pwned 1.2.1 → 2.0.0

data/docs/frames.html

@@ -2,7 +2,7 @@
 <html>
 <head>
   <meta charset="utf-8">
-	<title>Documentation by YARD 0.9.12</title>
+	<title>Documentation by YARD 0.9.20</title>
 </head>
 <script type="text/javascript" charset="utf-8">
   var match = unescape(window.location.hash).match(/^#!(.+)/);

data/docs/index.html

@@ -6,7 +6,7 @@
 <title>
   File: README
   
-    &mdash; Documentation by YARD 0.9.12
+    &mdash; Documentation by YARD 0.9.20
   
 </title>
 
@@ -74,6 +74,33 @@ src="https://inch-ci.org/github/philnash/pwned.svg?branch=master"></a></p>
 <p><a href="https://philnash.github.io/pwned/">API docs</a> | <a
 href="https://github.com/philnash/pwned">GitHub repo</a></p>
 
+<h2 id="label-Table+of+Contents">Table of Contents</h2>
+<ul><li>
+<p><a href="#about">About</a></p>
+</li><li>
+<p><a href="#installation">Installation</a></p>
+</li><li>
+<p><a href="#usage">Usage</a></p>
+</li><li>
+<p><a href="#plain-ruby">Plain Ruby</a></p>
+</li><li>
+<p><a href="#activerecord-validator">Rails (ActiveRecord)</a></p>
+</li><li>
+<p><a href="#devise">Devise</a></p>
+</li><li>
+<p><a href="#command-line">Command line</a></p>
+</li><li>
+<p><a href="#how-pwned-is-pi">How Pwned is Pi?</a></p>
+</li><li>
+<p><a href="#development">Development</a></p>
+</li><li>
+<p><a href="#contributing">Contributing</a></p>
+</li><li>
+<p><a href="#license">License</a></p>
+</li><li>
+<p><a href="#code-of-conduct">Code of Conduct</a></p>
+</li></ul>
+
 <h2 id="label-About">About</h2>
 
 <p>Troy Hunt&#39;s <a
@@ -93,6 +120,11 @@ API, please check <a
 href="https://haveibeenpwned.com/API/v2#AcceptableUse">the acceptable uses
 and license of the API</a>.</p>
 
+<p>Here is a blog post I wrote on <a
+href="https://www.twilio.com/blog/2018/03/better-passwords-in-ruby-applications-pwned-passwords-api.html">how
+to use this gem in your Ruby applications to make your users’ passwords
+better</a>.</p>
+
 <h2 id="label-Installation">Installation</h2>
 
 <p>Add this line to your application&#39;s Gemfile:</p>
@@ -112,6 +144,17 @@ and license of the API</a>.</p>
 
 <h2 id="label-Usage">Usage</h2>
 
+<p>There are a few ways you can use this gem:</p>
+<ol><li>
+<p><a href="#plain-ruby">Plain Ruby</a></p>
+</li><li>
+<p><a href="#activerecord-validator">Rails</a></p>
+</li><li>
+<p><a href="#devise">Rails and Devise</a></p>
+</li></ol>
+
+<h3 id="label-Plain+Ruby">Plain Ruby</h3>
+
 <p>To test a password against the API, instantiate a
 <code>Pwned::Password</code> object and then ask if it is
 <code>pwned?</code>.</p>
@@ -154,12 +197,14 @@ been pwned, or how many times it was pwned:</p>
 
 <h4 id="label-Advanced">Advanced</h4>
 
-<p>You can set options and headers to be used with <code>open-uri</code> when
-making the request to the API. HTTP headers must be string keys and the <a
-href="https://ruby-doc.org/stdlib-2.5.0/libdoc/open-uri/rdoc/OpenURI/OpenRead.html#method-i-open">other
-options are available in the OpenURI::OpenRead module</a>.</p>
+<p>You can set http request options to be used with
+<code>Net::HTTP.start</code> when making the request to the API. These
+options are documented in the <a
+href="http://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start">Net::HTTP.start
+documentation</a>. The <code>:headers</code> option defines defines HTTP
+headers. These headers must be string keys.</p>
 
