pusher 1.4.1 → 1.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7959d744c39cb5d96cd4eccba32dc72c288661b5c4013c7e067671e150cfca99
4
- data.tar.gz: 7ebff63e5c0962778fde1e00245c1194304a7ad6c3c2b0f7303cd41bae405ad6
3
+ metadata.gz: 81a153328f0e5452bcdd87e9cd09339464a26679566f1d14f087fee9a29a69b2
4
+ data.tar.gz: f5e282e3a9f0d60d441da0ef023073cefa1d4ebd2ada5b7fcb82a258a53c402a
5
5
  SHA512:
6
- metadata.gz: 94532ecd7bce4bf3c4452f44e9b33b39e813addd7b85b17bad3a594cb47f01f5470b379141c2d1a80fd7778ed086c14760a6e80f1791cceffdd2556c88a73d16
7
- data.tar.gz: 5329924d0af3530d62fed7b0470b9a82db6904eb5c48b29d93ceb7556e4559aa8770f627244687ba8b22595624ea02241172ee5e83272c6adc1567714335512b
6
+ metadata.gz: 87ed04a2e5bd63cfffd67798066dc9d014d119a00f7b6caad6c7d9a0d1a64c0a251c5f5b9706d883025532758e53f9a5d2f34579b555a206bb341182c624f58d
7
+ data.tar.gz: 7776a1f8477dc5d7d33efb0cb46edd3dfe0d77d7c40d691eb8cb525d71998216eb4fc7832b546fb7c43f7ec1bb1db5db32e169ed1d4d1c2cdd1291d89e9f8b73
@@ -1,3 +1,9 @@
1
+ 1.4.2 / 2020-10-20
2
+ ==================
3
+
4
+ * Return `shared_secret` to support authenticating encrypted channels. Thanks
5
+ @Benjaminpjacobs
6
+
1
7
  1.4.1 / 2020-10-05
2
8
  ==================
3
9
 
@@ -174,6 +174,15 @@ module Pusher
174
174
  r
175
175
  end
176
176
 
177
+ def shared_secret(encryption_master_key)
178
+ return unless encryption_master_key
179
+
180
+ secret_string = @name + encryption_master_key
181
+ digest = OpenSSL::Digest::SHA256.new
182
+ digest << secret_string
183
+ digest.digest
184
+ end
185
+
177
186
  private
178
187
 
179
188
  def validate_socket_id(socket_id)
@@ -375,7 +375,13 @@ module Pusher
375
375
  #
376
376
  def authenticate(channel_name, socket_id, custom_data = nil)
377
377
  channel_instance = channel(channel_name)
378
- channel_instance.authenticate(socket_id, custom_data)
378
+ r = channel_instance.authenticate(socket_id, custom_data)
379
+ if channel_name.match(/^private-encrypted-/)
380
+ r[:shared_secret] = Base64.strict_encode64(
381
+ channel_instance.shared_secret(encryption_master_key)
382
+ )
383
+ end
384
+ r
379
385
  end
380
386
 
381
387
  # @private Construct a net/http http client
@@ -462,7 +468,7 @@ module Pusher
462
468
 
463
469
  # Encrypts a message with a key derived from the master key and channel
464
470
  # name
465
- def encrypt(channel, encoded_data)
471
+ def encrypt(channel_name, encoded_data)
466
472
  raise ConfigurationError, :encryption_master_key unless @encryption_master_key
467
473
 
468
474
  # Only now load rbnacl, so that people that aren't using it don't need to
@@ -470,7 +476,7 @@ module Pusher
470
476
  require_rbnacl
471
477
 
472
478
  secret_box = RbNaCl::SecretBox.new(
473
- RbNaCl::Hash.sha256(channel + @encryption_master_key)
479
+ channel(channel_name).shared_secret(@encryption_master_key)
474
480
  )
475
481
 
476
482
  nonce = RbNaCl::Random.random_bytes(secret_box.nonce_bytes)
@@ -1,3 +1,3 @@
1
1
  module Pusher
2
- VERSION = '1.4.1'
2
+ VERSION = '1.4.2'
3
3
  end
@@ -167,4 +167,23 @@ describe Pusher::Channel do
167
167
  }.to raise_error Pusher::Error
168
168
  end
169
169
  end
170
+
171
+ describe `#shared_secret` do
172
+ before(:each) do
173
+ @channel.instance_variable_set(:@name, 'private-encrypted-1')
174
+ end
175
+
176
+ it 'should return a shared_secret based on the channel name and encryption master key' do
177
+ key = '3W1pfB/Etr+ZIlfMWwZP3gz8jEeCt4s2pe6Vpr+2c3M='
178
+ shared_secret = @channel.shared_secret(key)
179
+ expect(Base64.strict_encode64(shared_secret)).to eq(
180
+ "6zeEp/chneRPS1cbK/hGeG860UhHomxSN6hTgzwT20I="
181
+ )
182
+ end
183
+
184
+ it 'should return nil if missing encryption master key' do
185
+ shared_secret = @channel.shared_secret(nil)
186
+ expect(shared_secret).to be_nil
187
+ end
188
+ end
170
189
  end
@@ -179,7 +179,7 @@ describe Pusher do
179
179
  describe 'can set encryption_master_key_base64' do
180
180
  it "sets encryption_master_key" do
181
181
  @client.encryption_master_key_base64 =
182
- Base64.encode64(encryption_master_key)
182
+ Base64.strict_encode64(encryption_master_key)
183
183
 
184
184
  expect(@client.encryption_master_key).to eq(encryption_master_key)
185
185
  end
@@ -191,7 +191,7 @@ describe Pusher do
191
191
  @client.key = '12345678900000001'
192
192
  @client.secret = '12345678900000001'
193
193
  @client.encryption_master_key_base64 =
194
- Base64.encode64(encryption_master_key)
194
+ Base64.strict_encode64(encryption_master_key)
195
195
  end
196
196
 
197
197
  describe '#[]' do
@@ -276,6 +276,19 @@ describe Pusher do
276
276
  })
277
277
  end
278
278
 
279
+ it 'should include a shared_secret if the private-encrypted channel' do
280
+ allow(MultiJson).to receive(:encode).with(@custom_data).and_return 'a json string'
281
+ @client.instance_variable_set(:@encryption_master_key, '3W1pfB/Etr+ZIlfMWwZP3gz8jEeCt4s2pe6Vpr+2c3M=')
282
+
283
+ response = @client.authenticate('private-encrypted-test_channel', '1.1', @custom_data)
284
+
285
+ expect(response).to eq({
286
+ :auth => "12345678900000001:#{hmac(@client.secret, "1.1:private-encrypted-test_channel:a json string")}",
287
+ :shared_secret => "o0L3QnIovCeRC8KTD8KBRlmi31dGzHVS2M93uryqDdw=",
288
+ :channel_data => 'a json string'
289
+ })
290
+ end
291
+
279
292
  end
280
293
 
281
294
  describe '#trigger' do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pusher
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.1
4
+ version: 1.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pusher
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-05 00:00:00.000000000 Z
11
+ date: 2020-10-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: multi_json