RubyGems - signature - Versions diffs - 0.1.0 → 0.1.1 - Mend

signature 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

data/README.md CHANGED Viewed

@@ -1,20 +1,31 @@
 signature
----------
+=========
 Examples
-========
+--------
 Client example
     params = {:some => 'parameters'}
-    token = Signature::Token.new(key, secret)
-    request = Signature::Request.new('POST', '/api/thing, params)
+    token = Signature::Token.new('my_key', 'my_secret')
+    request = Signature::Request.new('POST', '/api/thing', params)
     auth_hash = request.sign(token)
+    query_params = params.merge(auth_hash)
     HTTParty.post('http://myservice/api/thing', {
-      :query => params.merge(auth_hash)
+      :query => query_params
     })
+`query_params` looks like:
+    {
+      :some => "parameters",
+      :auth_timestamp => 1273231888,
+      :auth_signature => "28b6bb0f242f71064916fad6ae463fe91f5adc302222dfc02c348ae1941eaf80",
+      :auth_version => "1.0",
+      :auth_key => "my_key"
+    }
 Server example (sinatra)
     error Signature::AuthenticationError do |controller|
@@ -24,6 +35,7 @@ Server example (sinatra)
     post '/api/thing' do
       request = Authentication::Request.new('POST', env["REQUEST_PATH"], params)
+      # This will raise a Signature::AuthenticationError if request does not authenticate
       token = request.authenticate do |key|
         Signature::Token.new(key, lookup_secret(key))
       end
@@ -32,6 +44,6 @@ Server example (sinatra)
     end
 Copyright
-=========
+---------
 Copyright (c) 2010 Martyn Loughran. See LICENSE for details.

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.1.0
1	+ 0.1.1

data/lib/signature.rb CHANGED Viewed

@@ -1,5 +1,4 @@
 require 'hmac-sha2'
-require 'base64'
 module Signature
   class AuthenticationError < RuntimeError; end
@@ -134,7 +133,8 @@ module Signature
       def validate_signature!(token)
         unless @auth_hash["auth_signature"] == signature(token)
           raise AuthenticationError, "Invalid signature: you should have "\
-            "sent HmacSHA256Hex(#{string_to_sign.inspect}, your_secret_key)"
+            "sent HmacSHA256Hex(#{string_to_sign.inspect}, your_secret_key)"\
+            ", but you sent #{@auth_hash["auth_signature"].inspect}"
         end
         return true
       end

data/signature.gemspec ADDED Viewed

@@ -0,0 +1,58 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+Gem::Specification.new do |s|
+  s.name = %q{signature}
+  s.version = "0.1.1"
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Martyn Loughran"]
+  s.date = %q{2010-07-20}
+  s.description = %q{Simple key/secret based authentication for apis}
+  s.email = %q{me@mloughran.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.md"
+  ]
+  s.files = [
+    ".document",
+     ".gitignore",
+     "LICENSE",
+     "README.md",
+     "Rakefile",
+     "VERSION",
+     "lib/signature.rb",
+     "signature.gemspec",
+     "spec/signature_spec.rb",
+     "spec/spec.opts",
+     "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://github.com/mloughran/signature}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.6}
+  s.summary = %q{Simple key/secret based authentication for apis}
+  s.test_files = [
+    "spec/signature_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<ruby-hmac>, [">= 0"])
+      s.add_development_dependency(%q<rspec>, [">= 1.2.9"])
+    else
+      s.add_dependency(%q<ruby-hmac>, [">= 0"])
+      s.add_dependency(%q<rspec>, [">= 1.2.9"])
+    end
+  else
+    s.add_dependency(%q<ruby-hmac>, [">= 0"])
+    s.add_dependency(%q<rspec>, [">= 1.2.9"])
+  end
+end

data/spec/signature_spec.rb CHANGED Viewed

@@ -88,7 +88,7 @@ describe Signature do
       request = Signature::Request.new('POST', '/some/path', @params)
       lambda {
         request.authenticate_by_token!(@token)
-      }.should raise_error('Invalid signature: you should have sent HmacSHA256Hex("POST\n/some/path\nauth_key=key&auth_timestamp=1234&auth_version=1.0&go=here&query=params", your_secret_key)')
+      }.should raise_error('Invalid signature: you should have sent HmacSHA256Hex("POST\n/some/path\nauth_key=key&auth_timestamp=1234&auth_version=1.0&go=here&query=params", your_secret_key), but you sent "asdf"')
     end
     it "should raise error if timestamp not available" do

metadata CHANGED Viewed

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments:
   - 0
   - 1
-  - 0
-  version: 0.1.0
+  - 1
+  version: 0.1.1
 platform: ruby
 authors:
 - Martyn Loughran
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2010-05-07 00:00:00 +01:00
+date: 2010-07-20 00:00:00 +01:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -60,6 +60,7 @@ files:
 - Rakefile
 - VERSION
 - lib/signature.rb
+- signature.gemspec
 - spec/signature_spec.rb
 - spec/spec.opts
 - spec/spec_helper.rb