ey-hmac 2.3.0 → 2.4.0

data/spec/rack_spec.rb

@@ -1,130 +1,135 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'securerandom'
 
-describe "rack" do
+describe 'rack' do
   before(:all) { Bundler.require(:rack) }
 
   let!(:key_id)     { SecureRandom.hex(8) }
   let!(:key_secret) { SecureRandom.hex(16) }
 
-  describe "adapter" do
-    let(:adapter)     { Ey::Hmac::Adapter::Rack }
+  describe 'adapter' do
+    let(:adapter) { Ey::Hmac::Adapter::Rack }
 
-    it "should sign and read request" do
+    it 'signs and read request' do
       request = Rack::Request.new(
-        "rack.input"        => StringIO.new("{1: 2}"),
-        "HTTP_CONTENT_TYPE" => "application/json",
+        'rack.input' => StringIO.new('{1: 2}'),
+        'HTTP_CONTENT_TYPE' => 'application/json'
       )
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
+      expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
       expect(request.env['HTTP_CONTENT_DIGEST']).to eq(Digest::MD5.hexdigest(request.body.tap(&:rewind).read))
       expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    it "should not set Content-Digest if body is nil" do
+    it 'does not set Content-Digest if body is nil' do
       request = Rack::Request.new(
-        "HTTP_CONTENT_TYPE" => "application/json",
+        'HTTP_CONTENT_TYPE' => 'application/json'
       )
 
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
+      expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
       expect(request.env).not_to have_key('HTTP_CONTENT_DIGEST')
       expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    it "should not set Content-Digest if body is empty" do
+    it 'does not set Content-Digest if body is empty' do
       request = Rack::Request.new(
-        "rack.input"        => StringIO.new(""),
-        "HTTP_CONTENT_TYPE" => "application/json",
+        'rack.input' => StringIO.new(''),
+        'HTTP_CONTENT_TYPE' => 'application/json'
       )
 
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
-      expect(request.env['HTTP_AUTHORIZATION']).to start_with("EyHmac")
+      expect(request.env['HTTP_AUTHORIZATION']).to start_with('EyHmac')
       expect(request.env).not_to have_key('HTTP_CONTENT_DIGEST')
       expect(Time.parse(request.env['HTTP_DATE'])).not_to be_nil
 
       yielded = false
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+      expect(Ey::Hmac).to be_authenticated(request, adapter: adapter) do |key_id|
         expect(key_id).to eq(key_id)
         yielded = true
         key_secret
-      end).to be_truthy
+      end
 
       expect(yielded).to be_truthy
     end
 
-    context "with a request" do
-      let(:request) {
+    context 'with a request' do
+      let(:request) do
         Rack::Request.new(
-          "rack.input"        => StringIO.new("{1: 2}"),
-          "HTTP_CONTENT_TYPE" => "application/json",
+          'rack.input' => StringIO.new('{1: 2}'),
+          'HTTP_CONTENT_TYPE' => 'application/json'
         )
-      }
+      end
 
-      include_examples "authentication"
+      include_examples 'authentication'
     end
   end
 
-  describe "middleware" do
-    it "should accept a SHA1 signature" do
+  describe 'middleware' do
+    it 'accepts a SHA1 signature' do
       app = lambda do |env|
-        authenticated = Ey::Hmac.authenticated?(env, accept_digests: [:sha1, :sha256], adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
+        authenticated = Ey::Hmac.authenticated?(env, accept_digests: %i[sha1 sha256],
+                                                     adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
-      _key_id, _key_secret = key_id, key_secret
+      outer_key_id = key_id
+      outer_key_secret = key_secret
       client = Rack::Client.new do
-        use Ey::Hmac::Rack, _key_id, _key_secret, sign_with: :sha1
+        use Ey::Hmac::Rack, outer_key_id, outer_key_secret, sign_with: :sha1
         run app
       end
 
-      expect(client.get("/resource").status).to eq(200)
+      expect(client.get('/resource').status).to eq(200)
     end
 
-    it "should accept a SHA256 signature" do # default
+    it 'accepts a SHA256 signature' do # default
       app = lambda do |env|
         authenticated = Ey::Hmac.authenticated?(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
-      _key_id, _key_secret = key_id, key_secret
+      outer_key_id = key_id
+      outer_key_secret = key_secret
       client = Rack::Client.new do
-        use Ey::Hmac::Rack, _key_id, _key_secret
+        use Ey::Hmac::Rack, outer_key_id, outer_key_secret
         run app
       end
 
-      expect(client.get("/resource").status).to eq(200)
+      expect(client.get('/resource').status).to eq(200)
     end
 
-    it "should accept multiple digest signatures" do # default
+    it 'accepts multiple digest signatures' do # default
       require 'ey-hmac/faraday'
       Bundler.require(:rack)
 
