RubyGems - signature - Versions diffs - 0.1.0 → 0.1.1 - Mend

signature 0.1.0 → 0.1.1

Files changed (6) hide show

data/README.md CHANGED Viewed

@@ -1,20 +1,31 @@
 signature
----------
+=========
 Examples
-========
+--------
 Client example
     params = {:some => 'parameters'}
-    token = Signature::Token.new(key, secret)
-    request = Signature::Request.new('POST', '/api/thing, params)
+    token = Signature::Token.new('my_key', 'my_secret')
+    request = Signature::Request.new('POST', '/api/thing', params)
     auth_hash = request.sign(token)
+    query_params = params.merge(auth_hash)
     HTTParty.post('http://myservice/api/thing', {
-      :query => params.merge(auth_hash)
+      :query => query_params
     })
+`query_params` looks like:
+    {
+      :some => "parameters",
+      :auth_timestamp => 1273231888,
+      :auth_signature => "28b6bb0f242f71064916fad6ae463fe91f5adc302222dfc02c348ae1941eaf80",
+      :auth_version => "1.0",
+      :auth_key => "my_key"
+    }
 Server example (sinatra)
     error Signature::AuthenticationError do |controller|
@@ -24,6 +35,7 @@ Server example (sinatra)
     post '/api/thing' do
       request = Authentication::Request.new('POST', env["REQUEST_PATH"], params)
+      # This will raise a Signature::AuthenticationError if request does not authenticate
       token = request.authenticate do |key|
         Signature::Token.new(key, lookup_secret(key))
       end
@@ -32,6 +44,6 @@ Server example (sinatra)
     end
 Copyright
-=========
+---------
 Copyright (c) 2010 Martyn Loughran. See LICENSE for details.

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.1.0
1	+ 0.1.1

data/lib/signature.rb CHANGED Viewed

@@ -1,5 +1,4 @@
 require 'hmac-sha2'
-require 'base64'
 module Signature
   class AuthenticationError < RuntimeError; end
@@ -134,7 +133,8 @@ module Signature
       def validate_signature!(token)
         unless @auth_hash["auth_signature"] == signature(token)
           raise AuthenticationError, "Invalid signature: you should have "\
-            "sent HmacSHA256Hex(#{string_to_sign.inspect}, your_secret_key)"
+            "sent HmacSHA256Hex(#{string_to_sign.inspect}, your_secret_key)"\
+            ", but you sent #{@auth_hash["auth_signature"].inspect}"
         end
         return true
       end

data/signature.gemspec ADDED Viewed

@@ -0,0 +1,58 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+Gem::Specification.new do |s|
+  s.name = %q{signature}
+  s.version = "0.1.1"
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Martyn Loughran"]
+  s.date = %q{2010-07-20}
+  s.description = %q{Simple key/secret based authentication for apis}
+  s.email = %q{me@mloughran.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.md"
+  ]
+  s.files = [
+    ".document",
+     ".gitignore",
+     "LICENSE",
+     "README.md",
+     "Rakefile",
+     "VERSION",
+     "lib/signature.rb",
+     "signature.gemspec",
+     "spec/signature_spec.rb",
+     "spec/spec.opts",
+     "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://github.com/mloughran/signature}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.6}
+  s.summary = %q{Simple key/secret based authentication for apis}
+  s.test_files = [
+    "spec/signature_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<ruby-hmac>, [">= 0"])
+      s.add_development_dependency(%q<rspec>, [">= 1.2.9"])
+    else
+      s.add_dependency(%q<ruby-hmac>, [">= 0"])
+      s.add_dependency(%q<rspec>, [">= 1.2.9"])
+    end
+  else
+    s.add_dependency(%q<ruby-hmac>, [">= 0"])
+    s.add_dependency(%q<rspec>, [">= 1.2.9"])
+  end
+end

data/spec/signature_spec.rb CHANGED Viewed

@@ -88,7 +88,7 @@ describe Signature do
       request = Signature::Request.new('POST', '/some/path', @params)
       lambda {
         request.authenticate_by_token!(@token)
-      }.should raise_error('Invalid signature: you should have sent HmacSHA256Hex("POST\n/some/path\nauth_key=key&auth_timestamp=1234&auth_version=1.0&go=here&query=params", your_secret_key)')
+      }.should raise_error('Invalid signature: you should have sent HmacSHA256Hex("POST\n/some/path\nauth_key=key&auth_timestamp=1234&auth_version=1.0&go=here&query=params", your_secret_key), but you sent "asdf"')
     end
     it "should raise error if timestamp not available" do

metadata CHANGED Viewed

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments:
   - 0
   - 1
-  - 0
-  version: 0.1.0
+  - 1
+  version: 0.1.1
 platform: ruby
 authors:
 - Martyn Loughran
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2010-05-07 00:00:00 +01:00
+date: 2010-07-20 00:00:00 +01:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -60,6 +60,7 @@ files:
 - Rakefile
 - VERSION
 - lib/signature.rb
+- signature.gemspec
 - spec/signature_spec.rb
 - spec/spec.opts
 - spec/spec_helper.rb