sageone_api_signer 1.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +14 -0
- data/.rspec +3 -0
- data/.travis.yml +5 -0
- data/Fudgefile +25 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +23 -0
- data/README.md +73 -0
- data/RELEASE_NOTES.md +6 -0
- data/Rakefile +11 -0
- data/fudge_settings.yml +5 -0
- data/lib/sageone_api_signer.rb +93 -0
- data/lib/sageone_api_signer/version.rb +3 -0
- data/sageone_api_signer.gemspec +33 -0
- data/spec/integration/check_signature_data_spec.rb +39 -0
- data/spec/integration/complex_body_params_spec.rb +60 -0
- data/spec/sageone_api_signer_spec.rb +150 -0
- data/spec/spec_helper.rb +102 -0
- metadata +233 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 7f343ce8e670e9cb9363e4f0521ca1159c1e5ea5
|
4
|
+
data.tar.gz: f08b62dc412f6af1d375b0dd7df2beed9f9d9229
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 7f7125f691f2ed1e6be5e91fae650e3893d5dfa098bec73e43265ffcbd00f8a1c238f52bd652eaae2b3d1b565f761001f117d4ff6ccb46a8f4b1b5679c7b3dec
|
7
|
+
data.tar.gz: 19deaf38924364f63cc980ac2fb9c85aaa04dc8fd5f82fafffe4380ae62939c675b1c5d0ed746b2c69ca6c5399c42fb8cd5d937dddf4525dff47554336c862b7
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/.travis.yml
ADDED
data/Fudgefile
ADDED
@@ -0,0 +1,25 @@
|
|
1
|
+
exclude = '^\.\/(spec)\/'
|
2
|
+
|
3
|
+
task_group :quality_assurance do
|
4
|
+
cane max_width: 200, exclude: exclude
|
5
|
+
task :flay, exclude: exclude
|
6
|
+
task :flog, exclude: exclude, methods: true
|
7
|
+
end
|
8
|
+
|
9
|
+
task_group :setup_env do
|
10
|
+
clean_bundler_env do
|
11
|
+
shell 'bundle install'
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
task_group :rspec do
|
16
|
+
clean_bundler_env do
|
17
|
+
rspec coverage: 100
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
build :default do
|
22
|
+
task_group :setup_env
|
23
|
+
task_group :quality_assurance
|
24
|
+
task_group :rspec
|
25
|
+
end
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
|
2
|
+
Copyright (c) 2012 Sage
|
3
|
+
|
4
|
+
MIT License
|
5
|
+
|
6
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
7
|
+
a copy of this software and associated documentation files (the
|
8
|
+
"Software"), to deal in the Software without restriction, including
|
9
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
10
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
11
|
+
permit persons to whom the Software is furnished to do so, subject to
|
12
|
+
the following conditions:
|
13
|
+
|
14
|
+
The above copyright notice and this permission notice shall be
|
15
|
+
included in all copies or substantial portions of the Software.
|
16
|
+
|
17
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
18
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
19
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
20
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
21
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
22
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
23
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,73 @@
|
|
1
|
+
# Sage One API Signer
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/Sage/sageone_api_signer.svg?branch=master)](https://travis-ci.org/Sage/sageone_api_signer)
|
4
|
+
|
5
|
+
This gem handles the required signing of requests to the [Sage One](http://www.sageone.com) API.