@@ -132,15 +137,15 @@ describe "rack" do
         authenticated = Ey::Hmac.authenticated?(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-        [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        [(authenticated ? 200 : 401), { 'Content-Type' => 'text/plain' }, []]
       end
 
       connection = Faraday.new do |c|
-        c.use :hmac, key_id, key_secret, digest: [:sha1, :sha256]
+        c.use :hmac, key_id, key_secret, digest: %i[sha1 sha256]
         c.adapter(:rack, app)
       end
 
-      expect(connection.get("/resources").status).to eq(200)
+      expect(connection.get('/resources').status).to eq(200)
     end
   end
 end

data/spec/shared/authenticated.rb

@@ -1,74 +1,76 @@
-shared_examples_for "authentication" do
-  describe "#authenticated?" do
-    it "should not authenticate invalid secret" do
+# frozen_string_literal: true
+
+shared_examples_for 'authentication' do
+  describe '#authenticated?' do
+    it 'does not authenticate invalid secret' do
       Ey::Hmac.sign!(request, key_id, "#{key_secret}bad", adapter: adapter)
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
+      expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
         (auth_id == key_id) && key_secret
-      end).to be_falsey
+      end
     end
 
-    it "should not authenticate invalid id" do
+    it 'does not authenticate invalid id' do
       Ey::Hmac.sign!(request, "what#{key_id}", key_secret, adapter: adapter)
 
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
+      expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
         (auth_id == key_id) && key_secret
-      end).to be_falsey
+      end
     end
 
-    it "should not authenticate missing header" do
-      expect(Ey::Hmac.authenticated?(request, adapter: adapter) do |auth_id|
+    it 'does not authenticate missing header' do
+      expect(Ey::Hmac).not_to be_authenticated(request, adapter: adapter) do |auth_id|
         (auth_id == key_id) && key_secret
-      end).to be_falsey
+      end
     end
   end
 
-  describe "#authenticate!" do
-    it "should not authenticate invalid secret" do
+  describe '#authenticate!' do
+    it 'does not authenticate invalid secret' do
       Ey::Hmac.sign!(request, key_id, "#{key_secret}bad", adapter: adapter)
 
-      expect {
+      expect do
         Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-      }.to raise_exception(Ey::Hmac::SignatureMismatch)
+      end.to raise_exception(Ey::Hmac::SignatureMismatch)
     end
 
-    it "should not authenticate invalid id" do
+    it 'does not authenticate invalid id' do
       Ey::Hmac.sign!(request, "what#{key_id}", key_secret, adapter: adapter)
 
-      expect {
+      expect do
         Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
           (auth_id == key_id) && key_secret
         end
-      }.to raise_exception(Ey::Hmac::MissingSecret)
+      end.to raise_exception(Ey::Hmac::MissingSecret)
     end
 
-    it "should not authenticate missing header" do
-      expect {
+    it 'does not authenticate missing header' do
+      expect do
         expect(Ey::Hmac.authenticate!(request, adapter: adapter) do |auth_id|
           (auth_id == key_id) && key_secret
         end).to be_falsey
-      }.to raise_exception(Ey::Hmac::MissingAuthorization)
+      end.to raise_exception(Ey::Hmac::MissingAuthorization)
     end
 
-    context "when the server specifies an HMAC TTL" do
-      it "should not authenticate expired hmac" do
+    context 'when the server specifies an HMAC TTL' do
+      it 'does not authenticate expired hmac' do
         Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
-        expect {
+        expect do
           Ey::Hmac.authenticate!(request, adapter: adapter, ttl: 0) do |auth_id|
             (auth_id == key_id) && key_secret
           end
-        }.to raise_exception(Ey::Hmac::ExpiredHmac)
+        end.to raise_exception(Ey::Hmac::ExpiredHmac)
       end
 
-      it "should authenticate non-expired hmac" do
+      it 'authenticates non-expired hmac' do
         Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
-        expect {
+        expect do
           Ey::Hmac.authenticate!(request, adapter: adapter, ttl: 100) do |auth_id|
             (auth_id == key_id) && key_secret
           end
-        }.to_not raise_exception
+        end.not_to raise_exception
       end
     end
   end

data/spec/spec_helper.rb

@@ -1,10 +1,12 @@
-require File.expand_path("../../lib/ey-hmac", __FILE__)
+# frozen_string_literal: true
+
+require File.expand_path('../lib/ey-hmac', __dir__)
 
 Bundler.require(:test)
 require 'securerandom'
 
-Dir[File.expand_path("../{support,shared}/*.rb", __FILE__)].each{|f| require(f)}
+Dir[File.expand_path('{support,shared}/*.rb', __dir__)].sort.each { |f| require(f) }
 
 RSpec.configure do |config|
-  config.order = "random"
+  config.order = 'random'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ey-hmac
 version: !ruby/object:Gem::Version
-  version: 2.3.0
+  version: 2.4.0
 platform: ruby
 authors:
 - Josh Lane
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-02-07 00:00:00.000000000 Z
+date: 2022-02-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -45,8 +45,11 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/codeql-analysis.yml"
 - ".github/workflows/ruby.yml"
 - ".gitignore"
+- ".rubocop.yml"
+- ".rubocop_todo.yml"
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt