ey-hmac 2.3.1 → 2.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +2 -0
  3. data/lib/ey-hmac/adapter.rb +21 -5
  4. data/lib/ey-hmac/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '0395ec2d5516cbf5d39c1490f0f84c9674da117158e4af1de439b98e3a60b03e'
4
- data.tar.gz: d58723b34816d4555610989bfe9e6e0a93f75e735b82ca0853966cc9e0b171fc
3
+ metadata.gz: 1ea57d603aa108a1bf510fcf6e61aa45b1d1d0fca0ba7aa1b97681396fae9a7c
4
+ data.tar.gz: 7ad6caf49126be2b2a4b75acbc97ecf9d1898307a896f909493850be26d8261e
5
5
  SHA512:
6
- metadata.gz: eae3a563262f394b556c11833269dc222018d54218378911cc6009dc185790cbc658ceb7350be3a89e667e580e28c3b6a0838393768bf5db9d576e55da5103ce
7
- data.tar.gz: 2a720b806b64471333982dd534687f242f306d3276f653317e049a778b0e1a8830b0f37aabca8f0c260244c52bea6c2354e60ddb1279973404125dae93466d7a
6
+ metadata.gz: 6c790db93637c36fe752759cdb1aac1a70d3f1378ca5c2ae6b4132b8115d97b5e75b15e75de7dc069800980846d83524dbbe58903d9fd4b2006499e0ff8f9826
7
+ data.tar.gz: 6d8745e27b9c8d01d01d9f6bc608eba2f6fd6f8476a28eba9097dda9765944b8d5ba535be0901f151e69f4b66b9e1a2d022bdd29cbc38fc68a3ec9cacfaf2500
data/.rubocop.yml CHANGED
@@ -23,6 +23,8 @@ Style/ClassAndModuleChildren:
23
23
  EnforcedStyle: compact
24
24
  Metrics/MethodLength:
25
25
  Enabled: false
26
+ Metrics/ClassLength:
27
+ Enabled: false
26
28
  RSpec/ExampleLength:
27
29
  Enabled: false
28
30
  RSpec/MultipleExpectations:
data/lib/ey-hmac/adapter.rb CHANGED
@@ -4,11 +4,19 @@
4
4
  # @abstract override methods {#method}, {#path}, {#body}, {#content_type} and {#content_digest}
5
5
  class Ey::Hmac::Adapter
6
6
  AUTHORIZATION_REGEXP = /\w+ ([^:]+):(.+)$/.freeze
7
+ DEFAULT_CANONICALIZE_WITH = %i[method content_type content_digest date path].freeze
7
8
 
8
9
  autoload :Rack, 'ey-hmac/adapter/rack'
9
10
  autoload :Faraday, 'ey-hmac/adapter/faraday'
10
11
 
11
- attr_reader :request, :options, :authorization_header, :service, :sign_with, :accept_digests
12
+ attr_reader :request,
13
+ :options,
14
+ :authorization_header,
15
+ :service,
16
+ :sign_with,
17
+ :accept_digests,
18
+ :include_query_string,
19
+ :canonicalize_with
12
20
 
13
21
  # @param [Object] request signer-specific request implementation
14
22
  # @option options [Integer] :version signature version
@@ -16,6 +24,7 @@ class Ey::Hmac::Adapter
16
24
  # @option options [String] :authorization_header ('Authorization') Authorization header key.
17
25
  # @option options [String] :server ('EyHmac') service name prefixed to {#authorization}. set to {#service}
18
26
  # @option options [Symbol] :sign_with (:sha_256) outgoing signature digest algorithm. See {OpenSSL::Digest#new}
27
+ # @option options [Symbol] :include_query_string (false) canonicalize with the request query string.
19
28
  # @option options [Array] :accepted_digests ([:sha_256]) accepted incoming signature digest algorithm. See {OpenSSL::Digest#new}
20
29
  def initialize(request, options = {})
21
30
  @request = request
@@ -25,7 +34,11 @@ class Ey::Hmac::Adapter
25
34
  @authorization_header = options[:authorization_header] || 'Authorization'
26
35
  @service = options[:service] || 'EyHmac'
27
36
  @sign_with = options[:sign_with] || :sha256
28
- @accept_digests = Array(options[:accept_digests] || :sha256)
37
+ @include_query_string = options.fetch(:include_query_string, false)
38
+ @accept_digests = Array(options[:accept_digests] || :sha256)
39
+
40
+ @canonicalize_with = DEFAULT_CANONICALIZE_WITH
41
+ @canonicalize_with += :query_string if include_query_string
29
42
  end
30
43
 
31
44
  # In order for the server to correctly authorize the request, the client and server MUST AGREE on this format
@@ -33,7 +46,7 @@ class Ey::Hmac::Adapter
33
46
  # default canonical string formation is '{#method}\\n{#content_type}\\n{#content_digest}\\n{#date}\\n{#path}'
34
47
  # @return [String] canonical string used to form the {#signature}
35
48
  def canonicalize
36
- [method, content_type, content_digest, date, path].join("\n")
49
+ canonicalize_with.map { |message| public_send(message) }.join("\n")
37
50
  end
38
51
 
39
52
  # @param [String] key_secret private HMAC key
@@ -129,8 +142,11 @@ class Ey::Hmac::Adapter
129
142
 
130
143
  check_ttl!
131
144
 
132
- calculated_signatures = accept_digests.map { |ad| signature(key_secret, ad) }
133
- matching_signature = calculated_signatures.any? { |cs| secure_compare(signature_value, cs) }
145
+ matching_signature =
146
+ accept_digests
147
+ .lazy
148
+ .map { |ad| signature(key_secret, ad) }
149
+ .any? { |cs| secure_compare(signature_value, cs) }
134
150
 
135
151
  raise Ey::Hmac::SignatureMismatch unless matching_signature
136
152
 
data/lib/ey-hmac/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Ey # rubocop:disable Style/ClassAndModuleChildren
4
4
  module Hmac
5
- VERSION = '2.3.1'
5
+ VERSION = '2.4.0'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ey-hmac
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.1
4
+ version: 2.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Lane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-08 00:00:00.000000000 Z
11
+ date: 2022-02-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler