legacy-fernet 1.6.1 → 1.6.2

data/Gemfile.lock

@@ -3,7 +3,6 @@ PATH
   specs:
     legacy-fernet (1.6.1)
       multi_json
-      oj
 
 GEM
   remote: https://rubygems.org/
@@ -26,4 +25,5 @@ PLATFORMS
 
 DEPENDENCIES
   legacy-fernet!
+  oj
   rspec

data/README.md

@@ -1,108 +1 @@
-# Fernet
-
-[![Build Status](https://secure.travis-ci.org/hgmnz/fernet.png)](http://travis-ci.org/hgmnz/fernet)
-[![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/hgmnz/fernet)
-
-Fernet allows you to easily generate and verify **HMAC based authentication
-tokens** for issuing API requests between remote servers. It also **encrypts**
-data by default, so it can be used to transmit secure messages over the wire.
-
-![Fernet](http://f.cl.ly/items/2d0P3d26271O3p2v253u/photo.JPG)
-
-Fernet is usually served as a *digestif* after a meal but may also be served
-with coffee and espresso or mixed into coffee and espresso drinks.
-
-Fernet about it!
-
-## Installation
-
-Add this line to your application's Gemfile:
-
-    gem 'fernet'
-
-And then execute:
-
-    $ bundle
-
-Or install it yourself as:
-
-    $ gem install fernet
-
-## Usage
-
-Both server and client must share a secret.
-
-You want to encode some data in the token as well, for example, an email
-address can be used to verify it on the other end.
-
-```ruby
-token = Fernet.generate(secret) do |generator|
-  generator.data = { email: 'harold@heroku.com' }
-end
-```
-On the server side, the receiver can use this token to verify whether it's
-legit:
-
-```ruby
-verified = Fernet.verify(secret, token) do |verifier|
-  verifier.data['email'] == 'harold@heroku.com'
-end
-```
-
-The `verified` variable will be true if:
-
-* The email encoded in the token data is `harold@heroku.com`
-* The token was generated in the last 60 seconds
-* The secret used to generate the token matches
-
-Otherwise, `verified` will be false, and you should deny the request with an
-HTTP 401, for example.
-
-The `Fernet.verify` method can be awkward if extracting the plain text data is
-required. For this case, a `verifier` can be requested that makes that
-use case more pleasent:
-
-```ruby
-verifier = Fernet.verifier(secret, token)
-if verifier.valid? # signature valid, TTL verified
-  operate_on(verifier.data) # the original, decrypted data
-end
-```
-
-The specs
-([spec/fernet_spec.rb](https://github.com/hgmnz/fernet/blob/master/spec/fernet_spec.rb))
-have more usage examples.
-
-### Global configuration
-
-It's possible to configure fernet via the `Configuration` class. Put this in an initializer:
-
-```ruby
-# default values shown here
-Fernet::Configuration.run do |config|
-  config.enforce_ttl = true
-  config.ttl         = 60
-  config.encrypt     = true
-end
-```
-
-### Generating a secret
-
-Generating appropriate secrets is beyond the scope of `Fernet`, but you should
-generate it using `/dev/random` in a *nix. To generate a base64-encoded 256 bit
-(32 byte) random sequence, try:
-
-    dd if=/dev/urandom bs=32 count=1 2>/dev/null | openssl base64
-
-### Attribution
-
-This library was largely made possible by [Mr. Tom
-Maher](http://twitter.com/#tmaher), who clearly articulated the mechanics
-behind this process, and further found ways to make it
-[more](https://github.com/hgmnz/fernet/commit/2bf0b4a66b49ef3fc92ef50708a2c8b401950fc2)
-[secure](https://github.com/hgmnz/fernet/commit/051161d0afb0b41480734d84bc824bdbc7f9c563).
-
-## License
-
-Fernet is copyright (c) Harold Giménez and is released under the terms of the
-MIT License found in the LICENSE file.
+Please see https://github.com/hgmnz/fernet instead

data/fernet.gemspec

@@ -13,10 +13,10 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.name          = "legacy-fernet"
   gem.require_paths = ["lib"]
-  gem.version       = Legacy::Fernet::VERSION
+  gem.version       = Fernet::Legacy::VERSION
 
-  gem.add_dependency "oj"
   gem.add_dependency "multi_json"
 
   gem.add_development_dependency "rspec"
+  gem.add_development_dependency "oj"
 end

data/lib/fernet.rb

@@ -8,9 +8,9 @@ if RUBY_VERSION == '1.8.7'
   require 'shim/base64'
 end
 
-Legacy::Fernet::Configuration.run
+Fernet::Legacy::Configuration.run
 
-module Legacy::Fernet
+module Fernet::Legacy
   def self.generate(secret, encrypt = Configuration.encrypt, &block)
     Generator.new(secret, encrypt).generate(&block)
   end

data/lib/fernet/configuration.rb

@@ -1,5 +1,5 @@
 require 'singleton'
-module Legacy::Fernet
+module Fernet::Legacy
   class Configuration
     include Singleton
 

data/lib/fernet/generator.rb

@@ -3,7 +3,7 @@ require 'multi_json'
 require 'openssl'
 require 'date'
 
-module Legacy::Fernet
+module Fernet::Legacy
   class Generator
     attr_accessor :data, :payload
 
@@ -30,7 +30,7 @@ module Legacy::Fernet
     end
 
     def inspect
-      "#<Legacy::Fernet::Generator @secret=[masked] @data=#{@data.inspect}>"
+      "#<Fernet::Legacy::Generator @secret=[masked] @data=#{@data.inspect}>"
     end
     alias to_s inspect
 

data/lib/fernet/secret.rb

@@ -1,4 +1,4 @@
-module Legacy::Fernet
+module Fernet::Legacy
   class Secret
     def initialize(secret, encrypt)
       @secret  = secret

data/lib/fernet/verifier.rb

@@ -3,7 +3,7 @@ require 'multi_json'
 require 'openssl'
 require 'date'
 
-module Legacy::Fernet
+module Fernet::Legacy
   class Verifier
     attr_reader :token, :data
     attr_accessor :ttl, :enforce_ttl
@@ -33,7 +33,7 @@ module Legacy::Fernet
     end
 
     def inspect
-      "#<Legacy::Fernet::Verifier @secret=[masked] @token=#{@token} @data=#{@data.inspect} @ttl=#{@ttl}>"
+      "#<Fernet::Legacy::Verifier @secret=[masked] @token=#{@token} @data=#{@data.inspect} @ttl=#{@ttl}>"
     end
     alias to_s inspect
 

data/lib/fernet/version.rb

@@ -1,5 +1,5 @@
-module Legacy
-  module Fernet
-    VERSION = "1.6.1"
+module Fernet
+  module Legacy
+    VERSION = "1.6.2"
   end
 end

data/spec/fernet_spec.rb

@@ -1,8 +1,8 @@
 require 'spec_helper'
 require 'fernet'
 
-describe Legacy::Fernet do
-  after { Legacy::Fernet::Configuration.run }
+describe Fernet::Legacy do
+  after { Fernet::Legacy::Configuration.run }
 
   let(:token_data) do
     { :email => 'harold@heroku.com', :id => '123', :arbitrary => 'data' }
@@ -12,48 +12,48 @@ describe Legacy::Fernet do
   let(:bad_secret) { 'badICDH6x3M7duQeM8dJEMK4Y5TkBIsYDw1lPy35RiY=' }
 
   it 'can verify tokens it generates' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
 
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         verifier.data['email'] == 'harold@heroku.com'
       end
     ).to be_true
   end
 
   it 'fails with a bad secret' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
 
     expect(
-      Legacy::Fernet.verify(bad_secret, token) do |verifier|
+      Fernet::Legacy.verify(bad_secret, token) do |verifier|
         verifier.data['email'] == 'harold@heroku.com'
       end
     ).to be_false
   end
 
   it 'fails with a bad custom verification' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = { :email => 'harold@heroku.com' }
     end
 
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         verifier.data['email'] == 'lol@heroku.com'
       end
     ).to be_false
   end
 
   it 'fails if the token is too old' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
 
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         verifier.ttl = 1
 
         def verifier.now
@@ -67,20 +67,20 @@ describe Legacy::Fernet do
   end
 
   it 'verifies without a custom verification' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
 
-    expect(Legacy::Fernet.verify(secret, token)).to be_true
+    expect(Fernet::Legacy.verify(secret, token)).to be_true
   end
 
   it 'can ignore TTL enforcement' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
 
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         def verifier.now
           Time.now + 99999999999
         end
@@ -91,16 +91,16 @@ describe Legacy::Fernet do
   end
 
   it 'can ignore TTL enforcement via global config' do
-    Legacy::Fernet::Configuration.run do |config|
+    Fernet::Legacy::Configuration.run do |config|
       config.enforce_ttl = false
     end
 
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
 
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         def verifier.now
           Time.now + 99999999999
         end
@@ -110,54 +110,54 @@ describe Legacy::Fernet do
   end
 
   it 'generates without custom data' do
-    token = Legacy::Fernet.generate(secret)
+    token = Fernet::Legacy.generate(secret)
 
-    expect(Legacy::Fernet.verify(secret, token)).to be_true
+    expect(Fernet::Legacy.verify(secret, token)).to be_true
   end
 
   it 'can encrypt the payload' do
-    token = Legacy::Fernet.generate(secret, true) do |generator|
+    token = Fernet::Legacy.generate(secret, true) do |generator|
       generator.data['password'] = 'password1'
     end
 
     expect(Base64.decode64(token)).not_to match /password1/
 
-    Legacy::Fernet.verify(secret, token) do |verifier|
+    Fernet::Legacy.verify(secret, token) do |verifier|
       expect(verifier.data['password']).to eq('password1')
     end
   end
 
   it 'does not encrypt when asked nicely' do
-    token = Legacy::Fernet.generate(secret, false) do |generator|
+    token = Fernet::Legacy.generate(secret, false) do |generator|
       generator.data['password'] = 'password1'
     end
 
     expect(Base64.decode64(token)).to match /password1/
 
-    Legacy::Fernet.verify(secret, token, false) do |verifier|
+    Fernet::Legacy.verify(secret, token, false) do |verifier|
       expect(verifier.data['password']).to eq('password1')
     end
   end
 
   it 'can disable encryption via global configuration' do
-    Legacy::Fernet::Configuration.run { |c| c.encrypt = false }
-    token = Legacy::Fernet.generate(secret) do |generator|
+    Fernet::Legacy::Configuration.run { |c| c.encrypt = false }
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data['password'] = 'password1'
     end
 
     expect(Base64.decode64(token)).to match /password1/
 
-    Legacy::Fernet.verify(secret, token) do |verifier|
+    Fernet::Legacy.verify(secret, token) do |verifier|
       expect(verifier.data['password']).to eq('password1')
     end
   end
 
   it 'returns the unencrypted message upon verify' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data['password'] = 'password1'
     end
 
-    verifier = Legacy::Fernet.verifier(secret, token)
+    verifier = Fernet::Legacy.verifier(secret, token)
     expect(verifier.valid?).to be_true
     expect(verifier.data['password']).to eq('password1')
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: legacy-fernet
 version: !ruby/object:Gem::Version
-  version: 1.6.1
+  version: 1.6.2
   prerelease: 
 platform: ruby
 authors:
@@ -12,7 +12,7 @@ cert_chain: []
 date: 2013-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: oj
+  name: multi_json
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -28,14 +28,14 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: multi_json
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
-  type: :runtime
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
@@ -44,7 +44,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: oj
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements: