ey-hmac 2.3.0 → 2.3.1

Sign up to get free protection for your applications and to get access to all the features.
data/spec/rack_spec.rb CHANGED
@@ -1,130 +1,135 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'spec_helper'
2
4
  require 'securerandom'
3
5
 
4
- describe "rack" do
6
+ describe 'rack' do
5
7
  before(:all) { Bundler.require(:rack) }
6
8
 
7
9
  let!(:key_id) { SecureRandom.hex(8) }
8
10
  let!(:key_secret) { SecureRandom.hex(16) }
9
11
 
10
- describe "adapter" do
11
- let(:adapter) { Ey::Hmac::Adapter::Rack }
12
+ describe 'adapter' do
13
+ let(:adapter) { Ey::Hmac::Adapter::Rack }
12
14
 
13
- it "should sign and read request" do
15
+ it 'signs and read request' do
14
16
  request = Rack::Request.new(
15
- "rack.input" => StringIO.new("{1: 2}"),
16
- "HTTP_CONTENT_TYPE" => "application/json",
17
+ 'rack.input' => StringIO.new('{1: 2}'),
18
+ 'HTTP_CONTENT_TYPE' => 'application/json'
17
19
  )
18
20
  Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
19
21
 
20
- expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
22
+ expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
21
23
  expect(request.env['HTTP_CONTENT_DIGEST']).to eq(Digest::MD5.hexdigest(request.body.tap(&:rewind).read))
22
24
  expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
23
25
 
24
26
  yielded = false
25
27
 
26
- expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
28
+ expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
27
29
  expect(key_id).to eq(key_id)
28
30
  yielded = true
29
31
  key_secret
30
- end).to be_truthy
32
+ end
31
33
 
32
34
  expect(yielded).to be_truthy
33
35
  end
34
36
 
35
- it "should not set Content-Digest if body is nil" do
37
+ it 'does not set Content-Digest if body is nil' do
36
38
  request = Rack::Request.new(
37
- "HTTP_CONTENT_TYPE" => "application/json",
39
+ 'HTTP_CONTENT_TYPE' => 'application/json'
38
40
  )
39
41
 
40
42
  Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
41
43
 
42
- expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
44
+ expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
43
45
  expect(request.env).not_to have_key('HTTP_CONTENT_DIGEST')
44
46
  expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
45
47
 
46
48
  yielded = false
47
49
 
48
- expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
50
+ expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
49
51
  expect(key_id).to eq(key_id)
50
52
  yielded = true
51
53
  key_secret
52
- end).to be_truthy
54
+ end
53
55
 
54
56
  expect(yielded).to be_truthy
55
57
  end
56
58
 
57
- it "should not set Content-Digest if body is empty" do
59
+ it 'does not set Content-Digest if body is empty' do
58
60
  request = Rack::Request.new(
59
- "rack.input" => StringIO.new(""),
60
- "HTTP_CONTENT_TYPE" => "application/json",
61
+ 'rack.input' => StringIO.new(''),
62
+ 'HTTP_CONTENT_TYPE' => 'application/json'
61
63
  )
62
64
 
63
65
  Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
64
66
 
65
- expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
67
+ expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
66
68
  expect(request.env).not_to have_key('HTTP_CONTENT_DIGEST')
67
69
  expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
68
70
 
69
71
  yielded = false
70
72
 
71
- expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
73
+ expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
72
74
  expect(key_id).to eq(key_id)
73
75
  yielded = true
74
76
  key_secret
75
- end).to be_truthy
77
+ end
76
78
 
77
79
  expect(yielded).to be_truthy
78
80
  end
79
81
 
80
- context "with a request" do
81
- let(:request) {
82
+ context 'with a request' do
83
+ let(:request) do
82
84
  Rack::Request.new(
83
- "rack.input" => StringIO.new("{1: 2}"),
84
- "HTTP_CONTENT_TYPE" => "application/json",
85
+ 'rack.input' => StringIO.new('{1: 2}'),
86
+ 'HTTP_CONTENT_TYPE' => 'application/json'
85
87
  )
86
- }
88
+ end
87
89
 
88
- include_examples "authentication"
90
+ include_examples 'authentication'
89
91
  end
90
92
  end
91
93
 
