rainforest_auth 0.0.11 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.ruby-version +1 -0
  3. data/.travis.yml +5 -1
  4. data/Gemfile.lock +5 -2
  5. data/LICENSE +1 -1
  6. data/lib/rainforest_auth.rb +17 -2
  7. data/rainforest_auth.gemspec +2 -2
  8. data/spec/rainforest_auth_spec.rb +37 -6
  9. metadata +4 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7ed033ff327dbcd6999dabaebf9e75299142c096
4
- data.tar.gz: f22f960921dc3fb5d7dcf5a850d8ee74d5510afc
3
+ metadata.gz: 249cec5e62b6a45777bfce7594bbd2ff2212b2e7
4
+ data.tar.gz: f0fe7101381ea10ff5514d83b91d63bc45823eb5
5
5
  SHA512:
6
- metadata.gz: a73c2c8563ab632429b489eac299834dfc98db5cdc853108682b98e42ef192a1c688169019244ab5576c719e7a4c91f8e4d2d9b684d7452cd39eec4a99120198
7
- data.tar.gz: 63c4721efaf3d8cc7a53d74e857f7996239ee28b71fd05b599f335b17579ffeb768a25c91cf702210446d8e67d47f1b1f95014b57ab96e558fcdd9df89b1fa95
6
+ metadata.gz: 5090047e6ef0d300ded3f7139230d668e9ca8eb22a9d240ad361f3c77493d3dedc712a054d0b490f085b2ed66de562a08c9fa380cf8c3414a071a9f71f2475ad
7
+ data.tar.gz: 925598ed41d78140b75823642fc46d08423cd7bb529c346e51c9c355af38f3b2205179a203eb418131f54038a013e88a445a8ff2b4a6dbd16bee0c3591659e7a
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ 2.1.1
data/.travis.yml CHANGED
@@ -1,5 +1,9 @@
1
+ language: ruby
2
+ before_install: gem install bundler
1
3
  rvm:
4
+ - 2.4.0
5
+ - 2.3.3
2
6
  - 2.1.1
3
7
  - 2.1.0
4
8
  - 2.0.0
5
- - 1.9.3
9
+ - 1.9.3
data/Gemfile.lock CHANGED
@@ -1,14 +1,14 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rainforest_auth (0.0.11)
4
+ rainforest_auth (0.1.0)
5
5
  json
6
6
 
7
7
  GEM
8
8
  remote: http://rubygems.org/
9
9
  specs:
10
10
  diff-lcs (1.2.5)
11
- json (1.8.1)
11
+ json (2.0.3)
12
12
  rake (10.1.1)
13
13
  rspec (2.14.1)
14
14
  rspec-core (~> 2.14.0)
@@ -28,3 +28,6 @@ DEPENDENCIES
28
28
  rainforest_auth!
29
29
  rake (>= 0.8.7)
30
30
  rspec (>= 2.0)
31
+
32
+ BUNDLED WITH
33
+ 1.14.4
data/LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2010 Michael Bleigh and Intridea, Inc.
1
+ Copyright (c) 2013 CLDRDR, Inc.
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/lib/rainforest_auth.rb CHANGED
@@ -11,8 +11,14 @@ require 'json'
11
11
  class RainforestAuth
12
12
  attr_reader :key
13
13
 
14
- def initialize(key)
14
+ def initialize(key, key_hash=nil)
15
15
  @key = key
16
+
17
+ if @key.nil?
18
+ @key_hash = key_hash
19
+ else
20
+ @key_hash = Digest::SHA256.hexdigest(key)
21
+ end
16
22
  self
17
23
  end
18
24
 
@@ -23,12 +29,21 @@ class RainforestAuth
23
29
 
24
30
  # Return a signature for a callback_type and specified options
25
31
  def sign(callback_type, options = nil)
32
+ OpenSSL::HMAC.hexdigest(digest, @key_hash, merge_data(callback_type, options))
33
+ end
34
+
35
+ # Return a signature for a callback_type and specified options
36
+ def sign_old(callback_type, options = nil)
26
37
  OpenSSL::HMAC.hexdigest(digest, @key, merge_data(callback_type, options))
27
38
  end
28
39
 
29
40
  # Verify a digest vs callback_type and options
30
41
  def verify(digest, callback_type, options = nil)
31
- digest == sign(callback_type, options)
42
+ if key.nil?
43
+ digest == sign(callback_type, options)
44
+ else
45
+ digest == sign(callback_type, options) || digest == sign_old(callback_type, options)
46
+ end
32
47
  end
33
48
 
34
49
  # Run a block if valid
data/rainforest_auth.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "rainforest_auth"
3
- s.version = "0.0.11"
4
- s.date = "2014-02-13"
3
+ s.version = "0.1.0"
4
+ s.date = "2017-03-07"
5
5
  s.summary = "Authentication of messages for Rainforest webhooks"
6
6
  s.description = "Signs / Authenticates messages"
7
7
  s.authors = ["Russell Smith"]
data/spec/rainforest_auth_spec.rb CHANGED
@@ -43,34 +43,65 @@ describe RainforestAuth do
43
43
  end
44
44
 
