RubyGems - pwned - Versions diffs - 1.2.1 → 2.2.0 - Mend

pwned 1.2.1 → 2.2.0

Files changed (35) hide show

checksums.yaml +4 -4
data/.github/FUNDING.yml +1 -0
data/.github/workflows/tests.yml +39 -0
data/CHANGELOG.md +75 -18
data/README.md +153 -10
data/bin/pwned +52 -0
data/lib/pwned.rb +22 -6
data/lib/pwned/hashed_password.rb +36 -0
data/lib/pwned/not_pwned_validator.rb +3 -3
data/lib/pwned/password.rb +12 -96
data/lib/pwned/password_base.rb +141 -0
data/lib/pwned/version.rb +1 -1
data/pwned.gemspec +11 -2
metadata +29 -34
data/.travis.yml +0 -23
data/docs/NotPwnedValidator.html +0 -488
data/docs/Pwned.html +0 -513
data/docs/Pwned/Error.html +0 -149
data/docs/Pwned/Password.html +0 -925
data/docs/Pwned/TimeoutError.html +0 -152
data/docs/PwnedValidator.html +0 -192
data/docs/_index.html +0 -162
data/docs/class_list.html +0 -51
data/docs/css/common.css +0 -1
data/docs/css/full_list.css +0 -58
data/docs/css/style.css +0 -499
data/docs/file.README.html +0 -294
data/docs/file_list.html +0 -56
data/docs/frames.html +0 -17
data/docs/index.html +0 -294
data/docs/js/app.js +0 -248
data/docs/js/full_list.js +0 -216
data/docs/js/jquery.js +0 -4
data/docs/method_list.html +0 -115
data/docs/top-level-namespace.html +0 -112

data/.travis.yml DELETED Viewed

@@ -1,23 +0,0 @@
-sudo: false
-language: ruby
-env:
-  matrix:
-    - RAILS_VERSION=4.2.0
-    - RAILS_VERSION=5.0.0
-    - RAILS_VERSION=5.1.0
-    - RAILS_VERSION=5.2.0.rc1
-rvm:
-  - 2.5.0
-  - 2.4.0
-  - 2.3.0
-  - jruby
-  - ruby-head
-before_install: gem install bundler -v 1.16.1
-matrix:
-  allow_failures:
-    - rvm: ruby-head
-    - env: RAILS_VERSION=5.2.0.rc1

