pandexio 0.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: d09ed0b91e468d7feba7093a009224a310e77766
+  data.tar.gz: ac4d71c496c6769bc4b95a0e7514597ef3c0df7a
+SHA512:
+  metadata.gz: 48d13f7f4055315ad4ff67efd8d6ceecbe83355f1acf27ba695af5618389902c67ba606d6018d9bcbcc0fed9847c1352aa62b687c431916fb31b823cde364174
+  data.tar.gz: 44d1a250babf03e9083bcac1f2f53b73477879563d056b0ef2c9d062aea05b5707d4f598c9c89ac069b85c10404ceb7eaa608d2246a829ef831d7585b7a27592

data/lib/module.rb

@@ -0,0 +1,151 @@
+require 'time'
+require 'stringio'
+require 'digest/hmac'
+require_relative 'request.rb'
+require_relative 'signing_algorithms.rb'
+require_relative 'signing_attributes.rb'
+require_relative 'signing_mechanisms.rb'
+require_relative 'signing_options.rb'
+
+module Pandexio
+
+  LINE_BREAK = "\r\n"
+  private_constant :LINE_BREAK
+  
+  private
+
+  def self.ordinal_key_value_sort(a, b)
+
+    a_codepoints, b_codepoints = a[0].codepoints, b[0].codepoints
+
+    max_i = [a_codepoints.size, b_codepoints.size].min
+
+    for i in 0..max_i
+      a_codepoint = a_codepoints[i]
+      b_codepoint = b_codepoints[i]
+      return -1 if a_codepoint < b_codepoint
+      return 1 if a_codepoint > b_codepoint
+    end
+
+    return 0
+
+  end
+
+  def self.build_canonical_query_string(query_parameters)
+
+    temp_query_parameters = query_parameters.dup
+
+    query_sort = ->(a,b) { ordinal_key_value_sort(a, b) }
+    temp_query_parameters = temp_query_parameters.sort(&query_sort)
+
+    canonical_query_string = StringIO.new
+
+    temp_query_parameters.each do |key, value|
+      next if key == SigningAttributes::ALGORITHM || key == SigningAttributes::CREDENTIAL || key == SigningAttributes::SIGNED_HEADERS || key == SigningAttributes::SIGNATURE
+      canonical_query_string << "&" if canonical_query_string.length > 0
+      canonical_query_string << "#{key}=#{value}"
+    end
+
+    return canonical_query_string.string
+
+  end
+
+  def self.build_canonical_headers(headers)
+
+    temp_headers = {}
+
+    headers.each do |key, value|
+      next if key == SigningAttributes::AUTHORIZATION
+      temp_headers[key.downcase.strip] = value
+    end
+
+    header_sort = ->(a,b) { ordinal_key_value_sort(a, b) }
+    temp_headers = temp_headers.sort(&header_sort)
+
+    canonical_headers, signed_headers = StringIO.new, StringIO.new
+
+    temp_headers.each do |key, value|
+      next if key == SigningAttributes::AUTHORIZATION
+      canonical_headers << LINE_BREAK if canonical_headers.length > 0
+      canonical_headers << "#{key}:#{value}"
+      signed_headers << ";" if signed_headers.length > 0
+      signed_headers << "#{key}"
+    end
+
+    return canonical_headers.string, signed_headers.string
+
+  end
+
+  def self.build_canonical_payload(payload, digest)
+    return digest.hexdigest(payload)
+  end
+
+  def self.build_canonical_request(request, digest)
+    canonical_query_string = build_canonical_query_string(request.query_parameters)
+    canonical_headers, signed_headers = build_canonical_headers(request.headers)
+    canonical_payload = build_canonical_payload(request.payload, digest)
+    canonical_request = "#{request.method}#{LINE_BREAK}#{request.path}#{LINE_BREAK}#{canonical_query_string}#{LINE_BREAK}#{canonical_headers}#{LINE_BREAK}#{signed_headers}#{LINE_BREAK}#{canonical_payload}"
+    return canonical_request, signed_headers
+  end
+
+  def self.build_string_to_sign(canonical_request, signing_options)
+    return "#{signing_options.algorithm}#{LINE_BREAK}#{signing_options.date.iso8601}#{LINE_BREAK}#{canonical_request}"
+  end
+
+  def self.generate_signature(string_to_sign, signing_options, digest)
+    return Digest::HMAC.hexdigest(string_to_sign, signing_options.domain_key, digest)
+  end
+
+  public
+
+  def self.to_authorized_request(normalized_request, signing_options)
+
+    raise ArgumentError, 'normalized_request must be of type Pandexio::Request and cannot be nil' unless !normalized_request.nil? && normalized_request.is_a?(Request)
+    raise ArgumentError, 'normalized_request.query_parameters must be of type Hash and cannot be nil' unless !normalized_request.query_parameters.nil? && normalized_request.query_parameters.is_a?(Hash)
