signed_json 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/Gemfile.lock +9 -11
  2. data/README.md +10 -1
  3. data/Rakefile +3 -0
  4. data/lib/signed_json/version.rb +1 -1
  5. data/lib/signed_json.rb +6 -3
  6. data/signed_json.gemspec +2 -2
  7. metadata +6 -6
data/Gemfile.lock CHANGED
@@ -10,16 +10,14 @@ GEM
10
10
  diff-lcs (1.1.2)
11
11
  json (1.4.6)
12
12
  rake (0.8.7)
13
- rspec (2.0.1)
14
- rspec-core (~> 2.0.1)
15
- rspec-expectations (~> 2.0.1)
16
- rspec-mocks (~> 2.0.1)
17
- rspec-core (2.0.1)
18
- rspec-expectations (2.0.1)
19
- diff-lcs (>= 1.1.2)
20
- rspec-mocks (2.0.1)
21
- rspec-core (~> 2.0.1)
22
- rspec-expectations (~> 2.0.1)
13
+ rspec (2.2.0)
14
+ rspec-core (~> 2.2)
15
+ rspec-expectations (~> 2.2)
16
+ rspec-mocks (~> 2.2)
17
+ rspec-core (2.2.1)
18
+ rspec-expectations (2.2.0)
19
+ diff-lcs (~> 1.1.2)
20
+ rspec-mocks (2.2.0)
23
21
 
24
22
  PLATFORMS
25
23
  ruby
@@ -27,5 +25,5 @@ PLATFORMS
27
25
  DEPENDENCIES
28
26
  json
29
27
  rake
30
- rspec (~> 2.0)
28
+ rspec (~> 2.1)
31
29
  signed_json!
data/README.md CHANGED
@@ -17,7 +17,7 @@ Use.
17
17
  ### encode ###
18
18
  s.encode 'a string'
19
19
  s.encode ['an', 'array']
20
- s.encode { :a => 'hash' }
20
+ s.encode :a => 'hash'
21
21
 
22
22
  ### decode ###
23
23
  s.decode '["da7555389d05e04a3367b84aed401cafbbecfe3d","example"]'
@@ -43,6 +43,8 @@ Rails already has a nice signed cookie implementation, but because [`ActiveSuppo
43
43
 
44
44
  `SignedJson::Signer`, on the other hand, can easily be implemented in other languages, allowing for signed cookies shared between same-domain web applications, for example.
45
45
 
46
+ Note that the JSON-encoding must be consistent across implementations. For example in Python, separators=(',',':') must be specified to eliminate whitespace which would invalidate the HMAC digest.
47
+
46
48
 
47
49
  [1]: http://en.wikipedia.org/wiki/HMAC
48
50
  [2]: http://ruby-doc.org/ruby-1.9/classes/OpenSSL/HMAC.html
@@ -75,6 +77,13 @@ RSpec speaks for the Ruby implementation:
75
77
  Finished in 0.0186 seconds
76
78
  9 examples, 0 failures
77
79
 
80
+ Tested against:
81
+
82
+ ruby 1.9.2p0 (2010-08-18 revision 29036) [x86_64-linux]
83
+ rubinius 1.1.0 (1.8.7 release 2010-09-23 JI) [x86_64-unknown-linux-gnu]
84
+ ruby 1.8.7 (2010-08-16 patchlevel 302) [x86_64-linux]
85
+ jruby 1.5.3 (ruby 1.8.7 patchlevel 249) (2010-09-28 7ca06d7) (Java HotSpot(TM) 64-Bit Server VM 1.6.0_22) [amd64-java]
86
+
78
87
 
79
88
  Meh.
80
89
  ----
data/Rakefile CHANGED
@@ -1,6 +1,9 @@
1
1
  require 'bundler'
2
2
  Bundler::GemHelper.install_tasks
3
3
 
4
+ desc "Run all tests"
5
+ task :default => :spec
6
+
4
7
  desc "Run specs"
5
8
  task :spec do
6
9
  system 'bundle exec rspec --color --format documentation spec/*_spec.rb'
data/lib/signed_json/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SignedJson
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.2"
3
3
  end
data/lib/signed_json.rb CHANGED
@@ -19,10 +19,13 @@ module SignedJson
19
19
  data
20
20
  end
21
21
 
22
+ # Generates an HMAC digest for the JSON representation of the given input.
23
+ # JSON generation must be consistent across platforms.
24
+ # e.g. in Python, specify separators=(',',':') to eliminate whitespace.
22
25
  def digest_for(input)
23
- # ActiveSupport::MessageVerifier does this, probably for a good reason.
24
- require 'openssl' unless defined?(OpenSSL)
25
- OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, input.to_json)
26
+ require 'openssl' unless defined?(OpenSSL) # from ActiveSupport::MessageVerifier
27
+ digest = OpenSSL::Digest.const_get(@digest).new
28
+ OpenSSL::HMAC.hexdigest(digest, @secret, input.to_json)
26
29
  end
27
30
 
28
31
  private
data/signed_json.gemspec CHANGED
@@ -9,7 +9,7 @@ Gem::Specification.new do |s|
9
9
  s.authors = ["Paul Annesley"]
10
10
  s.email = ["paul@annesley.cc"]
11
11
  s.homepage = "http://github.com/pda/signed_json"
12
- s.summary = %q{Encodes and decodes JSON-encodable data into and from a signed JSON string.}
12
+ s.summary = %q{Encodes and decodes data to a JSON string signed with OpenSSL HMAC. Great for signed cookies.}
13
13
 
14
14
  s.rubyforge_project = "signed_json"
15
15
 
@@ -20,6 +20,6 @@ Gem::Specification.new do |s|
20
20
 
21
21
  s.add_dependency('json')
22
22
 
23
- s.add_development_dependency('rspec', ['~> 2.0'])
23
+ s.add_development_dependency('rspec', ['~> 2.1'])
24
24
  s.add_development_dependency('rake')
25
25
  end
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 0
8
- - 1
9
- version: 0.0.1
8
+ - 2
9
+ version: 0.0.2
10
10
  platform: ruby
11
11
  authors:
12
12
  - Paul Annesley
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2010-11-04 00:00:00 +11:00
17
+ date: 2010-12-06 00:00:00 +11:00
18
18
  default_executable:
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
@@ -40,8 +40,8 @@ dependencies:
40
40
  - !ruby/object:Gem::Version
41
41
  segments:
42
42
  - 2
43
- - 0
44
- version: "2.0"
43
+ - 1
44
+ version: "2.1"
45
45
  type: :development
46
46
  version_requirements: *id002
47
47
  - !ruby/object:Gem::Dependency
@@ -109,6 +109,6 @@ rubyforge_project: signed_json
109
109
  rubygems_version: 1.3.7
110
110
  signing_key:
111
111
  specification_version: 3
112
- summary: Encodes and decodes JSON-encodable data into and from a signed JSON string.
112
+ summary: Encodes and decodes data to a JSON string signed with OpenSSL HMAC. Great for signed cookies.
113
113
  test_files: []
114
114