-<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>password</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Super fun new user agent</span><span class='tstring_end'>&#39;</span></span> <span class='rbrace'>}</span><span class='rparen'>)</span>
+<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>password</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='label'>headers:</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Super fun new user agent</span><span class='tstring_end'>&#39;</span></span> <span class='rbrace'>}</span><span class='comma'>,</span> <span class='label'>read_timeout:</span> <span class='int'>10</span><span class='rparen'>)</span>
 </code></pre>
 
 <h3 id="label-ActiveRecord+Validator">ActiveRecord Validator</h3>
@@ -198,7 +243,7 @@ whether the <code>pwned_count</code> is greater than the threshold.</p>
 <span class='kw'>end</span>
 </code></pre>
 
-<h4 id="label-Network+Errors+Handling">Network Errors Handling</h4>
+<h4 id="label-Network+Error+Handling">Network Error Handling</h4>
 
 <p>By default the record will be treated as valid when we cannot reach the <a
 href="https://haveibeenpwned.com/">haveibeenpwned.com</a> servers. This can
@@ -233,19 +278,104 @@ be changed with the <code>:on_error</code> validator parameter:</p>
 
 <p>You can configure network requests made from the validator using
 <code>:request_options</code> (see <a
-href="http://ruby-doc.org/stdlib-2.5.0/libdoc/open-uri/rdoc/OpenURI/OpenRead.html#method-i-open">OpenURI::OpenRead#open</a>
-for the list of available options, string keys represent custom network
-request headers, e.g. <code>&quot;User-Agent&quot;</code>):</p>
+href="http://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start">Net::HTTP.start</a>
+for the list of available options). In addition to these options, HTTP
+headers can be specified with the <code>:headers</code> key, e.g.
+<code>&quot;User-Agent&quot;</code>):</p>
 
 <pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span>
-    <span class='label'>request_options:</span> <span class='lbrace'>{</span> <span class='label'>read_timeout:</span> <span class='int'>5</span><span class='comma'>,</span> <span class='label'>open_timeout:</span> <span class='int'>1</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>&quot;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Super fun user agent</span><span class='tstring_end'>&quot;</span></span> <span class='rbrace'>}</span>
+    <span class='label'>request_options:</span> <span class='lbrace'>{</span> <span class='label'>read_timeout:</span> <span class='int'>5</span><span class='comma'>,</span> <span class='label'>open_timeout:</span> <span class='int'>1</span><span class='comma'>,</span> <span class='label'>headers:</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>&quot;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Super fun user agent</span><span class='tstring_end'>&quot;</span></span> <span class='rbrace'>}</span> <span class='rbrace'>}</span>
   <span class='rbrace'>}</span>
 </code></pre>
 
-<h2 id="label-TODO">TODO</h2>
-<ul><li>
-<p>[ ] Devise plugin</p>
-</li></ul>
+<h3 id="label-Devise">Devise</h3>
+
+<p>If you are using Devise I recommend you use the <a
+href="https://github.com/michaelbanfield/devise-pwned_password">devise-pwned_password
+extension</a> which is now powered by this gem.</p>
+
+<h3 id="label-Command+line">Command line</h3>
+
+<p>The gem provides a command line utility for checking passwords. You can
+call it from your terminal application like this:</p>
+
+<pre class="code ruby"><code class="ruby">$ pwned password
+Pwned!
+The password has been found in public breaches 3645804 times.
+</code></pre>
+
+<p>If you don&#39;t want the password you are checking to be visible, call:</p>
+
+<pre class="code ruby"><code class="ruby">$ pwned --secret
+</code></pre>
+
+<p>You will be prompted for the password, but it won&#39;t be displayed.</p>
+
+<h2 id="label-How+Pwned+is+Pi-3F">How Pwned is Pi?</h2>
+
+<p><a href="https://github.com/daz">@daz</a> <a
+href="https://twitter.com/dazonic/status/1074647842046660609">shared</a> a
+fantastic example of using this gem to show how many times the digits of Pi
+have been used as passwords and leaked.</p>
+
+<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>pwned</span><span class='tstring_end'>&#39;</span></span>
+
+<span class='const'>PI</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>3.14159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111</span><span class='tstring_end'>&#39;</span></span>
+
+<span class='kw'>for</span> <span class='id identifier rubyid_n'>n</span> <span class='kw'>in</span> <span class='int'>1</span><span class='op'>..</span><span class='int'>40</span>
+  <span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span> <span class='const'>PI</span><span class='lbracket'>[</span><span class='int'>0</span><span class='op'>..</span><span class='lparen'>(</span><span class='id identifier rubyid_n'>n</span> <span class='op'>+</span> <span class='int'>1</span><span class='rparen'>)</span><span class='rbracket'>]</span>
+  <span class='id identifier rubyid_str'>str</span> <span class='op'>=</span> <span class='lbracket'>[</span> <span class='id identifier rubyid_n'>n</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_rjust'>rjust</span><span class='lparen'>(</span><span class='int'>2</span><span class='rparen'>)</span> <span class='rbracket'>]</span>
+  <span class='id identifier rubyid_str'>str</span> <span class='op'>&lt;&lt;</span> <span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_pwned?'>pwned?</span> <span class='op'>?</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>😡</span><span class='tstring_end'>&#39;</span></span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>😃</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_str'>str</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_pwned_count'>pwned_count</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_rjust'>rjust</span><span class='lparen'>(</span><span class='int'>4</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_str'>str</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_password'>password</span>
+
+  <span class='id identifier rubyid_puts'>puts</span> <span class='id identifier rubyid_str'>str</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'> </span><span class='tstring_end'>&#39;</span></span>
+<span class='kw'>end</span>
+</code></pre>
+
+<p>The results may, or may not, surprise you.</p>
+
+<pre class="code ruby"><code class="ruby">1 😡   16 3.1
+ 2 😡  238 3.14
+ 3 😡   34 3.141
+ 4 😡 1345 3.1415
+ 5 😡 2552 3.14159
+ 6 😡  791 3.141592
+ 7 😡 9582 3.1415926
+ 8 😡 1591 3.14159265
+ 9 😡  637 3.141592653
+10 😡  873 3.1415926535
+11 😡  137 3.14159265358
+12 😡  103 3.141592653589
+13 😡   65 3.1415926535897
+14 😡  201 3.14159265358979
+15 😡   41 3.141592653589793
+16 😡   57 3.1415926535897932
+17 😡   28 3.14159265358979323
+18 😡   29 3.141592653589793238
+19 😡    1 3.1415926535897932384
+20 😡    7 3.14159265358979323846
+21 😡    5 3.141592653589793238462
+22 😡    2 3.1415926535897932384626
+23 😡    2 3.14159265358979323846264
+24 😃    0 3.141592653589793238462643
+25 😡    3 3.1415926535897932384626433
+26 😃    0 3.14159265358979323846264338
+27 😃    0 3.141592653589793238462643383
+28 😃    0 3.1415926535897932384626433832
+29 😃    0 3.14159265358979323846264338327
+30 😃    0 3.141592653589793238462643383279
+31 😃    0 3.1415926535897932384626433832795
+32 😃    0 3.14159265358979323846264338327950
+33 😃    0 3.141592653589793238462643383279502
+34 😃    0 3.1415926535897932384626433832795028
+35 😃    0 3.14159265358979323846264338327950288
+36 😃    0 3.141592653589793238462643383279502884
+37 😃    0 3.1415926535897932384626433832795028841
+38 😃    0 3.14159265358979323846264338327950288419
+39 😃    0 3.141592653589793238462643383279502884197
+40 😃    0 3.1415926535897932384626433832795028841971
+</code></pre>
 
 <h2 id="label-Development">Development</h2>
 
@@ -284,9 +414,9 @@ of conduct</a>.</p>
 </div></div>
 
       <div id="footer">
-  Generated on Sat Mar 17 09:15:05 2018 by
+  Generated on Tue Oct  1 21:19:36 2019 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.9.12 (ruby-2.5.0).
+  0.9.20 (ruby-2.5.5).
 </div>
 
     </div>

data/docs/js/app.js

@@ -120,6 +120,49 @@ function summaryToggle() {
   } else { localStorage.summaryCollapsed = "expand"; }
 }
 
+function constantSummaryToggle() {
+  $('.constants_summary_toggle').click(function(e) {
+    e.preventDefault();
+    localStorage.summaryCollapsed = $(this).text();
+    $('.constants_summary_toggle').each(function() {
+      $(this).text($(this).text() == "collapse" ? "expand" : "collapse");
+      var next = $(this).parent().parent().nextAll('dl.constants').first();
+      if (next.hasClass('compact')) {
+        next.toggle();
+        next.nextAll('dl.constants').first().toggle();
+      }
+      else if (next.hasClass('constants')) {
+        var list = $('<dl class="constants compact" />');
+        list.html(next.html());
+        list.find('dt').each(function() {
+           $(this).addClass('summary_signature');
+           $(this).text( $(this).text().split('=')[0]);
+          if ($(this).has(".deprecated").length) {
+             $(this).addClass('deprecated');
+          };
+        });
+        // Add the value of the constant as "Tooltip" to the summary object
+        list.find('pre.code').each(function() {
+          console.log($(this).parent());
+          var dt_element = $(this).parent().prev();
+          var tooltip = $(this).text();
+          if (dt_element.hasClass("deprecated")) {
+             tooltip = 'Deprecated. ' + tooltip;
+          };
+          dt_element.attr('title', tooltip);
+        });
+        list.find('.docstring, .tags, dd').remove();
+        next.before(list);
+        next.toggle();
+      }
+    });
+    return false;
+  });
+  if (localStorage.summaryCollapsed == "collapse") {
+    $('.constants_summary_toggle').first().click();
+  } else { localStorage.summaryCollapsed = "expand"; }
+}
+
 function generateTOC() {
   if ($('#filecontents').length === 0) return;
   var _toc = $('<ol class="top"></ol>');
@@ -232,6 +275,16 @@ function mainFocus() {
   setTimeout(function() { $('#main').focus(); }, 10);
 }
 
+function navigationChange() {
+  // This works around the broken anchor navigation with the YARD template.
+  window.onpopstate = function() {
+    var hash = window.location.hash;
+    if (hash !== '' && $(hash)[0]) {
+      $(hash)[0].scrollIntoView();
+    }
+  };
+}
+
 $(document).ready(function() {
   navResizer();
   navExpander();
@@ -241,8 +294,10 @@ $(document).ready(function() {
   searchFrameButtons();
   linkSummaries();
   summaryToggle();
+  constantSummaryToggle();
   generateTOC();
   mainFocus();
+  navigationChange();
 });
 
 })();

data/docs/top-level-namespace.html

@@ -6,7 +6,7 @@
 <title>
   Top Level Namespace
   
-    &mdash; Documentation by YARD 0.9.12
+    &mdash; Documentation by YARD 0.9.20
   
 </title>
 
@@ -102,9 +102,9 @@
 </div>
 
       <div id="footer">
-  Generated on Sat Mar 17 09:15:05 2018 by
+  Generated on Tue Oct  1 21:19:37 2019 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.9.12 (ruby-2.5.0).
+  0.9.20 (ruby-2.5.5).
 </div>
 
     </div>

data/lib/pwned.rb

@@ -29,10 +29,10 @@ module Pwned
   #     Pwned.pwned?("pwned::password") #=> false
   #
   # @param password [String] The password you want to check against the API.
-  # @param [Hash] request_options Options that can be passed to +open+ when
+  # @param [Hash] request_options Options that can be passed to +Net::HTTP.start+ when
   #   calling the API
-  # @option request_options [String] 'User-Agent' ("Ruby Pwned::Password #{Pwned::VERSION}")
-  #   The user agent used when making an API request.
+  # @option request_options [Symbol] :headers ({ "User-Agent" => '"Ruby Pwned::Password #{Pwned::VERSION}" })
+  #   HTTP headers to include in the request
   # @return [Boolean] Whether the password appears in the data breaches or not.
   # @since 1.1.0
   def self.pwned?(password, request_options={})
@@ -47,10 +47,10 @@ module Pwned
   #     Pwned.pwned_count("pwned::password") #=> 0
   #
   # @param password [String] The password you want to check against the API.
-  # @param [Hash] request_options Options that can be passed to +open+ when
+  # @param [Hash] request_options Options that can be passed to +Net::HTTP.start+ when
   #   calling the API
-  # @option request_options [String] 'User-Agent' ("Ruby Pwned::Password #{Pwned::VERSION}")
-  #   The user agent used when making an API request.
+  # @option request_options [Symbol] :headers ({ "User-Agent" => '"Ruby Pwned::Password #{Pwned::VERSION}" })
+  #   HTTP headers to include in the request
   # @return [Integer] The number of times the password has appeared in the data
   #   breaches.
   # @since 1.1.0

