m2m_keygen 0.2.1 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +14 -1
- data/Gemfile.lock +1 -1
- data/README.md +87 -4
- data/docs/M2mKeygen/Error.html +1 -1
- data/docs/M2mKeygen/ParamsEncoder.html +321 -0
- data/docs/M2mKeygen/Signature.html +680 -0
- data/docs/M2mKeygen/Types.html +147 -0
- data/docs/M2mKeygen.html +7 -5
- data/docs/_index.html +46 -1
- data/docs/class_list.html +1 -1
- data/docs/file.README.html +94 -5
- data/docs/index.html +94 -5
- data/docs/method_list.html +56 -0
- data/docs/top-level-namespace.html +1 -1
- data/lib/m2m_keygen/params_encoder.rb +56 -0
- data/lib/m2m_keygen/signature.rb +78 -0
- data/lib/m2m_keygen/types/params_type.rb +25 -0
- data/lib/m2m_keygen/version.rb +1 -1
- data/lib/m2m_keygen.rb +5 -2
- data/sorbet/rbi/gems/{rb-fsevent@0.11.1.rbi → rb-fsevent@0.11.2.rbi} +0 -0
- data/sorbet/rbi/gems/zeitwerk@2.6.0.rbi +861 -2
- data/sorbet/rbi/manual.rbi +7 -0
- metadata +10 -3
@@ -0,0 +1,78 @@
|
|
1
|
+
# typed: strict
|
2
|
+
|
3
|
+
require "openssl"
|
4
|
+
require "json"
|
5
|
+
|
6
|
+
module M2mKeygen
|
7
|
+
class Signature
|
8
|
+
extend T::Sig
|
9
|
+
|
10
|
+
sig { returns(String) }
|
11
|
+
attr_reader :secret
|
12
|
+
|
13
|
+
sig { returns(String) }
|
14
|
+
attr_reader :algorithm
|
15
|
+
|
16
|
+
sig { params(secret: String, algorithm: String).void }
|
17
|
+
def initialize(secret, algorithm: "sha512")
|
18
|
+
@secret = T.let(secret, String)
|
19
|
+
@algorithm = T.let(algorithm, String)
|
20
|
+
OpenSSL::HMAC.hexdigest(@algorithm, @secret, "")
|
21
|
+
end
|
22
|
+
|
23
|
+
sig do
|
24
|
+
params(
|
25
|
+
params: Types::ParamsType,
|
26
|
+
verb: T.any(String, Symbol),
|
27
|
+
path: String
|
28
|
+
).returns(String)
|
29
|
+
end
|
30
|
+
def sign(params:, verb:, path:)
|
31
|
+
OpenSSL::HMAC.hexdigest(
|
32
|
+
@algorithm,
|
33
|
+
@secret,
|
34
|
+
"#{verb.to_s.upcase}#{path}#{ParamsEncoder.new(params).encode}"
|
35
|
+
)
|
36
|
+
end
|
37
|
+
|
38
|
+
sig do
|
39
|
+
params(
|
40
|
+
params: Types::ParamsType,
|
41
|
+
verb: T.any(String, Symbol),
|
42
|
+
path: String,
|
43
|
+
signature: String
|
44
|
+
).returns(T::Boolean)
|
45
|
+
end
|
46
|
+
def validate(params:, verb:, path:, signature:)
|
47
|
+
if OpenSSL.method_defined?(:fixed_length_secure_compare)
|
48
|
+
OpenSSL.fixed_length_secure_compare(
|
49
|
+
sign(params: params, verb: verb, path: path),
|
50
|
+
signature
|
51
|
+
)
|
52
|
+
else
|
53
|
+
fallback_fixed_length_secure_compare(
|
54
|
+
sign(params: params, verb: verb, path: path),
|
55
|
+
signature
|
56
|
+
)
|
57
|
+
end
|
58
|
+
rescue StandardError
|
59
|
+
false
|
60
|
+
end
|
61
|
+
|
62
|
+
private
|
63
|
+
|
64
|
+
# Ruby 2.7 openssl lib doesn't have fixed_length_secure_compare method
|
65
|
+
# File activesupport/lib/active_support/security_utils.rb, line 11
|
66
|
+
# With sorbet fix
|
67
|
+
sig { params(str_a: String, str_b: String).returns(T::Boolean) }
|
68
|
+
def fallback_fixed_length_secure_compare(str_a, str_b)
|
69
|
+
return false unless str_a.bytesize == str_b.bytesize
|
70
|
+
|
71
|
+
l = str_a.unpack "C#{str_a.bytesize}"
|
72
|
+
|
73
|
+
res = 0
|
74
|
+
str_b.each_byte { |byte| res |= byte ^ l.shift.to_i }
|
75
|
+
res == 0
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# typed: strict
|
2
|
+
module M2mKeygen
|
3
|
+
module Types
|
4
|
+
extend T::Sig
|
5
|
+
|
6
|
+
ParamsType =
|
7
|
+
T.type_alias do
|
8
|
+
T.nilable(T::Hash[T.any(String, Symbol), T.nilable(ParamsValueType)])
|
9
|
+
end
|
10
|
+
|
11
|
+
ParamsHashNotNilType =
|
12
|
+
T.type_alias { T::Hash[T.any(String, Symbol), ParamsValueType] }
|
13
|
+
|
14
|
+
ParamsValueType =
|
15
|
+
T.type_alias do
|
16
|
+
T.any(
|
17
|
+
Integer,
|
18
|
+
String,
|
19
|
+
Symbol,
|
20
|
+
T::Array[T.untyped],
|
21
|
+
T::Hash[T.untyped, T.untyped]
|
22
|
+
)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
data/lib/m2m_keygen/version.rb
CHANGED
data/lib/m2m_keygen.rb
CHANGED
File without changes
|