ey_api_hmac 0.1.0 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. data/ey_api_hmac.gemspec +1 -1
  2. data/lib/ey_api_hmac.rb +2 -2
  3. data/lib/ey_api_hmac/version.rb +1 -1
  4. data/spec/api_auth_spec.rb +58 -26
  5. metadata +11 -9
data/ey_api_hmac.gemspec CHANGED
@@ -6,7 +6,7 @@ Gem::Specification.new do |s|
6
6
  s.name = "ey_api_hmac"
7
7
  s.version = EY::ApiHMAC::VERSION
8
8
  s.authors = ["Jacob Burkhart & Thorben Schröder & David Calavera & others"]
9
- s.email = ["jacob@engineyard.com"]
9
+ s.email = ["jacob@engineyard.com", "jlane@engineyard.com", "jrucker@engineyard.com"]
10
10
  s.homepage = ""
11
11
  s.summary = %q{HMAC Rack basic implementation for Engine Yard services}
12
12
  s.description = %q{basic wrapper for rack-client + middlewares for HMAC auth + helpers for SSO auth}
data/lib/ey_api_hmac.rb CHANGED
@@ -19,7 +19,7 @@ module EY
19
19
  env[var]
20
20
  end
21
21
  parts << expect["REQUEST_METHOD"]
22
- parts << expect["CONTENT_TYPE"]
22
+ parts << env["CONTENT_TYPE"]
23
23
  parts << generated_md5(env)
24
24
  parts << expect["HTTP_DATE"]
25
25
  if env["REQUEST_URI"]
@@ -77,7 +77,7 @@ module EY
77
77
  env["rack.input"].rewind
78
78
  request_body = env["rack.input"].read
79
79
  env["rack.input"].rewind
80
- OpenSSL::Digest::MD5.hexdigest(request_body)
80
+ request_body.empty? ? nil : OpenSSL::Digest::MD5.hexdigest(request_body)
81
81
  end
82
82
 
83
83
  end
data/lib/ey_api_hmac/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module EY
2
2
  module ApiHMAC
3
- VERSION = "0.1.0"
3
+ VERSION = "0.2.0"
4
4
  end
5
5
  end
data/spec/api_auth_spec.rb CHANGED
@@ -4,6 +4,18 @@ require 'ey_api_hmac'
4
4
  require 'auth-hmac'
5
5
  require 'rack/contrib'
6
6
  require 'time'
7
+ def compatible
8
+ it "verifies by ApiAuth" do
9
+ @lookup = Proc.new{ |key| 'secret' if key == 'access key 1' }
10
+ EY::ApiHMAC.authenticated?(@env, &@lookup).should be_true
11
+ end
12
+
13
+ it "verifies by AuthHMAC" do
14
+ @authhmac = AuthHMAC.new({"access key 1" => 'secret'})
15
+ @authhmac.authenticated?(@request).should be_true
16
+ end
17
+ end
18
+
7
19
 
8
20
  describe EY::ApiHMAC::ApiAuth do
9
21
 
@@ -49,16 +61,15 @@ describe EY::ApiHMAC::ApiAuth do
49
61
  'PATH_INFO' => "/path/to/put",
50
62
  'QUERY_STRING' => 'foo=bar&bar=foo',
51
63
  'CONTENT_TYPE' => 'text/plain',
52
- 'HTTP_CONTENT_MD5' => 'd41d8cd98f00b204e9800998ecf8427e',
53
64
  'REQUEST_METHOD' => "PUT",
54
65
  'HTTP_DATE' => "Thu, 10 Jul 2008 03:29:56 GMT",
55
- "rack.input" => StringIO.new}
66
+ "rack.input" => StringIO.new("somebody")}
56
67
  @request = Rack::Request.new(@env)
57
68
  end
58
69
 
59
70
  describe ".canonical_string" do
60
71
  it "should generate a canonical string using default method" do
61
- expected = "PUT\ntext/plain\nd41d8cd98f00b204e9800998ecf8427e\nThu, 10 Jul 2008 03:29:56 GMT\n/path/to/put"
72
+ expected = "PUT\ntext/plain\n78b9d09661da64f0bc6c146c524bae4a\nThu, 10 Jul 2008 03:29:56 GMT\n/path/to/put"
62
73
  AuthHMAC.canonical_string(@request).should == expected
63
74
  EY::ApiHMAC.canonical_string(@env).should == expected
64
75
  end
@@ -66,7 +77,7 @@ describe EY::ApiHMAC::ApiAuth do
66
77
 
67
78
  describe ".signature" do
68
79
  it "should generate a valid signature string for a secret" do
69
- expected = "isJ7zHHPrpnSdZ/XbvqxFhVUf0c="
80
+ expected = "EGLJlEoCa5s7MDgVZ7tGuIk3s68="
70
81
  AuthHMAC.signature(@request, 'secret').should == expected
71
82
  EY::ApiHMAC.signature(@env, 'secret').should == expected
72
83
  end
@@ -74,7 +85,7 @@ describe EY::ApiHMAC::ApiAuth do
74
85
 
75
86
  describe "sign!" do
76
87
  before do
77
- @expected = "AuthHMAC my-key-id:isJ7zHHPrpnSdZ/XbvqxFhVUf0c="
88
+ @expected = "AuthHMAC my-key-id:EGLJlEoCa5s7MDgVZ7tGuIk3s68="
78
89
  end
79
90
 
