sha256_seal 0.1.5 → 0.1.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2d5bc9bfba878593900947fc081b861ecd4470df6721e41645088276663351ac
-  data.tar.gz: 6cc71d89a3aef7555dcb4343753c862764014c5948961fc3167d9e50bccf0335
+  metadata.gz: e95ae1ddb44ca61aa91a68db10a46619021f07736d431c1826b36f6eafd0eb36
+  data.tar.gz: fb423e6d812bd333615dbec1e5c4ef3bd84532a900901a6571750acf99b09179
 SHA512:
-  metadata.gz: c309221d7e727a863b89a4faae7b9f417d5ea42f10c59c9adb7c09a4d992e04e77e58eb0bbc86912abc2676fd2f0f98561d687699caca82054b8a04ba59b4f7e
-  data.tar.gz: 04d5c6640cb92472856166bdfb2dbb205c89fe8d040b33a790fb153acd56167bf3dc7bb8eedb1ba0e65b5fc852f70d90b377a184f98129f14d82eff161c1d726
+  metadata.gz: 02d9426b1b2dd0bf32319f4ecd42fe70989810f62e01d11aaeb5f316b3d237b9bd08ab6d27d256c5465d0f06e28a57cd4dafc7cb154bd1cd4057123cad8746d2
+  data.tar.gz: e52c05f43c203a29365514aab321508cff5c2b0ad55387a0f9f0fbe3dfeeded50fd30b6da1831e8252bd752caeaf852b6bd4c20bd53710da6d7726525ec45a70

data/LICENSE.md

@@ -0,0 +1,21 @@
+# The MIT License
+
+Copyright (c) 2017-2022 Cyril Kato
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -1,53 +1,62 @@
 # Sha256 Seal 🔏
 
-A tiny library to sign documents, and check their integrity.
+A small library allowing to sign documents, and to check their integrity.
+
+## Status
+
+[![Version](https://img.shields.io/github/v/tag/cyril/sha256_seal.rb?label=Version&logo=github)](https://github.com/cyril/sha256_seal.rb/tags)
+[![Yard documentation](https://img.shields.io/badge/Yard-documentation-blue.svg?logo=github)](https://rubydoc.info/github/cyril/sha256_seal.rb/main)
+[![Ruby](https://github.com/cyril/sha256_seal.rb/workflows/Ruby/badge.svg?branch=main)](https://github.com/cyril/sha256_seal.rb/actions?query=workflow%3Aruby+branch%3Amain)
+[![RuboCop](https://github.com/cyril/sha256_seal.rb/workflows/RuboCop/badge.svg?branch=main)](https://github.com/cyril/sha256_seal.rb/actions?query=workflow%3Arubocop+branch%3Amain)
+[![License](https://img.shields.io/github/license/cyril/sha256_seal.rb?label=License&logo=github)](https://github.com/cyril/sha256_seal.rb/raw/main/LICENSE.md)
 
 ## Installation
 
 Add this line to your application's Gemfile:
 
 ```ruby
-gem 'sha256_seal'
+gem "sha256_seal"
 ```
 
 And then execute:
 
-    $ bundle
+```sh
+bundle install
+```
 
 Or install it yourself as:
 
-    $ gem install sha256_seal
+```sh
+gem install sha256_seal
+```
 
 ## Usage
 
-Sign values and verify signatures of values.
+Sign information and verify their signature.
 
 ## Example
 
 In the context of a Web application, CSRF tokens could be embedded in URLs.
 
 ```ruby
-SECRET = 'secret'
+SECRET = "secret".freeze
 
-
-document_string = '/.__SIGNATURE_HERE__/accounts/42?editable=false'
-signature_field = '__SIGNATURE_HERE__'
+document_string = "/.__SIGNATURE_HERE__/accounts/42?editable=false"
+signature_field = "__SIGNATURE_HERE__"
 
 builder = Sha256Seal::Builder.new(document_string, SECRET, signature_field)
 builder.signed_value? # => false
 builder.signed_value  # => "/.a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db/accounts/42?editable=false"
 
-
-document_string = '/.a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db/accounts/42?editable=false'
-signature_field = 'a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db'
+document_string = "/.a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db/accounts/42?editable=false"
+signature_field = "a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db"
 
 builder = Sha256Seal::Builder.new(document_string, SECRET, signature_field)
 builder.signed_value? # => true
 builder.signed_value  # => "/.a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db/accounts/42?editable=false"
 
-
-document_string = '/.a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db/accounts/42?editable=true'
-signature_field = 'a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db'
+document_string = "/.a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db/accounts/42?editable=true"
+signature_field = "a31c3936f236684a8ebc51dcfef168ce124450d71ae1ec404552ec9e0090a8db"
 
 builder = Sha256Seal::Builder.new(document_string, SECRET, signature_field)
 builder.signed_value? # => false
@@ -67,8 +76,8 @@ Route:
 ```ruby
 # config/routes.rb
 Rails.application.routes.draw do
-  scope module: :verified_requests, path: '.:csrf', as: 'verified_request' do
-    get '/accounts/:id', to: 'accounts#show', as: 'account'
+  scope module: :verified_requests, path: ".:csrf", as: "verified_request" do
+    get "/accounts/:id", to: "accounts#show", as: "account"
   end
 end
 ```
@@ -77,35 +86,40 @@ Controller:
 
 ```ruby
 # app/controllers/verified_requests/base_controller.rb
-class VerifiedRequests::BaseController < ApplicationController
-  # @see https://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html#method-i-verified_request-3F
-  def verified_request?
-    secret          = ENV.fetch('CSRF_SECRET_KEY')
-    document_string = request.original_url.force_encoding('utf-8')
-    signature_field = request.path_parameters.fetch(:csrf)
-
-    builder = Sha256Seal::Builder.new(document_string, secret, signature_field)
-    builder.signed_value? || Rails.env.test?
-  end
-
-  def signed_url(route_method, **options)
-    url_route_method  = "#{route_method}_url".to_sym
-    incorrect_csrf    = '__CSRF_SECRET_KEY__'
-    url_route_string  = public_send(url_route_method, csrf: incorrect_csrf, **options)
-
-    replace_incorrect_csrf_by_correct_csrf(url_route_string, incorrect_csrf: incorrect_csrf)
-  end
-  helper_method :signed_url
-
-  def replace_incorrect_csrf_by_correct_csrf(value, incorrect_csrf:)
-    secret  = ENV.fetch('CSRF_SECRET_KEY')
-    field   = incorrect_csrf
-    builder = Sha256Seal::Builder.new(value, secret, field)
-    value   = builder.signed_value
-    field   = builder.send(:signature)
-    builder = Sha256Seal::Builder.new(value, secret, field)
-
-    builder.signed_value
+module VerifiedRequests
+  class BaseController < ::ApplicationController
+    def signed_url(route_method, **options)
+      url_route_method  = "#{route_method}_url".to_sym
+      incorrect_csrf    = "__CSRF_SECRET_KEY__"
+      url_route_string  = public_send(url_route_method, csrf: incorrect_csrf, **options)
+
+      replace_incorrect_csrf_by_correct_csrf(url_route_string, incorrect_csrf:)
+    end
+    helper_method :signed_url
+
+    private
+
+    def replace_incorrect_csrf_by_correct_csrf(value, incorrect_csrf:)
+      secret  = ::ENV.fetch("CSRF_SECRET_KEY")
+      field   = incorrect_csrf
+      builder = ::Sha256Seal::Builder.new(value, secret, field)
+      value   = builder.signed_value
+      field   = builder.send(:signature)
+
+      builder = ::Sha256Seal::Builder.new(value, secret, field)
+      builder.signed_value
+    end
+
+    # @see https://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html#method-i-verified_request-3F
+    # @see https://github.com/rails/rails/blob/8015c2c2cf5c8718449677570f372ceb01318a32/actionpack/lib/action_controller/metal/request_forgery_protection.rb#L333-L341
+    def verified_request?
+      secret          = ::ENV.fetch("CSRF_SECRET_KEY")
+      document_string = request.original_url.force_encoding("utf-8")
+      signature_field = request.path_parameters.fetch(:csrf)
+
+      builder = ::Sha256Seal::Builder.new(document_string, secret, signature_field)
+      builder.signed_value? || ::Rails.env.test?
+    end
   end
 end
 ```
@@ -115,11 +129,14 @@ View:
 ```ruby
 # app/views/verified_requests/accounts/show.html.erb
 
-<%
-  signed_url(:verified_request_account, id: 'bob', admin: true) # => "http://0.0.0.0:5000/.405d7c8f14389c9ae7f1d97ff66699093bf2d89d13b4f4280a35d62f9e616259/accounts/bob?admin=true"
-%>
+signed_url(:verified_request_account, id: "bob", admin: true)
+# => "http://0.0.0.0:5000/.405d7c8f14389c9ae7f1d97ff66699093bf2d89d13b4f4280a35d62f9e616259/accounts/bob?admin=true"
 ```
 
-## Contributing
+## Versioning
+
+__Sha256Seal__ uses [Semantic Versioning 2.0.0](https://semver.org/)
+
+## License
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/cyril/sha256_seal.rb.
+The [gem](https://rubygems.org/gems/sha256_seal) is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/lib/sha256_seal.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'digest/sha2'
+require "digest/sha2"
 
 # Namespace for the Sha256Seal library.
 module Sha256Seal

metadata

@@ -1,123 +1,183 @@
 --- !ruby/object:Gem::Specification
 name: sha256_seal
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.7
 platform: ruby
 authors:
 - Cyril Kato
 autorequire: 
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2019-10-09 00:00:00.000000000 Z
+date: 2022-11-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: fix
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.18'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.18'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: r_spec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-gitlab-security
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-md
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '13.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '13.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: rubocop-thread_safety
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.75'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.75'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.17'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.17'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '0'
 description: Seal device with SHA-256 hash function, for Ruby.
-email:
-- contact@cyril.email
+email: contact@cyril.email
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".rubocop.yml"
-- ".rubocop_todo.yml"
-- ".travis.yml"
-- Gemfile
-- Gemfile.lock
+- LICENSE.md
 - README.md
-- Rakefile
-- VERSION.semver
-- bin/console
-- bin/setup
 - lib/sha256_seal.rb
-- sha256_seal.gemspec
 homepage: https://github.com/cyril/sha256_seal.rb
 licenses:
 - MIT
-metadata: {}
+metadata:
+  rubygems_mfa_required: 'true'
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -126,14 +186,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 3.1.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.3.7
 signing_key: 
 specification_version: 4
 summary: Seal device with SHA-256 hash function.

data/.gitignore

@@ -1,8 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/tmp/
-.DS_Store

data/.rubocop.yml

@@ -1 +0,0 @@
-inherit_from: .rubocop_todo.yml

data/.rubocop_todo.yml

@@ -1,20 +0,0 @@
-# This configuration was generated by
-# `rubocop --auto-gen-config`
-# on 2019-10-09 21:12:32 +0200 using RuboCop version 0.75.0.
-# The point is for the user to remove these configuration records
-# one by one as the offenses are removed from the code base.
-# Note that changes in the inspected code, or installation of new
-# versions of RuboCop, may require this file to be generated again.
-
-# Offense count: 1
-# Configuration parameters: CountComments, ExcludedMethods.
-# ExcludedMethods: refine
-Metrics/BlockLength:
-  Max: 32
-
-# Offense count: 6
-# Cop supports --auto-correct.
