m2m_keygen 0.2.1 → 0.4.1

data/docs/method_list.html

@@ -44,6 +44,94 @@
       <ul id="full_list" class="method">
         
 
+  <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/Signature.html#algorithm-instance_method" title="M2mKeygen::Signature#algorithm (method)">#algorithm</a></span>
+      <small>M2mKeygen::Signature</small>
+    </div>
+  </li>
+  
+
+  <li class="even ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html#encode-instance_method" title="M2mKeygen::ParamsEncoder#encode (method)">#encode</a></span>
+      <small>M2mKeygen::ParamsEncoder</small>
+    </div>
+  </li>
+  
+
+  <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/RackValidator.html#header_name-instance_method" title="M2mKeygen::RackValidator#header_name (method)">#header_name</a></span>
+      <small>M2mKeygen::RackValidator</small>
+    </div>
+  </li>
+  
+
+  <li class="even ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/Signature.html#initialize-instance_method" title="M2mKeygen::Signature#initialize (method)">#initialize</a></span>
+      <small>M2mKeygen::Signature</small>
+    </div>
+  </li>
+  
+
+  <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/RackValidator.html#initialize-instance_method" title="M2mKeygen::RackValidator#initialize (method)">#initialize</a></span>
+      <small>M2mKeygen::RackValidator</small>
+    </div>
+  </li>
+  
+
+  <li class="even ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html#initialize-instance_method" title="M2mKeygen::ParamsEncoder#initialize (method)">#initialize</a></span>
+      <small>M2mKeygen::ParamsEncoder</small>
+    </div>
+  </li>
+  
+
+  <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/Signature.html#secret-instance_method" title="M2mKeygen::Signature#secret (method)">#secret</a></span>
+      <small>M2mKeygen::Signature</small>
+    </div>
+  </li>
+  
+
+  <li class="even ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/Signature.html#sign-instance_method" title="M2mKeygen::Signature#sign (method)">#sign</a></span>
+      <small>M2mKeygen::Signature</small>
+    </div>
+  </li>
+  
+
+  <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/RackValidator.html#signature-instance_method" title="M2mKeygen::RackValidator#signature (method)">#signature</a></span>
+      <small>M2mKeygen::RackValidator</small>
+    </div>
+  </li>
+  
+
+  <li class="even ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/Signature.html#validate-instance_method" title="M2mKeygen::Signature#validate (method)">#validate</a></span>
+      <small>M2mKeygen::Signature</small>
+    </div>
+  </li>
+  
+
+  <li class="odd ">
+    <div class="item">
+      <span class='object_link'><a href="M2mKeygen/RackValidator.html#validate-instance_method" title="M2mKeygen::RackValidator#validate (method)">#validate</a></span>
+      <small>M2mKeygen::RackValidator</small>
+    </div>
+  </li>
+  
+
 
       </ul>
     </div>

data/docs/top-level-namespace.html

@@ -100,7 +100,7 @@
 </div>
 
       <div id="footer">
-  Generated on Mon Aug 29 18:08:40 2022 by
+  Generated on Mon Sep  5 14:49:01 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/lib/m2m_keygen/params_encoder.rb

@@ -0,0 +1,56 @@
+# typed: strict
+
+module M2mKeygen
+  # Encoder for params hash
+  class ParamsEncoder
+    extend T::Sig
+
+    sig { params(params: Types::ParamsType).void }
+    def initialize(params)
+      @params = T.let(params, Types::ParamsType)
+    end
+
+    sig { returns(String) }
+    def encode
+      return "" if @params.nil? || @params.empty?
+      @params
+        .sort_by { |k, _| k.to_s }
+        .reject { |_, v| (v.is_a?(String) && v == "") || v.nil? }
+        .map { |k, v| "#{k}=#{jsonify_value(encode_value(T.must(v)))}" }
+        .join("&")
+    end
+
+    private
+
+    sig do
+      params(value: Types::ParamsValueType).returns(
+        T.any(String, Symbol, Integer)
+      )
+    end
+    def jsonify_value(value)
+      return value unless value.is_a?(Hash) || value.is_a?(Array)
+      value.to_json
+    end
+
+    sig do
+      params(value: Types::ParamsValueType).returns(Types::ParamsValueType)
+    end
+    def encode_value(value)
+      return encode_hash_value(value) if value.is_a?(Hash)
+      value
+    end
+
+    sig do
+      params(value: Types::ParamsHashNotNilType).returns(
+        T::Hash[String, Types::ParamsValueType]
+      )
+    end
+    def encode_hash_value(value)
+      value
+        .sort_by { |k, _| k.to_s }
+        .reject { |_, v| (v.is_a?(String) && v == "") || v.nil? }
+        .map { |k, v| [k.to_s, encode_value(v)] }
+        .to_h
+    end
+  end
+end