|
6
|
+
|
7
|
+
The signing process is described in detail here: [https://developers.sageone.com/docs#signing_your_requests](https://developers.sageone.com/docs#signing_your_requests)
|
8
|
+
|
9
|
+
## Installation
|
10
|
+
|
11
|
+
Add the `sageone_api_signer` to your application's Gemfile:
|
12
|
+
|
13
|
+
```ruby
|
14
|
+
gem 'sageone_api_signer'
|
15
|
+
```
|
16
|
+
|
17
|
+
And then execute:
|
18
|
+
|
19
|
+
$ bundle
|
20
|
+
|
21
|
+
Or install the gem yourself:
|
22
|
+
|
23
|
+
$ gem install sageone_api_signer
|
24
|
+
|
25
|
+
## Usage
|
26
|
+
|
27
|
+
To create a `SageoneApiSigner` instance, you need to provide the following data:
|
28
|
+
|
29
|
+
```ruby
|
30
|
+
@signer = SageoneApiSigner.new({
|
31
|
+
request_method: 'post',
|
32
|
+
url: 'https://api.sageone.com/test/accounts/v1/contacts?config_setting=foo',
|
33
|
+
body_params: {
|
34
|
+
'contact[contact_type_id]' => 1,
|
35
|
+
'contact[name]' => 'My Customer'
|
36
|
+
},
|
37
|
+
signing_secret: 'YOUR_SIGNING_SECRET',
|
38
|
+
access_token: 'YOUR_ACCESS_TOKEN',
|
39
|
+
})
|
40
|
+
```
|
41
|
+
|
42
|
+
You can then generate the signature:
|
43
|
+
|
44
|
+
```ruby
|
45
|
+
@signer.signature
|
46
|
+
=> "g1Cteq+JHjJzXYn7FpaLF42BymQ=\n"
|
47
|
+
|
48
|
+
```
|
49
|
+
|
50
|
+
or even the request headers:
|
51
|
+
|
52
|
+
```ruby
|
53
|
+
@signer.request_headers("YOUR_APP_NAME")
|
54
|
+
=> {
|
55
|
+
=> 'Authorization' => "Bearer 3a5cfe7c90a78276e247c73da7bf120fc5283693",
|
56
|
+
=> 'X-Nonce' => "e673495125616bed53624a76db215a8a",
|
57
|
+
=> 'X-Signature' => "g1Cteq+JHjJzXYn7FpaLF42BymQ=\n",
|
58
|
+
=> 'Accept' => '*/*',
|
59
|
+
=> 'Content-Type' => 'application/x-www-form-urlencoded',
|
60
|
+
=> 'User-Agent' => "YOUR_APP_NAME"
|
61
|
+
=> }
|
62
|
+
|
63
|
+
```
|
64
|
+
|
65
|
+
You can see an example in this [integration test](spec/integration/check_signature_data_spec.rb).
|
66
|
+
|
67
|
+
## Contributing
|
68
|
+
|
69
|
+
1. Fork it ( https://github.com/[my-github-username]/sageone_api_signer/fork )
|
70
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
71
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
72
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
73
|
+
5. Create a new Pull Request
|
data/RELEASE_NOTES.md
ADDED
data/Rakefile
ADDED
data/fudge_settings.yml
ADDED
@@ -0,0 +1,93 @@
|
|
1
|
+
require "sageone_api_signer/version"
|
2
|
+
require "active_support"
|
3
|
+
require "active_support/core_ext"
|
4
|
+
require "base64"
|
5
|
+
|
6
|
+
# Sign a Sage One API request call following the steps detailed here:
|
7
|
+
# https://developers.sageone.com/docs#signing_your_requests
|
8
|
+
class SageoneApiSigner
|
9
|
+
|
10
|
+
attr_accessor :request_method, :url, :body_params, :nonce, :signing_secret, :access_token
|
11
|
+
|
12
|
+
def initialize(params = {})
|
13
|
+
params.each do |attr, val|
|
14
|
+
self.public_send("#{attr}=", val)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
def request_method
|
19
|
+
@request_method.to_s.upcase
|
20
|
+
end
|
21
|
+
|
22
|
+
def nonce
|
23
|
+
@nonce ||= SecureRandom.hex
|
24
|
+
end
|
25
|
+
|
26
|
+
def uri
|
27
|
+
@uri ||= URI(url)
