mauth-client 4.0.2 → 4.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/mauth/client.rb +8 -2
- data/lib/mauth/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1f18ac348ac61d91254ad0c5dea4874b5e76f486
|
|
4
|
+
data.tar.gz: 1516ee5f2fe7e7f26369e4d6878e9c5c6a220457
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b46db4cd5a12bcf4a7df96e97a529b505a773eb303b62e722c8d447e16a1667c1613cd0c5a71e7d8faaf661ee9022d41a2f9b5f7e95832d9ec6808eebb19cab9
|
|
7
|
+
data.tar.gz: 18d84c20776c619f5821056b491d25b21a4ed9387bb89de4b2283740bffcaec4d793a807fe1eb9f8b17f452f6a3d44473d6bb62220f8331fb83fd8560a20ac1a
|
data/CHANGELOG.md
CHANGED
data/lib/mauth/client.rb
CHANGED
|
@@ -364,8 +364,7 @@ module MAuth
|
|
|
364
364
|
expected_for_percent_reencoding = object.string_to_sign(time: object.x_mws_time, app_uuid: object.signature_app_uuid)
|
|
365
365
|
|
|
366
366
|
# do a moderately complex Euresource-style reencoding of the path
|
|
367
|
-
object.attributes_for_signing[:request_url] =
|
|
368
|
-
object.attributes_for_signing[:request_url].gsub!('%2F', '/') # ...and then 'simply' decode the %2F's back into /'s, just like Euresource kind of does!
|
|
367
|
+
object.attributes_for_signing[:request_url] = euresource_escape(original_request_uri.to_s)
|
|
369
368
|
expected_euresource_style_reencoding = object.string_to_sign(time: object.x_mws_time, app_uuid: object.signature_app_uuid)
|
|
370
369
|
|
|
371
370
|
# reset the object original request_uri, just in case we need it again
|
|
@@ -383,6 +382,13 @@ module MAuth
|
|
|
383
382
|
end
|
|
384
383
|
end
|
|
385
384
|
|
|
385
|
+
# Note: RFC 3986 (https://www.ietf.org/rfc/rfc3986.txt) reserves the forward slash "/"
|
|
386
|
+
# and number sign "#" as component delimiters. Since these are valid URI components,
|
|
387
|
+
# they are decoded back into characters here to avoid signature invalidation
|
|
388
|
+
def euresource_escape(str)
|
|
389
|
+
CGI.escape(str).gsub(/%2F|%23/, "%2F" => "/", "%23" => "#")
|
|
390
|
+
end
|
|
391
|
+
|
|
386
392
|
def retrieve_public_key(app_uuid)
|
|
387
393
|
retrieve_security_token(app_uuid)['security_token']['public_key_str']
|
|
388
394
|
end
|
data/lib/mauth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mauth-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.0.
|
|
4
|
+
version: 4.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matthew Szenher
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: exe
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2017-
|
|
14
|
+
date: 2017-05-11 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: faraday
|