RubyGems - legacy-fernet - Versions diffs - 1.6.1 → 1.6.2 - Mend

legacy-fernet 1.6.1 → 1.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

data/Gemfile.lock CHANGED

@@ -3,7 +3,6 @@ PATH
   specs:
     legacy-fernet (1.6.1)
       multi_json
-      oj
 GEM
   remote: https://rubygems.org/
@@ -26,4 +25,5 @@ PLATFORMS
 DEPENDENCIES
   legacy-fernet!
+  oj
   rspec

data/README.md CHANGED

@@ -1,108 +1 @@
-# Fernet
-[![Build Status](https://secure.travis-ci.org/hgmnz/fernet.png)](http://travis-ci.org/hgmnz/fernet)
-[![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/hgmnz/fernet)
-Fernet allows you to easily generate and verify **HMAC based authentication
-tokens** for issuing API requests between remote servers. It also **encrypts**
-data by default, so it can be used to transmit secure messages over the wire.
-![Fernet](http://f.cl.ly/items/2d0P3d26271O3p2v253u/photo.JPG)
-Fernet is usually served as a *digestif* after a meal but may also be served
-with coffee and espresso or mixed into coffee and espresso drinks.
-Fernet about it!
-## Installation
-Add this line to your application's Gemfile:
-    gem 'fernet'
-And then execute:
-    $ bundle
-Or install it yourself as:
-    $ gem install fernet
-## Usage
-Both server and client must share a secret.
-You want to encode some data in the token as well, for example, an email
-address can be used to verify it on the other end.
-```ruby
-token = Fernet.generate(secret) do |generator|
-  generator.data = { email: 'harold@heroku.com' }
-end
-```
-On the server side, the receiver can use this token to verify whether it's
-legit:
-```ruby
-verified = Fernet.verify(secret, token) do |verifier|
-  verifier.data['email'] == 'harold@heroku.com'
-end
-```
-The `verified` variable will be true if:
-* The email encoded in the token data is `harold@heroku.com`
-* The token was generated in the last 60 seconds
-* The secret used to generate the token matches
-Otherwise, `verified` will be false, and you should deny the request with an
-HTTP 401, for example.
-The `Fernet.verify` method can be awkward if extracting the plain text data is
-required. For this case, a `verifier` can be requested that makes that
-use case more pleasent:
-```ruby
-verifier = Fernet.verifier(secret, token)
-if verifier.valid? # signature valid, TTL verified
-  operate_on(verifier.data) # the original, decrypted data
-end
-```
-The specs
-([spec/fernet_spec.rb](https://github.com/hgmnz/fernet/blob/master/spec/fernet_spec.rb))
-have more usage examples.
-### Global configuration
-It's possible to configure fernet via the `Configuration` class. Put this in an initializer:
-```ruby
-# default values shown here
-Fernet::Configuration.run do |config|
-  config.enforce_ttl = true
-  config.ttl         = 60
-  config.encrypt     = true
-end
-```
-### Generating a secret
-Generating appropriate secrets is beyond the scope of `Fernet`, but you should
-generate it using `/dev/random` in a *nix. To generate a base64-encoded 256 bit
-(32 byte) random sequence, try:
-    dd if=/dev/urandom bs=32 count=1 2>/dev/null | openssl base64
-### Attribution
-This library was largely made possible by [Mr. Tom
-Maher](http://twitter.com/#tmaher), who clearly articulated the mechanics
-behind this process, and further found ways to make it
-[more](https://github.com/hgmnz/fernet/commit/2bf0b4a66b49ef3fc92ef50708a2c8b401950fc2)
-[secure](https://github.com/hgmnz/fernet/commit/051161d0afb0b41480734d84bc824bdbc7f9c563).
-## License
-Fernet is copyright (c) Harold Giménez and is released under the terms of the
-MIT License found in the LICENSE file.
+Please see https://github.com/hgmnz/fernet instead

