pwned 2.3.0 → 2.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f4b8270eaf162b50ef112371c2e35dd41141dec39e4e11d5a76936119e2ca569
4
- data.tar.gz: fdec9b67cc6465fa64062697253e6cf078ddb2b2deb71cf829a919dca7953f48
3
+ metadata.gz: f655789ebeb4d8fc8cdd1a105960358b8995ecb2d65d50542c124dd025add187
4
+ data.tar.gz: 32b7024253941258a9d93e3fd556c25d7dc5f1d91b55c414d547bce7cd81f042
5
5
  SHA512:
6
- metadata.gz: 7ec757852674e3e44ac71a71ed5c31d3503b5f0547871f940d56e8e2d8838b0b89e36742c0e10108f1c00fddc54016454d3ba77348cddd7be659d1ed4fdaf71a
7
- data.tar.gz: 304b59ce60639f57c7a3a81c5e0f172dc8de9a2128018abe636be7f6d88074af59ac193d2538f86c298d4f8a537b0152bdcab6efb8cf4a27d5c6a13c64b9e311
6
+ metadata.gz: f298ab9734b71e795cb014986b93c37642539c45225add31f55a105a4238b0dcd57ae298682df0ad2ed69203d42f13181715dbcfeb1fe8f188a497e51f82cab9
7
+ data.tar.gz: c494a1fd491608e0bee4d47a97b356ae22887b2a041e33348a8784c14fbe68d5ab78451eb2b2e255e0b2f1702d41424b5a2e0b83549a93a3a9a2dd86abd1ad39
@@ -8,7 +8,7 @@ jobs:
8
8
  strategy:
9
9
  fail-fast: false
10
10
  matrix:
11
- ruby: [2.5, 2.6, 2.7, 3.0, head]
11
+ ruby: [2.6, 2.7, 3.0, 3.1, head]
12
12
  rails: [4.2.11.3, 5.0.7.2, 5.1.7, 5.2.4.4, 6.0.3.4, 6.1.0]
13
13
  exclude:
14
14
  # Ruby 3.0 and Rails 5 do not get along together.
@@ -18,6 +18,12 @@ jobs:
18
18
  rails: 5.1.7
19
19
  - ruby: 3.0
20
20
  rails: 5.2.4.4
21
+ - ruby: 3.1
22
+ rails: 5.0.7.2
23
+ - ruby: 3.1
24
+ rails: 5.1.7
25
+ - ruby: 3.1
26
+ rails: 5.2.4.4
21
27
  - ruby: head
22
28
  rails: 5.0.7.2
23
29
  - ruby: head
data/CHANGELOG.md CHANGED
@@ -1,6 +1,13 @@
1
1
  # Changelog for `Pwned`
2
2
 
3
- ## Ongoing [☰](https://github.com/philnash/pwned/compare/v2.2.0...master)
3
+ ## Ongoing [☰](https://github.com/philnash/pwned/compare/v2.4.0...master)
4
+
5
+ ## 2.4.0 (February 23, 2022) [☰](https://github.com/philnash/pwned/compare/v2.3.0...v2.4.0)
6
+
7
+ - Minor updates
8
+
9
+ - Adds `default_request_options` to set global defaults for the gem
10
+ - Adds Ruby 3.1 to the test matrix
4
11
 
5
12
  ## 2.3.0 (August 30, 2021) [☰](https://github.com/philnash/pwned/compare/v2.2.0...v2.3.0)
6
13
 
data/README.md CHANGED
@@ -110,12 +110,20 @@ Pwned.pwned_count("password")
110
110
 
111
111
  #### Custom request options
112
112
 
113
- You can set http request options to be used with `Net::HTTP.start` when making the request to the API. These options are documented in the [`Net::HTTP.start` documentation](https://ruby-doc.org/stdlib-3.0.0/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start). For example:
113
+ You can set HTTP request options to be used with `Net::HTTP.start` when making the request to the API. These options are documented in the [`Net::HTTP.start` documentation](https://ruby-doc.org/stdlib-3.0.0/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start).
114
+
115
+ You can pass the options to the constructor:
114
116
 
115
117
  ```ruby
116
118
  password = Pwned::Password.new("password", read_timeout: 10)
117
119
  ```
118
120
 
121
+ You can also specify global defaults:
122
+
123
+ ```ruby
124
+ Pwned.default_request_options = { read_timeout: 10 }
125
+ ```
126
+
119
127
  ##### HTTP Headers
120
128
 
121
129
  The `:headers` option defines defines HTTP headers. These headers must be string keys.
@@ -220,7 +228,7 @@ end
220
228
 
221
229
  #### Custom Request Options
222
230
 
223
- You can configure network requests made from the validator using `:request_options` (see [Net::HTTP.start](http://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start) for the list of available options).
231
+ You can configure network requests made from the validator using `:request_options` (see [Net::HTTP.start](http://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start) for the list of available options).
224
232
 
225
233
  ```ruby
226
234
  validates :password, not_pwned: {
@@ -231,6 +239,8 @@ You can configure network requests made from the validator using `:request_optio
231
239
  }
232
240
  ```
233
241
 
242
+ These options override the globally defined default options (see above).
243
+
234
244
  In addition to these options, you can also set the following:
235
245
 
236
246
  ##### HTTP Headers
@@ -278,15 +288,15 @@ If you don't want to set a proxy and you don't want a proxy to be inferred from
278
288
 
279
289
  ### Using Asynchronously
280
290
 
281
- You may have a use case for hashing the password in advance, and then making the call to the Pwned Passwords API later (for example if you want to enqueue a job without storing the plaintext password). To do this, you can hash the password with the `Pwned.hash_password` method and then initialize the `Pwned::HashPassword` class with the hash, like this:
291
+ You may have a use case for hashing the password in advance, and then making the call to the Pwned Passwords API later (for example if you want to enqueue a job without storing the plaintext password). To do this, you can hash the password with the `Pwned.hash_password` method and then initialize the `Pwned::HashedPassword` class with the hash, like this:
282
292
 
283
293
  ```ruby
284
294
  hashed_password = Pwned.hash_password(password)
285
295
  # some time later
286
- Pwned::HashPassword.new(hashed_password, request_options).pwned?
296
+ Pwned::HashedPassword.new(hashed_password, request_options).pwned?
287
297
  ```
288
298
 
289
- The `Pwned::HashPassword` constructor takes all the same options as the regular `Pwned::Password` contructor.
299
+ The `Pwned::HashedPassword` constructor takes all the same options as the regular `Pwned::Password` contructor.
290
300
 
291
301
  ### Devise
292
302
 
@@ -0,0 +1,13 @@
1
+ module DeepMerge
2
+ refine Hash do
3
+ def deep_merge(other)
4
+ self.merge(other) do |key, this_val, other_val|
5
+ if this_val.is_a?(Hash) && other_val.is_a?(Hash)
6
+ this_val.deep_merge(other_val)
7
+ else
8
+ other_val
9
+ end
10
+ end
11
+ end
12
+ end
13
+ end
@@ -1,6 +1,8 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "pwned/password_base"
4
+ require "pwned/deep_merge"
5
+
4
6
 
5
7
  module Pwned
6
8
  ##
@@ -9,6 +11,7 @@ module Pwned
9
11
  # @see https://haveibeenpwned.com/API/v2#PwnedPasswords
10
12
  class HashedPassword
11
13
  include PasswordBase
14
+ using DeepMerge
12
15
  ##
13
16
  # Creates a new hashed password object.
14
17
  #
@@ -19,7 +22,7 @@ module Pwned
19
22
  #
20
23
  # @param hashed_password [String] The hash of the password you want to check against the API.
21
24
  # @param [Hash] request_options Options that can be passed to +Net::HTTP.start+ when
22
- # calling the API
25
+ # calling the API. This overrides any keys specified in +Pwned.default_request_options+.
23
26
  # @option request_options [Symbol] :headers ({ "User-Agent" => "Ruby Pwned::Password #{Pwned::VERSION}" })
24
27
  # HTTP headers to include in the request
25
28
  # @option request_options [Symbol] :ignore_env_proxy (false) The library
@@ -30,11 +33,11 @@ module Pwned
30
33
  def initialize(hashed_password, request_options={})
31
34
  raise TypeError, "hashed_password must be of type String" unless hashed_password.is_a? String
32
35
  @hashed_password = hashed_password.upcase
33
- @request_options = Hash(request_options).dup
34
- @request_headers = Hash(request_options.delete(:headers))
36
+ @request_options = Pwned.default_request_options.deep_merge(request_options)
37
+ @request_headers = Hash(@request_options.delete(:headers))
35
38
  @request_headers = DEFAULT_REQUEST_HEADERS.merge(@request_headers)
36
- @request_proxy = URI(request_options.delete(:proxy)) if request_options.key?(:proxy)
37
- @ignore_env_proxy = request_options.delete(:ignore_env_proxy) || false
39
+ @request_proxy = URI(@request_options.delete(:proxy)) if @request_options.key?(:proxy)
40
+ @ignore_env_proxy = @request_options.delete(:ignore_env_proxy) || false
38
41
  end
39
42
  end
40
43
  end
@@ -1,6 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "pwned/password_base"
4
+ require "pwned/deep_merge"
4
5
 
5
6
  module Pwned
6
7
  ##
@@ -9,6 +10,7 @@ module Pwned
9
10
  # @see https://haveibeenpwned.com/API/v2#PwnedPasswords
10
11
  class Password
11
12
  include PasswordBase
13
+ using DeepMerge
12
14
  ##
13
15
  # @return [String] the password that is being checked.
14
16
  # @since 1.0.0
@@ -24,7 +26,7 @@ module Pwned
24
26
  #
25
27
  # @param password [String] The password you want to check against the API.
26
28
  # @param [Hash] request_options Options that can be passed to +Net::HTTP.start+ when
27
- # calling the API
29
+ # calling the API. This overrides any keys specified in +Pwned.default_request_options+.
28
30
  # @option request_options [Symbol] :headers ({ "User-Agent" => "Ruby Pwned::Password #{Pwned::VERSION}" })
29
31
  # HTTP headers to include in the request
30
32
  # @option request_options [Symbol] :ignore_env_proxy (false) The library
@@ -36,11 +38,11 @@ module Pwned
36
38
  raise TypeError, "password must be of type String" unless password.is_a? String
37
39
  @password = password
38
40
  @hashed_password = Pwned.hash_password(password)
39
- @request_options = Hash(request_options).dup
40
- @request_headers = Hash(request_options.delete(:headers))
41
+ @request_options = Pwned.default_request_options.deep_merge(request_options)
42
+ @request_headers = Hash(@request_options.delete(:headers))
41
43
  @request_headers = DEFAULT_REQUEST_HEADERS.merge(@request_headers)
42
- @request_proxy = URI(request_options.delete(:proxy)) if request_options.key?(:proxy)
43
- @ignore_env_proxy = request_options.delete(:ignore_env_proxy) || false
44
+ @request_proxy = URI(@request_options.delete(:proxy)) if @request_options.key?(:proxy)
45
+ @ignore_env_proxy = @request_options.delete(:ignore_env_proxy) || false
44
46
  end
45
47
  end
46
48
  end
data/lib/pwned/version.rb CHANGED
@@ -3,5 +3,5 @@
3
3
  module Pwned
4
4
  ##
5
5
  # The current version of the +pwned+ gem.
6
- VERSION = "2.3.0"
6
+ VERSION = "2.4.0"
7
7
  end
data/lib/pwned.rb CHANGED
@@ -23,6 +23,29 @@ end
23
23
  # results for a password.
24
24
 
25
25
  module Pwned
26
+ @default_request_options = {}
27
+
28
+ ##
29
+ # The default request options passed to +Net::HTTP.start+ when calling the API.
30
+ #
31
+ # @return [Hash]
32
+ # @see Pwned::Password#initialize
33
+ def self.default_request_options
34
+ @default_request_options
35
+ end
36
+
37
+ ##
38
+ # Sets the default request options passed to +Net::HTTP.start+ when calling
39
+ # the API.
40
+ #
41
+ # The default options may be overridden in +Pwned::Password#new+.
42
+ #
43
+ # @param [Hash] request_options
44
+ # @see Pwned::Password#initialize
45
+ def self.default_request_options=(request_options)
46
+ @default_request_options = request_options
47
+ end
48
+
26
49
  ##
27
50
  # Returns +true+ when the password has been pwned.
28
51
  #
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwned
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.0
4
+ version: 2.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Phil Nash
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-30 00:00:00.000000000 Z
11
+ date: 2022-02-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -110,6 +110,7 @@ files:
110
110
  - bin/setup
111
111
  - lib/locale/en.yml
112
112
  - lib/pwned.rb
113
+ - lib/pwned/deep_merge.rb
113
114
  - lib/pwned/error.rb
114
115
  - lib/pwned/hashed_password.rb
115
116
  - lib/pwned/not_pwned_validator.rb