right_support 2.14.1 → 2.14.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/right_support/crypto/signed_hash.rb +40 -12
  3. data/lib/right_support/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 1dca63bf8c124604e44a21a45d56515e63fc6760
4
- data.tar.gz: 224209a39c20b16906f9688755ea12b16957655e
3
+ metadata.gz: b4fb7f96e9bb401c4963b07cf43a1ada833d2c45
4
+ data.tar.gz: a14c034381d62084d9711d076d1979e0112556f0
5
5
  SHA512:
6
- metadata.gz: ab60e79b75e481d2c374fecf4f59f5c69bade7f859b3ad34d025b397cfb431bce2c6ef769f50406723b9170c2391c089e94255a7386760884a52b41ede8c9684
7
- data.tar.gz: 7fc92ba8a0e765a51c043bc39ab11fcf664d2c2fad5330b18dcb42c4257a55b91f1726889b941c06a7d83c1f63c220e853903a6b74c7aefde10fecca00406a6c
6
+ metadata.gz: 920da7edea75328c6e4e01fd8e6e698e6b08741354f1c7f8b59ea0fba05ee8c56ec3dd27a0ac96c672c9c483bee2b9506a68d6d62912ea85c48b2828f70c85ac
7
+ data.tar.gz: c3fbb05a2b3680a3b59505f5ce62bc61ba79046dc16630d5e211b2cf941c9b8a5cb25bfdc1b5b7ddab5644d367da361ffb1b36fee02c6efe950a42323d999250
data/lib/right_support/crypto/signed_hash.rb CHANGED
@@ -338,28 +338,56 @@ module RightSupport::Crypto
338
338
  t.is_a?(Time) && (t >= Time.now)
339
339
  end
340
340
 
341
- # Encode a canonicalized representation of the hash.
341
+ # Encode a canonicalized representation of the input.
342
342
  def encode(input) # :nodoc:
343
343
  case @envelope
344
344
  when :none, :right_support
345
345
  @encoding.dump(input)
346
346
  when :jwt
347
- input.map { |m| RightSupport::Data::Base64URL.encode(m) }.join('.')
347
+ bits = input.map do |m|
348
+ RightSupport::Data::Base64URL.encode(JSON.dump(m))
349
+ end
350
+ bits.join '.'
348
351
  end
349
352
  end
350
353
 
351
- # If envelope is :jwt, return the input with each element mapped
352
- # to its encoded form, but otherwise unchanged in any way.
353
- #
354
- # For any other envelope type, canonicalize the hash (and any nested data)
355
- # by transforming it deterministically into a structure of arrays-in-arrays
354
+
355
+ # Canonicalize a framed message according to the envelope format.
356
+ def canonicalize(input) # :nodoc:
357
+ case @envelope
358
+ when :none, :right_support
359
+ canonrs(input)
360
+ when :jwt
361
+ [input.first, canonjwt(input.last)]
362
+ end
363
+ end
364
+
365
+ # Canonicalize the input by rearranging all Hash keys in lexical order and
366
+ # converting data types to JSON-friendly versions.
367
+ def canonjwt(input)
368
+ case input
369
+ when Hash
370
+ output = {}
371
+ input.keys.sort.each { |k| output[k] = input[k] }
372
+ when Array
373
+ output = input.map { |e| canonjwt(input) }
374
+ when Time
375
+ output = input.to_i
376
+ when Symbol
377
+ output = input.to_s
378
+ else
379
+ output = input
380
+ end
381
+
382
+ output
383
+ end
384
+
385
+ # canonicalize the input by transforming it deterministically into a structure of arrays-in-arrays
356
386
  # whose elements are ordered according to the lexical ordering of hash keys.
357
387
  # Canonicalization ensures that the signer and verifier agree on the
358
388
  # contents of the thing being signed irrespective of Ruby version, CPU
359
389
  # architecture, etc.
360
- def canonicalize(input) # :nodoc:
361
- return input.map { |i| @encoding.dump(i) } if @envelope == :jwt
362
-
390
+ def canonrs(input)
363
391
  case input
364
392
  when Hash
365
393
  # Hash is the only complex case. We canonicalize a Hash as an Array of pairs, each of which
@@ -371,7 +399,7 @@ module RightSupport::Crypto
371
399
  # (which should make them sortable, too). Also canonicalize the values while we are
372
400
  # at it...
373
401
  sortable_input = {}
374
- input.each { |k,v| sortable_input[canonicalize(k)] = canonicalize(v) }
402
+ input.each { |k,v| sortable_input[canonrs(k)] = canonrs(v) }
375
403
 
376
404
  # Sort the keys; guard this operation so we can raise an intelligent error if
377
405
  # something is still not sortable even after canonicalization.
@@ -389,7 +417,7 @@ module RightSupport::Crypto
389
417
  output << [ key, sortable_input[key] ]
390
418
  end
391
419
  when Array
392
- output = input.collect { |x| canonicalize(x) }
420
+ output = input.collect { |x| canonrs(x) }
393
421
  when Time
394
422
  output = input.to_i
395
423
  when Symbol
data/lib/right_support/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # encoding: utf-8
2
2
  module RightSupport
3
- VERSION = '2.14.1'.freeze
3
+ VERSION = '2.14.2'.freeze
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: right_support
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.14.1
4
+ version: 2.14.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tony Spataro
@@ -13,7 +13,7 @@ authors:
13
13
  autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2016-12-20 00:00:00.000000000 Z
16
+ date: 2017-01-05 00:00:00.000000000 Z
17
17
  dependencies: []
18
18
  description: A toolkit of useful, reusable foundation code created by RightScale.
19
19
  email: support@rightscale.com