|
28
|
+
end
|
29
|
+
|
30
|
+
# Return the base URL without query string and fragment
|
31
|
+
def base_url
|
32
|
+
@base_url ||= [
|
33
|
+
uri.scheme,
|
34
|
+
'://',
|
35
|
+
uri.host,
|
36
|
+
uri_port_string,
|
37
|
+
uri.path
|
38
|
+
].join
|
39
|
+
end
|
40
|
+
|
41
|
+
def url_params
|
42
|
+
@url_params ||= Hash[URI::decode_www_form(uri.query || '')]
|
43
|
+
end
|
44
|
+
|
45
|
+
def parameter_string
|
46
|
+
@parameter_string ||= (
|
47
|
+
Hash[url_params.merge(body_params).sort].to_query.gsub('+','%20')
|
48
|
+
)
|
49
|
+
end
|
50
|
+
|
51
|
+
def signature_base_string
|
52
|
+
@signature_base_string ||= [
|
53
|
+
request_method,
|
54
|
+
percent_encode(base_url),
|
55
|
+
percent_encode(parameter_string),
|
56
|
+
percent_encode(nonce)
|
57
|
+
].join('&')
|
58
|
+
end
|
59
|
+
|
60
|
+
def signing_key
|
61
|
+
@signing_key ||= [
|
62
|
+
percent_encode(signing_secret),
|
63
|
+
percent_encode(access_token)
|
64
|
+
].join('&')
|
65
|
+
end
|
66
|
+
|
67
|
+
# generate a Base64 encoded signature
|
68
|
+
def signature
|
69
|
+
@signature ||= Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), signing_key, signature_base_string))
|
70
|
+
end
|
71
|
+
|
72
|
+
# The request headers
|
73
|
+
def request_headers(user_agent)
|
74
|
+
{
|
75
|
+
'Authorization' => "Bearer #{access_token}",
|
76
|
+
'X-Nonce' => nonce,
|
77
|
+
'X-Signature' => signature,
|
78
|
+
'Accept' => '*/*',
|
79
|
+
'Content-Type' => 'application/x-www-form-urlencoded',
|
80
|
+
'User-Agent' => user_agent
|
81
|
+
}
|
82
|
+
end
|
83
|
+
|
84
|
+
private
|
85
|
+
|
86
|
+
def percent_encode(str)
|
87
|
+
URI.escape(str.to_s, /[^0-9A-Za-z\-._~]/)
|
88
|
+
end
|
89
|
+
|
90
|
+
def uri_port_string
|
91
|
+
uri.port == uri.default_port ? "" : ":#{uri.port}"
|
92
|
+
end
|
93
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'sageone_api_signer/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "sageone_api_signer"
|
8
|
+
spec.version = SageoneApiSigner::VERSION
|
9
|
+
spec.authors = %q{Sage One Development Team}
|
10
|
+
spec.email = %q{support@sageone.com}
|
11
|
+
spec.summary = %q{Sign requests to Sage One API.}
|
12
|
+
spec.description = %q{Sign requests to Sage One API.}
|
13
|
+
spec.homepage = ""
|
14
|
+
spec.license = "MIT"
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0")
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_dependency "activesupport"
|
22
|
+
spec.add_development_dependency "bundler", "~> 1.7"
|
23
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
24
|
+
spec.add_development_dependency 'fudge'
|
25
|
+
spec.add_development_dependency 'pry'
|
26
|
+
spec.add_development_dependency 'rspec'
|
27
|
+
spec.add_development_dependency 'flay'
|
28
|
+
spec.add_development_dependency 'ruby2ruby' # dependency of flay, which doesn't use a gemspec
|
29
|
+
spec.add_development_dependency 'flog'
|
30
|
+
spec.add_development_dependency 'cane'
|
31
|
+
spec.add_development_dependency 'simplecov'
|
32
|
+
spec.add_development_dependency 'rest_client' # integration test do real api calls
|
33
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require 'rest_client'
