ey_api_hmac 0.0.15 → 0.0.16

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. data/Gemfile.lock +1 -1
  2. data/lib/ey_api_hmac/sso.rb +9 -4
  3. data/lib/ey_api_hmac/version.rb +1 -1
  4. metadata +4 -4
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- ey_api_hmac (0.0.15.pre)
4
+ ey_api_hmac (0.0.15)
5
5
  json
6
6
  rack-client
7
7
 
data/lib/ey_api_hmac/sso.rb CHANGED
@@ -9,7 +9,7 @@ module EY
9
9
  verify_params!(url, extra_params, parameters)
10
10
  parameters.merge!(extra_params)
11
11
  end
12
- uri.query = parameters.sort_by(&:to_s).map {|e| e.map{|str| CGI.escape(str.to_s)}.join '='}.join '&'
12
+ uri.query = params_to_string(parameters)
13
13
  signature = CGI.escape(signature_param(uri.to_s, auth_id, auth_key))
14
14
  uri.query += "&signature=#{signature}"
15
15
  uri.to_s
@@ -17,9 +17,10 @@ module EY
17
17
 
18
18
  def self.authenticated?(url, auth_id, auth_key)
19
19
  uri = URI.parse(url)
20
- signature = CGI.unescape(uri.query.match(/&signature=(.*)$/)[1])
21
- signed_string = uri.to_s.gsub(/&signature=(.*)$/,"")
22
- signature_param(signed_string.to_s, auth_id, auth_key) == signature
20
+ query_params = CGI::parse(uri.query)
21
+ signature = query_params.delete("signature").to_s
22
+ uri.query = params_to_string(query_params)
23
+ signature == signature_param(uri.to_s, auth_id, auth_key)
23
24
  end
24
25
 
25
26
  def self.signature_param(signed_string, auth_id, auth_key)
@@ -28,6 +29,10 @@ module EY
28
29
 
29
30
  private
30
31
 
32
+ def self.params_to_string(parameters)
33
+ parameters.sort_by(&:to_s).map {|e| e.map{|str| CGI.escape(str.to_s)}.join '='}.join '&'
34
+ end
35
+
31
36
  def self.verify_params!(url, extra_params, parameters)
32
37
  illegal_query_params = parameters.keys.map(&:to_s) + ["signature"]
33
38
  extra_params.keys.each do |k|
data/lib/ey_api_hmac/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module EY
2
2
  module ApiHMAC
3
- VERSION = "0.0.15"
3
+ VERSION = "0.0.16"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ey_api_hmac
3
3
  version: !ruby/object:Gem::Version
4
- hash: 1
4
+ hash: 63
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 15
10
- version: 0.0.15
9
+ - 16
10
+ version: 0.0.16
11
11
  platform: ruby
12
12
  authors:
13
13
  - "Jacob Burkhart & Thorben Schr\xC3\xB6der & David Calavera & others"
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-10-05 00:00:00 Z
18
+ date: 2011-10-07 00:00:00 Z
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
21
  name: rack-client