request_signing 0.1.0.pre2 → 0.1.0.pre3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/request_signing.rb +1 -1
- data/lib/request_signing/errors.rb +13 -1
- data/lib/request_signing/key_stores/static.rb +1 -1
- data/lib/request_signing/test_utils.rb +55 -0
- data/lib/request_signing/version.rb +1 -1
- data/request_signing-faraday.gemspec +2 -3
- data/request_signing-rack.gemspec +2 -3
- data/request_signing-ssm.gemspec +2 -3
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 54aa72ad7948b5b1f34da5abd6efa5d10d4e5bef
|
|
4
|
+
data.tar.gz: 670402e483314b0057ab6a336def431bbebf48b8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fd206d497060a433d516d179cc355d23e50f74e7bc61b86e1444fd3a87142910ba713f59523991457c02ce06a6828c6b068e911f0d9657dfbfa2f34286eee023
|
|
7
|
+
data.tar.gz: cc1b7ecebc2c183fd81ea3a17406fd946988bcc3a4b18a2cc29fa6a051d10a645b8a47fd863aed88e413792ceed833eb91a1d6512e3f905d62f4b8391eeef791
|
data/lib/request_signing.rb
CHANGED
|
@@ -62,7 +62,7 @@ module RequestSigning
|
|
|
62
62
|
string_for_signing = RequestSigning.make_string_for_signing(signature_parameters.headers, verifiable_req)
|
|
63
63
|
signature = decode_signature(signature_parameters.signature)
|
|
64
64
|
unless alg.verify_signature(key, signature, string_for_signing)
|
|
65
|
-
raise SignatureMismatch
|
|
65
|
+
raise SignatureMismatch, key_id: signature_parameters.key_id
|
|
66
66
|
end
|
|
67
67
|
end
|
|
68
68
|
|
|
@@ -1,7 +1,19 @@
|
|
|
1
1
|
module RequestSigning
|
|
2
2
|
|
|
3
3
|
# Base class for all errors
|
|
4
|
-
class Error < StandardError
|
|
4
|
+
class Error < StandardError
|
|
5
|
+
attr_reader :key_id
|
|
6
|
+
|
|
7
|
+
def initialize(*args, key_id: nil)
|
|
8
|
+
super(*args)
|
|
9
|
+
@key_id = key_id
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def message
|
|
13
|
+
return super unless key_id
|
|
14
|
+
"#{super}, key_id=#{key_id}"
|
|
15
|
+
end
|
|
16
|
+
end
|
|
5
17
|
|
|
6
18
|
# Key with specified keyId could not be found
|
|
7
19
|
class KeyNotFound < Error; end
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
module RequestSigning
|
|
2
|
+
module TestUtils
|
|
3
|
+
# Provides helpers for testing request signature verification integration
|
|
4
|
+
# Example:
|
|
5
|
+
# require 'rack/test'
|
|
6
|
+
# require 'request_signing'
|
|
7
|
+
# require 'request_signing/test_utils'
|
|
8
|
+
#
|
|
9
|
+
# class MyServerTest < Minitest::Test
|
|
10
|
+
# include Rack::Test::Methods
|
|
11
|
+
# include RequestSigning::TestUtils::Rack
|
|
12
|
+
#
|
|
13
|
+
# attr_reader :app
|
|
14
|
+
#
|
|
15
|
+
# def setup
|
|
16
|
+
# my_app = MyApp.new
|
|
17
|
+
# signer_key_store = RequestSigning::KeyStores::Static.new(
|
|
18
|
+
# "test_key" => "123qweasdzxc456rtyfghvbn789uiojk",
|
|
19
|
+
# "bad_test_key" => "11111111111111111111111111111111"
|
|
20
|
+
# )
|
|
21
|
+
# signer = RequestSigning::Signer.new(adapter: :rack, key_store: signer_key_store)
|
|
22
|
+
# @app = wrap_with_request_signer(app: my_app, signer: signer)
|
|
23
|
+
# end
|
|
24
|
+
#
|
|
25
|
+
# def test_lets_signed_requests_through
|
|
26
|
+
# signed(key_id: "test_key") { post "/v1/foo" }
|
|
27
|
+
# assert last_response.successful?
|
|
28
|
+
# end
|
|
29
|
+
#
|
|
30
|
+
# def test_rejects_requests_with_bad_signatures
|
|
31
|
+
# signed(key_id: "bad_test_key") { post "/v1/foo" }
|
|
32
|
+
# refute last_response.successful?
|
|
33
|
+
# end
|
|
34
|
+
#
|
|
35
|
+
module Rack
|
|
36
|
+
def wrap_with_request_signer(signer:, app:)
|
|
37
|
+
proc do |env|
|
|
38
|
+
if sign_params = env["request_signing.test.sign_params"]
|
|
39
|
+
env["HTTP_DATE"] ||= Time.now.httpdate
|
|
40
|
+
env["HTTP_SIGNATURE"] = signer.create_signature!(env, sign_params).to_s
|
|
41
|
+
end
|
|
42
|
+
app.call(env)
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def signed(key_id:, algorithm: "hmac-sha256", headers: %w[(request-target) host date])
|
|
47
|
+
env "request_signing.test.sign_params", { key_id: key_id, algorithm: algorithm, headers: headers }
|
|
48
|
+
yield
|
|
49
|
+
ensure
|
|
50
|
+
env "request_signing.test.sign_params", nil
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
|
|
@@ -1,11 +1,10 @@
|
|
|
1
1
|
# coding: utf-8
|
|
2
2
|
lib = File.expand_path('../lib', __FILE__)
|
|
3
3
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
|
-
require 'request_signing/version'
|
|
5
4
|
|
|
6
5
|
Gem::Specification.new do |spec|
|
|
7
6
|
spec.name = "request_signing-faraday"
|
|
8
|
-
spec.version = "0.1.0.
|
|
7
|
+
spec.version = "0.1.0.pre3"
|
|
9
8
|
spec.authors = ["Vlad Yarotsky"]
|
|
10
9
|
spec.email = ["vlad@remind101.com"]
|
|
11
10
|
|
|
@@ -19,6 +18,6 @@ Gem::Specification.new do |spec|
|
|
|
19
18
|
spec.require_paths = ["lib"]
|
|
20
19
|
spec.metadata["yard.run"] = "yri"
|
|
21
20
|
|
|
22
|
-
spec.add_dependency "request_signing",
|
|
21
|
+
spec.add_dependency "request_signing", "~> 0.1.0.pre2"
|
|
23
22
|
spec.add_dependency "faraday", "~> 0.9"
|
|
24
23
|
end
|
|
@@ -1,11 +1,10 @@
|
|
|
1
1
|
# coding: utf-8
|
|
2
2
|
lib = File.expand_path('../lib', __FILE__)
|
|
3
3
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
|
-
require 'request_signing/version'
|
|
5
4
|
|
|
6
5
|
Gem::Specification.new do |spec|
|
|
7
6
|
spec.name = "request_signing-rack"
|
|
8
|
-
spec.version = "0.1.0.
|
|
7
|
+
spec.version = "0.1.0.pre3"
|
|
9
8
|
spec.authors = ["Vlad Yarotsky"]
|
|
10
9
|
spec.email = ["vlad@remind101.com"]
|
|
11
10
|
|
|
@@ -19,6 +18,6 @@ Gem::Specification.new do |spec|
|
|
|
19
18
|
spec.require_paths = ["lib"]
|
|
20
19
|
spec.metadata["yard.run"] = "yri"
|
|
21
20
|
|
|
22
|
-
spec.add_dependency "request_signing",
|
|
21
|
+
spec.add_dependency "request_signing", "~> 0.1.0.pre2"
|
|
23
22
|
spec.add_dependency "rack", "~> 2.0"
|
|
24
23
|
end
|
data/request_signing-ssm.gemspec
CHANGED
|
@@ -1,11 +1,10 @@
|
|
|
1
1
|
# coding: utf-8
|
|
2
2
|
lib = File.expand_path('../lib', __FILE__)
|
|
3
3
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
|
-
require 'request_signing/version'
|
|
5
4
|
|
|
6
5
|
Gem::Specification.new do |spec|
|
|
7
6
|
spec.name = "request_signing-ssm"
|
|
8
|
-
spec.version = "0.1.0.
|
|
7
|
+
spec.version = "0.1.0.pre3"
|
|
9
8
|
spec.authors = ["Vlad Yarotsky"]
|
|
10
9
|
spec.email = ["vlad@remind101.com"]
|
|
11
10
|
|
|
@@ -19,6 +18,6 @@ Gem::Specification.new do |spec|
|
|
|
19
18
|
spec.require_paths = ["lib"]
|
|
20
19
|
spec.metadata["yard.run"] = "yri"
|
|
21
20
|
|
|
22
|
-
spec.add_dependency "request_signing",
|
|
21
|
+
spec.add_dependency "request_signing", "~> 0.1.0.pre2"
|
|
23
22
|
spec.add_dependency "aws-sdk-ssm", "~> 1"
|
|
24
23
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: request_signing
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.0.
|
|
4
|
+
version: 0.1.0.pre3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Vlad Yarotsky
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-11-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Implementation of http request signing draft https://tools.ietf.org/html/draft-cavage-http-signatures-08
|
|
14
14
|
email:
|
|
@@ -43,6 +43,7 @@ files:
|
|
|
43
43
|
- lib/request_signing/key_stores/static.rb
|
|
44
44
|
- lib/request_signing/parameter_parser.rb
|
|
45
45
|
- lib/request_signing/signature_parameters.rb
|
|
46
|
+
- lib/request_signing/test_utils.rb
|
|
46
47
|
- lib/request_signing/version.rb
|
|
47
48
|
- request_signing-faraday.gemspec
|
|
48
49
|
- request_signing-rack.gemspec
|