+    raise ArgumentError, 'normalized_request.headers must be of type Hash and cannot be nil' unless !normalized_request.headers.nil? && normalized_request.headers.is_a?(Hash)
+
+    raise ArgumentError, 'signing_options must be of type Pandexio::SigningOptions cannot be nil' unless !signing_options.nil? && signing_options.is_a?(SigningOptions)
+    raise ArgumentError, 'signing_options.domain_id must be of type String and cannot be nil or empty' unless !signing_options.domain_id.nil? && signing_options.domain_id.is_a?(String) && !signing_options.domain_id.empty?
+    raise ArgumentError, 'signing_options.domain_key must be of type String and cannot be nil or empty' unless !signing_options.domain_key.nil? && signing_options.domain_key.is_a?(String) && !signing_options.domain_key.empty?
+    raise ArgumentError, 'signing_options.algorithm must be of type String and cannot be nil or empty' unless SigningAlgorithms.is_v(signing_options.algorithm)
+    raise ArgumentError, 'signing_options.mechanism must be a valid signing mechanism' unless SigningMechanisms.is_v(signing_options.mechanism)
+    raise ArgumentError, 'signing_options.date must be of type Time and cannot be nil' unless !signing_options.date.nil? && signing_options.date.is_a?(Time)
+    raise ArgumentError, 'signing_options.expires must be of type Fixnum and cannot be nil or empty' unless !signing_options.expires.nil? && signing_options.expires.is_a?(Fixnum) && signing_options.expires > 0
+    raise ArgumentError, 'signing_options.originator must be of type String and cannot be nil or empty' unless !signing_options.originator.nil? && signing_options.originator.is_a?(String)  && !signing_options.originator.empty?
+    raise ArgumentError, 'signing_options.email_address must be of type String and cannot be nil or empty' unless !signing_options.email_address.nil? && signing_options.email_address.is_a?(String)  && !signing_options.email_address.empty?
+    raise ArgumentError, 'signing_options.display_name must be of type String and cannot be nil or empty' unless !signing_options.display_name.nil? && signing_options.display_name.is_a?(String)  && !signing_options.display_name.empty?
+
+    authorized_request = normalized_request.dup
+
+    append = -> (p) do
+      p[SigningAttributes::DATE] = signing_options.date.iso8601
+      p[SigningAttributes::EXPIRES] = signing_options.expires
+      p[SigningAttributes::ORIGINATOR] = signing_options.originator
+      p[SigningAttributes::EMAIL_ADDRESS] = signing_options.email_address
+      p[SigningAttributes::DISPLAY_NAME] = signing_options.display_name
+      p[SigningAttributes::THUMBNAIL] = signing_options.thumbnail if !signing_options.thumbnail.nil? && signing_options.thumbnail.is_a?(String) && !signing_options.thumbnail.empty?
+    end
+
+    append.call(
+      signing_options.mechanism == SigningMechanisms::QUERY_STRING ? authorized_request.query_parameters :
+      signing_options.mechanism == SigningMechanisms::HEADER ? authorized_request.headers : {})
+    
+    digest = SigningAlgorithms.to_d(signing_options.algorithm)
+    canonical_request, signed_headers = build_canonical_request(authorized_request, digest)
+    string_to_sign = build_string_to_sign(canonical_request, signing_options)
+    signature = generate_signature(string_to_sign, signing_options, digest)
+
+    if signing_options.mechanism == SigningMechanisms::QUERY_STRING
+      authorized_request.query_parameters[SigningAttributes::ALGORITHM] = signing_options.algorithm
+      authorized_request.query_parameters[SigningAttributes::CREDENTIAL] = signing_options.domain_id
+      authorized_request.query_parameters[SigningAttributes::SIGNED_HEADERS] = signed_headers
+      authorized_request.query_parameters[SigningAttributes::SIGNATURE] = signature
+    elsif signing_options.mechanism == SigningMechanisms::HEADER
+      authorized_request.headers[SigningAttributes::AUTHORIZATION] = "#{signing_options.algorithm} Credential=#{signing_options.domain_id}, SignedHeaders=#{signed_headers}, Signature=#{signature}"
+    end
+
+    return authorized_request
+
+  end
+
+end

data/lib/request.rb

@@ -0,0 +1,25 @@
+module Pandexio
+
+  class Request
+
+    def initialize(params = {})
+      @method = params.fetch(:method, nil)
+      @path = params.fetch(:path, nil)
+      @query_parameters = params.fetch(:query_parameters, {})
+      @headers = params.fetch(:headers, {})
+      @payload = params.fetch(:payload, nil)
+    end
+
+    attr_accessor :method
+    attr_accessor :path
+    attr_accessor :query_parameters
+    attr_accessor :headers
+    attr_accessor :payload
+
+    def to_s
+      "#{@method} #{@path}#{LINE_BREAK}query_parameters: #{query_parameters}#{LINE_BREAK}headers: #{headers}#{LINE_BREAK}payload: #{payload}"
+    end
+
+  end
+
+end

data/lib/signing_algorithms.rb

@@ -0,0 +1,37 @@
+module Pandexio
+
+  class SigningAlgorithms
+
+    PDX_HMAC_MD5 = "PDX-HMAC-MD5"
+    PDX_HMAC_SHA1 = "PDX-HMAC-SHA1"
+    PDX_HMAC_SHA256 = "PDX-HMAC-SHA256"
+    PDX_HMAC_SHA384 = "PDX-HMAC-SHA384"
+    PDX_HMAC_SHA512 = "PDX-HMAC-SHA512"
+
+    def self.is_v(a)
+
+	  return !a.nil? && a.is_a?(String) &&
+		(a == PDX_HMAC_MD5 ||
+		a == PDX_HMAC_SHA1 ||
+		a == PDX_HMAC_SHA256 ||
+		a == PDX_HMAC_SHA384 ||
+		a == PDX_HMAC_SHA512)
+
+    end
+
+    def self.to_d(a)
+
+	  return case a
+        when SigningAlgorithms::PDX_HMAC_MD5; Digest::MD5
+        when SigningAlgorithms::PDX_HMAC_SHA1; Digest::SHA1
+        when SigningAlgorithms::PDX_HMAC_SHA256; Digest::SHA256
+        when SigningAlgorithms::PDX_HMAC_SHA384; Digest::SHA384
+        when SigningAlgorithms::PDX_HMAC_SHA512; Digest::SHA512
+        else raise 'Invalid signing algorithm'
+        end
+
+    end
+
+  end
+
+end

data/lib/signing_attributes.rb

@@ -0,0 +1,22 @@
+module Pandexio
+
+  class SigningAttributes
+    # Used by "headers" only
+    AUTHORIZATION = "Authorization"
+
+    # Used by "query_parameters" only
+    ALGORITHM = "X-Pdx-Algorithm"
+    CREDENTIAL = "X-Pdx-Credential"
+    SIGNED_HEADERS = "X-Pdx-SignedHeaders"
+    SIGNATURE = "X-Pdx-Signature"
+
+    # Used by "headers" and "query_parameters"
+    DATE = "X-Pdx-Date"
+    EXPIRES = "X-Pdx-Expires"
+    ORIGINATOR = "X-Pdx-Originator"
+    EMAIL_ADDRESS = "X-Pdx-EmailAddress"
+    DISPLAY_NAME = "X-Pdx-DisplayName"
+    THUMBNAIL = "X-Pdx-Thumbnail"
+  end
+
+end

data/lib/signing_mechanisms.rb

@@ -0,0 +1,17 @@
+module Pandexio
+
+  class SigningMechanisms
+
+    QUERY_STRING = "QueryString"
+    HEADER = "Header"
+
+    def self.is_v(m)
+
+      return !m.nil? && m.is_a?(String) &&
+        (m == QUERY_STRING || m == HEADER)
+
+    end
+
+  end
+
+end

data/lib/signing_options.rb

@@ -0,0 +1,30 @@
+module Pandexio
+
+  class SigningOptions
+    def initialize(params = {})
+      @algorithm = params.fetch(:algorithm, nil)
+      @mechanism = params.fetch(:mechanism, nil)
+      @domain_id = params.fetch(:domain_id, nil)
+      @domain_key = params.fetch(:domain_key, nil)
+      @date = params.fetch(:date, nil)
+      @expires = params.fetch(:expires, nil)
+      @originator = params.fetch(:originator, nil)
+      @email_address = params.fetch(:email_address, nil)
+      @display_name = params.fetch(:display_name, nil)
+      @thumbnail = params.fetch(:thumbnail, nil)
+    end
+
+    attr_accessor :algorithm
+    attr_accessor :mechanism
+    attr_accessor :domain_id
+    attr_accessor :domain_key
+    attr_accessor :date
+    attr_accessor :expires
+    attr_accessor :originator
+    attr_accessor :email_address
+    attr_accessor :display_name
+    attr_accessor :thumbnail
+
+  end
+
+end

data/test/test_header_signing.rb

@@ -0,0 +1,35 @@
+require 'minitest/autorun'
+require_relative '../lib/module.rb'
+
+describe Pandexio do
+  before do
+    normalized_request = Pandexio::Request.new(
+      :method => "PUT",
+      :path => "/asdf/qwer/1234/title",
+      :query_parameters => { "nonce" => "987654321", "Baseline" => "5" },
+      :headers => { "sample" => "example", "Host" => "localhost" },
+      :payload => "testing")
+
+    date = Time.utc(2014, 11, 21, 13, 43, 15)
+
+    signing_options = Pandexio::SigningOptions.new(
+      :algorithm => Pandexio::SigningAlgorithms::PDX_HMAC_SHA256,
+      :mechanism => Pandexio::SigningMechanisms::HEADER,
+      :domain_id => "1234567890",
+      :domain_key => "asdfjklqwerzxcv",
+      :date => date,
+      :expires => 90,
+      :originator => "HeaderSigningTest",
+      :email_address => "Anonymous",
+      :display_name => "Anonymous")
+
+    @authorized_request = Pandexio::to_authorized_request(normalized_request, signing_options)
+    @authorized_request = Pandexio::to_authorized_request(normalized_request, signing_options)
+  end
+
+  describe "#header_signing" do
+    it "returns the correct authorization header" do
+      @authorized_request.headers["Authorization"].must_equal "PDX-HMAC-SHA256 Credential=1234567890, SignedHeaders=host;sample;x-pdx-date;x-pdx-displayname;x-pdx-emailaddress;x-pdx-expires;x-pdx-originator, Signature=a2e3dbc31b712bec6071dc7c5770bc60d4b03afa20e8329e6f4f6a2d74d32709"
+    end
+  end
+end

data/test/test_query_string_signing.rb

@@ -0,0 +1,44 @@
+require 'minitest/autorun'
+require_relative '../lib/module.rb'
+
+describe Pandexio do
+  before do
+    normalized_request = Pandexio::Request.new(
+      :method => "PUT",
+      :path => "/asdf/qwer/1234/title",
+      :query_parameters => { "nonce" => "987654321", "Baseline" => "5" },
+      :headers => { "sample" => "example", "Host" => "localhost" },
+      :payload => "testing")
+
+    date = Time.utc(2014, 11, 21, 13, 43, 15)
+
+    signing_options = Pandexio::SigningOptions.new(
+      :algorithm => Pandexio::SigningAlgorithms::PDX_HMAC_SHA256,
+      :mechanism => Pandexio::SigningMechanisms::QUERY_STRING,
+      :domain_id => "1234567890",
+      :domain_key => "asdfjklqwerzxcv",
+      :date => date,
+      :expires => 90,
+      :originator => "QueryStringSigningTest",
+      :email_address => "Anonymous",
+      :display_name => "Anonymous")
+
+    @authorized_request = Pandexio::to_authorized_request(normalized_request, signing_options)
+    @authorized_request = Pandexio::to_authorized_request(normalized_request, signing_options)
+  end
+
+  describe "#query_string_signing" do
+    it "returns the correct algorithm as a query parameter" do
+      @authorized_request.query_parameters["X-Pdx-Algorithm"].must_equal "PDX-HMAC-SHA256"
+    end
+    it "returns the correct credential as a query parameter" do
+      @authorized_request.query_parameters["X-Pdx-Credential"].must_equal "1234567890"
+    end
+    it "returns the correct signed_headers value as a query parameter" do
+      @authorized_request.query_parameters["X-Pdx-SignedHeaders"].must_equal "host;sample"
+    end
+    it "returns the correct signature as a query parameter" do
+      @authorized_request.query_parameters["X-Pdx-Signature"].must_equal "6ab83c6a331ba2d684d2557f1e415f3aee86bee105da1f5ad1bc4cc1cdf42f1a"
+    end
+  end
+end

metadata

@@ -0,0 +1,51 @@
+--- !ruby/object:Gem::Specification
+name: pandexio
+version: !ruby/object:Gem::Version
+  version: 0.0.0
+platform: ruby
+authors:
+- Brandon Varilone
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-06-10 00:00:00.000000000 Z
+dependencies: []
+description: Pandexio SDK for Ruby
+email: bvarilone@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/module.rb
+- lib/request.rb
+- lib/signing_algorithms.rb
+- lib/signing_attributes.rb
+- lib/signing_mechanisms.rb
+- lib/signing_options.rb
+- test/test_header_signing.rb
+- test/test_query_string_signing.rb
+homepage: http://rubygems.org/gems/pandexio
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.4
+signing_key: 
+specification_version: 4
+summary: ''
+test_files: []