|
2
|
+
require 'json'
|
3
|
+
|
4
|
+
RSpec.describe SageoneApiSigner do
|
5
|
+
subject do
|
6
|
+
SageoneApiSigner.new({
|
7
|
+
request_method: 'post',
|
8
|
+
url: 'https://api.sageone.com/test/accounts/v1/contacts?config_setting=foo',
|
9
|
+
body_params: {
|
10
|
+
'contact[contact_type_id]' => 1,
|
11
|
+
'contact[name]' => 'My Customer'
|
12
|
+
},
|
13
|
+
signing_secret: 'TestSigningSecret',
|
14
|
+
access_token: 'TestToken',
|
15
|
+
})
|
16
|
+
end
|
17
|
+
|
18
|
+
describe 'doing a real call to the test endpoint' do
|
19
|
+
it 'should check with the test server data' do
|
20
|
+
headers = subject.request_headers('foo')
|
21
|
+
|
22
|
+
begin
|
23
|
+
RestClient.post subject.url, subject.body_params, headers
|
24
|
+
rescue => e
|
25
|
+
response = JSON.parse(e.response.to_s)
|
26
|
+
raise "#{response['error']}: #{response['error_description']}"
|
27
|
+
end
|
28
|
+
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
describe 'bug when the url has no params' do
|
33
|
+
it 'should not raise an error!' do
|
34
|
+
subject.url = 'https://api.sageone.com/test/accounts/v1/contacts'
|
35
|
+
expect(subject.url_params).to eql({})
|
36
|
+
expect(subject.signature).to_not be nil
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,60 @@
|
|
1
|
+
require 'rest_client'
|
2
|
+
require 'json'
|
3
|
+
|
4
|
+
RSpec.describe 'testing complex body params' do
|
5
|
+
subject do
|
6
|
+
SageoneApiSigner.new({
|
7
|
+
request_method: 'post',
|
8
|
+
url: 'https://api.sageone.com/test/accounts/v1/contacts',
|
9
|
+
signing_secret: 'TestSigningSecret',
|
10
|
+
access_token: 'TestToken',
|
11
|
+
})
|
12
|
+
end
|
13
|
+
|
14
|
+
let(:headers) do
|
15
|
+
subject.request_headers('foo')
|
16
|
+
end
|
17
|
+
|
18
|
+
it 'with multi-level hashes' do
|
19
|
+
subject.body_params = {
|
20
|
+
first: 'level',
|
21
|
+
second: {
|
22
|
+
multi: 'level',
|
23
|
+
third: {
|
24
|
+
level: 'the last one'
|
25
|
+
},
|
26
|
+
ok: 'this is enough'
|
27
|
+
}
|
28
|
+
}
|
29
|
+
|
30
|
+
check_signature!
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'with something like "arrays"' do
|
34
|
+
subject.body_params = {
|
35
|
+
simple: 'param',
|
36
|
+
complex: {
|
37
|
+
0 => {one:11, two:12, three:13},
|
38
|
+
1 => {one:21, two:22, three:23},
|
39
|
+
}
|
40
|
+
}
|
41
|
+
check_signature!
|
42
|
+
end
|
43
|
+
|
44
|
+
def check_signature!
|
45
|
+
RestClient.post subject.url, subject.body_params, headers
|
46
|
+
|
47
|
+
rescue => e
|
48
|
+
raise e unless e.respond_to? :response
|
49
|
+
|
50
|
+
response = JSON.parse(e.response.to_s)
|
51
|
+
|
52
|
+
expect(subject.nonce).to eql(response['nonce'])
|
53
|
+
expect(subject.request_method).to eql(response['request_method'])
|
54
|
+
expect(subject.access_token).to eql(response['token'])
|
55
|
+
expect(subject.base_url).to eql(response['base_url'])
|
56
|
+
expect(subject.parameter_string).to eql(response['parameter_string'])
|
57
|
+
expect(subject.signature_base_string).to eql(response['signature_base_string'])
|
58
|
+
expect(subject.signing_secret).to eql(response['signing_secret'])
|
59
|
+
end
|
60
|
+
end
|
@@ -0,0 +1,150 @@
|
|
1
|
+
RSpec.describe SageoneApiSigner do
|
2
|
+
it { expect(subject).to respond_to :request_method }
|
3
|
+
it { expect(subject).to respond_to :url }
|
4
|
+
it { expect(subject).to respond_to :body_params }
|
5
|
+
it { expect(subject).to respond_to :nonce }
|
6
|
+
it { expect(subject).to respond_to :signing_secret }
|
7
|
+
it { expect(subject).to respond_to :access_token }
|
8
|
+
|
9
|
+
it 'should set everything on initialize' do
|
10
|
+
obj = described_class.new(
|
11
|
+
request_method: 'method',
|
12
|
+
url: 'url',
|
13
|
+
body_params: 'body',
|
14
|
+
nonce: 'nonce',
|
15
|
+
signing_secret: 'secret',
|
16
|
+
access_token: 'token',
|
17
|
+
)
|
18
|
+
|
19
|
+
expect(obj.request_method).to eql 'METHOD'
|
20
|
+
expect(obj.url).to eql 'url'
|
21
|
+
expect(obj.body_params).to eql 'body'
|
22
|
+
expect(obj.nonce).to eql 'nonce'
|
23
|
+
expect(obj.signing_secret).to eql 'secret'
|
24
|
+
expect(obj.access_token).to eql 'token'
|
25
|
+
end
|
26
|
+
|
27
|
+
subject do
|
28
|
+
described_class.new(
|
29
|
+
request_method: 'post',
|
30
|
+
url: 'https://api.sageone.com/accounts/v1/contacts?config_setting=foo',
|
31
|
+
nonce: 'd6657d14f6d3d9de453ff4b0dc686c6d',
|
32
|
+
body_params: {
|
33
|
+
'contact[contact_type_id]' => 1,
|
34
|
+
'contact[name]' => 'My Customer',
|
35
|
+
}
|
36
|
+
)
|
37
|
+
end
|
38
|
+
|
39
|
+
describe '#request_method' do
|
40
|
+
it 'BUG nil the second time we call it!!!' do
|
41
|
+
subject.request_method = 'get'
|
42
|
+
expect(subject.request_method).to eql 'GET'
|
43
|
+
expect(subject.request_method).to eql 'GET'
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
describe '#nonce' do
|
48
|
+
it 'should build a rondom one by default' do
|
49
|
+
expect(SecureRandom).to receive(:hex).once.and_return('random nonce')
|
50
|
+
obj = described_class.new
|
51
|
+
|
52
|
+
expect(obj.nonce).to eql 'random nonce'
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
describe '#uri' do
|
57
|
+
it 'should be an URI with the URL' do
|
58
|
+
subject.url = 'http://www.google.com.br'
|
59
|
+
expect(subject.uri).to eql URI('http://www.google.com.br')
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
describe '#base_url' do
|
64
|
+
describe 'using the default port' do
|
65
|
+
before { subject.url = 'https://api.sageone.com/accounts/v1/contacts?config_setting=foo' }
|
66
|
+
it { expect(subject.base_url).to eql 'https://api.sageone.com/accounts/v1/contacts' }
|
67
|
+
end
|
68
|
+
|
69
|
+
describe 'with a specific port' do
|
70
|
+
before { subject.url = 'https://api.sageone.com:123/accounts/v1/contacts?config_setting=foo' }
|
71
|
+
it { expect(subject.base_url).to eql 'https://api.sageone.com:123/accounts/v1/contacts' }
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
describe '#url_params' do
|
76
|
+
it 'should give me a has from the url query' do
|
77
|
+
subject.url = 'https://api.sageone.com/accounts/v1/contacts?response_type=code&client_id=4b64axxxxxxxxxx00710&scope=full_access'
|
78
|
+
|
79
|
+
expect(subject.url_params).to eql({
|
80
|
+
'response_type' => 'code',
|
81
|
+
'client_id' => '4b64axxxxxxxxxx00710',
|
82
|
+
'scope' => 'full_access'
|
83
|
+
})
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
describe '#parameter_string' do
|
88
|
+
it 'should match the website example' do
|
89
|
+
subject.url = 'https://api.sageone.com/accounts/v1/contacts?config_setting=foo'
|
90
|
+
subject.body_params = {
|
91
|
+
'contact[contact_type_id]' => 1,
|
92
|
+
'contact[name]' => 'My Customer',
|
93
|
+
}
|
94
|
+
|
95
|
+
expect(subject.parameter_string).to eql 'config_setting=foo&contact%5Bcontact_type_id%5D=1&contact%5Bname%5D=My%20Customer'
|
96
|
+
end
|
97
|
+
|
98
|
+
it 'should sort the params' do
|
99
|
+
subject.url = 'https://api.sageone.com/accounts/v1/contacts?zee=4&bee=2'
|
100
|
+
subject.body_params = {
|
101
|
+
'aaa' => 1,
|
102
|
+
'dee' => 3,
|
103
|
+
}
|
104
|
+
|
105
|
+
expect(subject.parameter_string).to eql 'aaa=1&bee=2&dee=3&zee=4'
|
106
|
+
end
|
107
|
+
|
108
|
+
it 'cant have +, should have %20' do
|
109
|
+
subject.url = 'https://api.sageone.com/accounts/v1/contacts?in_the_url=i+cant+have+pluses'
|
110
|
+
subject.body_params = {'in_the_body_param' => 'cant have pluses here too'}
|
111
|
+
expect(subject.parameter_string).to eql 'in_the_body_param=cant%20have%20pluses%20here%20too&in_the_url=i%20cant%20have%20pluses'
|
112
|
+
end
|
113
|
+
end
|
114
|
+
|
115
|
+
describe '#signature_base_string' do
|
116
|
+
it 'should follow the website example' do
|
117
|
+
expected = 'POST&https%3A%2F%2Fapi.sageone.com%2Faccounts%2Fv1%2Fcontacts&config_setting%3Dfoo%26' \
|
118
|
+
'contact%255Bcontact_type_id%255D%3D1%26contact%255Bname%255D%3DMy%2520Customer&d6657d14f6d3d9de453ff4b0dc686c6d'
|
119
|
+
expect(subject.signature_base_string).to eql expected
|
120
|
+
end
|
121
|
+
end
|
122
|
+
|
123
|
+
describe '#signing_key' do
|
124
|
+
it 'should be the secret & token percent encoded' do
|
125
|
+
subject.signing_secret = '297850d556xxxxxxxxxxxxxxxxxxxxe722db1d2a'
|
126
|
+
subject.access_token = 'cULSIjxxxxxIhbgbjX0R6MkKO'
|
127
|
+
expect(subject.signing_key).to eql '297850d556xxxxxxxxxxxxxxxxxxxxe722db1d2a&cULSIjxxxxxIhbgbjX0R6MkKO'
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
describe '#signature' do
|
132
|
+
it 'should hash this way' do
|
133
|
+
expected = Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), subject.signing_key, subject.signature_base_string))
|
134
|
+
expect(subject.signature).to eql expected
|
135
|
+
end
|
136
|
+
end
|
137
|
+
|
138
|
+
describe '#request_headers' do
|
139
|
+
it 'should help write the request headers' do
|
140
|
+
expect(subject.request_headers('foo')).to eql({
|
141
|
+
'Authorization' => "Bearer #{subject.access_token}",
|
142
|
+
'X-Nonce' => subject.nonce,
|
143
|
+
'X-Signature' => subject.signature,
|
144
|
+
'Accept' => '*/*',
|
145
|
+
'Content-Type' => 'application/x-www-form-urlencoded',
|
146
|
+
'User-Agent' => 'foo'
|
147
|
+
})
|
148
|
+
end
|
149
|
+
end
|
150
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,102 @@
|
|
1
|
+
require 'simplecov'
|
2
|
+
require 'pry'
|
3
|
+
|
4
|
+
SimpleCov.start do
|
5
|
+
add_filter 'spec/'
|
6
|
+
end
|
7
|
+
|
8
|
+
require 'sageone_api_signer'
