rotp 5.1.0 → 6.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 21758aaaffd88bc9b2042b13f269b8ea16e93aa870a02f8538d688d2290dfe6d
-  data.tar.gz: 57e7983b8321fcf43982436b9ebc0aaad1ed5248e8a3359a6fefeafdf139527d
+  metadata.gz: c56412a3603b43a3371e26cfb7d9314b2469e99558ea7f58a86b3c51f7e30055
+  data.tar.gz: 1923418367d2df594d64fb3b5810aad696a78a93ff89e4a19b655dcc4c98cff3
 SHA512:
-  metadata.gz: 58d61e11ce0ef3a2f6fc7e0e8ca577f2e93dc4c8f5bb2b880a5cb5428beccfca09723871b4d3b256d20f3c8f7246cb5b6128af9bd63ca38a039e50e10ec60314
-  data.tar.gz: 2f47df80e1d3f4f84005183f9963f589e64a6cb1a2d35dc1cf15bb33cce707de2cf048f5569c7c778f93dbad63f619e16c530cdafdcb092bc3025fbd44e994ff
+  metadata.gz: ede75377c7c88538f4c6dc1dbe623f5ad099382a59f38245a35cde7a20f3fd17b38178ffcb0db960d7a923432dc8fe1c8eef760c58d0dcd57cb6709971fcb0e1
+  data.tar.gz: 4bda95ccda7e78c4bb33fe57e9d79e0eda0654074e5b8b6461e9e59f25dd23bb8554e6f003f5375a1e857f126e41c6829e818c9f6bab288f583c204ed6444f49

data/.travis.yml

@@ -1,8 +1,9 @@
 language: ruby
 before_install: gem install bundler -v '<2'
 rvm:
+  - 2.7
   - 2.6
   - 2.5
-  - 2.0
+  - 2.3
 script:
   - bundle exec rspec

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 ### Changelog
 
+### 6.0.0
+
+- Dropping support for Ruby <2.3 (Major version bump)
+- Fix issue when using --enable-frozen-string-literal Ruby option #95 (jeremyevans)
+- URI Encoding fix #94 (ksuh90)
+- Update gems (rake, addressable)
+- Update Travis tests to include Ruby 2.7
+
 ### 5.1.0
 
 - Create `random_base32` to perform `random` to avoid breaking changes

data/Dockerfile-2.3

@@ -0,0 +1,10 @@
+FROM ruby:2.3
+
+RUN mkdir -p /usr/src/app
+WORKDIR /usr/src/app
+
+COPY Gemfile /usr/src/app/
+COPY . /usr/src/app
+RUN bundle install
+
+CMD ["bundle", "exec", "rspec"]

data/{Dockerfile-2.0 → Dockerfile-2.7}

@@ -1,4 +1,4 @@
-FROM ruby:2.0
+FROM ruby:2.7
 
 RUN mkdir -p /usr/src/app
 WORKDIR /usr/src/app

data/README.md

@@ -18,12 +18,16 @@ Many websites use this for [multi-factor authentication](https://www.youtube.com
 
 ## Breaking changes
 
+### Breaking changes in >= 6.0
+
+- Dropping support for Ruby <2.3
+
 ### Breaking changes in >= 5.0
 
 - `ROTP::Base32.random_base32` is now `ROTP::Base32.random` and the argument
   has changed from secret string length to byte length to allow for more
-  precision
-- Cleaned up the Base32 implementation to better match Google Authenticator's version
+  precision. There is an alias to allow for `random_base32` for the time being.
+- Cleaned up the Base32 implementation to match Google Authenticator's version.
 
 ### Breaking changes in >= 4.0
 
@@ -66,8 +70,8 @@ hotp.at(1) # => "595254"
 hotp.at(1401) # => "259769"
 
 # OTP verified with a counter
-hotp.verify("316439", 1401) # => 1401
-hotp.verify("316439", 1402) # => nil
+hotp.verify("259769", 1401) # => 1401
+hotp.verify("259769", 1402) # => nil
 ```
 
 ### Preventing reuse of Time based OTP's
@@ -78,7 +82,7 @@ the interval window (default 30 seconds)
 The following is an example of this in action:
 
 ```ruby
-User.find(someUserID)
+user = User.find(someUserID)
 totp = ROTP::TOTP.new(user.otp_secret)
 totp.now # => "492039"
 