data/docs/NotPwnedValidator.html DELETED Viewed

@@ -1,488 +0,0 @@
-<!DOCTYPE html>
-<html>
-  <head>
-    <meta charset="utf-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>
-  Class: NotPwnedValidator
-    &mdash; Documentation by YARD 0.9.12
-</title>
-  <link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
-  <link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
-<script type="text/javascript" charset="utf-8">
-  pathId = "NotPwnedValidator";
-  relpath = '';
-</script>
-  <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
-  <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
-  </head>
-  <body>
-    <div class="nav_wrap">
-      <iframe id="nav" src="class_list.html?1"></iframe>
-      <div id="resizer"></div>
-    </div>
-    <div id="main" tabindex="-1">
-      <div id="header">
-        <div id="menu">
-    <a href="_index.html">Index (N)</a> &raquo;
-    <span class="title">NotPwnedValidator</span>
-</div>
-        <div id="search">
-    <a class="full_list_link" id="class_list_link"
-        href="class_list.html">
-        <svg width="24" height="24">
-          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
-          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
-          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
-        </svg>
-    </a>
-</div>
-        <div class="clear"></div>
-      </div>
-      <div id="content"><h1>Class: NotPwnedValidator
-</h1>
-<div class="box_info">
-  <dl>
-    <dt>Inherits:</dt>
-    <dd>
-      <span class="inheritName">ActiveModel::EachValidator</span>
-        <ul class="fullTree">
-          <li>Object</li>
-            <li class="next">ActiveModel::EachValidator</li>
-            <li class="next">NotPwnedValidator</li>
-        </ul>
-        <a href="#" class="inheritanceTree">show all</a>
-    </dd>
-  </dl>
-  <dl>
-    <dt>Defined in:</dt>
-    <dd>lib/pwned/not_pwned_validator.rb</dd>
-  </dl>
-</div>
-<h2>Overview</h2><div class="docstring">
-  <div class="discussion">
-<p>An <code>ActiveModel</code> validator to check passwords against the Pwned
-Passwords API.</p>
-  </div>
-</div>
-<div class="tags">
-  <div class="examples">
-    <p class="tag_title">Examples:</p>
-        <p class="example_title"><div class='inline'>
-<p>Validate a password on a <code>User</code> model with the default options.</p>
-</div></p>
-      <pre class="example code"><code><span class='kw'>class</span> <span class='const'>User</span> <span class='op'>&lt;</span> <span class='const'>ApplicationRecord</span>
-  <span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='kw'>true</span>
-<span class='kw'>end</span></code></pre>
-        <p class="example_title"><div class='inline'>
-<p>Validate a password on a <code>User</code> model with a custom error
-message.</p>
-</div></p>
-      <pre class="example code"><code><span class='kw'>class</span> <span class='const'>User</span> <span class='op'>&lt;</span> <span class='const'>ApplicationRecord</span>
-  <span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span> <span class='label'>message:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>has been pwned %{count} times</span><span class='tstring_end'>&quot;</span></span> <span class='rbrace'>}</span>
-<span class='kw'>end</span></code></pre>
-        <p class="example_title"><div class='inline'>
-<p>Validate a password on a <code>User</code> model that allows the password
-to have been breached once.</p>
-</div></p>
-      <pre class="example code"><code><span class='kw'>class</span> <span class='const'>User</span> <span class='op'>&lt;</span> <span class='const'>ApplicationRecord</span>
-  <span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span> <span class='label'>threshold:</span> <span class='int'>1</span> <span class='rbrace'>}</span>
-<span class='kw'>end</span></code></pre>
-        <p class="example_title"><div class='inline'>
-<p>Validate a password on a <code>User</code> model, handling API errors in
-various ways</p>
-</div></p>
-      <pre class="example code"><code><span class='kw'>class</span> <span class='const'>User</span> <span class='op'>&lt;</span> <span class='const'>ApplicationRecord</span>
-  <span class='comment'># The record is marked as invalid on network errors
-</span>  <span class='comment'># (error message &quot;could not be verified against the past data breaches&quot;.)
-</span>  <span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span> <span class='label'>on_error:</span> <span class='symbol'>:invalid</span> <span class='rbrace'>}</span>
-  <span class='comment'># The record is marked as invalid on network errors with custom error.
-</span>  <span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span> <span class='label'>on_error:</span> <span class='symbol'>:invalid</span><span class='comma'>,</span> <span class='label'>error_message:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>might be pwned</span><span class='tstring_end'>&quot;</span></span> <span class='rbrace'>}</span>
-  <span class='comment'># An error is raised on network errors.
-</span>  <span class='comment'># This means that `record.valid?` will raise `Pwned::Error`.
-</span>  <span class='comment'># Not recommended to use in production.
-</span>  <span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span> <span class='label'>on_error:</span> <span class='symbol'>:raise_error</span> <span class='rbrace'>}</span>
-  <span class='comment'># Call custom proc on error. For example, capture errors in Sentry,
-</span>  <span class='comment'># but do not mark the record as invalid.
-</span>  <span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span>
-    <span class='label'>on_error:</span> <span class='tlambda'>-&gt;</span><span class='lparen'>(</span><span class='id identifier rubyid_record'>record</span><span class='comma'>,</span> <span class='id identifier rubyid_error'>error</span><span class='rparen'>)</span> <span class='tlambeg'>{</span> <span class='const'>Raven</span><span class='period'>.</span><span class='id identifier rubyid_capture_exception'>capture_exception</span><span class='lparen'>(</span><span class='id identifier rubyid_error'>error</span><span class='rparen'>)</span> <span class='rbrace'>}</span>
-  <span class='rbrace'>}</span>
-<span class='kw'>end</span></code></pre>
-  </div>
-<p class="tag_title">Since:</p>
-<ul class="since">
-    <li>
-        <div class='inline'>
-<p>1.2.0</p>
-</div>
-    </li>
-</ul>
-</div><div id="subclasses">
-  <h2>Direct Known Subclasses</h2>
-  <p class="children"><span class='object_link'><a href="PwnedValidator.html" title="PwnedValidator (class)">PwnedValidator</a></span></p>
-</div>
-  <h2>Constant Summary</h2>
-  <dl class="constants">
-      <dt id="DEFAULT_ON_ERROR-constant" class="">DEFAULT_ON_ERROR =
-        <div class="docstring">
-  <div class="discussion">
-<p>The default behaviour of this validator in the case of an API failure. The
-default will mean that if the API fails the object will not be marked
-invalid.</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Since:</p>
-<ul class="since">
-    <li>
-        <div class='inline'>
-<p>1.2.0</p>
-</div>
-    </li>
-</ul>
-</div>
-      </dt>
-      <dd><pre class="code"><span class='symbol'>:valid</span></pre></dd>
-      <dt id="DEFAULT_THRESHOLD-constant" class="">DEFAULT_THRESHOLD =
-        <div class="docstring">
-  <div class="discussion">
-<p>The default threshold for whether a breach is considered pwned. The default
-is 0, so any password that appears in a breach will mark the record as
-invalid.</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Since:</p>
-<ul class="since">
-    <li>
-        <div class='inline'>
-<p>1.2.0</p>
-</div>
-    </li>
-</ul>
-</div>
-      </dt>
-      <dd><pre class="code"><span class='int'>0</span></pre></dd>
-  </dl>
-    <h2>
-      Instance Method Summary
-      <small><a href="#" class="summary_toggle">collapse</a></small>
-    </h2>
-    <ul class="summary">
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#validate_each-instance_method" title="#validate_each (instance method)">#<strong>validate_each</strong>(record, attribute, value)  &#x21d2; Object </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Validates the <code>value</code> against the Pwned Passwords API.</p>
-</div></span>
-</li>
-    </ul>
-  <div id="instance_method_details" class="method_details_list">
-    <h2>Instance Method Details</h2>
-      <div class="method_details first">
-  <h3 class="signature first" id="validate_each-instance_method">
-    #<strong>validate_each</strong>(record, attribute, value)  &#x21d2; <tt>Object</tt>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Validates the <code>value</code> against the Pwned Passwords API. If the
-<code>pwned_count</code> is higher than the optional <code>threshold</code>
-then the record is marked as invalid.</p>
-<p>In the case of an API error the validator will either mark the record as
-valid or invalid. Alternatively it will run an associated proc or re-raise
-the original error.</p>
-<p>The validation will short circuit and return with no errors added if the
-password is blank. The <code>Pwned::Password</code> initializer expects the
-password to be a string and will throw a <code>TypeError</code> if it is
-<code>nil</code>. Also, technically the empty string is not a password that
-is reported to be found in data breaches, so returns <code>false</code>,
-short circuiting that using <code>value.blank?</code> saves us a trip to
-the API.</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>record</span>
-        <span class='type'>(<tt>ActiveModel::Validations</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>The object being validated</p>
-</div>
-    </li>
-    <li>
-        <span class='name'>attribute</span>
-        <span class='type'>(<tt>Symbol</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>The attribute on the record that is currently being validated.</p>
-</div>
-    </li>
-    <li>
-        <span class='name'>value</span>
-        <span class='type'>(<tt>String</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>The value of the attribute on the record that is the subject of the
-validation</p>
-</div>
-    </li>
-</ul>
-<p class="tag_title">Since:</p>
-<ul class="since">
-    <li>
-        <div class='inline'>
-<p>1.2.0</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-77
-78
-79
-80
-81
-82
-83
-84
-85
-86
-87
-88
-89
-90
-91
-92
-93
-94
-95
-96</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/pwned/not_pwned_validator.rb', line 77</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_validate_each'>validate_each</span><span class='lparen'>(</span><span class='id identifier rubyid_record'>record</span><span class='comma'>,</span> <span class='id identifier rubyid_attribute'>attribute</span><span class='comma'>,</span> <span class='id identifier rubyid_value'>value</span><span class='rparen'>)</span>
-  <span class='kw'>return</span> <span class='kw'>if</span> <span class='id identifier rubyid_value'>value</span><span class='period'>.</span><span class='id identifier rubyid_blank?'>blank?</span>
-  <span class='kw'>begin</span>
-    <span class='id identifier rubyid_pwned_check'>pwned_check</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_value'>value</span><span class='comma'>,</span> <span class='id identifier rubyid_request_options'>request_options</span><span class='rparen'>)</span>
-    <span class='kw'>if</span> <span class='id identifier rubyid_pwned_check'>pwned_check</span><span class='period'>.</span><span class='id identifier rubyid_pwned_count'>pwned_count</span> <span class='op'>&gt;</span> <span class='id identifier rubyid_threshold'>threshold</span>
-      <span class='id identifier rubyid_record'>record</span><span class='period'>.</span><span class='id identifier rubyid_errors'>errors</span><span class='period'>.</span><span class='id identifier rubyid_add'>add</span><span class='lparen'>(</span><span class='id identifier rubyid_attribute'>attribute</span><span class='comma'>,</span> <span class='symbol'>:not_pwned</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='label'>count:</span> <span class='id identifier rubyid_pwned_check'>pwned_check</span><span class='period'>.</span><span class='id identifier rubyid_pwned_count'>pwned_count</span><span class='rparen'>)</span><span class='rparen'>)</span>
-    <span class='kw'>end</span>
-  <span class='kw'>rescue</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Error.html" title="Pwned::Error (class)">Error</a></span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_error'>error</span>
-    <span class='kw'>case</span> <span class='id identifier rubyid_on_error'>on_error</span>
-    <span class='kw'>when</span> <span class='symbol'>:invalid</span>
-      <span class='id identifier rubyid_record'>record</span><span class='period'>.</span><span class='id identifier rubyid_errors'>errors</span><span class='period'>.</span><span class='id identifier rubyid_add'>add</span><span class='lparen'>(</span><span class='id identifier rubyid_attribute'>attribute</span><span class='comma'>,</span> <span class='symbol'>:pwned_error</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='label'>message:</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:error_message</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='rparen'>)</span>
-    <span class='kw'>when</span> <span class='symbol'>:valid</span>
-      <span class='comment'># Do nothing, consider the record valid
-</span>    <span class='kw'>when</span> <span class='const'>Proc</span>
-      <span class='id identifier rubyid_on_error'>on_error</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_record'>record</span><span class='comma'>,</span> <span class='id identifier rubyid_error'>error</span><span class='rparen'>)</span>
-    <span class='kw'>else</span>
-      <span class='id identifier rubyid_raise'>raise</span>
-    <span class='kw'>end</span>
-  <span class='kw'>end</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-  </div>
-</div>
-      <div id="footer">
-  Generated on Sat Mar 17 09:15:06 2018 by
-  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.9.12 (ruby-2.5.0).
-</div>
-    </div>
-  </body>
-</html>