ey-hmac 0.0.2 → 0.0.3

data/lib/ey-hmac/adapter/faraday.rb

@@ -4,14 +4,18 @@ class Ey::Hmac::Adapter::Faraday < Ey::Hmac::Adapter
   end
 
   def content_type
-    %w[CONTENT-TYPE CONTENT_TYPE Content-Type Content_Type].inject(nil){|r, h| r || request[h]}
+    %w[CONTENT-TYPE CONTENT_TYPE Content-Type Content_Type].inject(nil){|r, h| r || request[:request_headers][h]}
   end
 
   def content_digest
-    existing = %w[CONTENT-DIGEST CONTENT_DIGEST Content-Digest Content_Digest].inject(nil){|r,h| r || request[:request_headers][h]}
-    existing || (request[:request_headers]['Content-Digest'] = (body && Digest::MD5.hexdigest(body)))
+    if existing = %w[CONTENT-DIGEST CONTENT_DIGEST Content-Digest Content_Digest].inject(nil){|r,h| r || request[:request_headers][h]}
+      existing
+    elsif digestable = body && Digest::MD5.hexdigest(body)
+      request[:request_headers]['Content-Digest'] = digestable
+    else nil
+    end
   end
-  
+
   def body
     if request[:body] && request[:body].to_s != ""
       request[:body]

data/lib/ey-hmac/adapter/rack.rb

@@ -15,7 +15,11 @@ class Ey::Hmac::Adapter::Rack < Ey::Hmac::Adapter
   end
 
   def content_digest
-    request.env['HTTP_CONTENT_DIGEST'] ||= body && Digest::MD5.hexdigest(body)
+    if existing = request.env['HTTP_CONTENT_DIGEST']
+      existing
+    elsif digest = body && Digest::MD5.hexdigest(body)
+      request.env['HTTP_CONTENT_DIGEST'] = digest
+    end
   end
   
   def body

data/lib/ey-hmac/adapter.rb

@@ -76,7 +76,7 @@ class Ey::Hmac::Adapter
 
   # @abstract
   # @return [String] value of the Date header in {#request}.
-  # @see {Time#http_date}
+  # @see Time#http_date
   def date
     raise NotImplementedError
   end
@@ -89,6 +89,8 @@ class Ey::Hmac::Adapter
 
   # @abstract
   # Add {#signature} header to request. Typically this is 'Authorization' or 'WWW-Authorization'
+  # @return [String] calculated {#authorization}
+  # @see Ey::Hmac#sign!
   def sign!(key_id, key_secret)
     raise NotImplementedError
   end
@@ -96,17 +98,14 @@ class Ey::Hmac::Adapter
   # Check {#authorization_signature} against calculated {#signature}
   # @yieldparam key_id [String] public HMAC key
   # @return [Boolean] true if block yields matching private key and signature matches, else false
-  # @see {#authenticated!}
+  # @see #authenticated!
   def authenticated?(&block)
     authenticated!(&block)
   rescue Ey::Hmac::Error
     false
   end
 
-  # Check {#authorization_signature} against calculated {#signature}
-  # @yieldparam key_id [String] public HMAC key
-  # @return [Boolean] true if block yields matching private key
-  # @raise [Ey::Hmac::Error] if authentication fails
+  # @see Ey::Hmac#authenticate!
   def authenticated!(&block)
     if authorization_match = AUTHORIZATION_REGEXP.match(authorization_signature)
       key_id          = authorization_match[1]

data/lib/ey-hmac/version.rb

@@ -1,5 +1,5 @@
 module Ey
   module Hmac
-    VERSION = "0.0.2"
+    VERSION = "0.0.3"
   end
 end

data/lib/ey-hmac.rb

@@ -30,15 +30,19 @@ module Ey
                            end
     end
 
+    # Signs request by calculating signature and adding it to the specified header
     # @example
     #   Ey::Hmac.sign!(env, @key_id, @key_secret)
     #
+    # @see Ey::Hmac::Adapter#sign!
+    #
     # @param request [Hash] request environment
     # @option options [Ey::Hmac::Adapter] :adapter (#{default_adapter}) adapter to sign request with
     # @option options [Integer] :version (nil) signature version
     # @option options [String] :authorization_header ('Authorization') Authorization header key.
-    # @option options [String] :server ('EyHmac') service name prefixed to {#authorization}
-    # @see {Ey::Hmac::Adapter#sign!}
+    # @option options [String] :service ('EyHmac') service name prefixed to {Ey::Hmac::Adapter#authorization}
+    #
+    # @return [String] authorization signature
     def self.sign!(request, key_id, key_secret, options={})
       adapter = options[:adapter] || Ey::Hmac.default_adapter
 
@@ -52,9 +56,15 @@ module Ey
     #     @consumer = Consumer.where(auth_id: key_id).first
     #     @consumer && @consumer.auth_key
     #   end
+    #
+    # @see Ey::Hmac::Adapter#authenticated?
+    # @see Ey::Hmac#authenticate!
+    #
     # @param request [Hash] request environment
     # @option options [Ey::Hmac::Adapter] :adapter ({#default_adapter}) adapter to verify request with
-    # @see {Ey::Hmac::Adapter#authenticated?}
+    # @yieldparam key_id [String] public HMAC key
+    #
+    # @return [Boolean] success of authentication
     def self.authenticated?(request, options={}, &block)
       adapter = options[:adapter] || Ey::Hmac.default_adapter
 
@@ -63,14 +73,23 @@ module Ey
       adapter.new(request, options).authenticated?(&block)
     end
 
+    # Check {Ey::Hmac::Adapter#authorization_signature} against calculated {Ey::Hmac::Adapter#signature}
     # @example
     #   Ey::Hmac.authenticate! do |key_id|
     #     @consumer = Consumer.where(auth_id: key_id).first
     #     @consumer && @consumer.auth_key
     #   end
+    #
+    # @see Ey::Hmac::Adapter#authenticate!
+    #
     # @param request [Hash] request environment
+    # @yieldparam key_id [String] public HMAC key
     # @option options [Ey::Hmac::Adapter] :adapter ({#default_adapter}) adapter to verify request with
-    # @see {Ey::Hmac::Adapter#authenticate!}
+    #
+    # @raise [SignatureMismatch] if the value of {Ey::Hmac::Adapter#authorization_signature} does not match {Ey::Hmac::Adapter#signature}
+    # @raise [MissingSecret] if the block does not return a private key matching +key_id+
+    # @raise [MissingAuthorization] if the value of {Ey::Hmac::Adapter#authorization_signature} is nil
+    # @return [TrueClass] if authentication was successful
     def self.authenticate!(request, options={}, &block)
       adapter = options[:adapter] || Ey::Hmac.default_adapter
 

data/spec/faraday_spec.rb

@@ -7,16 +7,15 @@ describe "faraday" do
 
   describe "adapter" do
     let!(:adapter)    { Ey::Hmac::Adapter::Faraday }
-    let!(:request) do
-      Faraday::Request.new.tap do |r|
+
+    it "should sign and read request" do
+      request = Faraday::Request.new.tap do |r|
         r.method = :get
         r.path = "/auth"
         r.body = "{1: 2}"
         r.headers = {"Content-Type" => "application/xml"}
-      end.to_env(Faraday::Connection.new("http://localhost"))
-    end
+        end.to_env(Faraday::Connection.new("http://localhost"))
 
-    it "should sign and read request" do
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
       request[:request_headers]['Authorization'].should start_with("EyHmac")
@@ -34,7 +33,67 @@ describe "faraday" do
       yielded.should be_true
     end
 
-    include_examples "authentication"
+    it "should not set Content-Digest if body is nil" do
+      request = Faraday::Request.new.tap do |r|
+        r.method = :get
+        r.path = "/auth"
+        r.body = nil
+        r.headers = {"Content-Type" => "application/xml"}
+        end.to_env(Faraday::Connection.new("http://localhost"))
+
+      Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
+
+      request[:request_headers]['Authorization'].should start_with("EyHmac")
+      request[:request_headers].should_not have_key('Content-Digest')
+      Time.parse(request[:request_headers]['Date']).should_not be_nil
+
+      yielded = false
+
+      Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+        key_id.should == key_id
+        yielded = true
+        key_secret
+      end.should be_true
+
+      yielded.should be_true
+    end
+
+    it "should not set Content-Digest if body is empty" do
+      request = Faraday::Request.new.tap do |r|
+        r.method = :get
+        r.path = "/auth"
+        r.body = ""
+        r.headers = {"Content-Type" => "application/xml"}
+        end.to_env(Faraday::Connection.new("http://localhost"))
+
+      Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
+
+      request[:request_headers]['Authorization'].should start_with("EyHmac")
+      request[:request_headers].should_not have_key('Content-Digest')
+      Time.parse(request[:request_headers]['Date']).should_not be_nil
+
+      yielded = false
+
+      Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+        key_id.should == key_id
+        yielded = true
+        key_secret
+      end.should be_true
+
+      yielded.should be_true
+    end
+
+    context "with a request" do
+    let!(:request) do
+      Faraday::Request.new.tap do |r|
+        r.method = :get
+        r.path = "/auth"
+        r.body = "{1: 2}"
+        r.headers = {"Content-Type" => "application/xml"}
+      end.to_env(Faraday::Connection.new("http://localhost"))
+    end
+      include_examples "authentication"
+    end
   end
 
