sha256_seal 0.1.6 → 0.1.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 315fdea0ce5a82dd8d67b01d083282acee522f691cc3f0aa9b1325efb3ee0866
-  data.tar.gz: a261366546c346d3e24e3ac1eae6d2d54ef7f01ed54a1fa157d2977c2e60bf92
+  metadata.gz: e95ae1ddb44ca61aa91a68db10a46619021f07736d431c1826b36f6eafd0eb36
+  data.tar.gz: fb423e6d812bd333615dbec1e5c4ef3bd84532a900901a6571750acf99b09179
 SHA512:
-  metadata.gz: ab1a96fb6978c03e74d0648bcc4c9c79c272ad8ee91ae11794f179c401ce61e0a9414436f22b3195e929fc4580f7dbff5324dc02eecb7b6e6da9270fb850a6f5
-  data.tar.gz: 7a8cdedec7048247f4600cbaa9d84f3060223f45632eb0bd07111fbc19458a37212ea94df3cc7f973d26d6a3e4764e7425e542a4a55a7ba898f0dfe02dd58c05
+  metadata.gz: 02d9426b1b2dd0bf32319f4ecd42fe70989810f62e01d11aaeb5f316b3d237b9bd08ab6d27d256c5465d0f06e28a57cd4dafc7cb154bd1cd4057123cad8746d2
+  data.tar.gz: e52c05f43c203a29365514aab321508cff5c2b0ad55387a0f9f0fbe3dfeeded50fd30b6da1831e8252bd752caeaf852b6bd4c20bd53710da6d7726525ec45a70

data/LICENSE.md

@@ -1,6 +1,6 @@
-The MIT License (MIT)
+# The MIT License
 
-Copyright (c) 2017-2021 Cyril Kato
+Copyright (c) 2017-2022 Cyril Kato
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -1,6 +1,14 @@
 # Sha256 Seal 🔏
 
-A tiny library to sign documents, and check their integrity.
+A small library allowing to sign documents, and to check their integrity.
+
+## Status
+
+[![Version](https://img.shields.io/github/v/tag/cyril/sha256_seal.rb?label=Version&logo=github)](https://github.com/cyril/sha256_seal.rb/tags)
+[![Yard documentation](https://img.shields.io/badge/Yard-documentation-blue.svg?logo=github)](https://rubydoc.info/github/cyril/sha256_seal.rb/main)
+[![Ruby](https://github.com/cyril/sha256_seal.rb/workflows/Ruby/badge.svg?branch=main)](https://github.com/cyril/sha256_seal.rb/actions?query=workflow%3Aruby+branch%3Amain)
+[![RuboCop](https://github.com/cyril/sha256_seal.rb/workflows/RuboCop/badge.svg?branch=main)](https://github.com/cyril/sha256_seal.rb/actions?query=workflow%3Arubocop+branch%3Amain)
+[![License](https://img.shields.io/github/license/cyril/sha256_seal.rb?label=License&logo=github)](https://github.com/cyril/sha256_seal.rb/raw/main/LICENSE.md)
 
 ## Installation
 
@@ -12,15 +20,19 @@ gem "sha256_seal"
 
 And then execute:
 
-    $ bundle
+```sh
+bundle install
+```
 
 Or install it yourself as:
 
-    $ gem install sha256_seal
+```sh
+gem install sha256_seal
+```
 
 ## Usage
 
-Sign values and verify signatures of values.
+Sign information and verify their signature.
 
 ## Example
 
@@ -75,48 +87,50 @@ Controller:
 ```ruby
 # app/controllers/verified_requests/base_controller.rb
 module VerifiedRequests
-  class BaseController < ApplicationController
-  # @see https://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html#method-i-verified_request-3F
-    def verified_request?
-      secret          = ENV.fetch("CSRF_SECRET_KEY")
-      document_string = request.original_url.force_encoding("utf-8")
-      signature_field = request.path_parameters.fetch(:csrf)
-
-      builder = Sha256Seal::Builder.new(document_string, secret, signature_field)
-      builder.signed_value? || Rails.env.test?
-    end
-
+  class BaseController < ::ApplicationController
     def signed_url(route_method, **options)
       url_route_method  = "#{route_method}_url".to_sym
       incorrect_csrf    = "__CSRF_SECRET_KEY__"
       url_route_string  = public_send(url_route_method, csrf: incorrect_csrf, **options)
 
-      replace_incorrect_csrf_by_correct_csrf(url_route_string, incorrect_csrf: incorrect_csrf)
+      replace_incorrect_csrf_by_correct_csrf(url_route_string, incorrect_csrf:)
     end
     helper_method :signed_url
 
+    private
+
     def replace_incorrect_csrf_by_correct_csrf(value, incorrect_csrf:)
-      secret  = ENV.fetch("CSRF_SECRET_KEY")
+      secret  = ::ENV.fetch("CSRF_SECRET_KEY")
       field   = incorrect_csrf
-      builder = Sha256Seal::Builder.new(value, secret, field)
+      builder = ::Sha256Seal::Builder.new(value, secret, field)
       value   = builder.signed_value
       field   = builder.send(:signature)
-      builder = Sha256Seal::Builder.new(value, secret, field)
 
+      builder = ::Sha256Seal::Builder.new(value, secret, field)
       builder.signed_value
     end
+
+    # @see https://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html#method-i-verified_request-3F
+    # @see https://github.com/rails/rails/blob/8015c2c2cf5c8718449677570f372ceb01318a32/actionpack/lib/action_controller/metal/request_forgery_protection.rb#L333-L341
+    def verified_request?
+      secret          = ::ENV.fetch("CSRF_SECRET_KEY")
+      document_string = request.original_url.force_encoding("utf-8")
+      signature_field = request.path_parameters.fetch(:csrf)
+
+      builder = ::Sha256Seal::Builder.new(document_string, secret, signature_field)
+      builder.signed_value? || ::Rails.env.test?
+    end
   end
 end
 ```
 
 View:
 
-```erb
+```ruby
 # app/views/verified_requests/accounts/show.html.erb
 
-<%
-  signed_url(:verified_request_account, id: 'bob', admin: true) # => "http://0.0.0.0:5000/.405d7c8f14389c9ae7f1d97ff66699093bf2d89d13b4f4280a35d62f9e616259/accounts/bob?admin=true"
-%>
+signed_url(:verified_request_account, id: "bob", admin: true)
+# => "http://0.0.0.0:5000/.405d7c8f14389c9ae7f1d97ff66699093bf2d89d13b4f4280a35d62f9e616259/accounts/bob?admin=true"
 ```
 
 ## Versioning
@@ -125,4 +139,4 @@ __Sha256Seal__ uses [Semantic Versioning 2.0.0](https://semver.org/)
 
 ## License
 
-The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+The [gem](https://rubygems.org/gems/sha256_seal) is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sha256_seal
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.7
 platform: ruby
 authors:
 - Cyril Kato
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-05-05 00:00:00.000000000 Z
+date: 2022-11-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -25,21 +25,35 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: fix
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.0.beta4
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.0.beta4
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: r_spec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-gitlab-security
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -162,8 +176,9 @@ files:
 homepage: https://github.com/cyril/sha256_seal.rb
 licenses:
 - MIT
-metadata: {}
-post_install_message:
+metadata:
+  rubygems_mfa_required: 'true'
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -171,15 +186,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.0'
+      version: 3.1.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
-signing_key:
+rubygems_version: 3.3.7
+signing_key: 
 specification_version: 4
 summary: Seal device with SHA-256 hash function.
 test_files: []