rack-signature 0.0.5 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/rack/signature.rb +2 -2
- data/lib/rack/signature/verify.rb +13 -4
- data/lib/rack/signature/version.rb +1 -1
- data/test/verify_test.rb +14 -1
- metadata +2 -2
data/lib/rack/signature.rb
CHANGED
|
@@ -9,16 +9,17 @@ require_relative 'hmac_signature'
|
|
|
9
9
|
module Rack
|
|
10
10
|
module Signature
|
|
11
11
|
class Verify
|
|
12
|
+
attr_reader :options
|
|
12
13
|
|
|
13
14
|
# Initializes the Rack Middleware
|
|
14
15
|
#
|
|
15
16
|
# ==== Attributes
|
|
16
17
|
#
|
|
17
18
|
# * +app+ - A Rack app
|
|
18
|
-
# * +
|
|
19
|
+
# * +options+ - A hash of options
|
|
19
20
|
#
|
|
20
|
-
def initialize(app,
|
|
21
|
-
@app, @
|
|
21
|
+
def initialize(app, options)
|
|
22
|
+
@app, @options = app, options
|
|
22
23
|
end
|
|
23
24
|
|
|
24
25
|
def call(env)
|
|
@@ -48,7 +49,15 @@ module Rack
|
|
|
48
49
|
# builds the request message and tells HmacSignature to sign the message
|
|
49
50
|
def compute_signature(env)
|
|
50
51
|
message = BuildMessage.new(env).build!
|
|
51
|
-
HmacSignature.new(
|
|
52
|
+
HmacSignature.new(shared_key(env), message).sign
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
# FIXME: This is here for now for a quick implementation within another
|
|
56
|
+
# app. This will eventually need to be a rack app itself
|
|
57
|
+
def shared_key(env)
|
|
58
|
+
token = env["HTTP_#{options[:header_token]}"]
|
|
59
|
+
return '' if token.nil? || token == ''
|
|
60
|
+
options[:klass].send(options[:method].to_s, token)
|
|
52
61
|
end
|
|
53
62
|
|
|
54
63
|
end
|
data/test/verify_test.rb
CHANGED
|
@@ -5,12 +5,13 @@ describe "Verifying a signed request" do
|
|
|
5
5
|
include Rack::Test::Methods
|
|
6
6
|
|
|
7
7
|
def setup
|
|
8
|
+
@options = get_app_options
|
|
8
9
|
@shared_key = key
|
|
9
10
|
@signature = expected_signature
|
|
10
11
|
end
|
|
11
12
|
|
|
12
13
|
let(:app) { lambda { |env| [200, {}, ['Hello World']] } }
|
|
13
|
-
let(:rack_signature) { Rack::Signature.new(app, @
|
|
14
|
+
let(:rack_signature) { Rack::Signature.new(app, @options) }
|
|
14
15
|
let(:mock_request) { Rack::MockRequest.new(rack_signature) }
|
|
15
16
|
|
|
16
17
|
describe "when a request is made without a signature" do
|
|
@@ -36,6 +37,7 @@ describe "Verifying a signed request" do
|
|
|
36
37
|
"Content-Type" => "application/json",
|
|
37
38
|
"REQUEST_METHOD" => "POST",
|
|
38
39
|
"HTTP_X_AUTH_SIG" => @signature,
|
|
40
|
+
"HTTP_API_TOKEN" => '123',
|
|
39
41
|
input: "password=123456&email=me@home.com&name=me&age=1")
|
|
40
42
|
end
|
|
41
43
|
|
|
@@ -54,6 +56,7 @@ describe "Verifying a signed request" do
|
|
|
54
56
|
"Content-Type" => "application/json",
|
|
55
57
|
"REQUEST_METHOD" => "POST",
|
|
56
58
|
"HTTP_X_AUTH_SIG" => @signature,
|
|
59
|
+
"HTTP_API_TOKEN" => '123',
|
|
57
60
|
input: "password=1234567&email=me@home.com&name=me&age=1")
|
|
58
61
|
end
|
|
59
62
|
|
|
@@ -80,4 +83,14 @@ describe "Verifying a signed request" do
|
|
|
80
83
|
"Z0qY8Hy4a/gJkGZI0gklzM6vZztsAVVDjA18vb1BvHg="
|
|
81
84
|
end
|
|
82
85
|
|
|
86
|
+
class DemoClass
|
|
87
|
+
def self.get_shared_token(token = '')
|
|
88
|
+
::Digest::SHA2.hexdigest("shared-key") if token == '123'
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
def get_app_options
|
|
93
|
+
{ klass: DemoClass, method: :get_shared_token, header_token: 'API_TOKEN' }
|
|
94
|
+
end
|
|
95
|
+
|
|
83
96
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-signature
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.6
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-12-
|
|
12
|
+
date: 2012-12-13 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rack
|