hmac 2.0.0 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/bin/release +4 -0
- data/lib/hmac/generator.rb +13 -9
- data/lib/hmac/validator.rb +5 -3
- data/lib/hmac/version.rb +1 -1
- data/lib/hmac.rb +1 -0
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7888837728c6bb09e5e14affacdb43a21f11da744c0764bb4ef5a9b57ed0a62b
|
4
|
+
data.tar.gz: 05ecca95e1798456adb1e5b81201ac8bafdbe981b897a688ebd7bf7a29d270f0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4112f07d1dee0c90e7e5f2a878998401cb1fa8b6b7989a7e5693e8ecfa78acb03ced551a070091a9e2539aa30295c029023a72b1ed3462aaf3665a6c63860ba8
|
7
|
+
data.tar.gz: d9256aa9cb5973a34f2a0dfc045f6a24b60603574077d259d9d89a399793c7128dfa770039417f63440c28298e6aa8e6140f65250437b4a1da76f87b6556b114
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,10 @@
|
|
1
1
|
## [Unreleased]
|
2
2
|
|
3
|
+
## [2.1.0] - 2022-04-16
|
4
|
+
|
5
|
+
- Allow calling code to override the HMAC secret at runtime
|
6
|
+
- Allow the encoding of extra fields into the HMAC (e.g. email address)
|
7
|
+
|
3
8
|
## [2.0.0] - 2022-04-13
|
4
9
|
|
5
10
|
- Add a configuration class and remove direct env var access
|
data/bin/release
ADDED
data/lib/hmac/generator.rb
CHANGED
@@ -1,19 +1,23 @@
|
|
1
1
|
module HMAC
|
2
2
|
class Generator
|
3
|
-
def initialize(context:, public: false)
|
3
|
+
def initialize(context:, public: false, secret: nil)
|
4
4
|
@context = context
|
5
5
|
@public = public
|
6
6
|
@digest = OpenSSL::Digest.new("SHA256")
|
7
|
-
@hmac_key = HMAC.configuration.secret
|
7
|
+
@hmac_key = secret || HMAC.configuration.secret
|
8
|
+
|
9
|
+
raise ConfigurationError, "HMAC secret is not configured" if @hmac_key.nil?
|
8
10
|
end
|
9
11
|
|
10
|
-
def generate(id:)
|
11
|
-
OpenSSL::HMAC
|
12
|
-
.
|
13
|
-
.update(
|
14
|
-
.update(
|
15
|
-
.
|
16
|
-
|
12
|
+
def generate(id:, extra_fields: {})
|
13
|
+
OpenSSL::HMAC.new(hmac_key, digest).tap do |hmac|
|
14
|
+
hmac.update(id.to_s)
|
15
|
+
hmac.update(context.to_s)
|
16
|
+
hmac.update("public") if public?
|
17
|
+
extra_fields.sort.each do |_, value|
|
18
|
+
hmac.update(value.to_s)
|
19
|
+
end
|
20
|
+
end.hexdigest
|
17
21
|
end
|
18
22
|
|
19
23
|
private
|
data/lib/hmac/validator.rb
CHANGED
@@ -1,11 +1,13 @@
|
|
1
|
+
require_relative "generator"
|
2
|
+
|
1
3
|
module HMAC
|
2
4
|
class Validator
|
3
5
|
def initialize(...)
|
4
|
-
@generator =
|
6
|
+
@generator = Generator.new(...)
|
5
7
|
end
|
6
8
|
|
7
|
-
def validate(hmac, against_id:)
|
8
|
-
present?(hmac) && hmac == @generator.generate(id: against_id)
|
9
|
+
def validate(hmac, against_id:, extra_fields: {})
|
10
|
+
present?(hmac) && hmac == @generator.generate(id: against_id, extra_fields:)
|
9
11
|
end
|
10
12
|
|
11
13
|
private
|
data/lib/hmac/version.rb
CHANGED
data/lib/hmac.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hmac
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Elliot Crosby-McCullough
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-04-
|
11
|
+
date: 2022-04-16 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description:
|
14
14
|
email:
|
@@ -29,6 +29,7 @@ files:
|
|
29
29
|
- README.md
|
30
30
|
- Rakefile
|
31
31
|
- bin/console
|
32
|
+
- bin/release
|
32
33
|
- bin/setup
|
33
34
|
- hmac.gemspec
|
34
35
|
- lib/hmac.rb
|
@@ -41,7 +42,7 @@ metadata:
|
|
41
42
|
allowed_push_host: https://rubygems.org
|
42
43
|
homepage_uri: https://github.com/SmartCasual/hmac
|
43
44
|
source_code_uri: https://github.com/SmartCasual/hmac
|
44
|
-
changelog_uri: https://github.com/SmartCasual/hmac/blob/2.
|
45
|
+
changelog_uri: https://github.com/SmartCasual/hmac/blob/2.1.0/CHANGELOG.md
|
45
46
|
rubygems_mfa_required: 'true'
|
46
47
|
post_install_message:
|
47
48
|
rdoc_options: []
|