@@ -129,7 +133,7 @@ Google Authenticator.
 
 ```ruby
 totp = ROTP::TOTP.new("base32secret3232", issuer: "My Service")
-totp.provisioning_uri("alice@google.com") # => 'otpauth://totp/My%20Service:alice@google.com?secret=base32secret3232&issuer=My+Service'
+totp.provisioning_uri("alice@google.com") # => 'otpauth://totp/My%20Service:alice@google.com?secret=base32secret3232&issuer=My%20Service'
 
 hotp = ROTP::HOTP.new("base32secret3232", issuer: "My Service")
 hotp.provisioning_uri("alice@google.com", 0) # => 'otpauth://hotp/alice@google.com?secret=base32secret3232&counter=0'

data/lib/rotp/base32.rb

@@ -28,7 +28,7 @@ module ROTP
 
       def encode(b)
         data = b.unpack('c*')
-        out = ''
+        out = String.new
         buffer = data[0]
         idx = 1
         bits_left = 8

data/lib/rotp/totp.rb

@@ -62,7 +62,7 @@ module ROTP
       params = {
         secret: secret,
         period: interval == 30 ? nil : interval,
-        issuer: issuer,
+        issuer: Addressable::URI.encode(issuer),
         digits: digits == DEFAULT_DIGITS ? nil : digits,
         algorithm: digest.casecmp('SHA1').zero? ? nil : digest.upcase
       }

data/lib/rotp/version.rb

@@ -1,3 +1,3 @@
 module ROTP
-  VERSION = '5.1.0'.freeze
+  VERSION = '6.0.0'.freeze
 end

data/rotp.gemspec

@@ -4,6 +4,7 @@ Gem::Specification.new do |s|
   s.name        = 'rotp'
   s.version     = ROTP::VERSION
   s.platform    = Gem::Platform::RUBY
+  s.required_ruby_version = '~> 2.3'
   s.license     = 'MIT'
   s.authors     = ['Mark Percival']
   s.email       = ['mark@markpercival.us']
@@ -11,16 +12,14 @@ Gem::Specification.new do |s|
   s.summary     = 'A Ruby library for generating and verifying one time passwords'
   s.description = 'Works for both HOTP and TOTP, and includes QR Code provisioning'
 
-  s.rubyforge_project = 'rotp'
-
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
   s.require_paths = ['lib']
 
-  s.add_runtime_dependency 'addressable', '~> 2.5'
+  s.add_runtime_dependency 'addressable', '~> 2.7'
 
-  s.add_development_dependency 'rake', '~> 10.5'
+  s.add_development_dependency "rake", "~> 13.0"
   s.add_development_dependency 'rspec', '~> 3.5'
   s.add_development_dependency 'simplecov', '~> 0.12'
   s.add_development_dependency 'timecop', '~> 0.8'

data/spec/lib/rotp/totp_spec.rb

@@ -262,6 +262,14 @@ RSpec.describe ROTP::TOTP do
       it 'includes the issuer as parameter' do
         expect(params['issuer'].first).to eq 'FooCo'
       end
+
+      context 'with spaces in issuer' do
+        let(:totp)  { ROTP::TOTP.new 'JBSWY3DPEHPK3PXP', issuer: 'Foo Co' }
+
+        it 'includes the uri encoded issuer as parameter' do
+          expect(params['issuer'].first).to eq 'Foo%20Co'
+        end
+      end
     end
 
     context 'with custom interval' do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rotp
 version: !ruby/object:Gem::Version
-  version: 5.1.0
+  version: 6.0.0
 platform: ruby
 authors:
 - Mark Percival
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-06-27 00:00:00.000000000 Z
+date: 2020-04-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.5'
+        version: '2.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.5'
+        version: '2.7'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.5'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.5'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -92,9 +92,10 @@ files:
 - ".gitignore"
 - ".travis.yml"
 - CHANGELOG.md
-- Dockerfile-2.0
+- Dockerfile-2.3
 - Dockerfile-2.5
 - Dockerfile-2.6
+- Dockerfile-2.7
 - Gemfile
 - Guardfile
 - LICENSE
@@ -144,17 +145,16 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - "~>"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: rotp
-rubygems_version: 2.7.6
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: A Ruby library for generating and verifying one time passwords