92
- describe "middleware" do
93
- it "should accept a SHA1 signature" do
94
+ describe 'middleware' do
95
+ it 'accepts a SHA1 signature' do
94
96
  app = lambda do |env|
95
- authenticated = Ey::Hmac.authenticated?(env, accept_digests: [:sha1, :sha256], adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
97
+ authenticated = Ey::Hmac.authenticated?(env, accept_digests: %i[sha1 sha256],
98
+ adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
96
99
  (auth_id == key_id) && key_secret
97
100
  end
98
- [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
101
+ [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
99
102
  end
100
103
 
101
- _key_id, _key_secret = key_id, key_secret
104
+ outer_key_id = key_id
105
+ outer_key_secret = key_secret
102
106
  client = Rack::Client.new do
103
- use Ey::Hmac::Rack, _key_id, _key_secret, sign_with: :sha1
107
+ use Ey::Hmac::Rack, outer_key_id, outer_key_secret, sign_with: :sha1
104
108
  run app
105
109
  end
106
110
 
107
- expect(client.get("/resource").status).to eq(200)
111
+ expect(client.get('/resource').status).to eq(200)
108
112
  end
109
113
 
110
- it "should accept a SHA256 signature" do # default
114
+ it 'accepts a SHA256 signature' do # default
111
115
  app = lambda do |env|
112
116
  authenticated = Ey::Hmac.authenticated?(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
113
117
  (auth_id == key_id) && key_secret
114
118
  end
115
- [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
119
+ [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
116
120
  end
117
121
 
118
- _key_id, _key_secret = key_id, key_secret
122
+ outer_key_id = key_id
123
+ outer_key_secret = key_secret
119
124
  client = Rack::Client.new do
120
- use Ey::Hmac::Rack, _key_id, _key_secret
125
+ use Ey::Hmac::Rack, outer_key_id, outer_key_secret
121
126
  run app
122
127
  end
123
128
 
124
- expect(client.get("/resource").status).to eq(200)
129
+ expect(client.get('/resource').status).to eq(200)
125
130
  end
126
131
 
127
- it "should accept multiple digest signatures" do # default
132
+ it 'accepts multiple digest signatures' do # default
128
133
  require 'ey-hmac/faraday'
129
134
  Bundler.require(:rack)
130
135
 
@@ -132,15 +137,15 @@ describe "rack" do
132
137
  authenticated = Ey::Hmac.authenticated?(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
133
138
  (auth_id == key_id) && key_secret
134
139
  end
135
- [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
140
+ [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
136
141
  end
137
142
 
138
143
  connection = Faraday.new do |c|
139
- c.use :hmac, key_id, key_secret, digest: [:sha1, :sha256]
144
+ c.use :hmac, key_id, key_secret, digest: %i[sha1 sha256]
140
145
  c.adapter(:rack, app)
141
146
  end
142
147
 
143
- expect(connection.get("/resources").status).to eq(200)
148
+ expect(connection.get('/resources').status).to eq(200)
144
149
  end
145
150
  end
146
151
  end
@@ -1,74 +1,76 @@
1
- shared_examples_for "authentication" do
2
- describe "#authenticated?" do
3
- it "should not authenticate invalid secret" do
1
+ # frozen_string_literal: true
2
+
3
+ shared_examples_for 'authentication' do
4
+ describe '#authenticated?' do
5
+ it 'does not authenticate invalid secret' do
4
6
  Ey::Hmac.sign!(request, key_id, "#{key_secret}bad", adapter: adapter)
5
7
 
6
- expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
8
+ expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
7
9
  (auth_id == key_id) && key_secret
8
- end).to be_falsey
10
+ end
9
11
  end
10
12
 
11
- it "should not authenticate invalid id" do
13
+ it 'does not authenticate invalid id' do
12
14
  Ey::Hmac.sign!(request, "what#{key_id}", key_secret, adapter: adapter)
13
15
 
14
- expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
16
+ expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
15
17
  (auth_id == key_id) && key_secret
16
- end).to be_falsey
18
+ end
17
19
  end
18
20
 
