openstax_api 8.1.1 → 8.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,78 @@
1
+ # coding: utf-8
2
+ require 'rails_helper'
3
+
4
+ module OpenStax
5
+ module Api
6
+ describe Params do
7
+
8
+ let(:params) { {a: '1', b: 2, c: nil, d: '', e: '♥', f: true} }
9
+ let(:signed) { described_class.sign(params: params, secret: 'secret') }
10
+
11
+ it 'disallows blank secrets' do
12
+ expect{
13
+ described_class.sign(params: {}, secret: nil)
14
+ }.to raise_error(StandardError)
15
+ end
16
+
17
+ it 'signs and verifies' do
18
+ expect(signed[:timestamp]).not_to be_blank
19
+ expect(signed[:signature]).not_to be_blank
20
+
21
+ expect(
22
+ described_class.signature_and_timestamp_valid?(params: signed, secret: 'secret')
23
+ ).to eq true
24
+ end
25
+
26
+ it 'does not verify is signature does not match' do
27
+ signed[:signature] += "a"
28
+ expect(
29
+ described_class.signature_and_timestamp_valid?(params: signed, secret: 'secret')
30
+ ).to eq false
31
+ end
32
+
33
+ it 'does not verify if signature blank' do
34
+ signed[:signature] = " "
35
+ expect(
36
+ described_class.signature_and_timestamp_valid?(params: signed, secret: 'secret')
37
+ ).to eq false
38
+ end
39
+
40
+ describe "altered params" do
41
+
42
+ it 'rejects additions' do
43
+ expect(
44
+ described_class.signature_and_timestamp_valid?(
45
+ params: signed.merge(evil: 'yes'),
46
+ secret: 'secret')
47
+ ).to eq false
48
+ end
49
+
50
+ it 'rejects alterations' do
51
+ expect(
52
+ described_class.signature_and_timestamp_valid?(
53
+ params: signed.merge(b: 10000),
54
+ secret: 'secret')
55
+ ).to eq false
56
+ end
57
+
58
+ it 'rejects deletions' do
59
+ expect(
60
+ described_class.signature_and_timestamp_valid?(
61
+ params: signed.except(:a),
62
+ secret: 'secret')
63
+ ).to eq false
64
+ end
65
+
66
+ end
67
+
68
+ it 'does not verify if timestamp too long ago' do
69
+ expect(
70
+ described_class.signature_and_timestamp_valid?(params: signed,
71
+ secret: 'secret',
72
+ timestamp_window_width: 0.minutes)
73
+ ).to eq false
74
+ end
75
+
76
+ end
77
+ end
78
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: openstax_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 8.1.1
4
+ version: 8.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dante Soares
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2017-01-13 00:00:00.000000000 Z
12
+ date: 2017-09-13 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
@@ -247,6 +247,20 @@ dependencies:
247
247
  - - ">="
248
248
  - !ruby/object:Gem::Version
249
249
  version: '0'
250
+ - !ruby/object:Gem::Dependency
251
+ name: byebug
252
+ requirement: !ruby/object:Gem::Requirement
253
+ requirements:
254
+ - - ">="
255
+ - !ruby/object:Gem::Version
256
+ version: '0'
257
+ type: :development
258
+ prerelease: false
259
+ version_requirements: !ruby/object:Gem::Requirement
260
+ requirements:
261
+ - - ">="
262
+ - !ruby/object:Gem::Version
263
+ version: '0'
250
264
  description: Provides models, controllers and libraries that help OpenStax products
251
265
  define API's for user applications.
252
266
  email:
@@ -267,6 +281,7 @@ files:
267
281
  - lib/openstax/api/constraints.rb
268
282
  - lib/openstax/api/doorkeeper_application_includes.rb
269
283
  - lib/openstax/api/engine.rb
284
+ - lib/openstax/api/params.rb
270
285
  - lib/openstax/api/representable_schema_printer.rb
271
286
  - lib/openstax/api/responder_with_put_patch_delete_content.rb
272
287
  - lib/openstax/api/roar.rb
@@ -324,6 +339,7 @@ files:
324
339
  - spec/lib/openstax/api/apipie_spec.rb
325
340
  - spec/lib/openstax/api/constraints_spec.rb
326
341
  - spec/lib/openstax/api/doorkeeper_application_includes_spec.rb
342
+ - spec/lib/openstax/api/params_spec.rb
327
343
  - spec/lib/openstax/api/representable_schema_printer_spec.rb
328
344
  - spec/lib/openstax/api/roar_spec.rb
329
345
  - spec/lib/openstax/api/routing_mapper_includes_spec.rb
@@ -352,7 +368,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
352
368
  version: '0'
353
369
  requirements: []
354
370
  rubyforge_project:
355
- rubygems_version: 2.6.6
371
+ rubygems_version: 2.4.5.1
356
372
  signing_key:
357
373
  specification_version: 4
358
374
  summary: API utilities for OpenStax products and tools.
@@ -407,6 +423,7 @@ test_files:
407
423
  - spec/lib/openstax/api/apipie_spec.rb
408
424
  - spec/lib/openstax/api/constraints_spec.rb
409
425
  - spec/lib/openstax/api/doorkeeper_application_includes_spec.rb
426
+ - spec/lib/openstax/api/params_spec.rb
410
427
  - spec/lib/openstax/api/representable_schema_printer_spec.rb
411
428
  - spec/lib/openstax/api/roar_spec.rb
412
429
  - spec/lib/openstax/api/routing_mapper_includes_spec.rb