mixlib-authentication 3.0.1 → 3.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/mixlib/authentication.rb +1 -1
- data/lib/mixlib/authentication/http_authentication_request.rb +1 -1
- data/lib/mixlib/authentication/signatureverification.rb +1 -1
- data/lib/mixlib/authentication/signedheaderauth.rb +28 -26
- data/lib/mixlib/authentication/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dfe9207033439727125b97e19e5d0f104f540545f8975fd09952e7d3c33d1912
|
|
4
|
+
data.tar.gz: a0105be8a06dc1a6cdbb7e87e86686873e561e714a6ba47c07fc1855ef4acc7a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a04e5503e573c71382bc391fe3392419fc1480199a74c5ec757c83fa7dc3ba85cc6ffce01957ef0ada987ddc6e618572bcc8989e0c593ab7c9c055aa6d6d4af2
|
|
7
|
+
data.tar.gz: 410b2915042706210831ee5258fcb1e998251d289280c49d636dc93fcde357f219eb81ba6283de0fddd532a17ded913aa712db636a6fcb94c9c042b4631b543a
|
|
@@ -22,7 +22,7 @@ module Mixlib
|
|
|
22
22
|
module Authentication
|
|
23
23
|
class HTTPAuthenticationRequest
|
|
24
24
|
|
|
25
|
-
MANDATORY_HEADERS =
|
|
25
|
+
MANDATORY_HEADERS = %i{x_ops_sign x_ops_userid x_ops_timestamp host x_ops_content_hash}.freeze
|
|
26
26
|
|
|
27
27
|
attr_reader :request
|
|
28
28
|
|
|
@@ -203,7 +203,7 @@ module Mixlib
|
|
|
203
203
|
# No file_param; we're running in Merb, or it's just not there..
|
|
204
204
|
if file_param.nil?
|
|
205
205
|
hash_param = request.params.values.find { |value| value.respond_to?(:has_key?) } # Hash responds to :has_key? .
|
|
206
|
-
|
|
206
|
+
unless hash_param.nil?
|
|
207
207
|
file_param = hash_param.values.find { |value| value.respond_to?(:read) } # File/Tempfile responds to :read.
|
|
208
208
|
end
|
|
209
209
|
end
|
|
@@ -34,7 +34,7 @@ module Mixlib
|
|
|
34
34
|
"1.0" => "sha1",
|
|
35
35
|
"1.1" => "sha1",
|
|
36
36
|
"1.3" => "sha256",
|
|
37
|
-
}.freeze
|
|
37
|
+
}.freeze
|
|
38
38
|
|
|
39
39
|
# Use of SUPPORTED_ALGORITHMS and SUPPORTED_VERSIONS is deprecated. Use
|
|
40
40
|
# ALGORITHM_FOR_VERSION instead
|
|
@@ -74,15 +74,14 @@ module Mixlib
|
|
|
74
74
|
# * `:host`: The host part of the URI
|
|
75
75
|
def self.signing_object(args = {})
|
|
76
76
|
SigningObject.new(args[:http_method],
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
)
|
|
77
|
+
args[:path],
|
|
78
|
+
args[:body],
|
|
79
|
+
args[:host],
|
|
80
|
+
args[:timestamp],
|
|
81
|
+
args[:user_id],
|
|
82
|
+
args[:file],
|
|
83
|
+
args[:proto_version],
|
|
84
|
+
args[:headers])
|
|
86
85
|
end
|
|
87
86
|
|
|
88
87
|
def algorithm
|
|
@@ -175,7 +174,7 @@ module Mixlib
|
|
|
175
174
|
# ====Parameters
|
|
176
175
|
#
|
|
177
176
|
def canonical_path
|
|
178
|
-
p = path.gsub(
|
|
177
|
+
p = path.gsub(%r{/+}, "/")
|
|
179
178
|
p.length > 1 ? p.chomp("/") : p
|
|
180
179
|
end
|
|
181
180
|
|
|
@@ -191,6 +190,7 @@ module Mixlib
|
|
|
191
190
|
else
|
|
192
191
|
@hashed_body_digest = digest
|
|
193
192
|
end
|
|
193
|
+
|
|
194
194
|
# Hash the file object if it was passed in, otherwise hash based on
|
|
195
195
|
# the body.
|
|
196
196
|
# TODO: tim 2009-12-28: It'd be nice to just remove this special case,
|
|
@@ -283,11 +283,13 @@ module Mixlib
|
|
|
283
283
|
do_sign_ssh_agent(rsa_key, string_to_sign)
|
|
284
284
|
else
|
|
285
285
|
raise AuthenticationError, "RSA private key is required to sign requests, but a public key was provided" unless rsa_key.private?
|
|
286
|
+
|
|
286
287
|
rsa_key.sign(digest.new, string_to_sign)
|
|
287
288
|
end
|
|
288
289
|
else
|
|
289
290
|
raise AuthenticationError, "Agent signing mode requires signing protocol version 1.3 or newer" if use_ssh_agent
|
|
290
291
|
raise AuthenticationError, "RSA private key is required to sign requests, but a public key was provided" unless rsa_key.private?
|
|
292
|
+
|
|
291
293
|
rsa_key.private_encrypt(string_to_sign)
|
|
292
294
|
end
|
|
293
295
|
end
|
|
@@ -339,25 +341,25 @@ module Mixlib
|
|
|
339
341
|
# generate a request signature. `SignedHeaderAuth.signing_object()`
|
|
340
342
|
# provides a more convenient interface to the constructor.
|
|
341
343
|
SigningObject = Struct.new(:http_method, :path, :body, :host,
|
|
342
|
-
|
|
343
|
-
|
|
344
|
+
:timestamp, :user_id, :file, :proto_version,
|
|
345
|
+
:headers) do
|
|
344
346
|
|
|
345
|
-
|
|
347
|
+
include SignedHeaderAuth
|
|
346
348
|
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
|
|
349
|
+
def proto_version
|
|
350
|
+
(self[:proto_version] || SignedHeaderAuth::DEFAULT_PROTO_VERSION).to_s
|
|
351
|
+
end
|
|
350
352
|
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
|
|
353
|
+
def server_api_version
|
|
354
|
+
key = (self[:headers] || {}).keys.select do |k|
|
|
355
|
+
k.casecmp("x-ops-server-api-version") == 0
|
|
356
|
+
end.first
|
|
357
|
+
if key
|
|
358
|
+
self[:headers][key]
|
|
359
|
+
else
|
|
360
|
+
DEFAULT_SERVER_API_VERSION
|
|
361
|
+
end
|
|
359
362
|
end
|
|
360
363
|
end
|
|
361
|
-
end
|
|
362
364
|
end
|
|
363
365
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mixlib-authentication
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chef Software, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-10-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Mixes in simple per-request authentication
|
|
14
14
|
email: info@chef.io
|