|
9
|
+
|
10
|
+
#-----
|
11
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
12
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
13
|
+
# The generated `.rspec` file contains `--require spec_helper` which will cause this
|
14
|
+
# file to always be loaded, without a need to explicitly require it in any files.
|
15
|
+
#
|
16
|
+
# Given that it is always loaded, you are encouraged to keep this file as
|
17
|
+
# light-weight as possible. Requiring heavyweight dependencies from this file
|
18
|
+
# will add to the boot time of your test suite on EVERY test run, even for an
|
19
|
+
# individual file that may not need all of that loaded. Instead, consider making
|
20
|
+
# a separate helper file that requires the additional dependencies and performs
|
21
|
+
# the additional setup, and require it from the spec files that actually need it.
|
22
|
+
#
|
23
|
+
# The `.rspec` file also contains a few flags that are not defaults but that
|
24
|
+
# users commonly want.
|
25
|
+
#
|
26
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
27
|
+
RSpec.configure do |config|
|
28
|
+
# rspec-expectations config goes here. You can use an alternate
|
29
|
+
# assertion/expectation library such as wrong or the stdlib/minitest
|
30
|
+
# assertions if you prefer.
|
31
|
+
config.expect_with :rspec do |expectations|
|
32
|
+
# This option will default to `true` in RSpec 4. It makes the `description`
|
33
|
+
# and `failure_message` of custom matchers include text for helper methods
|
34
|
+
# defined using `chain`, e.g.:
|
35
|
+
# be_bigger_than(2).and_smaller_than(4).description
|
36
|
+
# # => "be bigger than 2 and smaller than 4"
|
37
|
+
# ...rather than:
|
38
|
+
# # => "be bigger than 2"
|
39
|
+
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
40
|
+
end
|
41
|
+
|
42
|
+
# rspec-mocks config goes here. You can use an alternate test double
|
43
|
+
# library (such as bogus or mocha) by changing the `mock_with` option here.
|
44
|
+
config.mock_with :rspec do |mocks|
|
45
|
+
# Prevents you from mocking or stubbing a method that does not exist on
|
46
|
+
# a real object. This is generally recommended, and will default to
|
47
|
+
# `true` in RSpec 4.
|
48
|
+
mocks.verify_partial_doubles = true
|
49
|
+
end
|
50
|
+
|
51
|
+
# Limits the available syntax to the non-monkey patched syntax that is recommended.
|
52
|
+
# For more details, see:
|
53
|
+
# - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
|
54
|
+
# - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
|
55
|
+
# - http://myronmars.to/n/dev-blog/2014/05/notable-changes-in-rspec-3#new__config_option_to_disable_rspeccore_monkey_patching
|
56
|
+
config.disable_monkey_patching!
|
57
|
+
|
58
|
+
|
59
|
+
|
60
|
+
# The settings below are suggested to provide a good initial experience
|
61
|
+
# with RSpec, but feel free to customize to your heart's content.
|
62
|
+
=begin
|
63
|
+
# These two settings work together to allow you to limit a spec run
|
64
|
+
# to individual examples or groups you care about by tagging them with
|
65
|
+
# `:focus` metadata. When nothing is tagged with `:focus`, all examples
|
66
|
+
# get run.
|
67
|
+
config.filter_run :focus
|
68
|
+
config.run_all_when_everything_filtered = true
|
69
|
+
|
70
|
+
|
71
|
+
# This setting enables warnings. It's recommended, but in some cases may
|
72
|
+
# be too noisy due to issues in dependencies.
|
73
|
+
config.warnings = true
|
74
|
+
|
75
|
+
# Many RSpec users commonly either run the entire suite or an individual
|
76
|
+
# file, and it's useful to allow more verbose output when running an
|
77
|
+
# individual spec file.
|
78
|
+
if config.files_to_run.one?
|
79
|
+
# Use the documentation formatter for detailed output,
|
80
|
+
# unless a formatter has already been configured
|
81
|
+
# (e.g. via a command-line flag).
|
82
|
+
config.default_formatter = 'doc'
