RubyGems - lhc - Versions diffs - 15.0.0 → 15.0.1 - Mend

lhc 15.0.0 → 15.0.1

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/lhc/scrubbers/headers_scrubber.rb +14 -2
data/lib/lhc/version.rb +1 -1
data/spec/request/scrubbed_headers_spec.rb +18 -16
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3a34aeee4fa910b8099acfdd73813103beb630400b92b449dbfbf4d87de4e041
-  data.tar.gz: 846b8cc9e24b9b0b9189b24d38c3e7b485096b4afd970cfc6fe48c8ee3a76d7e
+  metadata.gz: d9747364f9001f462e35cdc26b209f078daac57834bb4c1a801866f29abc2ba7
+  data.tar.gz: e03286ea873459b7093baef6c47807edb4a1543889e887bf0d708c0144b6a087
 SHA512:
-  metadata.gz: 067d2e56385e931f00caa829411888881705ec19a702979332ad5074bf1a6515f0893e09111314b825fa7dd6d559518c997ac309f17e06eee245faffe93fcebd
-  data.tar.gz: 5284f04c83ca525e774775c41bd88d9f2dc8feeaf8f1fb47d3b9bde5677eeaad9bec6be6213597c4d1f34a2a22f8703b9f8e7fef0a4a09a58f24a6f72b2bf66b
+  metadata.gz: bc2238780fe87969d1dea621d44960febb3a19e7b650a5e6ce7939f942e47acd01a825e64c39ab4fb4dbeb5636aef1e0819b3f874b95c22461cee4d63ad44368
+  data.tar.gz: cc5a2707f9772cc79a3caa3aa96b3c0ffe1a0984fa06446e48a61a9c08240145d772b35b993f11ec24c278367c9db4d2bf35dafee1aa444818323e2aab3c99b6

data/lib/lhc/scrubbers/headers_scrubber.rb CHANGED Viewed

@@ -25,14 +25,26 @@ class LHC::HeadersScrubber < LHC::Scrubber
   end
   def scrub_basic_authentication_headers!
-    return if auth_options[:basic].blank? || scrubbed['Authorization'].blank?
+    return if !scrub_basic_authentication_headers?
     scrubbed['Authorization'].gsub!(auth_options[:basic][:base_64_encoded_credentials], SCRUB_DISPLAY)
   end
   def scrub_bearer_authentication_headers!
-    return if auth_options[:bearer].blank? || scrubbed['Authorization'].blank?
+    return if !scrub_bearer_authentication_headers?
     scrubbed['Authorization'].gsub!(auth_options[:bearer_token], SCRUB_DISPLAY)
   end
+  def scrub_basic_authentication_headers?
+    auth_options[:basic].present? &&
+      scrubbed['Authorization'].present? &&
+      scrubbed['Authorization'].include?(auth_options[:basic][:base_64_encoded_credentials])
+  end
+  def scrub_bearer_authentication_headers?
+    auth_options[:bearer].present? &&
+      scrubbed['Authorization'].present? &&
+      scrubbed['Authorization'].include?(auth_options[:bearer_token])
+  end
 end

data/lib/lhc/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module LHC
-  VERSION ||= '15.0.0'
+  VERSION ||= '15.0.1'
 end

data/spec/request/scrubbed_headers_spec.rb CHANGED Viewed

@@ -59,19 +59,20 @@ describe LHC::Request do
       let(:authorization_header) { { 'Authorization' => "Bearer #{bearer_token}" } }
       let(:auth) { { bearer: -> { bearer_token } } }
-      it 'provides srubbed request headers' do
+      it 'scrubs only the bearer token' do
         expect(request.scrubbed_headers).to include('Authorization' => "Bearer #{LHC::Scrubber::SCRUB_DISPLAY}")
         expect(request.headers).to include(authorization_header)
       end
-      context 'when nothing should get scrubbed' do
-        before :each do
-          LHC.config.scrubs = {}
-        end
+      it 'scrubs whole "Authorization" header' do
+        LHC.config.scrubs[:headers] << 'Authorization'
+        expect(request.scrubbed_headers).to include('Authorization' => LHC::Scrubber::SCRUB_DISPLAY)
+        expect(request.headers).to include(authorization_header)
+      end
-        it 'does not filter beaerer auth' do
-          expect(request.scrubbed_headers).to include(authorization_header)
-        end
+      it 'scrubs nothing' do
+        LHC.config.scrubs = {}
+        expect(request.scrubbed_headers).to include(authorization_header)
       end
     end
@@ -82,19 +83,20 @@ describe LHC::Request do
       let(:authorization_header) { { 'Authorization' => "Basic #{credentials_base_64_codiert}" } }
       let(:auth) { { basic: { username: username, password: password } } }
-      it 'provides srubbed request headers' do
+      it 'scrubs only credentials' do
         expect(request.scrubbed_headers).to include('Authorization' => "Basic #{LHC::Scrubber::SCRUB_DISPLAY}")
         expect(request.headers).to include(authorization_header)
       end
-      context 'when nothing should get scrubbed' do
-        before :each do
-          LHC.config.scrubs = {}
-        end
+      it 'scrubs whole "Authorization" header' do
+        LHC.config.scrubs[:headers] << 'Authorization'
+        expect(request.scrubbed_headers).to include('Authorization' => LHC::Scrubber::SCRUB_DISPLAY)
+        expect(request.headers).to include(authorization_header)
+      end
-        it 'does not filter basic auth' do
-          expect(request.scrubbed_headers).to include(authorization_header)
-        end
+      it 'scrubs nothing' do
+        LHC.config.scrubs = {}
+        expect(request.scrubbed_headers).to include(authorization_header)
       end
     end
   end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: lhc
 version: !ruby/object:Gem::Version
-  version: 15.0.0
+  version: 15.0.1
 platform: ruby
 authors:
 - https://github.com/local-ch/lhc/contributors