m2m_keygen 0.2.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,78 @@
1
+ # typed: strict
2
+
3
+ require "openssl"
4
+ require "json"
5
+
6
+ module M2mKeygen
7
+ class Signature
8
+ extend T::Sig
9
+
10
+ sig { returns(String) }
11
+ attr_reader :secret
12
+
13
+ sig { returns(String) }
14
+ attr_reader :algorithm
15
+
16
+ sig { params(secret: String, algorithm: String).void }
17
+ def initialize(secret, algorithm: "sha512")
18
+ @secret = T.let(secret, String)
19
+ @algorithm = T.let(algorithm, String)
20
+ OpenSSL::HMAC.hexdigest(@algorithm, @secret, "")
21
+ end
22
+
23
+ sig do
24
+ params(
25
+ params: Types::ParamsType,
26
+ verb: T.any(String, Symbol),
27
+ path: String
28
+ ).returns(String)
29
+ end
30
+ def sign(params:, verb:, path:)
31
+ OpenSSL::HMAC.hexdigest(
32
+ @algorithm,
33
+ @secret,
34
+ "#{verb.to_s.upcase}#{path}#{ParamsEncoder.new(params).encode}"
35
+ )
36
+ end
37
+
38
+ sig do
39
+ params(
40
+ params: Types::ParamsType,
41
+ verb: T.any(String, Symbol),
42
+ path: String,
43
+ signature: String
44
+ ).returns(T::Boolean)
45
+ end
46
+ def validate(params:, verb:, path:, signature:)
47
+ if OpenSSL.method_defined?(:fixed_length_secure_compare)
48
+ OpenSSL.fixed_length_secure_compare(
49
+ sign(params: params, verb: verb, path: path),
50
+ signature
51
+ )
52
+ else
53
+ fallback_fixed_length_secure_compare(
54
+ sign(params: params, verb: verb, path: path),
55
+ signature
56
+ )
57
+ end
58
+ rescue StandardError
59
+ false
60
+ end
61
+
62
+ private
63
+
64
+ # Ruby 2.7 openssl lib doesn't have fixed_length_secure_compare method
65
+ # File activesupport/lib/active_support/security_utils.rb, line 11
66
+ # With sorbet fix
67
+ sig { params(str_a: String, str_b: String).returns(T::Boolean) }
68
+ def fallback_fixed_length_secure_compare(str_a, str_b)
69
+ return false unless str_a.bytesize == str_b.bytesize
70
+
71
+ l = str_a.unpack "C#{str_a.bytesize}"
72
+
73
+ res = 0
74
+ str_b.each_byte { |byte| res |= byte ^ l.shift.to_i }
75
+ res == 0
76
+ end
77
+ end
78
+ end
@@ -0,0 +1,25 @@
1
+ # typed: strict
2
+ module M2mKeygen
3
+ module Types
4
+ extend T::Sig
5
+
6
+ ParamsType =
7
+ T.type_alias do
8
+ T.nilable(T::Hash[T.any(String, Symbol), T.nilable(ParamsValueType)])
9
+ end
10
+
11
+ ParamsHashNotNilType =
12
+ T.type_alias { T::Hash[T.any(String, Symbol), ParamsValueType] }
13
+
14
+ ParamsValueType =
15
+ T.type_alias do
16
+ T.any(
17
+ Integer,
18
+ String,
19
+ Symbol,
20
+ T::Array[T.untyped],
21
+ T::Hash[T.untyped, T.untyped]
22
+ )
23
+ end
24
+ end
25
+ end
@@ -3,5 +3,5 @@
3
3
 
4
4
  module M2mKeygen
5
5
  # Gem version
6
- VERSION = "0.2.1"
6
+ VERSION = "0.3.0"
7
7
  end
data/lib/m2m_keygen.rb CHANGED
@@ -1,7 +1,10 @@
1
1
  # typed: strict
2
- # frozen_string_literal: true
3
2
 
4
- require_relative "m2m_keygen/version"
3
+ require "sorbet-runtime"
4
+ require "zeitwerk"
5
+
6
+ loader = Zeitwerk::Loader.for_gem
7
+ loader.setup
5
8
 
6
9
  # Main module
7
10
  module M2mKeygen