|
83
|
+
end
|
84
|
+
|
85
|
+
# Print the 10 slowest examples and example groups at the
|
86
|
+
# end of the spec run, to help surface which specs are running
|
87
|
+
# particularly slow.
|
88
|
+
config.profile_examples = 10
|
89
|
+
|
90
|
+
# Run specs in random order to surface order dependencies. If you find an
|
91
|
+
# order dependency and want to debug it, you can fix the order by providing
|
92
|
+
# the seed, which is printed after each run.
|
93
|
+
# --seed 1234
|
94
|
+
config.order = :random
|
95
|
+
|
96
|
+
# Seed global randomization in this process using the `--seed` CLI option.
|
97
|
+
# Setting this allows you to use `--seed` to deterministically reproduce
|
98
|
+
# test failures related to randomization by passing the same `--seed` value
|
99
|
+
# as the one that triggered the failure.
|
100
|
+
Kernel.srand config.seed
|
101
|
+
=end
|
102
|
+
end
|
metadata
ADDED
@@ -0,0 +1,233 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: sageone_api_signer
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.3.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Sage One Development Team
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-02-12 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: activesupport
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: bundler
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.7'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '1.7'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rake
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '10.0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '10.0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: fudge
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: pry
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: rspec
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: flay
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: ruby2ruby
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - ">="
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '0'
|
118
|
+
type: :development
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - ">="
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '0'
|
125
|
+
- !ruby/object:Gem::Dependency
|
126
|
+
name: flog
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
128
|
+
requirements:
|
129
|
+
- - ">="
|
130
|
+
- !ruby/object:Gem::Version
|
131
|
+
version: '0'
|
132
|
+
type: :development
|
133
|
+
prerelease: false
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
135
|
+
requirements:
|
136
|
+
- - ">="
|
137
|
+
- !ruby/object:Gem::Version
|
138
|
+
version: '0'
|
139
|
+
- !ruby/object:Gem::Dependency
|
140
|
+
name: cane
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
142
|
+
requirements:
|
143
|
+
- - ">="
|
144
|
+
- !ruby/object:Gem::Version
|
145
|
+
version: '0'
|
146
|
+
type: :development
|
147
|
+
prerelease: false
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
149
|
+
requirements:
|
150
|
+
- - ">="
|
151
|
+
- !ruby/object:Gem::Version
|
152
|
+
version: '0'
|
153
|
+
- !ruby/object:Gem::Dependency
|
154
|
+
name: simplecov
|
155
|
+
requirement: !ruby/object:Gem::Requirement
|
156
|
+
requirements:
|
157
|
+
- - ">="
|
158
|
+
- !ruby/object:Gem::Version
|
159
|
+
version: '0'
|
160
|
+
type: :development
|
161
|
+
prerelease: false
|
162
|
+
version_requirements: !ruby/object:Gem::Requirement
|
163
|
+
requirements:
|
164
|
+
- - ">="
|
165
|
+
- !ruby/object:Gem::Version
|
166
|
+
version: '0'
|
167
|
+
- !ruby/object:Gem::Dependency
|
168
|
+
name: rest_client
|
169
|
+
requirement: !ruby/object:Gem::Requirement
|
170
|
+
requirements:
|
171
|
+
- - ">="
|
172
|
+
- !ruby/object:Gem::Version
|
173
|
+
version: '0'
|
174
|
+
type: :development
|
175
|
+
prerelease: false
|
176
|
+
version_requirements: !ruby/object:Gem::Requirement
|
177
|
+
requirements:
|
178
|
+
- - ">="
|
179
|
+
- !ruby/object:Gem::Version
|
180
|
+
version: '0'
|
181
|
+
description: Sign requests to Sage One API.
|
182
|
+
email: support@sageone.com
|
183
|
+
executables: []
|
184
|
+
extensions: []
|
185
|
+
extra_rdoc_files: []
|
186
|
+
files:
|
187
|
+
- ".gitignore"
|
188
|
+
- ".rspec"
|
189
|
+
- ".travis.yml"
|
190
|
+
- Fudgefile
|
191
|
+
- Gemfile
|
192
|
+
- LICENSE.txt
|
193
|
+
- README.md
|
194
|
+
- RELEASE_NOTES.md
|
195
|
+
- Rakefile
|
196
|
+
- fudge_settings.yml
|
197
|
+
- lib/sageone_api_signer.rb
|
198
|
+
- lib/sageone_api_signer/version.rb
|
199
|
+
- sageone_api_signer.gemspec
|
200
|
+
- spec/integration/check_signature_data_spec.rb
|
201
|
+
- spec/integration/complex_body_params_spec.rb
|
202
|
+
- spec/sageone_api_signer_spec.rb
|
203
|
+
- spec/spec_helper.rb
|
204
|
+
homepage: ''
|
205
|
+
licenses:
|
206
|
+
- MIT
|
207
|
+
metadata: {}
|
208
|
+
post_install_message:
|
209
|
+
rdoc_options: []
|
210
|
+
require_paths:
|
211
|
+
- lib
|
212
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
213
|
+
requirements:
|
214
|
+
- - ">="
|
215
|
+
- !ruby/object:Gem::Version
|
216
|
+
version: '0'
|
217
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
218
|
+
requirements:
|
219
|
+
- - ">="
|
220
|
+
- !ruby/object:Gem::Version
|
221
|
+
version: '0'
|
222
|
+
requirements: []
|
223
|
+
rubyforge_project:
|
224
|
+
rubygems_version: 2.4.8
|
225
|
+
signing_key:
|
226
|
+
specification_version: 4
|
227
|
+
summary: Sign requests to Sage One API.
|
228
|
+
test_files:
|
229
|
+
- spec/integration/check_signature_data_spec.rb
|
230
|
+
- spec/integration/complex_body_params_spec.rb
|
231
|
+
- spec/sageone_api_signer_spec.rb
|
232
|
+
- spec/spec_helper.rb
|
233
|
+
has_rdoc:
|