80
91
  it "signs as expected with AuthHMAC" do
@@ -91,34 +102,55 @@ describe EY::ApiHMAC::ApiAuth do
91
102
 
92
103
  describe "authenticated?" do
93
104
  describe "request signed by AuthHMAC" do
94
- before do
95
- AuthHMAC.sign!(@request, 'access key 1', 'secret')
96
- @env["HTTP_AUTHORIZATION"] = @request["Authorization"]
97
- end
98
105
 
99
- it "verifies by ApiAuth" do
100
- @lookup = Proc.new{ |key| 'secret' if key == 'access key 1' }
101
- EY::ApiHMAC.authenticated?(@env, &@lookup).should be_true
106
+ describe do
107
+ before do
108
+ AuthHMAC.sign!(@request, 'access key 1', 'secret')
109
+ @env["HTTP_AUTHORIZATION"] = @request["Authorization"]
110
+ end
111
+ compatible
102
112
  end
103
-
104
- it "verifies by AuthHMAC" do
105
- @authhmac = AuthHMAC.new({"access key 1" => 'secret'})
106
- @authhmac.authenticated?(@request).should be_true
113
+ describe "without BODY" do
114
+ before do
115
+ @env['rack.input'] = StringIO.new
116
+ @env.delete('HTTP_CONTENT_MD5')
117
+ @request = Rack::Request.new(@env)
118
+ AuthHMAC.sign!(@request, 'access key 1', 'secret')
119
+ @env["HTTP_AUTHORIZATION"] = @request["Authorization"]
120
+ end
121
+ compatible
122
+ end
123
+ describe "without CONTENT_TYPE" do
124
+ before do
125
+ @env.delete('CONTENT_TYPE')
126
+ @request = Rack::Request.new(@env)
127
+ AuthHMAC.sign!(@request, 'access key 1', 'secret')
128
+ @env["HTTP_AUTHORIZATION"] = @request["Authorization"]
129
+ end
130
+ compatible
107
131
  end
108
132
  end
109
133
  describe "request signed by ApiAuth" do
110
- before do
111
- EY::ApiHMAC.sign!(@env, 'access key 1', 'secret')
134
+ describe "without content" do
135
+ before do
136
+ @env['rack.input'] = StringIO.new
137
+ @env.delete('HTTP_CONTENT_MD5')
138
+ EY::ApiHMAC.sign!(@env, 'access key 1', 'secret')
139
+ end
140
+ compatible
112
141
  end
113
-
114
- it "verifies by ApiAuth" do
115
- @lookup = Proc.new{ |key| 'secret' if key == 'access key 1' }
116
- EY::ApiHMAC.authenticated?(@env, &@lookup).should be_true
142
+ describe "without CONTENT_TYPE" do
143
+ before do
144
+ @env.delete('CONTENT_TYPE')
145
+ EY::ApiHMAC.sign!(@env, 'access key 1', 'secret')
146
+ end
147
+ compatible
117
148
  end
118
-
119
- it "verifies by AuthHMAC" do
120
- @authhmac = AuthHMAC.new({"access key 1" => 'secret'})
121
- @authhmac.authenticated?(@request).should be_true
149
+ describe do
150
+ before do
151
+ EY::ApiHMAC.sign!(@env, 'access key 1', 'secret')
152
+ end
153
+ compatible
122
154
  end
123
155
  end
124
156
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ey_api_hmac
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,11 +9,11 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2011-12-05 00:00:00.000000000 Z
12
+ date: 2011-12-14 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rack-client
16
- requirement: &70244892160460 !ruby/object:Gem::Requirement
16
+ requirement: &2158291480 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
21
21
  version: '0'
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *70244892160460
24
+ version_requirements: *2158291480
25
25
  - !ruby/object:Gem::Dependency
26
26
  name: json
27
- requirement: &70244892146140 !ruby/object:Gem::Requirement
27
+ requirement: &2158290940 !ruby/object:Gem::Requirement
28
28
  none: false
29
29
  requirements:
30
30
  - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
32
32
  version: '0'
33
33
  type: :runtime
34
34
  prerelease: false
35
- version_requirements: *70244892146140
35
+ version_requirements: *2158290940
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: rspec
38
- requirement: &70244892148700 !ruby/object:Gem::Requirement
38
+ requirement: &2158290360 !ruby/object:Gem::Requirement
39
39
  none: false
40
40
  requirements:
41
41
  - - ! '>='
@@ -43,11 +43,13 @@ dependencies:
43
43
  version: '0'
44
44
  type: :development
45
45
  prerelease: false
46
- version_requirements: *70244892148700
46
+ version_requirements: *2158290360
47
47
  description: basic wrapper for rack-client + middlewares for HMAC auth + helpers for
48
48
  SSO auth
49
49
  email:
50
50
  - jacob@engineyard.com
51
+ - jlane@engineyard.com
52
+ - jrucker@engineyard.com
51
53
  executables: []
52
54
  extensions: []
53
55
  extra_rdoc_files: []
@@ -87,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
87
89
  version: '0'
88
90
  requirements: []
89
91
  rubyforge_project: ey_api_hmac
90
- rubygems_version: 1.8.10
92
+ rubygems_version: 1.8.12
91
93
  signing_key:
92
94
  specification_version: 3
93
95
  summary: HMAC Rack basic implementation for Engine Yard services