mixlib-authentication 1.4.2 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: e493785efc5cf2caf7d1134378fd613f35712f1f
-  data.tar.gz: d855dabe2ebea778d9c37037e3f843c49acbecb9
+SHA256:
+  metadata.gz: 30042f8e3ac0f6ca2d793fa73556e19d41146554c6673788e2c0d7225e9f3584
+  data.tar.gz: bed096ad15f32dca36dddfe79deb4f7b9f54a8656849b68393ce900944f3cc5b
 SHA512:
-  metadata.gz: '09e094e344bc46528877b69bb015c5d2386ab57da7f7f62edbbeda81dd338fae31194736f56e947d935b0a36306dac06d148b0dbddf5d11cd3249e3cfba65571'
-  data.tar.gz: 2f71c58ba5d85efbf1d00db61ca09abb57d0092d46e2f8d2fa578baf0c34d2e0ff86e36e1224b40e8d0e1ad8258ef717460dcb06385045d3c920f4cd5052a86b
+  metadata.gz: f2bc4eff96e238290c9d3ec9cfc490b62372b9f4b0668dae56055f88844c8b8b971183000e4189d5ecfd8a4cc8b902aee753f103fecb839ad1bf9b33716d1840
+  data.tar.gz: 0a03fd4b0a2016b93b681ba5a174dcc49089bd2aab2c2601bad114970a0680fe091bd562a6de4a0918f24e52b3eb512159287a239fb0cf1654ca91c452e34a4f

data/Gemfile

@@ -3,5 +3,5 @@ gemspec
 
 group(:development) do
   gem "pry"
-  gem "mixlib-log"
+  gem "mixlib-log", '~> 2'
 end

data/lib/mixlib/authentication/http_authentication_request.rb

@@ -72,7 +72,7 @@ module Mixlib
         unless @request_signature
           @request_signature = headers.find_all { |h| h[0].to_s =~ /^x_ops_authorization_/ }
             .sort { |x, y| x.to_s[/\d+/].to_i <=> y.to_s[/\d+/].to_i }.map { |i| i[1] }.join("\n")
-          Mixlib::Authentication::Log.debug "Reconstituted (user-supplied) request signature: #{@request_signature}"
+          Mixlib::Authentication::Log.trace "Reconstituted (user-supplied) request signature: #{@request_signature}"
         end
         @request_signature
       end

data/lib/mixlib/authentication/null_logger.rb

@@ -4,7 +4,7 @@ module Mixlib
 
       attr_accessor :level
 
-      %i{debug info warn error fatal}.each do |method_name|
+      %i{trace debug info warn error fatal}.each do |method_name|
         class_eval(<<-METHOD_DEFN, __FILE__, __LINE__)
           def #{method_name}(msg=nil, &block)
             true
@@ -12,7 +12,7 @@ module Mixlib
         METHOD_DEFN
       end
 
-      %i{debug? info? warn? error? fatal?}.each do |method_name|
+      %i{trace? debug? info? warn? error? fatal?}.each do |method_name|
         class_eval(<<-METHOD_DEFN, __FILE__, __LINE__)
           def #{method_name}
             false

data/lib/mixlib/authentication/signatureverification.rb

@@ -76,7 +76,7 @@ module Mixlib
       # X-Ops-Content-Hash:
       # X-Ops-Authorization-#{line_number}
       def authenticate_request(user_secret, time_skew = (15 * 60))
-        Mixlib::Authentication.logger.debug "Initializing header auth : #{request.inspect}"
+        Mixlib::Authentication.logger.trace "Initializing header auth : #{request.inspect}"
 
         @user_secret       = user_secret
         @allowed_time_skew = time_skew # in seconds
@@ -149,15 +149,15 @@ module Mixlib
                              (request_decrypted_block == candidate_block)
                            end
 
-        # Keep the debug messages lined up so it's easy to scan them
-        Mixlib::Authentication.logger.debug("Verifying request signature:")
-        Mixlib::Authentication.logger.debug(" Expected Block is: '#{candidate_block}'")
-        Mixlib::Authentication.logger.debug("Decrypted block is: '#{request_decrypted_block}'")
-        Mixlib::Authentication.logger.debug("Signatures match? : '#{@valid_signature}'")
+        # Keep the trace messages lined up so it's easy to scan them
+        Mixlib::Authentication.logger.trace("Verifying request signature:")
+        Mixlib::Authentication.logger.trace(" Expected Block is: '#{candidate_block}'")
+        Mixlib::Authentication.logger.trace("Decrypted block is: '#{request_decrypted_block}'")
+        Mixlib::Authentication.logger.trace("Signatures match? : '#{@valid_signature}'")
 
         @valid_signature
       rescue => e
-        Mixlib::Authentication.logger.debug("Failed to verify request signature: #{e.class.name}: #{e.message}")
+        Mixlib::Authentication.logger.trace("Failed to verify request signature: #{e.class.name}: #{e.message}")
         @valid_signature = false
       end
 
@@ -168,10 +168,10 @@ module Mixlib
       def verify_content_hash
         @valid_content_hash = (content_hash == hashed_body)
 
-        # Keep the debug messages lined up so it's easy to scan them
-        Mixlib::Authentication.logger.debug("Expected content hash is: '#{hashed_body}'")
-        Mixlib::Authentication.logger.debug(" Request Content Hash is: '#{content_hash}'")
-        Mixlib::Authentication.logger.debug("           Hashes match?: #{@valid_content_hash}")
+        # Keep the trace messages lined up so it's easy to scan them
+        Mixlib::Authentication.logger.trace("Expected content hash is: '#{hashed_body}'")
+        Mixlib::Authentication.logger.trace(" Request Content Hash is: '#{content_hash}'")
+        Mixlib::Authentication.logger.trace("           Hashes match?: #{@valid_content_hash}")
 
         @valid_content_hash
       end
@@ -211,11 +211,11 @@ module Mixlib
           # Any file that's included in the request is hashed if it's there. Otherwise,
           # we hash the body.
           if file_param
-            Mixlib::Authentication.logger.debug "Digesting file_param: '#{file_param.inspect}'"
+            Mixlib::Authentication.logger.trace "Digesting file_param: '#{file_param.inspect}'"
             @hashed_body = digester.hash_file(file_param, digest)
           else
             body = request.raw_post
-            Mixlib::Authentication.logger.debug "Digesting body: '#{body}'"
+            Mixlib::Authentication.logger.trace "Digesting body: '#{body}'"
             @hashed_body = digester.hash_string(body, digest)
           end
         end
@@ -232,7 +232,7 @@ module Mixlib
       def timestamp_within_bounds?(time1, time2)
         time_diff = (time2 - time1).abs
         is_allowed = (time_diff < @allowed_time_skew)
-        Mixlib::Authentication.logger.debug "Request time difference: #{time_diff}, within #{@allowed_time_skew} seconds? : #{!!is_allowed}"
+        Mixlib::Authentication.logger.trace "Request time difference: #{time_diff}, within #{@allowed_time_skew} seconds? : #{!!is_allowed}"
         is_allowed
       end
     end

data/lib/mixlib/authentication/signedheaderauth.rb

@@ -115,7 +115,7 @@ module Mixlib
           header_hash[key] = signature_lines[idx]
         end
 
-        Mixlib::Authentication.logger.debug "Header hash: #{header_hash.inspect}"
+        Mixlib::Authentication.logger.trace "Header hash: #{header_hash.inspect}"
 
         header_hash
       end
@@ -236,7 +236,7 @@ module Mixlib
           memo[field_name.to_sym] = field_value.strip
           memo
         end
-        Mixlib::Authentication.logger.debug "Parsed signing description: #{parts.inspect}"
+        Mixlib::Authentication.logger.trace "Parsed signing description: #{parts.inspect}"
         parts
       end
 
@@ -247,7 +247,7 @@ module Mixlib
       # private
       def do_sign(private_key, digest, sign_algorithm, sign_version)
         string_to_sign = canonicalize_request(sign_algorithm, sign_version)
-        Mixlib::Authentication.logger.debug "String to sign: '#{string_to_sign}'"
+        Mixlib::Authentication.logger.trace "String to sign: '#{string_to_sign}'"
         case sign_version
         when "1.3"
           private_key.sign(digest.new, string_to_sign)

data/lib/mixlib/authentication/version.rb

@@ -15,6 +15,6 @@
 
 module Mixlib
   module Authentication
-    VERSION = "1.4.2"
+    VERSION = "2.0.0"
   end
 end

data/spec/mixlib/authentication/mixlib_authentication_spec.rb

@@ -63,7 +63,7 @@ class MockFile
 end
 
 # Uncomment this to get some more info from the methods we're testing.
-#Mixlib::Authentication.logger.level = :debug
+#Mixlib::Authentication.logger.level = :trace
 
 describe "Mixlib::Authentication::SignedHeaderAuth" do
 

data/spec/mixlib/authentication/mixlib_log_missing_spec.rb

@@ -25,7 +25,7 @@ describe "Mixlib::Authentication::Log" do
       expect(Mixlib::Authentication::Log.level).to eq(:error)
     end
 
-    %w{debug info warn error fatal}.each do |level|
+    %w{trace debug info warn error fatal}.each do |level|
       it "logs at level #{level}" do
         expect(Mixlib::Authentication::Log).to receive(level).with("foo")
 
@@ -44,9 +44,9 @@ describe "Mixlib::Authentication::Log" do
         .to include(Mixlib::Log)
     end
 
-    %w{debug info warn error fatal}.each do |level|
+    %w{trace debug info warn error fatal}.each do |level|
       it "forward #{level} to mixlib-log" do
-        expect(Mixlib::Authentication::Log.logger).to receive(level).with("foo")
+        expect_any_instance_of(Mixlib::Log).to receive(level).with("foo")
 
         Mixlib::Authentication.logger.send(level, "foo")
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mixlib-authentication
 version: !ruby/object:Gem::Version
-  version: 1.4.2
+  version: 2.0.0
 platform: ruby
 authors:
 - Chef Software, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-08-17 00:00:00.000000000 Z
+date: 2018-04-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec-core
@@ -124,7 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 2.7.3
 signing_key: 
 specification_version: 4
 summary: Mixes in simple per-request authentication