linzer 0.7.0.beta4 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +31 -0
- data/lib/linzer/http.rb +2 -0
- data/lib/linzer/signer.rb +9 -5
- data/lib/linzer/verifier.rb +18 -9
- data/lib/linzer/version.rb +1 -1
- data/lib/linzer.rb +4 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9d495888382dc17a4fae60d05b853dd0cbb0036119ae725f960471baa6ff0d4b
|
|
4
|
+
data.tar.gz: a6860cf3dcfb586e1591b0b683c883bbf8a42de941f57ec6a2ba6f8574a5a2dd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c4d53b9d1102eaa3fc0241938afa86fd194a9ae780233bdabd171190ab9b83958193f5bc28b5bd78fb11a234c3a25c3145ee87e6ac6116f544cb04e73c67a5bd
|
|
7
|
+
data.tar.gz: 40e9c1e6bf52d944cd1a82b67502a41ae2939852e723143f1b154bab0b984fb9db6d944ecdf56b6845b6419096f4cbcef01ac545b9b9df73fe8ccc6f0489ace9
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,36 @@
|
|
|
1
1
|
## [Unreleased]
|
|
2
2
|
|
|
3
|
+
## [0.7.1] - 2025-05-18
|
|
4
|
+
|
|
5
|
+
- Introduce specific exception classes for message signing errors
|
|
6
|
+
and signature verification exceptions (i.e. Linzer::SigningError
|
|
7
|
+
and Linzer::VerifyError)
|
|
8
|
+
|
|
9
|
+
- Fix bug in Linzer::HTTP client that prevented it from working with https URLs.
|
|
10
|
+
|
|
11
|
+
## [0.7.0] - 2025-05-17
|
|
12
|
+
|
|
13
|
+
(No changes since the last beta release, this new stable release just
|
|
14
|
+
bundles all the features/changes introduced during 0.7.0 beta releases)
|
|
15
|
+
|
|
16
|
+
- Introduce Rack::Auth::Signature middleware.
|
|
17
|
+
|
|
18
|
+
- Refactor and improve Rack::Auth::Signature code organization.
|
|
19
|
+
|
|
20
|
+
- Do not expose secret material on HMAC SHA-256 key when #inspect method is used.
|
|
21
|
+
|
|
22
|
+
- Update Rack::Auth::Signature configuration file options.
|
|
23
|
+
|
|
24
|
+
- Validate and test Rack::Auth::Signature with example Rails and Sinatra apps.
|
|
25
|
+
|
|
26
|
+
- Refactor to improve Linzer APIs and streamline its usage along with different
|
|
27
|
+
HTTP libraries. (Issues [#6](https://github.com/nomadium/linzer/issues/6) and
|
|
28
|
+
[#11](https://github.com/nomadium/linzer/issues/11))
|
|
29
|
+
|
|
30
|
+
- Provide integration with http.rb gem to allow signing outgoing HTTP requests.
|
|
31
|
+
|
|
32
|
+
- Add simple HTTP client module.
|
|
33
|
+
|
|
3
34
|
## [0.7.0.beta4] - 2025-05-17
|
|
4
35
|
|
|
5
36
|
- Provide integration with http.rb gem to allow signing outgoing HTTP requests.
|
data/lib/linzer/http.rb
CHANGED
data/lib/linzer/signer.rb
CHANGED
|
@@ -27,11 +27,15 @@ module Linzer
|
|
|
27
27
|
|
|
28
28
|
def validate(key, message, components)
|
|
29
29
|
msg = "Message cannot be signed with null %s"
|
|
30
|
-
raise
|
|
31
|
-
raise
|
|
32
|
-
raise
|
|
33
|
-
|
|
34
|
-
|
|
30
|
+
raise SigningError, msg % "value" if message.nil?
|
|
31
|
+
raise SigningError, msg % "key" if key.nil?
|
|
32
|
+
raise SigningError, msg % "component" if components.nil?
|
|
33
|
+
|
|
34
|
+
begin
|
|
35
|
+
validate_components message, components
|
|
36
|
+
rescue Error => ex
|
|
37
|
+
raise SigningError, ex.message, cause: ex
|
|
38
|
+
end
|
|
35
39
|
end
|
|
36
40
|
|
|
37
41
|
def populate_parameters(key, options)
|
data/lib/linzer/verifier.rb
CHANGED
|
@@ -19,26 +19,35 @@ module Linzer
|
|
|
19
19
|
private
|
|
20
20
|
|
|
21
21
|
def validate(message, key, signature, no_older_than: nil)
|
|
22
|
-
raise
|
|
23
|
-
raise
|
|
24
|
-
raise
|
|
22
|
+
raise VerifyError, "Message to verify cannot be null" if message.nil?
|
|
23
|
+
raise VerifyError, "Key to verify signature cannot be null" if key.nil?
|
|
24
|
+
raise VerifyError, "Signature to verify cannot be null" if signature.nil?
|
|
25
25
|
|
|
26
26
|
if !signature.respond_to?(:value) || !signature.respond_to?(:components)
|
|
27
|
-
raise
|
|
27
|
+
raise VerifyError, "Signature is invalid"
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
-
raise
|
|
31
|
-
raise
|
|
30
|
+
raise VerifyError, "Signature raw value to cannot be null" if signature.value.nil?
|
|
31
|
+
raise VerifyError, "Components cannot be null" if signature.components.nil?
|
|
32
32
|
|
|
33
|
-
|
|
33
|
+
begin
|
|
34
|
+
validate_components message, signature.components
|
|
35
|
+
rescue Error => ex
|
|
36
|
+
raise VerifyError, ex.message, cause: ex
|
|
37
|
+
end
|
|
34
38
|
|
|
35
39
|
return unless no_older_than
|
|
36
|
-
|
|
40
|
+
old_sig_msg = "Signature created more than #{no_older_than} seconds ago"
|
|
41
|
+
begin
|
|
42
|
+
raise VerifyError, old_sig_msg if signature.older_than?(no_older_than.to_i)
|
|
43
|
+
rescue Error => ex
|
|
44
|
+
raise VerifyError, ex.message, cause: ex
|
|
45
|
+
end
|
|
37
46
|
end
|
|
38
47
|
|
|
39
48
|
def verify_or_fail(key, signature, data)
|
|
40
49
|
return true if key.verify(signature, data)
|
|
41
|
-
raise
|
|
50
|
+
raise VerifyError, "Failed to verify message: Invalid signature."
|
|
42
51
|
end
|
|
43
52
|
end
|
|
44
53
|
end
|
data/lib/linzer/version.rb
CHANGED
data/lib/linzer.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: linzer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.7.
|
|
4
|
+
version: 0.7.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Miguel Landaeta
|
|
@@ -239,7 +239,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
239
239
|
- !ruby/object:Gem::Version
|
|
240
240
|
version: '0'
|
|
241
241
|
requirements: []
|
|
242
|
-
rubygems_version: 3.6.
|
|
242
|
+
rubygems_version: 3.6.7
|
|
243
243
|
specification_version: 4
|
|
244
244
|
summary: An implementation of HTTP Messages Signatures (RFC9421)
|
|
245
245
|
test_files: []
|