data/lib/pwned/password.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require "digest"
-require "open-uri"
+require 'net/http'
 
 module Pwned
   ##
@@ -23,10 +23,10 @@ module Pwned
     SHA1_LENGTH = 40
 
     ##
-    # The default request options that are used to make HTTP requests to the
+    # The default request headers that are used to make HTTP requests to the
     # API. A user agent is provided as requested in the documentation.
     # @see https://haveibeenpwned.com/API/v2#UserAgent
-    DEFAULT_REQUEST_OPTIONS = {
+    DEFAULT_REQUEST_HEADERS = {
       "User-Agent" => "Ruby Pwned::Password #{Pwned::VERSION}"
     }.freeze
 
@@ -40,21 +40,23 @@ module Pwned
     #
     # @example A simple password with the default request options
     #     password = Pwned::Password.new("password")
-    # @example Setting the user agent and the read timeout of the reques
-    #     password = Pwned::Password.new("password", "User-Agent" => "My user agent", :read_timout => 10)
+    # @example Setting the user agent and the read timeout of the request
+    #     password = Pwned::Password.new("password", headers: { "User-Agent" => "My user agent" }, read_timout: 10)
     #
     # @param password [String] The password you want to check against the API.
-    # @param [Hash] request_options Options that can be passed to +open+ when
+    # @param [Hash] request_options Options that can be passed to +Net::HTTP.start+ when
     #   calling the API
-    # @option request_options [String] 'User-Agent' ("Ruby Pwned::Password #{Pwned::VERSION}")
-    #   The user agent used when making an API request.
+    # @option request_options [Symbol] :headers ({ "User-Agent" => '"Ruby Pwned::Password #{Pwned::VERSION}" })
+    #   HTTP headers to include in the request
     # @return [Boolean] Whether the password appears in the data breaches or not.
     # @raise [TypeError] if the password is not a string.
     # @since 1.1.0
     def initialize(password, request_options={})
       raise TypeError, "password must be of type String" unless password.is_a? String
       @password = password
-      @request_options = DEFAULT_REQUEST_OPTIONS.merge(request_options)
+      @request_options = Hash(request_options).dup
+      @request_headers = Hash(request_options.delete(:headers))
+      @request_headers = DEFAULT_REQUEST_HEADERS.merge(@request_headers)
     end
 
     ##
@@ -93,6 +95,8 @@ module Pwned
 
     private
 
+    attr_reader :request_options, :request_headers
+
     def fetch_pwned_count
       for_each_response_line do |line|
         next unless line.start_with?(hashed_password_suffix)
@@ -106,8 +110,9 @@ module Pwned
 
     def for_each_response_line(&block)
       begin
-        open("#{API_URL}#{hashed_password_prefix}", @request_options) do |io|
-          io.each_line(&block)
+        with_http_response "#{API_URL}#{hashed_password_prefix}" do |response|
+          response.value # raise if request was unsuccessful
+          stream_response_lines(response, &block)
         end
       rescue Timeout::Error => e
         raise Pwned::TimeoutError, e.message
@@ -123,5 +128,33 @@ module Pwned
     def hashed_password_suffix
       hashed_password[HASH_PREFIX_LENGTH..-1]
     end
+
+    # Make a HTTP GET request given the url and headers.
+    # Yields a `Net::HTTPResponse`.
+    def with_http_response(url, &block)
+      uri = URI(url)
+
+      request = Net::HTTP::Get.new(uri)
+      request.initialize_http_header(request_headers)
+      request_options[:use_ssl] = true
+
+      Net::HTTP.start(uri.host, uri.port, request_options) do |http|
+        http.request(request, &block)
+      end
+    end
+
+    # Stream a Net::HTTPResponse by line, handling lines that cross chunks.
+    def stream_response_lines(response, &block)
+      last_line = ''
+
+      response.read_body do |chunk|
+        chunk_lines = (last_line + chunk).lines
+        # This could end with half a line, so save it for next time
+        last_line = chunk_lines.pop
+        chunk_lines.each(&block)
+      end
+      yield last_line
+    end
+
   end
 end