imageboss-rb 2.0.0 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ee6455671dc8650560c56a4ee50124f95c249aca5f17ff05df4788f5b02947b1
-  data.tar.gz: 7e35f1d19d98e1a2f9a232cc76280d26f7de20828dc9ee765afad7fef597eb20
+  metadata.gz: 2accf545dd9b59902fdb8563cdcc357a6c65a9b5027c4c2983880edf76a0bd05
+  data.tar.gz: 68f3e5ceccbe24a201b0376e3ce290bfa936d9e572f32f0e3e9906b0619baf03
 SHA512:
-  metadata.gz: cea525427ac649f445d43ae0032e3fb284bed2430c12ad7cfd5f096513caf99f7eb547170d18e09dfe72d1487a0b1f759a34f072ed3ccb73f1e1174c21994dc4
-  data.tar.gz: b1f77be4a61ed57f2f2e79601819daac6eabcb9c3d83cfa9c6e1fdf90ddb22fe0cfd0e46d57865200c785a564111d003d4bf704f6958762c1370955898923a81
+  metadata.gz: 101b7a57abdf76727184d1caeaf0df11a338f73a9700284cc08fdb28689377c0a11f2b4a79e2143edbb8f386e7d30285bd0f04c12b06427fb3b7120048a113d6
+  data.tar.gz: 9c80869ef7ac386926f0fc4d5d9489f5b9f1886c1371f8e276e12acb5117eaef5002a1f5b1d2de09b9618c2baec163f224d5590dbeb97d9abf90fafdac110523

data/README.md

@@ -15,6 +15,7 @@ Official Gem for Generating ImageBoss URLs.
     - [Example `Image Resizing With Extra Options`](#example-image-resizing-with-extra-options)
     - [All operations and options for Image Resizing](#all-operations-and-options-for-image-resizing)
     - [Disabling URL generation](#disabling-url-generation)
+    - [Signing your URLs](#signing-your-urls)
   - [Tested on](#tested-on)
 
 ## Installation
@@ -76,6 +77,20 @@ image_url = client.path('/images/img01.jpg')
 ```
 This will give you the ability to see your image without adding extra code to handle this situation.
 
+### Signing your URLs
+Read more about this feature here:
+https://www.imageboss.me/docs/security
+
+```ruby
+client = ImageBoss::Client.new(source: 'mywebsite', secret: '<MY_SECRET>')
+
+image_url = client.path('/images/img01.jpg')
+                  .operation(:width, width: 100)
+
+#=> https://img.imageboss.me/width/100/images/img01.jpg?bossToken=ff74a46c7228ee4262c39b8d501c488293c5be9d433bb9ca957f32c9c3d844ab
+```
+This will give you the ability to see your image without adding extra code to handle this situation.
+
 ## Tested on
 Ruby
   - 2.6.3

data/lib/imageboss/client.rb

@@ -1,9 +1,10 @@
 module ImageBoss
   class Client
-    def initialize(source:, enabled: true)
+    def initialize(source:, enabled: true, secret: false)
       @options = {
         source: source,
-        enabled: enabled
+        enabled: enabled,
+        secret: secret
       }
     end
 

data/lib/imageboss/path.rb

@@ -1,5 +1,8 @@
 module ImageBoss
   class Path
+    require 'uri'
+    require 'openssl'
+
     SERVICE_URL = 'https://img.imageboss.me'.freeze
     OPERATIONS = {
       cover: {
@@ -16,6 +19,7 @@ module ImageBoss
       @client_options = client_options
       @service_url = client_options[:service_url] || SERVICE_URL
       @source = client_options[:source]
+      @secret = client_options[:secret]
       @asset_path = asset_path
     end
 
@@ -37,10 +41,23 @@ module ImageBoss
         @operation[:recipe].chomp('/'),
         @asset_path.gsub(/^\/?(.+)/, "\\1")
       ].join
-      parse(recipe)
+
+      @secret == false ? parse(recipe) : add_params(parse(recipe), { bossToken: create_token(@asset_path) })
     end
+
     private
 
+    def create_token(path)
+      OpenSSL::HMAC.hexdigest('sha256', @secret, path)
+    end
+
+    def add_params(url, params = {})
+      uri = URI(url)
+      params    = Hash[URI.decode_www_form(uri.query || '')].merge(params)
+      uri.query =      URI.encode_www_form(params)
+      uri.to_s
+    end
+
     def parse(recipe)
       recipe
         .sub(':source', @source.to_s)

data/lib/imageboss/version.rb

@@ -1,3 +1,3 @@
 module ImageBoss
-  VERSION = '2.0.0'
+  VERSION = '2.1.0'
 end

data/spec/imageboss/client_spec.rb

@@ -14,7 +14,8 @@ describe ImageBoss::Client do
   context 'initialize' do
     it { expect(subject.instance_variable_get(:@options)).to eq({
         source: client_args[:source],
-        enabled: true
+        enabled: true,
+        secret: false
       })
     }
   end
@@ -67,7 +68,7 @@ describe ImageBoss::Client do
       it { expect(image_url).to eq "#{service}/#{source}/cdn/assets/img01.jpg" }
     end
 
-    fcontext 'disabled  client' do
+    context 'disabled  client' do
       let(:client_args) {{
         source: source,
         enabled: false
@@ -77,4 +78,29 @@ describe ImageBoss::Client do
       it { expect(image_url).to eq '/assets/img01.jpg' }
     end
   end
+
+  context 'secure token' do
+    let(:client_args) {{
+      source: source,
+      secret: 'abc'
+    }}
+
+    let(:operation_args) { [:cover, width: 100, height: 100] }
+
+    let(:path) {
+      subject
+        .path('/assets/img01.jpg?existing=oh')
+    }
+
+    let(:image_url) { path.operation(*operation_args) }
+
+    subject { described_class.new(**client_args) }
+
+    context 'initialize' do
+      context 'width' do
+        let(:operation_args) { [:width, width: 100 ] }
+        it { expect(image_url).to eq "#{service}/#{source}/width/100/assets/img01.jpg?existing=oh&bossToken=ff74a46c7228ee4262c39b8d501c488293c5be9d433bb9ca957f32c9c3d844ab" }
+      end
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: imageboss-rb
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.1.0
 platform: ruby
 authors:
 - Igor Escobar
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-28 00:00:00.000000000 Z
+date: 2020-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec