right_support 2.14.1 → 2.14.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/right_support/crypto/signed_hash.rb +40 -12
  3. data/lib/right_support/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 1dca63bf8c124604e44a21a45d56515e63fc6760
4
- data.tar.gz: 224209a39c20b16906f9688755ea12b16957655e
3
+ metadata.gz: b4fb7f96e9bb401c4963b07cf43a1ada833d2c45
4
+ data.tar.gz: a14c034381d62084d9711d076d1979e0112556f0
5
5
  SHA512:
6
- metadata.gz: ab60e79b75e481d2c374fecf4f59f5c69bade7f859b3ad34d025b397cfb431bce2c6ef769f50406723b9170c2391c089e94255a7386760884a52b41ede8c9684
7
- data.tar.gz: 7fc92ba8a0e765a51c043bc39ab11fcf664d2c2fad5330b18dcb42c4257a55b91f1726889b941c06a7d83c1f63c220e853903a6b74c7aefde10fecca00406a6c
6
+ metadata.gz: 920da7edea75328c6e4e01fd8e6e698e6b08741354f1c7f8b59ea0fba05ee8c56ec3dd27a0ac96c672c9c483bee2b9506a68d6d62912ea85c48b2828f70c85ac
7
+ data.tar.gz: c3fbb05a2b3680a3b59505f5ce62bc61ba79046dc16630d5e211b2cf941c9b8a5cb25bfdc1b5b7ddab5644d367da361ffb1b36fee02c6efe950a42323d999250
data/lib/right_support/crypto/signed_hash.rb CHANGED
@@ -338,28 +338,56 @@ module RightSupport::Crypto
338
338
  t.is_a?(Time) && (t >= Time.now)
339
339
  end
340
340
 
341
- # Encode a canonicalized representation of the hash.
341
+ # Encode a canonicalized representation of the input.
342
342
  def encode(input) # :nodoc:
343
343
  case @envelope
344
344
  when :none, :right_support
345
345
  @encoding.dump(input)
346
346
  when :jwt
347
- input.map { |m| RightSupport::Data::Base64URL.encode(m) }.join('.')
347
+ bits = input.map do |m|
348
+ RightSupport::Data::Base64URL.encode(JSON.dump(m))
349
+ end
350
+ bits.join '.'
348
351
  end
349
352
  end
350
353
 
351
- # If envelope is :jwt, return the input with each element mapped
352
- # to its encoded form, but otherwise unchanged in any way.
353
- #
354
- # For any other envelope type, canonicalize the hash (and any nested data)
355
- # by transforming it deterministically into a structure of arrays-in-arrays
354
+
355
+ # Canonicalize a framed message according to the envelope format.
356
+ def canonicalize(input) # :nodoc:
357
+ case @envelope
358
+ when :none, :right_support
359
+ canonrs(input)
360
+ when :jwt
361
+ [input.first, canonjwt(input.last)]
362
+ end
363
+ end
364
+
365
+ # Canonicalize the input by rearranging all Hash keys in lexical order and
366
+ # converting data types to JSON-friendly versions.
367
+ def canonjwt(input)
368
+ case input
369
+ when Hash
370
+ output = {}
371
+ input.keys.sort.each { |k| output[k] = input[k] }
372
+ when Array
373
+ output = input.map { |e| canonjwt(input) }
374
+ when Time
375
+ output = input.to_i
376
+ when Symbol
377
+ output = input.to_s
378
+ else
379
+ output = input
380
+ end
381
+
382
+ output
383
+ end
384
+
385
+ # canonicalize the input by transforming it deterministically into a structure of arrays-in-arrays
356
386
  # whose elements are ordered according to the lexical ordering of hash keys.
357
387
  # Canonicalization ensures that the signer and verifier agree on the
358
388
  # contents of the thing being signed irrespective of Ruby version, CPU
359
389
  # architecture, etc.
360
- def canonicalize(input) # :nodoc:
361
- return input.map { |i| @encoding.dump(i) } if @envelope == :jwt
362
-
390
+ def canonrs(input)
363
391
  case input
364
392
  when Hash
365
393
  # Hash is the only complex case. We canonicalize a Hash as an Array of pairs, each of which
@@ -371,7 +399,7 @@ module RightSupport::Crypto
371
399
  # (which should make them sortable, too). Also canonicalize the values while we are
372
400
  # at it...
373
401
  sortable_input = {}
374
- input.each { |k,v| sortable_input[canonicalize(k)] = canonicalize(v) }
402
+ input.each { |k,v| sortable_input[canonrs(k)] = canonrs(v) }
375
403
 
376
404
  # Sort the keys; guard this operation so we can raise an intelligent error if
377
405
  # something is still not sortable even after canonicalization.
@@ -389,7 +417,7 @@ module RightSupport::Crypto
389
417
  output << [ key, sortable_input[key] ]
390
418
  end
391
419
  when Array
392
- output = input.collect { |x| canonicalize(x) }
420
+ output = input.collect { |x| canonrs(x) }
393
421
  when Time
394
422
  output = input.to_i
395
423
  when Symbol
data/lib/right_support/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # encoding: utf-8
2
2
  module RightSupport
3
- VERSION = '2.14.1'.freeze
3
+ VERSION = '2.14.2'.freeze
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: right_support
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.14.1
4
+ version: 2.14.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tony Spataro
@@ -13,7 +13,7 @@ authors:
13
13
  autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2016-12-20 00:00:00.000000000 Z
16
+ date: 2017-01-05 00:00:00.000000000 Z
17
17
  dependencies: []
18
18
  description: A toolkit of useful, reusable foundation code created by RightScale.
19
19
  email: support@rightscale.com