45
45
  it "returns the expected signature" do
46
- @auth.sign('test', {:option => 1}).should == '5957ba2707a51852d32309d16184e8adce9c4d8e'
46
+ @auth.sign('test', {:option => 1}).should == '65f2253344287b3c5634a1ce6163fb694b2280b1'
47
47
  end
48
48
 
49
49
  it "changes the signature with different data" do
50
- @auth.sign('test', {:option => 2}).should_not == '5957ba2707a51852d32309d16184e8adce9c4d8e'
50
+ @auth.sign('test', {:option => 2}).should_not == '65f2253344287b3c5634a1ce6163fb694b2280b1'
51
51
  end
52
52
 
53
53
  it "works with no options parameter" do
54
- @auth.sign('test').should == '0a41bdf26fac08a89573a7f5efe0a5145f2730df'
54
+ @auth.sign('test').should == 'd38f897889c808c021a8ed97d2caacdac48b8259'
55
+ end
56
+ end
57
+
58
+ #TODO: nuke
59
+ context ".sign_old" do
60
+ before :all do
61
+ @auth = RainforestAuth.new('key')
62
+ end
63
+
64
+ it "returns the expected signature" do
65
+ @auth.sign_old('test', {:option => 1}).should == '5957ba2707a51852d32309d16184e8adce9c4d8e'
66
+ end
67
+
68
+ it "changes the signature with different data" do
69
+ @auth.sign_old('test', {:option => 2}).should_not == '5957ba2707a51852d32309d16184e8adce9c4d8e'
70
+ end
71
+
72
+ it "works with no options parameter" do
73
+ @auth.sign_old('test').should == '0a41bdf26fac08a89573a7f5efe0a5145f2730df'
55
74
  end
56
75
  end
57
76
 
58
77
  context ".verify" do
59
78
  before :all do
60
79
  @auth = RainforestAuth.new('key')
61
- @digest = '5957ba2707a51852d32309d16184e8adce9c4d8e'
80
+ @old_digest = '5957ba2707a51852d32309d16184e8adce9c4d8e'
81
+ @digest = '65f2253344287b3c5634a1ce6163fb694b2280b1'
62
82
  end
63
83
 
64
84
  it "returns true for a valid signature" do
65
85
  @auth.verify(@digest, 'test', {:option => 1}).should be_true
66
86
  end
67
87
 
88
+ it "returns true for a valid old signature" do
89
+ @auth.verify(@old_digest, 'test', {:option => 1}).should be_true
90
+ end
91
+
68
92
  it "returns false for a bad signature" do
69
93
  @auth.verify(@digest, 'test', {:option => 2}).should be_false
70
94
  end
71
95
 
96
+ it "returns false for a bad old signature" do
97
+ @auth.verify(@old_digest, 'test', {:option => 2}).should be_false
98
+ end
99
+
72
100
  it "works with no options parameter" do
101
+ #OLD
73
102
  @auth.verify('0a41bdf26fac08a89573a7f5efe0a5145f2730df', 'test').should be_true
103
+ #NEW
104
+ @auth.verify('d38f897889c808c021a8ed97d2caacdac48b8259', 'test').should be_true
74
105
  end
75
106
  end
76
107
 
@@ -80,7 +111,7 @@ describe RainforestAuth do
80
111
  @object = "test"
81
112
  @object.stub(:some_method) { 3 }
82
113
 
83
- @digest = '5957ba2707a51852d32309d16184e8adce9c4d8e'
114
+ @digest = '65f2253344287b3c5634a1ce6163fb694b2280b1'
84
115
  end
85
116
 
86
117
  it "executes the block if there is a valid signature" do
@@ -99,4 +130,4 @@ describe RainforestAuth do
99
130
  }
100
131
  end
101
132
  end
102
- end
133
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rainforest_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.11
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Russell Smith
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-02-13 00:00:00.000000000 Z
11
+ date: 2017-03-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: json
@@ -33,6 +33,7 @@ extra_rdoc_files: []
33
33
  files:
34
34
  - ".gitignore"
35
35
  - ".rspec"
36
+ - ".ruby-version"
36
37
  - ".rvmrc"
37
38
  - ".travis.yml"
38
39
  - Gemfile
@@ -67,6 +68,4 @@ rubygems_version: 2.2.2
67
68
  signing_key:
68
69
  specification_version: 4
69
70
  summary: Authentication of messages for Rainforest webhooks
70
- test_files:
71
- - spec/rainforest_auth_spec.rb
72
- - spec/spec_helper.rb
71
+ test_files: []