19
- it "should not authenticate missing header" do
20
- expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
21
+ it 'does not authenticate missing header' do
22
+ expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
21
23
  (auth_id == key_id) && key_secret
22
- end).to be_falsey
24
+ end
23
25
  end
24
26
  end
25
27
 
26
- describe "#authenticate!" do
27
- it "should not authenticate invalid secret" do
28
+ describe '#authenticate!' do
29
+ it 'does not authenticate invalid secret' do
28
30
  Ey::Hmac.sign!(request, key_id, "#{key_secret}bad", adapter: adapter)
29
31
 
30
- expect {
32
+ expect do
31
33
  Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
32
34
  (auth_id == key_id) && key_secret
33
35
  end
34
- }.to raise_exception(Ey::Hmac::SignatureMismatch)
36
+ end.to raise_exception(Ey::Hmac::SignatureMismatch)
35
37
  end
36
38
 
37
- it "should not authenticate invalid id" do
39
+ it 'does not authenticate invalid id' do
38
40
  Ey::Hmac.sign!(request, "what#{key_id}", key_secret, adapter: adapter)
39
41
 
40
- expect {
42
+ expect do
41
43
  Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
42
44
  (auth_id == key_id) && key_secret
43
45
  end
44
- }.to raise_exception(Ey::Hmac::MissingSecret)
46
+ end.to raise_exception(Ey::Hmac::MissingSecret)
45
47
  end
46
48
 
47
- it "should not authenticate missing header" do
48
- expect {
49
+ it 'does not authenticate missing header' do
50
+ expect do
49
51
  expect(Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
50
52
  (auth_id == key_id) && key_secret
51
53
  end).to be_falsey
52
- }.to raise_exception(Ey::Hmac::MissingAuthorization)
54
+ end.to raise_exception(Ey::Hmac::MissingAuthorization)
53
55
  end
54
56
 
55
- context "when the server specifies an HMAC TTL" do
56
- it "should not authenticate expired hmac" do
57
+ context 'when the server specifies an HMAC TTL' do
58
+ it 'does not authenticate expired hmac' do
57
59
  Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
58
- expect {
60
+ expect do
59
61
  Ey::Hmac.authenticate!(request, adapter: adapter, ttl: 0) do |auth_id|
60
62
  (auth_id == key_id) && key_secret
61
63
  end
62
- }.to raise_exception(Ey::Hmac::ExpiredHmac)
64
+ end.to raise_exception(Ey::Hmac::ExpiredHmac)
63
65
  end
64
66
 
65
- it "should authenticate non-expired hmac" do
67
+ it 'authenticates non-expired hmac' do
66
68
  Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
67
- expect {
69
+ expect do
68
70
  Ey::Hmac.authenticate!(request, adapter: adapter, ttl: 100) do |auth_id|
69
71
  (auth_id == key_id) && key_secret
70
72
  end
71
- }.to_not raise_exception
73
+ end.not_to raise_exception
72
74
  end
73
75
  end
74
76
  end
data/spec/spec_helper.rb CHANGED
@@ -1,10 +1,12 @@
1
- require File.expand_path("../../lib/ey-hmac", __FILE__)
1
+ # frozen_string_literal: true
2
+
3
+ require File.expand_path('../lib/ey-hmac', __dir__)
2
4
 
3
5
  Bundler.require(:test)
4
6
  require 'securerandom'
5
7
 
6
- Dir[File.expand_path("../{support,shared}/*.rb", __FILE__)].each{|f| require(f)}
8
+ Dir[File.expand_path('{support,shared}/*.rb', __dir__)].sort.each { |f| require(f) }
7
9
 
8
10
  RSpec.configure do |config|
9
- config.order = "random"
11
+ config.order = 'random'
10
12
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ey-hmac
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.0
4
+ version: 2.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Lane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-07 00:00:00.000000000 Z
11
+ date: 2022-02-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -45,8 +45,11 @@ executables: []
45
45
  extensions: []
46
46
  extra_rdoc_files: []
47
47
  files:
48
+ - ".github/workflows/codeql-analysis.yml"
48
49
  - ".github/workflows/ruby.yml"
49
50
  - ".gitignore"
51
+ - ".rubocop.yml"
52
+ - ".rubocop_todo.yml"
50
53
  - CHANGELOG.md
51
54
  - Gemfile
52
55
  - LICENSE.txt