data/lib/m2m_keygen/rack_validator.rb

@@ -0,0 +1,34 @@
+# typed: strict
+
+require "rack"
+
+module M2mKeygen
+  class RackValidator
+    extend T::Sig
+
+    sig { returns(Signature) }
+    attr_reader :signature
+
+    sig { returns(String) }
+    attr_reader :header_name
+
+    sig { params(secret: String, algorithm: String, header_name: String).void }
+    def initialize(secret, algorithm: "sha512", header_name: "X-Signature")
+      @header_name = T.let("HTTP_#{header_name.tr("-", "_").upcase}", String)
+      @signature = T.let(Signature.new(secret, algorithm: algorithm), Signature)
+    end
+
+    sig { params(req: T.untyped).returns(T::Boolean) }
+    def validate(req)
+      # This will cover the case when Rails is used.
+      req = Rack::Request.new(req.env)
+      @signature.validate(
+        params: req.params,
+        verb: req.request_method,
+        path: req.path,
+        signature: req.env["HTTP_X_SIGNATURE"]
+      ) && req.params["expiry"] && req.params["expiry"].to_i > Time.now.to_i &&
+        req.params["expiry"].to_i < Time.now.to_i + 120
+    end
+  end
+end

data/lib/m2m_keygen/signature.rb

@@ -0,0 +1,78 @@
+# typed: strict
+
+require "openssl"
+require "json"
+
+module M2mKeygen
+  class Signature
+    extend T::Sig
+
+    sig { returns(String) }
+    attr_reader :secret
+
+    sig { returns(String) }
+    attr_reader :algorithm
+
+    sig { params(secret: String, algorithm: String).void }
+    def initialize(secret, algorithm: "sha512")
+      @secret = T.let(secret, String)
+      @algorithm = T.let(algorithm, String)
+      OpenSSL::HMAC.hexdigest(@algorithm, @secret, "")
+    end
+
+    sig do
+      params(
+        params: Types::ParamsType,
+        verb: T.any(String, Symbol),
+        path: String
+      ).returns(String)
+    end
+    def sign(params:, verb:, path:)
+      OpenSSL::HMAC.hexdigest(
+        @algorithm,
+        @secret,
+        "#{verb.to_s.upcase}#{path}#{ParamsEncoder.new(params).encode}"
+      )
+    end
+
+    sig do
+      params(
+        params: Types::ParamsType,
+        verb: T.any(String, Symbol),
+        path: String,
+        signature: String
+      ).returns(T::Boolean)
+    end
+    def validate(params:, verb:, path:, signature:)
+      if OpenSSL.methods.include?(:fixed_length_secure_compare)
+        OpenSSL.fixed_length_secure_compare(
+          sign(params: params, verb: verb, path: path),
+          signature
+        )
+      else
+        fallback_fixed_length_secure_compare(
+          sign(params: params, verb: verb, path: path),
+          signature
+        )
+      end
+    rescue StandardError
+      false
+    end
+
+    private
+
+    # Ruby 2.7 openssl lib doesn't have fixed_length_secure_compare method
+    # File activesupport/lib/active_support/security_utils.rb, line 11
+    # With sorbet fix
+    sig { params(str_a: String, str_b: String).returns(T::Boolean) }
+    def fallback_fixed_length_secure_compare(str_a, str_b)
+      return false unless str_a.bytesize == str_b.bytesize
+
+      l = str_a.unpack "C#{str_a.bytesize}"
+
+      res = 0
+      str_b.each_byte { |byte| res |= byte ^ l.shift.to_i }
+      res == 0
+    end
+  end
+end

data/lib/m2m_keygen/types/params_type.rb

@@ -0,0 +1,25 @@
+# typed: strict
+module M2mKeygen
+  module Types
+    extend T::Sig
+
+    ParamsType =
+      T.type_alias do
+        T.nilable(T::Hash[T.any(String, Symbol), T.nilable(ParamsValueType)])
+      end
+
+    ParamsHashNotNilType =
+      T.type_alias { T::Hash[T.any(String, Symbol), ParamsValueType] }
+
+    ParamsValueType =
+      T.type_alias do
+        T.any(
+          Integer,
+          String,
+          Symbol,
+          T::Array[T.untyped],
+          T::Hash[T.untyped, T.untyped]
+        )
+      end
+  end
+end

data/lib/m2m_keygen/version.rb

@@ -3,5 +3,5 @@
 
 module M2mKeygen
   # Gem version
-  VERSION = "0.2.1"
+  VERSION = "0.4.1"
 end

data/lib/m2m_keygen.rb

@@ -1,7 +1,10 @@
 # typed: strict
-# frozen_string_literal: true
 
-require_relative "m2m_keygen/version"
+require "sorbet-runtime"
+require "zeitwerk"
+
+loader = Zeitwerk::Loader.for_gem
+loader.setup
 
 # Main module
 module M2mKeygen

data/m2m_keygen.gemspec

@@ -41,6 +41,7 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  spec.add_dependency "rack"
   spec.add_dependency "sorbet-runtime"
   spec.add_dependency "zeitwerk", "~> 2.6"
 end

data/sorbet/rbi/gems/activesupport@7.0.3.1.rbi

@@ -1534,6 +1534,30 @@ class ActiveSupport::Cache::Strategy::LocalCache::LocalStore
   def write_entry(key, entry); end
 end
 
+# --
+# This class wraps up local storage for middlewares. Only the middleware method should
+# construct them.
+#
+# source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:13
+class ActiveSupport::Cache::Strategy::LocalCache::Middleware
+  # @return [Middleware] a new instance of Middleware
+  #
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:16
+  def initialize(name, local_cache_key); end
+
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:27
+  def call(env); end
+
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:14
+  def local_cache_key; end
+
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:14
+  def name; end
+
+  # source://activesupport-7.0.3.1/lib/active_support/cache/strategy/local_cache_middleware.rb:22
+  def new(app); end
+end
+
 # These options mean something to all cache implementations. Individual cache
 # implementations may support additional options.
 #