   describe "middleware" do
@@ -57,5 +116,36 @@ describe "faraday" do
 
       connection.get("/resources").status.should == 200
     end
+
+    it "should sign empty request" do
+      require 'ey-hmac/faraday'
+      Bundler.require(:rack)
+
+      _key_id, _key_secret = key_id, key_secret
+      app = Rack::Builder.new do
+        use Rack::Config do |env|
+          env["CONTENT_TYPE"] ||= "text/html"
+        end
+        run(lambda {|env|
+          authenticated = Ey::Hmac.authenticate!(env, adapter: Ey::Hmac::Adapter::Rack) do |auth_id|
+            (auth_id == _key_id) && _key_secret
+          end
+          [(authenticated ? 200 : 401), {"Content-Type" => "text/plain"}, []]
+        })
+      end
+
+      request_env = nil
+      connection = Faraday.new do |c|
+        c.request :hmac, key_id, key_secret
+        c.adapter(:rack, app)
+      end
+
+      connection.get do |req|
+        req.path  = "/resource"
+        req.body = nil
+        req.params = {"a" => "1"}
+        req.headers = {"Content-Type" => "application/x-www-form-urlencoded"}
+      end.status.should == 200
+    end
   end
 end

data/spec/rack_spec.rb

@@ -8,14 +8,12 @@ describe "rack" do
 
   describe "adapter" do
     let(:adapter)     { Ey::Hmac::Adapter::Rack }
-    let(:request)     {
-      Rack::Request.new({
-        "rack.input" => StringIO.new("{1: 2}"),
-        "HTTP_CONTENT_TYPE" => "application/json",
-      })
-    }
 
     it "should sign and read request" do
+      request = Rack::Request.new(
+        "rack.input"        => StringIO.new("{1: 2}"),
+        "HTTP_CONTENT_TYPE" => "application/json",
+      )
       Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
 
       request.env['HTTP_AUTHORIZATION'].should start_with("EyHmac")
@@ -33,7 +31,61 @@ describe "rack" do
       yielded.should be_true
     end
 
-    include_examples "authentication"
+    it "should not set Content-Digest if body is nil" do
+      request = Rack::Request.new(
+        "HTTP_CONTENT_TYPE" => "application/json",
+      )
+
+      Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
+
+      request.env['HTTP_AUTHORIZATION'].should start_with("EyHmac")
+      request.env.should_not have_key('HTTP_CONTENT_DIGEST')
+      Time.parse(request.env['HTTP_DATE']).should_not be_nil
+
+      yielded = false
+
+      Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+        key_id.should == key_id
+        yielded = true
+        key_secret
+      end.should be_true
+
+      yielded.should be_true
+    end
+
+    it "should not set Content-Digest if body is empty" do
+      request = Rack::Request.new(
+        "rack.input"        => StringIO.new(""),
+        "HTTP_CONTENT_TYPE" => "application/json",
+      )
+
+      Ey::Hmac.sign!(request, key_id, key_secret, adapter: adapter)
+
+      request.env['HTTP_AUTHORIZATION'].should start_with("EyHmac")
+      request.env.should_not have_key('HTTP_CONTENT_DIGEST')
+      Time.parse(request.env['HTTP_DATE']).should_not be_nil
+
+      yielded = false
+
+      Ey::Hmac.authenticated?(request, adapter: adapter) do |key_id|
+        key_id.should == key_id
+        yielded = true
+        key_secret
+      end.should be_true
+
+      yielded.should be_true
+    end
+
+    context "with a request" do
+      let(:request) {
+        Rack::Request.new(
+          "rack.input"        => StringIO.new("{1: 2}"),
+          "HTTP_CONTENT_TYPE" => "application/json",
+        )
+      }
+
+      include_examples "authentication"
+    end
   end
 
   describe "middleware" do

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: ey-hmac
 version: !ruby/object:Gem::Version
-  version: 0.0.2
   prerelease: 
+  version: 0.0.3
 platform: ruby
 authors:
 - Josh Lane & Jason Hansen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-02-05 00:00:00.000000000 Z
+date: 2013-02-06 00:00:00.000000000 Z
 dependencies: []
 description: Lightweight HMAC signing libraries and middleware for Farday and Rack
 email: