mixlib-authentication 3.0.1 → 3.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/mixlib/authentication.rb +1 -1
- data/lib/mixlib/authentication/http_authentication_request.rb +1 -1
- data/lib/mixlib/authentication/signatureverification.rb +1 -1
- data/lib/mixlib/authentication/signedheaderauth.rb +28 -26
- data/lib/mixlib/authentication/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dfe9207033439727125b97e19e5d0f104f540545f8975fd09952e7d3c33d1912
|
|
4
|
+
data.tar.gz: a0105be8a06dc1a6cdbb7e87e86686873e561e714a6ba47c07fc1855ef4acc7a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a04e5503e573c71382bc391fe3392419fc1480199a74c5ec757c83fa7dc3ba85cc6ffce01957ef0ada987ddc6e618572bcc8989e0c593ab7c9c055aa6d6d4af2
|
|
7
|
+
data.tar.gz: 410b2915042706210831ee5258fcb1e998251d289280c49d636dc93fcde357f219eb81ba6283de0fddd532a17ded913aa712db636a6fcb94c9c042b4631b543a
|
|
@@ -22,7 +22,7 @@ module Mixlib
|
|
|
22
22
|
module Authentication
|
|
23
23
|
class HTTPAuthenticationRequest
|
|
24
24
|
|
|
25
|
-
MANDATORY_HEADERS =
|
|
25
|
+
MANDATORY_HEADERS = %i{x_ops_sign x_ops_userid x_ops_timestamp host x_ops_content_hash}.freeze
|
|
26
26
|
|
|
27
27
|
attr_reader :request
|
|
28
28
|
|
|
@@ -203,7 +203,7 @@ module Mixlib
|
|
|
203
203
|
# No file_param; we're running in Merb, or it's just not there..
|
|
204
204
|
if file_param.nil?
|
|
205
205
|
hash_param = request.params.values.find { |value| value.respond_to?(:has_key?) } # Hash responds to :has_key? .
|
|
206
|
-
|
|
206
|
+
unless hash_param.nil?
|
|
207
207
|
file_param = hash_param.values.find { |value| value.respond_to?(:read) } # File/Tempfile responds to :read.
|
|
208
208
|
end
|
|
209
209
|
end
|
|
@@ -34,7 +34,7 @@ module Mixlib
|
|
|
34
34
|
"1.0" => "sha1",
|
|
35
35
|
"1.1" => "sha1",
|
|
36
36
|
"1.3" => "sha256",
|
|
37
|
-
}.freeze
|
|
37
|
+
}.freeze
|
|
38
38
|
|
|
39
39
|
# Use of SUPPORTED_ALGORITHMS and SUPPORTED_VERSIONS is deprecated. Use
|
|
40
40
|
# ALGORITHM_FOR_VERSION instead
|
|
@@ -74,15 +74,14 @@ module Mixlib
|
|
|
74
74
|
# * `:host`: The host part of the URI
|
|
75
75
|
def self.signing_object(args = {})
|
|
76
76
|
SigningObject.new(args[:http_method],
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
)
|
|
77
|
+
args[:path],
|
|
78
|
+
args[:body],
|
|
79
|
+
args[:host],
|
|
80
|
+
args[:timestamp],
|
|
81
|
+
args[:user_id],
|
|
82
|
+
args[:file],
|
|
83
|
+
args[:proto_version],
|
|
84
|
+
args[:headers])
|
|
86
85
|
end
|
|
87
86
|
|
|
88
87
|
def algorithm
|
|
@@ -175,7 +174,7 @@ module Mixlib
|
|
|
175
174
|
# ====Parameters
|
|
176
175
|
#
|
|
177
176
|
def canonical_path
|
|
178
|
-
p = path.gsub(
|
|
177
|
+
p = path.gsub(%r{/+}, "/")
|
|
179
178
|
p.length > 1 ? p.chomp("/") : p
|
|
180
179
|
end
|
|
181
180
|
|
|
@@ -191,6 +190,7 @@ module Mixlib
|
|
|
191
190
|
else
|
|
192
191
|
@hashed_body_digest = digest
|
|
193
192
|
end
|
|
193
|
+
|
|
194
194
|
# Hash the file object if it was passed in, otherwise hash based on
|
|
195
195
|
# the body.
|
|
196
196
|
# TODO: tim 2009-12-28: It'd be nice to just remove this special case,
|
|
@@ -283,11 +283,13 @@ module Mixlib
|
|
|
283
283
|
do_sign_ssh_agent(rsa_key, string_to_sign)
|
|
284
284
|
else
|
|
285
285
|
raise AuthenticationError, "RSA private key is required to sign requests, but a public key was provided" unless rsa_key.private?
|
|
286
|
+
|
|
286
287
|
rsa_key.sign(digest.new, string_to_sign)
|
|
287
288
|
end
|
|
288
289
|
else
|
|
289
290
|
raise AuthenticationError, "Agent signing mode requires signing protocol version 1.3 or newer" if use_ssh_agent
|
|
290
291
|
raise AuthenticationError, "RSA private key is required to sign requests, but a public key was provided" unless rsa_key.private?
|
|
292
|
+
|
|
291
293
|
rsa_key.private_encrypt(string_to_sign)
|
|
292
294
|
end
|
|
293
295
|
end
|
|
@@ -339,25 +341,25 @@ module Mixlib
|
|
|
339
341
|
# generate a request signature. `SignedHeaderAuth.signing_object()`
|
|
340
342
|
# provides a more convenient interface to the constructor.
|
|
341
343
|
SigningObject = Struct.new(:http_method, :path, :body, :host,
|
|
342
|
-
|
|
343
|
-
|
|
344
|
+
:timestamp, :user_id, :file, :proto_version,
|
|
345
|
+
:headers) do
|
|
344
346
|
|
|
345
|
-
|
|
347
|
+
include SignedHeaderAuth
|
|
346
348
|
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
|
|
349
|
+
def proto_version
|
|
350
|
+
(self[:proto_version] || SignedHeaderAuth::DEFAULT_PROTO_VERSION).to_s
|
|
351
|
+
end
|
|
350
352
|
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
|
|
353
|
+
def server_api_version
|
|
354
|
+
key = (self[:headers] || {}).keys.select do |k|
|
|
355
|
+
k.casecmp("x-ops-server-api-version") == 0
|
|
356
|
+
end.first
|
|
357
|
+
if key
|
|
358
|
+
self[:headers][key]
|
|
359
|
+
else
|
|
360
|
+
DEFAULT_SERVER_API_VERSION
|
|
361
|
+
end
|
|
359
362
|
end
|
|
360
363
|
end
|
|
361
|
-
end
|
|
362
364
|
end
|
|
363
365
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mixlib-authentication
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chef Software, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-10-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Mixes in simple per-request authentication
|
|
14
14
|
email: info@chef.io
|