-# Configuration parameters: AutoCorrect, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
-# URISchemes: http, https
-Metrics/LineLength:
-  Max: 176

data/.travis.yml

@@ -1,22 +0,0 @@
----
-language: ruby
-sudo: false
-cache: bundler
-before_install:
-  - gem install bundler
-script:
-  - bundle exec rubocop
-  - bundle exec rake test
-rvm:
-  - 2.3.8
-  - 2.4.5
-  - 2.5.3
-  - 2.6.3
-  - ruby-head
-  - jruby-head
-  - rbx-3
-matrix:
-  allow_failures:
-    - rvm: ruby-head
-    - rvm: jruby-head
-    - rvm: rbx-3

data/Gemfile

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-source 'https://rubygems.org'
-
-git_source(:github) { |repo_name| "https://github.com/#{repo_name}.rb" }
-
-gemspec

data/Gemfile.lock

@@ -1,58 +0,0 @@
-PATH
-  remote: .
-  specs:
-    sha256_seal (0.1.5)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    ast (2.4.0)
-    aw (0.1.6)
-    defi (1.1.5)
-    docile (1.3.2)
-    fix (0.18.2)
-      aw (~> 0.1.6)
-      defi (~> 1.1.5)
-      spectus (~> 3.0.9)
-    jaro_winkler (1.5.3)
-    json (2.2.0)
-    matchi (1.0.4)
-    parallel (1.18.0)
-    parser (2.6.5.0)
-      ast (~> 2.4.0)
-    rainbow (3.0.0)
-    rake (13.0.0)
-    rubocop (0.75.0)
-      jaro_winkler (~> 1.5.1)
-      parallel (~> 1.10)
-      parser (>= 2.6)
-      rainbow (>= 2.2.2, < 4.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 1.7)
-    ruby-progressbar (1.10.1)
-    simplecov (0.17.1)
-      docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
-    spectus (3.0.9)
-      aw (~> 0.1.6)
-      defi (~> 1.1.5)
-      matchi (~> 1.0.4)
-    unicode-display_width (1.6.0)
-    yard (0.9.20)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bundler (~> 2.0)
-  fix (~> 0.18)
-  rake (~> 13.0)
-  rubocop (~> 0.75)
-  sha256_seal!
-  simplecov (~> 0.17)
-  yard (~> 0.9)
-
-BUNDLED WITH
-   2.0.2

data/Rakefile

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-require 'bundler/gem_tasks'
-require 'rake/testtask'
-require 'rubocop/rake_task'
-
-RuboCop::RakeTask.new
-
-Rake::TestTask.new do |t|
-  t.verbose = true
-  t.warning = true
-  t.pattern = File.join('fix', '**', '*_fix.rb')
-end
-
-namespace :test do
-  task :coverage do
-    ENV['COVERAGE'] = 'true'
-    Rake::Task['test'].invoke
-  end
-end
-
-task default: %i[test]

data/VERSION.semver

@@ -1 +0,0 @@
-0.1.5

data/bin/console

@@ -1,8 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require 'bundler/setup'
-require 'sha256_seal'
-
-require 'irb'
-IRB.start(__FILE__)

data/bin/setup

@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install

data/sha256_seal.gemspec

@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-Gem::Specification.new do |spec|
-  spec.name          = 'sha256_seal'
-  spec.version       = File.read('VERSION.semver').chomp
-  spec.authors       = ['Cyril Kato']
-  spec.email         = ['contact@cyril.email']
-
-  spec.summary       = 'Seal device with SHA-256 hash function.'
-  spec.description   = 'Seal device with SHA-256 hash function, for Ruby.'
-  spec.homepage      = 'https://github.com/cyril/sha256_seal.rb'
-  spec.license       = 'MIT'
-
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(fix)/})
-  end
-  spec.bindir        = 'exe'
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ['lib']
-
-  spec.add_development_dependency 'bundler',    '~> 2.0'
-  spec.add_development_dependency 'fix',        '~> 0.18'
-  spec.add_development_dependency 'rake',       '~> 13.0'
-  spec.add_development_dependency 'rubocop',    '~> 0.75'
-  spec.add_development_dependency 'simplecov',  '~> 0.17'
-  spec.add_development_dependency 'yard',       '~> 0.9'
-end