data/fernet.gemspec CHANGED

@@ -13,10 +13,10 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.name          = "legacy-fernet"
   gem.require_paths = ["lib"]
-  gem.version       = Legacy::Fernet::VERSION
+  gem.version       = Fernet::Legacy::VERSION
-  gem.add_dependency "oj"
   gem.add_dependency "multi_json"
   gem.add_development_dependency "rspec"
+  gem.add_development_dependency "oj"
 end

data/lib/fernet.rb CHANGED

@@ -8,9 +8,9 @@ if RUBY_VERSION == '1.8.7'
   require 'shim/base64'
 end
-Legacy::Fernet::Configuration.run
+Fernet::Legacy::Configuration.run
-module Legacy::Fernet
+module Fernet::Legacy
   def self.generate(secret, encrypt = Configuration.encrypt, &block)
     Generator.new(secret, encrypt).generate(&block)
   end

data/lib/fernet/configuration.rb CHANGED

@@ -1,5 +1,5 @@
 require 'singleton'
-module Legacy::Fernet
+module Fernet::Legacy
   class Configuration
     include Singleton

data/lib/fernet/generator.rb CHANGED

@@ -3,7 +3,7 @@ require 'multi_json'
 require 'openssl'
 require 'date'
-module Legacy::Fernet
+module Fernet::Legacy
   class Generator
     attr_accessor :data, :payload
@@ -30,7 +30,7 @@ module Legacy::Fernet
     end
     def inspect
-      "#<Legacy::Fernet::Generator @secret=[masked] @data=#{@data.inspect}>"
+      "#<Fernet::Legacy::Generator @secret=[masked] @data=#{@data.inspect}>"
     end
     alias to_s inspect

data/lib/fernet/secret.rb CHANGED

@@ -1,4 +1,4 @@
-module Legacy::Fernet
+module Fernet::Legacy
   class Secret
     def initialize(secret, encrypt)
       @secret  = secret

data/lib/fernet/verifier.rb CHANGED

@@ -3,7 +3,7 @@ require 'multi_json'
 require 'openssl'
 require 'date'
-module Legacy::Fernet
+module Fernet::Legacy
   class Verifier
     attr_reader :token, :data
     attr_accessor :ttl, :enforce_ttl
@@ -33,7 +33,7 @@ module Legacy::Fernet
     end
     def inspect
-      "#<Legacy::Fernet::Verifier @secret=[masked] @token=#{@token} @data=#{@data.inspect} @ttl=#{@ttl}>"
+      "#<Fernet::Legacy::Verifier @secret=[masked] @token=#{@token} @data=#{@data.inspect} @ttl=#{@ttl}>"
     end
     alias to_s inspect

data/lib/fernet/version.rb CHANGED

@@ -1,5 +1,5 @@
-module Legacy
-  module Fernet
-    VERSION = "1.6.1"
+module Fernet
+  module Legacy
+    VERSION = "1.6.2"
   end
 end

