ey-hmac 2.3.1 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +2 -0
  3. data/lib/ey-hmac/adapter.rb +21 -5
  4. data/lib/ey-hmac/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '0395ec2d5516cbf5d39c1490f0f84c9674da117158e4af1de439b98e3a60b03e'
4
- data.tar.gz: d58723b34816d4555610989bfe9e6e0a93f75e735b82ca0853966cc9e0b171fc
3
+ metadata.gz: 1ea57d603aa108a1bf510fcf6e61aa45b1d1d0fca0ba7aa1b97681396fae9a7c
4
+ data.tar.gz: 7ad6caf49126be2b2a4b75acbc97ecf9d1898307a896f909493850be26d8261e
5
5
  SHA512:
6
- metadata.gz: eae3a563262f394b556c11833269dc222018d54218378911cc6009dc185790cbc658ceb7350be3a89e667e580e28c3b6a0838393768bf5db9d576e55da5103ce
7
- data.tar.gz: 2a720b806b64471333982dd534687f242f306d3276f653317e049a778b0e1a8830b0f37aabca8f0c260244c52bea6c2354e60ddb1279973404125dae93466d7a
6
+ metadata.gz: 6c790db93637c36fe752759cdb1aac1a70d3f1378ca5c2ae6b4132b8115d97b5e75b15e75de7dc069800980846d83524dbbe58903d9fd4b2006499e0ff8f9826
7
+ data.tar.gz: 6d8745e27b9c8d01d01d9f6bc608eba2f6fd6f8476a28eba9097dda9765944b8d5ba535be0901f151e69f4b66b9e1a2d022bdd29cbc38fc68a3ec9cacfaf2500
data/.rubocop.yml CHANGED
@@ -23,6 +23,8 @@ Style/ClassAndModuleChildren:
23
23
  EnforcedStyle: compact
24
24
  Metrics/MethodLength:
25
25
  Enabled: false
26
+ Metrics/ClassLength:
27
+ Enabled: false
26
28
  RSpec/ExampleLength:
27
29
  Enabled: false
28
30
  RSpec/MultipleExpectations:
data/lib/ey-hmac/adapter.rb CHANGED
@@ -4,11 +4,19 @@
4
4
  # @abstract override methods {#method}, {#path}, {#body}, {#content_type} and {#content_digest}
5
5
  class Ey::Hmac::Adapter
6
6
  AUTHORIZATION_REGEXP = /\w+ ([^:]+):(.+)$/.freeze
7
+ DEFAULT_CANONICALIZE_WITH = %i[method content_type content_digest date path].freeze
7
8
 
8
9
  autoload :Rack, 'ey-hmac/adapter/rack'
9
10
  autoload :Faraday, 'ey-hmac/adapter/faraday'
10
11
 
11
- attr_reader :request, :options, :authorization_header, :service, :sign_with, :accept_digests
12
+ attr_reader :request,
13
+ :options,
14
+ :authorization_header,
15
+ :service,
16
+ :sign_with,
17
+ :accept_digests,
18
+ :include_query_string,
19
+ :canonicalize_with
12
20
 
13
21
  # @param [Object] request signer-specific request implementation
14
22
  # @option options [Integer] :version signature version
@@ -16,6 +24,7 @@ class Ey::Hmac::Adapter
16
24
  # @option options [String] :authorization_header ('Authorization') Authorization header key.
17
25
  # @option options [String] :server ('EyHmac') service name prefixed to {#authorization}. set to {#service}
18
26
  # @option options [Symbol] :sign_with (:sha_256) outgoing signature digest algorithm. See {OpenSSL::Digest#new}
27
+ # @option options [Symbol] :include_query_string (false) canonicalize with the request query string.
19
28
  # @option options [Array] :accepted_digests ([:sha_256]) accepted incoming signature digest algorithm. See {OpenSSL::Digest#new}
20
29
  def initialize(request, options = {})
21
30
  @request = request
@@ -25,7 +34,11 @@ class Ey::Hmac::Adapter
25
34
  @authorization_header = options[:authorization_header] || 'Authorization'
26
35
  @service = options[:service] || 'EyHmac'
27
36
  @sign_with = options[:sign_with] || :sha256
28
- @accept_digests = Array(options[:accept_digests] || :sha256)
37
+ @include_query_string = options.fetch(:include_query_string, false)
38
+ @accept_digests = Array(options[:accept_digests] || :sha256)
39
+
40
+ @canonicalize_with = DEFAULT_CANONICALIZE_WITH
41
+ @canonicalize_with += :query_string if include_query_string
29
42
  end
30
43
 
31
44
  # In order for the server to correctly authorize the request, the client and server MUST AGREE on this format
@@ -33,7 +46,7 @@ class Ey::Hmac::Adapter
33
46
  # default canonical string formation is '{#method}\\n{#content_type}\\n{#content_digest}\\n{#date}\\n{#path}'
34
47
  # @return [String] canonical string used to form the {#signature}
35
48
  def canonicalize
36
- [method, content_type, content_digest, date, path].join("\n")
49
+ canonicalize_with.map { |message| public_send(message) }.join("\n")
37
50
  end
38
51
 
39
52
  # @param [String] key_secret private HMAC key
@@ -129,8 +142,11 @@ class Ey::Hmac::Adapter
129
142
 
130
143
  check_ttl!
131
144
 
132
- calculated_signatures = accept_digests.map { |ad| signature(key_secret, ad) }
133
- matching_signature = calculated_signatures.any? { |cs| secure_compare(signature_value, cs) }
145
+ matching_signature =
146
+ accept_digests
147
+ .lazy
148
+ .map { |ad| signature(key_secret, ad) }
149
+ .any? { |cs| secure_compare(signature_value, cs) }
134
150
 
135
151
  raise Ey::Hmac::SignatureMismatch unless matching_signature
136
152
 
data/lib/ey-hmac/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Ey # rubocop:disable Style/ClassAndModuleChildren
4
4
  module Hmac
5
- VERSION = '2.3.1'
5
+ VERSION = '2.4.0'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ey-hmac
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.1
4
+ version: 2.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Lane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-08 00:00:00.000000000 Z
11
+ date: 2022-02-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler