(request.env).not_to have_key('HTTP_CONTENT_DIGEST')
       expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    context "with a request" do
-      let(:request) {
+    context 'with a request' do
+      let(:request) do
         Rack::Request.new(
-          "rack.input"        => StringIO.new("{1: 2}"),
-          "HTTP_CONTENT_TYPE" => "application/json",
+          'rack.input' => StringIO.new('{1: 2}'),
+          'HTTP_CONTENT_TYPE' => 'application/json'
         )
-      }
+      end
 
-      include_examples "authentication"
+      include_examples 'authentication'
     end
   end
 
-  describe "middleware" do
-    it "should accept a SHA1 signature" do
+  describe 'middleware' do
+    it 'accepts a SHA1 signature' do
       app = lambda do |env|
-        authenticated = Ey::Hmac.authenticated?(env, accept_digests: [:sha1, :sha256], adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
+        authenticated = Ey::Hmac.authenticated?(env, accept_digests: %i[sha1 sha256],
+                                                     adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
-      _key_id, _key_secret = key_id, key_secret
+      outer_key_id = key_id
+      outer_key_secret = key_secret
       client = Rack::Client.new do
-        use Ey::Hmac::Rack, _key_id, _key_secret, sign_with: :sha1
+        use Ey::Hmac::Rack, outer_key_id, outer_key_secret, sign_with: :sha1
         run app
       end
 
-      expect(client.get("/resource").status).to eq(200)
+      expect(client.get('/resource').status).to eq(200)
     end
 
-    it "should accept a SHA256 signature" do # default
+    it 'accepts a SHA256 signature' do # default
       app = lambda do |env|
         authenticated = Ey::Hmac.authenticated?(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
-      _key_id, _key_secret = key_id, key_secret
+      outer_key_id = key_id
+      outer_key_secret = key_secret
       client = Rack::Client.new do
-        use Ey::Hmac::Rack, _key_id, _key_secret
+        use Ey::Hmac::Rack, outer_key_id, outer_key_secret
         run app
       end
 
-      expect(client.get("/resource").status).to eq(200)
+      expect(client.get('/resource').status).to eq(200)
     end
 
-    it "should accept multiple digest signatures" do # default
+    it 'accepts multiple digest signatures' do # default
       require 'ey-hmac/faraday'
       Bundler.require(:rack)
 
@@ -132,15 +137,15 @@ describe "rack" do
         authenticated = Ey::Hmac.authenticated?(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
       connection = Faraday.new do |c|
-        c.use :hmac, key_id, key_secret, digest: [:sha1, :sha256]
+        c.use :hmac, key_id, key_secret, digest: %i[sha1 sha256]
         c.adapter(:rack, app)
       end
 
-      expect(connection.get("/resources").status).to eq(200)
+      expect(connection.get('/resources').status).to eq(200)
     end
   end
 end

data/spec/shared/authenticated.rb

@@ -1,74 +1,76 @@
-shared_examples_for "authentication" do
-  describe "#authenticated?" do
-    it "should not authenticate invalid secret" do
+# frozen_string_literal: true
+
+shared_examples_for 'authentication' do
+  describe '#authenticated?' do
+    it 'does not authenticate invalid secret' do
       Ey::Hmac.sign!(request, key_id, "#{key_secret}bad", adapter: adapter)
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
+      expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
         (auth_id == key_id) && key_secret
-      end).to be_falsey
+      end
     end
 
-    it "should not authenticate invalid id" do
+    it 'does not authenticate invalid id' do
       Ey::Hmac.sign!(request, "what#{key_id}", key_secret, adapter: adapter)
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
+      expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
         (auth_id == key_id) && key_secret
-      end).to be_falsey
+      end
     end
 
-    it "should not authenticate missing header" do
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
+    it 'does not authenticate missing header' do
+      expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
         (auth_id == key_id) && key_secret
-      end).to be_falsey
+      end
     end
   end
 
-  describe "#authenticate!" do
-    it "should not authenticate invalid secret" do
+  describe '#authenticate!' do
+    it 'does not authenticate invalid secret' do
       Ey::Hmac.sign!(request, key_id, "#{key_secret}bad", adapter: adapter)
 
-      expect {
+      expect do
         Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-      }.to raise_exception(Ey::Hmac::SignatureMismatch)
+      end.to raise_exception(Ey::Hmac::SignatureMismatch)
     end
 
-    it "should not authenticate invalid id" do
+    it 'does not authenticate invalid id' do
       Ey::Hmac.sign!(request, "what#{key_id}", key_secret, adapter: adapter)
 
-      expect {
+      expect do
         Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-      }.to raise_exception(Ey::Hmac::MissingSecret)
+      end.to raise_exception(Ey::Hmac::MissingSecret)
     end
 
-    it "should not authenticate missing header" do
-      expect {
+    it 'does not authenticate missing header' do
+      expect do
         expect(Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
           (auth_id == key_id) && key_secret
         end).to be_falsey
-      }.to raise_exception(Ey::Hmac::MissingAuthorization)
+      end.to raise_exception(Ey::Hmac::MissingAuthorization)
     end
 
-    context "when the server specifies an HMAC TTL" do
-      it "should not authenticate expired hmac" do
+    context 'when the server specifies an HMAC TTL' do
+      it 'does not authenticate expired hmac' do
         Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
-        expect {
+        expect do
           Ey::Hmac.authenticate!(request, adapter: adapter, ttl: 0) do |auth_id|
             (auth_id == key_id) && key_secret
           end
-        }.to raise_exception(Ey::Hmac::ExpiredHmac)
+        end.to raise_exception(Ey::Hmac::ExpiredHmac)
       end
 
-      it "should authenticate non-expired hmac" do
+      it 'authenticates non-expired hmac' do
         Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
-        expect {
+        expect do
           Ey::Hmac.authenticate!(request, adapter: adapter, ttl: 100) do |auth_id|
             (auth_id == key_id) && key_secret
           end
-        }.to_not raise_exception
+        end.not_to raise_exception
       end
     end
   end

data/spec/spec_helper.rb

@@ -1,9 +1,12 @@
-require File.expand_path("../../lib/ey-hmac", __FILE__)
+# frozen_string_literal: true
+
+require File.expand_path('../lib/ey-hmac', __dir__)
 
 Bundler.require(:test)
+require 'securerandom'
 
-Dir[File.expand_path("../{support,shared}/*.rb", __FILE__)].each{|f| require(f)}
+Dir[File.expand_path('{support,shared}/*.rb', __dir__)].sort.each { |f| require(f) }
 
 RSpec.configure do |config|
-  config.order = "random"
+  config.order = 'random'
 end