RubyGems - pusher - Versions diffs - 1.4.1 → 1.4.2 - Mend

pusher 1.4.1 → 1.4.2

Files changed (8) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7959d744c39cb5d96cd4eccba32dc72c288661b5c4013c7e067671e150cfca99
-  data.tar.gz: 7ebff63e5c0962778fde1e00245c1194304a7ad6c3c2b0f7303cd41bae405ad6
+  metadata.gz: 81a153328f0e5452bcdd87e9cd09339464a26679566f1d14f087fee9a29a69b2
+  data.tar.gz: f5e282e3a9f0d60d441da0ef023073cefa1d4ebd2ada5b7fcb82a258a53c402a
 SHA512:
-  metadata.gz: 94532ecd7bce4bf3c4452f44e9b33b39e813addd7b85b17bad3a594cb47f01f5470b379141c2d1a80fd7778ed086c14760a6e80f1791cceffdd2556c88a73d16
-  data.tar.gz: 5329924d0af3530d62fed7b0470b9a82db6904eb5c48b29d93ceb7556e4559aa8770f627244687ba8b22595624ea02241172ee5e83272c6adc1567714335512b
+  metadata.gz: 87ed04a2e5bd63cfffd67798066dc9d014d119a00f7b6caad6c7d9a0d1a64c0a251c5f5b9706d883025532758e53f9a5d2f34579b555a206bb341182c624f58d
+  data.tar.gz: 7776a1f8477dc5d7d33efb0cb46edd3dfe0d77d7c40d691eb8cb525d71998216eb4fc7832b546fb7c43f7ec1bb1db5db32e169ed1d4d1c2cdd1291d89e9f8b73

data/CHANGELOG.md CHANGED

@@ -1,3 +1,9 @@
+1.4.2 / 2020-10-20
+==================
+  * Return `shared_secret` to support authenticating encrypted channels. Thanks
+    @Benjaminpjacobs
 1.4.1 / 2020-10-05
 ==================

data/lib/pusher/channel.rb CHANGED

@@ -174,6 +174,15 @@ module Pusher
       r
     end
+    def shared_secret(encryption_master_key)
+      return unless encryption_master_key
+      secret_string = @name + encryption_master_key
+      digest = OpenSSL::Digest::SHA256.new
+      digest << secret_string
+      digest.digest
+    end
     private
     def validate_socket_id(socket_id)

data/lib/pusher/client.rb CHANGED

@@ -375,7 +375,13 @@ module Pusher
     #
     def authenticate(channel_name, socket_id, custom_data = nil)
       channel_instance = channel(channel_name)
-      channel_instance.authenticate(socket_id, custom_data)
+      r = channel_instance.authenticate(socket_id, custom_data)
+      if channel_name.match(/^private-encrypted-/)
+        r[:shared_secret] = Base64.strict_encode64(
+          channel_instance.shared_secret(encryption_master_key)
+        )
+      end
+      r
     end
     # @private Construct a net/http http client
@@ -462,7 +468,7 @@ module Pusher
     # Encrypts a message with a key derived from the master key and channel
     # name
-    def encrypt(channel, encoded_data)
+    def encrypt(channel_name, encoded_data)
       raise ConfigurationError, :encryption_master_key unless @encryption_master_key
       # Only now load rbnacl, so that people that aren't using it don't need to
@@ -470,7 +476,7 @@ module Pusher
       require_rbnacl
       secret_box = RbNaCl::SecretBox.new(
-        RbNaCl::Hash.sha256(channel + @encryption_master_key)
+        channel(channel_name).shared_secret(@encryption_master_key)
       )
       nonce = RbNaCl::Random.random_bytes(secret_box.nonce_bytes)

data/lib/pusher/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Pusher
-  VERSION = '1.4.1'
+  VERSION = '1.4.2'
 end

data/spec/channel_spec.rb CHANGED

@@ -167,4 +167,23 @@ describe Pusher::Channel do
       }.to raise_error Pusher::Error
     end
   end
+  describe `#shared_secret` do
+    before(:each) do
+      @channel.instance_variable_set(:@name, 'private-encrypted-1')
+    end
+    it 'should return a shared_secret based on the channel name and encryption master key' do
+      key = '3W1pfB/Etr+ZIlfMWwZP3gz8jEeCt4s2pe6Vpr+2c3M='
+      shared_secret = @channel.shared_secret(key)
+      expect(Base64.strict_encode64(shared_secret)).to eq(
+        "6zeEp/chneRPS1cbK/hGeG860UhHomxSN6hTgzwT20I="
+      )
+    end
+    it 'should return nil if missing encryption master key' do
+      shared_secret = @channel.shared_secret(nil)
+      expect(shared_secret).to be_nil
+    end
+  end
 end

data/spec/client_spec.rb CHANGED

@@ -179,7 +179,7 @@ describe Pusher do
     describe 'can set encryption_master_key_base64' do
       it "sets encryption_master_key" do
         @client.encryption_master_key_base64 =
-          Base64.encode64(encryption_master_key)
+          Base64.strict_encode64(encryption_master_key)
         expect(@client.encryption_master_key).to eq(encryption_master_key)
       end
@@ -191,7 +191,7 @@ describe Pusher do
         @client.key    = '12345678900000001'
         @client.secret = '12345678900000001'
         @client.encryption_master_key_base64 =
-          Base64.encode64(encryption_master_key)
+          Base64.strict_encode64(encryption_master_key)
       end
       describe '#[]' do
@@ -276,6 +276,19 @@ describe Pusher do
           })
         end
+        it 'should include a shared_secret if the private-encrypted channel' do
+          allow(MultiJson).to receive(:encode).with(@custom_data).and_return 'a json string'
+          @client.instance_variable_set(:@encryption_master_key, '3W1pfB/Etr+ZIlfMWwZP3gz8jEeCt4s2pe6Vpr+2c3M=')
+          response = @client.authenticate('private-encrypted-test_channel', '1.1', @custom_data)
+          expect(response).to eq({
+            :auth => "12345678900000001:#{hmac(@client.secret, "1.1:private-encrypted-test_channel:a json string")}",
+            :shared_secret => "o0L3QnIovCeRC8KTD8KBRlmi31dGzHVS2M93uryqDdw=",
+            :channel_data => 'a json string'
+          })
+        end
       end
       describe '#trigger' do

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pusher
 version: !ruby/object:Gem::Version
-  version: 1.4.1
+  version: 1.4.2
 platform: ruby
 authors:
 - Pusher
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-10-05 00:00:00.000000000 Z
+date: 2020-10-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: multi_json