data/spec/fernet_spec.rb CHANGED

@@ -1,8 +1,8 @@
 require 'spec_helper'
 require 'fernet'
-describe Legacy::Fernet do
-  after { Legacy::Fernet::Configuration.run }
+describe Fernet::Legacy do
+  after { Fernet::Legacy::Configuration.run }
   let(:token_data) do
     { :email => 'harold@heroku.com', :id => '123', :arbitrary => 'data' }
@@ -12,48 +12,48 @@ describe Legacy::Fernet do
   let(:bad_secret) { 'badICDH6x3M7duQeM8dJEMK4Y5TkBIsYDw1lPy35RiY=' }
   it 'can verify tokens it generates' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         verifier.data['email'] == 'harold@heroku.com'
       end
     ).to be_true
   end
   it 'fails with a bad secret' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
     expect(
-      Legacy::Fernet.verify(bad_secret, token) do |verifier|
+      Fernet::Legacy.verify(bad_secret, token) do |verifier|
         verifier.data['email'] == 'harold@heroku.com'
       end
     ).to be_false
   end
   it 'fails with a bad custom verification' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = { :email => 'harold@heroku.com' }
     end
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         verifier.data['email'] == 'lol@heroku.com'
       end
     ).to be_false
   end
   it 'fails if the token is too old' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         verifier.ttl = 1
         def verifier.now
@@ -67,20 +67,20 @@ describe Legacy::Fernet do
   end
   it 'verifies without a custom verification' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
-    expect(Legacy::Fernet.verify(secret, token)).to be_true
+    expect(Fernet::Legacy.verify(secret, token)).to be_true
   end
   it 'can ignore TTL enforcement' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         def verifier.now
           Time.now + 99999999999
         end
@@ -91,16 +91,16 @@ describe Legacy::Fernet do
   end
   it 'can ignore TTL enforcement via global config' do
-    Legacy::Fernet::Configuration.run do |config|
+    Fernet::Legacy::Configuration.run do |config|
       config.enforce_ttl = false
     end
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data = token_data
     end
     expect(
-      Legacy::Fernet.verify(secret, token) do |verifier|
+      Fernet::Legacy.verify(secret, token) do |verifier|
         def verifier.now
           Time.now + 99999999999
         end
@@ -110,54 +110,54 @@ describe Legacy::Fernet do
   end
   it 'generates without custom data' do
-    token = Legacy::Fernet.generate(secret)
+    token = Fernet::Legacy.generate(secret)
-    expect(Legacy::Fernet.verify(secret, token)).to be_true
+    expect(Fernet::Legacy.verify(secret, token)).to be_true
   end
   it 'can encrypt the payload' do
-    token = Legacy::Fernet.generate(secret, true) do |generator|
+    token = Fernet::Legacy.generate(secret, true) do |generator|
       generator.data['password'] = 'password1'
     end
     expect(Base64.decode64(token)).not_to match /password1/
-    Legacy::Fernet.verify(secret, token) do |verifier|
+    Fernet::Legacy.verify(secret, token) do |verifier|
       expect(verifier.data['password']).to eq('password1')
     end
   end
   it 'does not encrypt when asked nicely' do
-    token = Legacy::Fernet.generate(secret, false) do |generator|
+    token = Fernet::Legacy.generate(secret, false) do |generator|
       generator.data['password'] = 'password1'
     end
     expect(Base64.decode64(token)).to match /password1/
-    Legacy::Fernet.verify(secret, token, false) do |verifier|
+    Fernet::Legacy.verify(secret, token, false) do |verifier|
       expect(verifier.data['password']).to eq('password1')
     end
   end
   it 'can disable encryption via global configuration' do
-    Legacy::Fernet::Configuration.run { |c| c.encrypt = false }
-    token = Legacy::Fernet.generate(secret) do |generator|
+    Fernet::Legacy::Configuration.run { |c| c.encrypt = false }
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data['password'] = 'password1'
     end
     expect(Base64.decode64(token)).to match /password1/
-    Legacy::Fernet.verify(secret, token) do |verifier|
+    Fernet::Legacy.verify(secret, token) do |verifier|
       expect(verifier.data['password']).to eq('password1')
     end
   end
   it 'returns the unencrypted message upon verify' do
-    token = Legacy::Fernet.generate(secret) do |generator|
+    token = Fernet::Legacy.generate(secret) do |generator|
       generator.data['password'] = 'password1'
     end
-    verifier = Legacy::Fernet.verifier(secret, token)
+    verifier = Fernet::Legacy.verifier(secret, token)
     expect(verifier.valid?).to be_true
     expect(verifier.data['password']).to eq('password1')
   end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: legacy-fernet
 version: !ruby/object:Gem::Version
-  version: 1.6.1
+  version: 1.6.2
   prerelease:
 platform: ruby
 authors:
@@ -12,7 +12,7 @@ cert_chain: []
 date: 2013-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: oj
+  name: multi_json
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -28,14 +28,14 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: multi_json
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
-  type: :runtime
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
@@ -44,7 +44,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: oj
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements: