mixlib-authentication 1.4.1 → 1.4.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9909dd06ad5a2444688f93330b5c9128238d14e0
-  data.tar.gz: d9c72f4ae75782b00398ce12bc6823778e8aef45
+  metadata.gz: e493785efc5cf2caf7d1134378fd613f35712f1f
+  data.tar.gz: d855dabe2ebea778d9c37037e3f843c49acbecb9
 SHA512:
-  metadata.gz: 606bfed6570c5fbc8c02bcf827985a07003cb191a60dada99496bf073427b91d7fb6e7db966a2c357d082f1d6306f9a8f67cb97708a119d05390db5a77fd3b2f
-  data.tar.gz: 6305dcaae186d7a39054164a7061226b11713b9e35a5f5ca91d6f2025f42d838f174e9e699e616b2786fa776ef001929d33ff53858ed3a4e534193b206aed211
+  metadata.gz: '09e094e344bc46528877b69bb015c5d2386ab57da7f7f62edbbeda81dd338fae31194736f56e947d935b0a36306dac06d148b0dbddf5d11cd3249e3cfba65571'
+  data.tar.gz: 2f71c58ba5d85efbf1d00db61ca09abb57d0092d46e2f8d2fa578baf0c34d2e0ff86e36e1224b40e8d0e1ad8258ef717460dcb06385045d3c920f4cd5052a86b

data/Gemfile

@@ -3,4 +3,5 @@ gemspec
 
 group(:development) do
   gem "pry"
+  gem "mixlib-log"
 end

data/Rakefile

@@ -11,7 +11,7 @@ begin
   RuboCop::RakeTask.new(:style) do |task|
     task.options += ["--display-cop-names", "--no-color"]
   end
-rescue
+rescue LoadError
   puts "chefstyle/rubocop is not available."
 end
 

data/lib/mixlib/authentication.rb

@@ -16,12 +16,13 @@
 # limitations under the License.
 #
 
-require "mixlib/log"
-
 module Mixlib
   module Authentication
     DEFAULT_SERVER_API_VERSION = "0"
 
+    attr_accessor :logger
+    module_function :logger, :logger=
+
     class AuthenticationError < StandardError
     end
 
@@ -29,10 +30,17 @@ module Mixlib
     end
 
     class Log
-      extend Mixlib::Log
     end
 
-    Log.level = :error
+    begin
+      require "mixlib/log"
+      Mixlib::Authentication::Log.extend(Mixlib::Log)
+    rescue LoadError
+      require "mixlib/authentication/null_logger"
+      Mixlib::Authentication::Log.extend(Mixlib::Authentication::NullLogger)
+    end
 
+    Mixlib::Authentication.logger = Mixlib::Authentication::Log
+    Mixlib::Authentication.logger.level = :error
   end
 end

data/lib/mixlib/authentication/digester.rb

@@ -27,9 +27,7 @@ module Mixlib
         def hash_file(f, digest = OpenSSL::Digest::SHA1)
           digester = digest.new
           buf = ""
-          while f.read(16384, buf)
-            digester.update buf
-          end
+          digester.update buf while f.read(16384, buf)
           ::Base64.encode64(digester.digest).chomp
         end
 

data/lib/mixlib/authentication/http_authentication_request.rb

@@ -70,7 +70,8 @@ module Mixlib
 
       def request_signature
         unless @request_signature
-          @request_signature = headers.find_all { |h| h[0].to_s =~ /^x_ops_authorization_/ }.sort { |x, y| x.to_s <=> y.to_s }.map { |i| i[1] }.join("\n")
+          @request_signature = headers.find_all { |h| h[0].to_s =~ /^x_ops_authorization_/ }
+            .sort { |x, y| x.to_s[/\d+/].to_i <=> y.to_s[/\d+/].to_i }.map { |i| i[1] }.join("\n")
           Mixlib::Authentication::Log.debug "Reconstituted (user-supplied) request signature: #{@request_signature}"
         end
         @request_signature

data/lib/mixlib/authentication/null_logger.rb

@@ -0,0 +1,24 @@
+module Mixlib
+  module Authentication
+    module NullLogger
+
+      attr_accessor :level
+
+      %i{debug info warn error fatal}.each do |method_name|
+        class_eval(<<-METHOD_DEFN, __FILE__, __LINE__)
+          def #{method_name}(msg=nil, &block)
+            true
+          end
+        METHOD_DEFN
+      end
+
+      %i{debug? info? warn? error? fatal?}.each do |method_name|
+        class_eval(<<-METHOD_DEFN, __FILE__, __LINE__)
+          def #{method_name}
+            false
+          end
+        METHOD_DEFN
+      end
+    end
+  end
+end

data/lib/mixlib/authentication/signatureverification.rb

@@ -76,7 +76,7 @@ module Mixlib
       # X-Ops-Content-Hash:
       # X-Ops-Authorization-#{line_number}
       def authenticate_request(user_secret, time_skew = (15 * 60))
-        Mixlib::Authentication::Log.debug "Initializing header auth : #{request.inspect}"
+        Mixlib::Authentication.logger.debug "Initializing header auth : #{request.inspect}"
 
         @user_secret       = user_secret
         @allowed_time_skew = time_skew # in seconds
@@ -150,14 +150,14 @@ module Mixlib
                            end
 
         # Keep the debug messages lined up so it's easy to scan them
-        Mixlib::Authentication::Log.debug("Verifying request signature:")
-        Mixlib::Authentication::Log.debug(" Expected Block is: '#{candidate_block}'")
-        Mixlib::Authentication::Log.debug("Decrypted block is: '#{request_decrypted_block}'")
-        Mixlib::Authentication::Log.debug("Signatures match? : '#{@valid_signature}'")
+        Mixlib::Authentication.logger.debug("Verifying request signature:")
+        Mixlib::Authentication.logger.debug(" Expected Block is: '#{candidate_block}'")
+        Mixlib::Authentication.logger.debug("Decrypted block is: '#{request_decrypted_block}'")
+        Mixlib::Authentication.logger.debug("Signatures match? : '#{@valid_signature}'")
 
         @valid_signature
       rescue => e
-        Mixlib::Authentication::Log.debug("Failed to verify request signature: #{e.class.name}: #{e.message}")
+        Mixlib::Authentication.logger.debug("Failed to verify request signature: #{e.class.name}: #{e.message}")
         @valid_signature = false
       end
 
@@ -169,9 +169,9 @@ module Mixlib
         @valid_content_hash = (content_hash == hashed_body)
 
         # Keep the debug messages lined up so it's easy to scan them
-        Mixlib::Authentication::Log.debug("Expected content hash is: '#{hashed_body}'")
-        Mixlib::Authentication::Log.debug(" Request Content Hash is: '#{content_hash}'")
-        Mixlib::Authentication::Log.debug("           Hashes match?: #{@valid_content_hash}")
+        Mixlib::Authentication.logger.debug("Expected content hash is: '#{hashed_body}'")
+        Mixlib::Authentication.logger.debug(" Request Content Hash is: '#{content_hash}'")
+        Mixlib::Authentication.logger.debug("           Hashes match?: #{@valid_content_hash}")
 
         @valid_content_hash
       end
@@ -211,11 +211,11 @@ module Mixlib
           # Any file that's included in the request is hashed if it's there. Otherwise,
           # we hash the body.
           if file_param
-            Mixlib::Authentication::Log.debug "Digesting file_param: '#{file_param.inspect}'"
+            Mixlib::Authentication.logger.debug "Digesting file_param: '#{file_param.inspect}'"
             @hashed_body = digester.hash_file(file_param, digest)
           else
             body = request.raw_post
-            Mixlib::Authentication::Log.debug "Digesting body: '#{body}'"
+            Mixlib::Authentication.logger.debug "Digesting body: '#{body}'"
             @hashed_body = digester.hash_string(body, digest)
           end
         end
@@ -232,7 +232,7 @@ module Mixlib
       def timestamp_within_bounds?(time1, time2)
         time_diff = (time2 - time1).abs
         is_allowed = (time_diff < @allowed_time_skew)
-        Mixlib::Authentication::Log.debug "Request time difference: #{time_diff}, within #{@allowed_time_skew} seconds? : #{!!is_allowed}"
+        Mixlib::Authentication.logger.debug "Request time difference: #{time_diff}, within #{@allowed_time_skew} seconds? : #{!!is_allowed}"
         is_allowed
       end
     end

data/lib/mixlib/authentication/signedheaderauth.rb

@@ -115,7 +115,7 @@ module Mixlib
           header_hash[key] = signature_lines[idx]
         end
 
-        Mixlib::Authentication::Log.debug "Header hash: #{header_hash.inspect}"
+        Mixlib::Authentication.logger.debug "Header hash: #{header_hash.inspect}"
 
         header_hash
       end
@@ -166,7 +166,8 @@ module Mixlib
         # Hence, we're going to assume the one that is passed to sign is
         # the correct one and needs to passed through all the functions
         # that do any sort of digest.
-        if @hashed_body_digest != nil && @hashed_body_digest != digest
+        @hashed_body_digest = nil unless defined?(@hashed_body_digest)
+        if !@hashed_body_digest.nil? && @hashed_body_digest != digest
           raise "hashed_body must always be called with the same digest"
         else
           @hashed_body_digest = digest
@@ -176,10 +177,10 @@ module Mixlib
         # TODO: tim 2009-12-28: It'd be nice to just remove this special case,
         # always sign the entire request body, using the expanded multipart
         # body in the case of a file being include.
-        @hashed_body ||= if self.file && self.file.respond_to?(:read)
-                           digester.hash_file(self.file, digest)
+        @hashed_body ||= if file && file.respond_to?(:read)
+                           digester.hash_file(file, digest)
                          else
-                           digester.hash_string(self.body, digest)
+                           digester.hash_string(body, digest)
                          end
       end
 
@@ -235,7 +236,7 @@ module Mixlib
           memo[field_name.to_sym] = field_value.strip
           memo
         end
-        Mixlib::Authentication::Log.debug "Parsed signing description: #{parts.inspect}"
+        Mixlib::Authentication.logger.debug "Parsed signing description: #{parts.inspect}"
         parts
       end
 
@@ -246,7 +247,7 @@ module Mixlib
       # private
       def do_sign(private_key, digest, sign_algorithm, sign_version)
         string_to_sign = canonicalize_request(sign_algorithm, sign_version)
-        Mixlib::Authentication::Log.debug "String to sign: '#{string_to_sign}'"
+        Mixlib::Authentication.logger.debug "String to sign: '#{string_to_sign}'"
         case sign_version
         when "1.3"
           private_key.sign(digest.new, string_to_sign)
@@ -263,18 +264,19 @@ module Mixlib
     # A Struct-based value object that contains the necessary information to
     # generate a request signature. `SignedHeaderAuth.signing_object()`
     # provides a more convenient interface to the constructor.
-    class SigningObject < Struct.new(:http_method, :path, :body, :host,
+    SigningObject = Struct.new(:http_method, :path, :body, :host,
                                      :timestamp, :user_id, :file, :proto_version,
-                                     :headers)
+                                     :headers) do
+
       include SignedHeaderAuth
 
       def proto_version
-        (self[:proto_version] || DEFAULT_PROTO_VERSION).to_s
+        (self[:proto_version] || SignedHeaderAuth::DEFAULT_PROTO_VERSION).to_s
       end
 
       def server_api_version
         key = (self[:headers] || {}).keys.select do |k|
-          k.downcase == "x-ops-server-api-version"
+          k.casecmp("x-ops-server-api-version") == 0
         end.first
         if key
           self[:headers][key]

data/lib/mixlib/authentication/version.rb

@@ -15,6 +15,6 @@
 
 module Mixlib
   module Authentication
-    VERSION = "1.4.1"
+    VERSION = "1.4.2"
   end
 end

data/mixlib-authentication.gemspec

@@ -12,14 +12,11 @@ Gem::Specification.new do |s|
   s.email = "info@chef.io"
   s.homepage = "https://www.chef.io"
 
-  # Uncomment this to add a dependency
-  s.add_dependency "mixlib-log"
-
   s.require_path = "lib"
   s.files = %w{LICENSE README.md Gemfile Rakefile NOTICE} + Dir.glob("*.gemspec") +
     Dir.glob("{lib,spec}/**/*", File::FNM_DOTMATCH).reject { |f| File.directory?(f) }
 
   %w{rspec-core rspec-expectations rspec-mocks}.each { |gem| s.add_development_dependency gem, "~> 3.2" }
   s.add_development_dependency "chefstyle"
-  s.add_development_dependency "rake", "~> 10.4"
+  s.add_development_dependency "rake", "~> 11"
 end

data/spec/mixlib/authentication/digester_spec.rb

@@ -7,14 +7,14 @@ describe Mixlib::Authentication::Digester do
     let(:test_string) { "hello" }
     let(:test_string_checksum) { "qvTGHdzF6KLavt4PO0gs2a6pQ00=" }
 
-    describe '#hash_file' do
+    describe "#hash_file" do
       it "should default to use SHA1" do
         expect(described_class.hash_file(StringIO.new(test_string))).to(
           eq(test_string_checksum))
       end
     end
 
-    describe '#hash_string' do
+    describe "#hash_string" do
       it "should default to use SHA1" do
         expect(described_class.hash_string(test_string)).to(
           eq(test_string_checksum))

data/spec/mixlib/authentication/mixlib_authentication_spec.rb

@@ -63,8 +63,7 @@ class MockFile
 end
 
 # Uncomment this to get some more info from the methods we're testing.
-#Mixlib::Authentication::Log.logger = Logger.new(STDERR)
-#Mixlib::Authentication::Log.level :debug
+#Mixlib::Authentication.logger.level = :debug
 
 describe "Mixlib::Authentication::SignedHeaderAuth" do
 

data/spec/mixlib/authentication/mixlib_log_missing_spec.rb

@@ -0,0 +1,55 @@
+describe "Mixlib::Authentication::Log" do
+  before do
+    Mixlib::Authentication.send(:remove_const, "DEFAULT_SERVER_API_VERSION")
+    Mixlib::Authentication.send(:remove_const, "Log")
+  end
+
+  context "without mixlib-log" do
+    before do
+      @mixlib_path = $LOAD_PATH.find { |p| p.match("mixlib-log") }
+      $LOAD_PATH.reject! { |p| p.match("mixlib-log") }
+
+      load "mixlib/authentication.rb"
+    end
+
+    after do
+      $LOAD_PATH.unshift(@mixlib_path)
+    end
+
+    it "uses MixlibLogMissing" do
+      expect(Mixlib::Authentication::Log.singleton_class.included_modules)
+        .to include(Mixlib::Authentication::NullLogger)
+    end
+
+    it "default log level is :error" do
+      expect(Mixlib::Authentication::Log.level).to eq(:error)
+    end
+
+    %w{debug info warn error fatal}.each do |level|
+      it "logs at level #{level}" do
+        expect(Mixlib::Authentication::Log).to receive(level).with("foo")
+
+        Mixlib::Authentication.logger.send(level, "foo")
+      end
+    end
+  end
+
+  context "with mixlib-log" do
+    before do
+      load "mixlib/authentication.rb"
+    end
+
+    it "uses Mixlib::Log" do
+      expect(Mixlib::Authentication::Log.singleton_class.included_modules)
+        .to include(Mixlib::Log)
+    end
+
+    %w{debug info warn error fatal}.each do |level|
+      it "forward #{level} to mixlib-log" do
+        expect(Mixlib::Authentication::Log.logger).to receive(level).with("foo")
+
+        Mixlib::Authentication.logger.send(level, "foo")
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -18,6 +18,5 @@
 #
 
 $:.unshift File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")) # lib in mixlib-authentication
-$:.unshift File.expand_path(File.join(File.dirname(__FILE__), "..", "..", "mixlib-log", "lib")) # mixlib-log/log
 
 require "rubygems"

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: mixlib-authentication
 version: !ruby/object:Gem::Version
-  version: 1.4.1
+  version: 1.4.2
 platform: ruby
 authors:
 - Chef Software, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-06-08 00:00:00.000000000 Z
+date: 2017-08-17 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: mixlib-log
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec-core
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +72,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.4'
+        version: '11'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.4'
+        version: '11'
 description: Mixes in simple per-request authentication
 email: info@chef.io
 executables: []
@@ -108,6 +94,7 @@ files:
 - lib/mixlib/authentication.rb
 - lib/mixlib/authentication/digester.rb
 - lib/mixlib/authentication/http_authentication_request.rb
+- lib/mixlib/authentication/null_logger.rb
 - lib/mixlib/authentication/signatureverification.rb
 - lib/mixlib/authentication/signedheaderauth.rb
 - lib/mixlib/authentication/version.rb
@@ -115,6 +102,7 @@ files:
 - spec/mixlib/authentication/digester_spec.rb
 - spec/mixlib/authentication/http_authentication_request_spec.rb
 - spec/mixlib/authentication/mixlib_authentication_spec.rb
+- spec/mixlib/authentication/mixlib_log_missing_spec.rb
 - spec/spec_helper.rb
 homepage: https://www.chef.io
 licenses:
@@ -136,7 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 2.6.11
 signing_key: 
 specification_version: 4
 summary: Mixes in simple per-request authentication