ey_api_hmac 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -6,7 +6,7 @@ Gem::Specification.new do |s|
6
6
  s.name = "ey_api_hmac"
7
7
  s.version = EY::ApiHMAC::VERSION
8
8
  s.authors = ["Jacob Burkhart & Thorben Schröder & David Calavera & others"]
9
- s.email = ["jacob@engineyard.com"]
9
+ s.email = ["jacob@engineyard.com", "jlane@engineyard.com", "jrucker@engineyard.com"]
10
10
  s.homepage = ""
11
11
  s.summary = %q{HMAC Rack basic implementation for Engine Yard services}
12
12
  s.description = %q{basic wrapper for rack-client + middlewares for HMAC auth + helpers for SSO auth}
@@ -19,7 +19,7 @@ module EY
19
19
  env[var]
20
20
  end
21
21
  parts << expect["REQUEST_METHOD"]
22
- parts << expect["CONTENT_TYPE"]
22
+ parts << env["CONTENT_TYPE"]
23
23
  parts << generated_md5(env)
24
24
  parts << expect["HTTP_DATE"]
25
25
  if env["REQUEST_URI"]
@@ -77,7 +77,7 @@ module EY
77
77
  env["rack.input"].rewind
78
78
  request_body = env["rack.input"].read
79
79
  env["rack.input"].rewind
80
- OpenSSL::Digest::MD5.hexdigest(request_body)
80
+ request_body.empty? ? nil : OpenSSL::Digest::MD5.hexdigest(request_body)
81
81
  end
82
82
 
83
83
  end
@@ -1,5 +1,5 @@
1
1
  module EY
2
2
  module ApiHMAC
3
- VERSION = "0.1.0"
3
+ VERSION = "0.2.0"
4
4
  end
5
5
  end
@@ -4,6 +4,18 @@ require 'ey_api_hmac'
4
4
  require 'auth-hmac'
5
5
  require 'rack/contrib'
6
6
  require 'time'
7
+ def compatible
8
+ it "verifies by ApiAuth" do
9
+ @lookup = Proc.new{ |key| 'secret' if key == 'access key 1' }
10
+ EY::ApiHMAC.authenticated?(@env, &@lookup).should be_true
11
+ end
12
+
13
+ it "verifies by AuthHMAC" do
14
+ @authhmac = AuthHMAC.new({"access key 1" => 'secret'})
15
+ @authhmac.authenticated?(@request).should be_true
16
+ end
17
+ end
18
+
7
19
 
8
20
  describe EY::ApiHMAC::ApiAuth do
9
21
 
@@ -49,16 +61,15 @@ describe EY::ApiHMAC::ApiAuth do
49
61
  'PATH_INFO' => "/path/to/put",
50
62
  'QUERY_STRING' => 'foo=bar&bar=foo',
51
63
  'CONTENT_TYPE' => 'text/plain',
52
- 'HTTP_CONTENT_MD5' => 'd41d8cd98f00b204e9800998ecf8427e',
53
64
  'REQUEST_METHOD' => "PUT",
54
65
  'HTTP_DATE' => "Thu, 10 Jul 2008 03:29:56 GMT",
55
- "rack.input" => StringIO.new}
66
+ "rack.input" => StringIO.new("somebody")}
56
67
  @request = Rack::Request.new(@env)
57
68
  end
58
69
 
59
70
  describe ".canonical_string" do
60
71
  it "should generate a canonical string using default method" do
61
- expected = "PUT\ntext/plain\nd41d8cd98f00b204e9800998ecf8427e\nThu, 10 Jul 2008 03:29:56 GMT\n/path/to/put"
72
+ expected = "PUT\ntext/plain\n78b9d09661da64f0bc6c146c524bae4a\nThu, 10 Jul 2008 03:29:56 GMT\n/path/to/put"
62
73
  AuthHMAC.canonical_string(@request).should == expected
63
74
  EY::ApiHMAC.canonical_string(@env).should == expected
64
75
  end
@@ -66,7 +77,7 @@ describe EY::ApiHMAC::ApiAuth do
66
77
 
67
78
  describe ".signature" do
68
79
  it "should generate a valid signature string for a secret" do
69
- expected = "isJ7zHHPrpnSdZ/XbvqxFhVUf0c="
80
+ expected = "EGLJlEoCa5s7MDgVZ7tGuIk3s68="
70
81
  AuthHMAC.signature(@request, 'secret').should == expected
71
82
  EY::ApiHMAC.signature(@env, 'secret').should == expected
72
83
  end
@@ -74,7 +85,7 @@ describe EY::ApiHMAC::ApiAuth do
74
85
 
75
86
  describe "sign!" do
76
87
  before do
77
- @expected = "AuthHMAC my-key-id:isJ7zHHPrpnSdZ/XbvqxFhVUf0c="
88
+ @expected = "AuthHMAC my-key-id:EGLJlEoCa5s7MDgVZ7tGuIk3s68="
78
89
  end
79
90
 
80
91
  it "signs as expected with AuthHMAC" do
@@ -91,34 +102,55 @@ describe EY::ApiHMAC::ApiAuth do
91
102
 
92
103
  describe "authenticated?" do
93
104
  describe "request signed by AuthHMAC" do
94
- before do
95
- AuthHMAC.sign!(@request, 'access key 1', 'secret')
96
- @env["HTTP_AUTHORIZATION"] = @request["Authorization"]
97
- end
98
105
 
99
- it "verifies by ApiAuth" do
100
- @lookup = Proc.new{ |key| 'secret' if key == 'access key 1' }
101
- EY::ApiHMAC.authenticated?(@env, &@lookup).should be_true
106
+ describe do
107
+ before do
108
+ AuthHMAC.sign!(@request, 'access key 1', 'secret')
109
+ @env["HTTP_AUTHORIZATION"] = @request["Authorization"]
110
+ end
111
+ compatible
102
112
  end
103
-
104
- it "verifies by AuthHMAC" do
105
- @authhmac = AuthHMAC.new({"access key 1" => 'secret'})
106
- @authhmac.authenticated?(@request).should be_true
113
+ describe "without BODY" do
114
+ before do
115
+ @env['rack.input'] = StringIO.new
116
+ @env.delete('HTTP_CONTENT_MD5')
117
+ @request = Rack::Request.new(@env)
118
+ AuthHMAC.sign!(@request, 'access key 1', 'secret')
119
+ @env["HTTP_AUTHORIZATION"] = @request["Authorization"]
120
+ end
121
+ compatible
122
+ end
123
+ describe "without CONTENT_TYPE" do
124
+ before do
125
+ @env.delete('CONTENT_TYPE')
126
+ @request = Rack::Request.new(@env)
127
+ AuthHMAC.sign!(@request, 'access key 1', 'secret')
128
+ @env["HTTP_AUTHORIZATION"] = @request["Authorization"]
129
+ end
130
+ compatible
107
131
  end
108
132
  end
109
133
  describe "request signed by ApiAuth" do
110
- before do
111
- EY::ApiHMAC.sign!(@env, 'access key 1', 'secret')
134
+ describe "without content" do
135
+ before do
136
+ @env['rack.input'] = StringIO.new
137
+ @env.delete('HTTP_CONTENT_MD5')
138
+ EY::ApiHMAC.sign!(@env, 'access key 1', 'secret')
139
+ end
140
+ compatible
112
141
  end
113
-
114
- it "verifies by ApiAuth" do
115
- @lookup = Proc.new{ |key| 'secret' if key == 'access key 1' }
116
- EY::ApiHMAC.authenticated?(@env, &@lookup).should be_true
142
+ describe "without CONTENT_TYPE" do
143
+ before do
144
+ @env.delete('CONTENT_TYPE')
145
+ EY::ApiHMAC.sign!(@env, 'access key 1', 'secret')
146
+ end
147
+ compatible
117
148
  end
118
-
119
- it "verifies by AuthHMAC" do
120
- @authhmac = AuthHMAC.new({"access key 1" => 'secret'})
121
- @authhmac.authenticated?(@request).should be_true
149
+ describe do
150
+ before do
151
+ EY::ApiHMAC.sign!(@env, 'access key 1', 'secret')
152
+ end
153
+ compatible
122
154
  end
123
155
  end
124
156
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ey_api_hmac
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,11 +9,11 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2011-12-05 00:00:00.000000000 Z
12
+ date: 2011-12-14 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rack-client
16
- requirement: &70244892160460 !ruby/object:Gem::Requirement
16
+ requirement: &2158291480 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
21
21
  version: '0'
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *70244892160460
24
+ version_requirements: *2158291480
25
25
  - !ruby/object:Gem::Dependency
26
26
  name: json
27
- requirement: &70244892146140 !ruby/object:Gem::Requirement
27
+ requirement: &2158290940 !ruby/object:Gem::Requirement
28
28
  none: false
29
29
  requirements:
30
30
  - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
32
32
  version: '0'
33
33
  type: :runtime
34
34
  prerelease: false
35
- version_requirements: *70244892146140
35
+ version_requirements: *2158290940
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: rspec
38
- requirement: &70244892148700 !ruby/object:Gem::Requirement
38
+ requirement: &2158290360 !ruby/object:Gem::Requirement
39
39
  none: false
40
40
  requirements:
41
41
  - - ! '>='
@@ -43,11 +43,13 @@ dependencies:
43
43
  version: '0'
44
44
  type: :development
45
45
  prerelease: false
46
- version_requirements: *70244892148700
46
+ version_requirements: *2158290360
47
47
  description: basic wrapper for rack-client + middlewares for HMAC auth + helpers for
48
48
  SSO auth
49
49
  email:
50
50
  - jacob@engineyard.com
51
+ - jlane@engineyard.com
52
+ - jrucker@engineyard.com
51
53
  executables: []
52
54
  extensions: []
53
55
  extra_rdoc_files: []
@@ -87,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
87
89
  version: '0'
88
90
  requirements: []
89
91
  rubyforge_project: ey_api_hmac
90
- rubygems_version: 1.8.10
92
+ rubygems_version: 1.8.12
91
93
  signing_key:
92
94
  specification_version: 3
93
95
  summary: HMAC Rack basic implementation for Engine Yard services