signed_json 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/Gemfile.lock +9 -11
  2. data/README.md +10 -1
  3. data/Rakefile +3 -0
  4. data/lib/signed_json/version.rb +1 -1
  5. data/lib/signed_json.rb +6 -3
  6. data/signed_json.gemspec +2 -2
  7. metadata +6 -6
data/Gemfile.lock CHANGED
@@ -10,16 +10,14 @@ GEM
10
10
  diff-lcs (1.1.2)
11
11
  json (1.4.6)
12
12
  rake (0.8.7)
13
- rspec (2.0.1)
14
- rspec-core (~> 2.0.1)
15
- rspec-expectations (~> 2.0.1)
16
- rspec-mocks (~> 2.0.1)
17
- rspec-core (2.0.1)
18
- rspec-expectations (2.0.1)
19
- diff-lcs (>= 1.1.2)
20
- rspec-mocks (2.0.1)
21
- rspec-core (~> 2.0.1)
22
- rspec-expectations (~> 2.0.1)
13
+ rspec (2.2.0)
14
+ rspec-core (~> 2.2)
15
+ rspec-expectations (~> 2.2)
16
+ rspec-mocks (~> 2.2)
17
+ rspec-core (2.2.1)
18
+ rspec-expectations (2.2.0)
19
+ diff-lcs (~> 1.1.2)
20
+ rspec-mocks (2.2.0)
23
21
 
24
22
  PLATFORMS
25
23
  ruby
@@ -27,5 +25,5 @@ PLATFORMS
27
25
  DEPENDENCIES
28
26
  json
29
27
  rake
30
- rspec (~> 2.0)
28
+ rspec (~> 2.1)
31
29
  signed_json!
data/README.md CHANGED
@@ -17,7 +17,7 @@ Use.
17
17
  ### encode ###
18
18
  s.encode 'a string'
19
19
  s.encode ['an', 'array']
20
- s.encode { :a => 'hash' }
20
+ s.encode :a => 'hash'
21
21
 
22
22
  ### decode ###
23
23
  s.decode '["da7555389d05e04a3367b84aed401cafbbecfe3d","example"]'
@@ -43,6 +43,8 @@ Rails already has a nice signed cookie implementation, but because [`ActiveSuppo
43
43
 
44
44
  `SignedJson::Signer`, on the other hand, can easily be implemented in other languages, allowing for signed cookies shared between same-domain web applications, for example.
45
45
 
46
+ Note that the JSON-encoding must be consistent across implementations. For example in Python, separators=(',',':') must be specified to eliminate whitespace which would invalidate the HMAC digest.
47
+
46
48
 
47
49
  [1]: http://en.wikipedia.org/wiki/HMAC
48
50
  [2]: http://ruby-doc.org/ruby-1.9/classes/OpenSSL/HMAC.html
@@ -75,6 +77,13 @@ RSpec speaks for the Ruby implementation:
75
77
  Finished in 0.0186 seconds
76
78
  9 examples, 0 failures
77
79
 
80
+ Tested against:
81
+
82
+ ruby 1.9.2p0 (2010-08-18 revision 29036) [x86_64-linux]
83
+ rubinius 1.1.0 (1.8.7 release 2010-09-23 JI) [x86_64-unknown-linux-gnu]
84
+ ruby 1.8.7 (2010-08-16 patchlevel 302) [x86_64-linux]
85
+ jruby 1.5.3 (ruby 1.8.7 patchlevel 249) (2010-09-28 7ca06d7) (Java HotSpot(TM) 64-Bit Server VM 1.6.0_22) [amd64-java]
86
+
78
87
 
79
88
  Meh.
80
89
  ----
data/Rakefile CHANGED
@@ -1,6 +1,9 @@
1
1
  require 'bundler'
2
2
  Bundler::GemHelper.install_tasks
3
3
 
4
+ desc "Run all tests"
5
+ task :default => :spec
6
+
4
7
  desc "Run specs"
5
8
  task :spec do
6
9
  system 'bundle exec rspec --color --format documentation spec/*_spec.rb'
data/lib/signed_json/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SignedJson
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.2"
3
3
  end
data/lib/signed_json.rb CHANGED
@@ -19,10 +19,13 @@ module SignedJson
19
19
  data
20
20
  end
21
21
 
22
+ # Generates an HMAC digest for the JSON representation of the given input.
23
+ # JSON generation must be consistent across platforms.
24
+ # e.g. in Python, specify separators=(',',':') to eliminate whitespace.
22
25
  def digest_for(input)
23
- # ActiveSupport::MessageVerifier does this, probably for a good reason.
24
- require 'openssl' unless defined?(OpenSSL)
25
- OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, input.to_json)
26
+ require 'openssl' unless defined?(OpenSSL) # from ActiveSupport::MessageVerifier
27
+ digest = OpenSSL::Digest.const_get(@digest).new
28
+ OpenSSL::HMAC.hexdigest(digest, @secret, input.to_json)
26
29
  end
27
30
 
28
31
  private
data/signed_json.gemspec CHANGED
@@ -9,7 +9,7 @@ Gem::Specification.new do |s|
9
9
  s.authors = ["Paul Annesley"]
10
10
  s.email = ["paul@annesley.cc"]
11
11
  s.homepage = "http://github.com/pda/signed_json"
12
- s.summary = %q{Encodes and decodes JSON-encodable data into and from a signed JSON string.}
12
+ s.summary = %q{Encodes and decodes data to a JSON string signed with OpenSSL HMAC. Great for signed cookies.}
13
13
 
14
14
  s.rubyforge_project = "signed_json"
15
15
 
@@ -20,6 +20,6 @@ Gem::Specification.new do |s|
20
20
 
21
21
  s.add_dependency('json')
22
22
 
23
- s.add_development_dependency('rspec', ['~> 2.0'])
23
+ s.add_development_dependency('rspec', ['~> 2.1'])
24
24
  s.add_development_dependency('rake')
25
25
  end
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 0
8
- - 1
9
- version: 0.0.1
8
+ - 2
9
+ version: 0.0.2
10
10
  platform: ruby
11
11
  authors:
12
12
  - Paul Annesley
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2010-11-04 00:00:00 +11:00
17
+ date: 2010-12-06 00:00:00 +11:00
18
18
  default_executable:
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
@@ -40,8 +40,8 @@ dependencies:
40
40
  - !ruby/object:Gem::Version
41
41
  segments:
42
42
  - 2
43
- - 0
44
- version: "2.0"
43
+ - 1
44
+ version: "2.1"
45
45
  type: :development
46
46
  version_requirements: *id002
47
47
  - !ruby/object:Gem::Dependency
@@ -109,6 +109,6 @@ rubyforge_project: signed_json
109
109
  rubygems_version: 1.3.7
110
110
  signing_key:
111
111
  specification_version: 3
112
- summary: Encodes and decodes JSON-encodable data into and from a signed JSON string.
112
+ summary: Encodes and decodes data to a JSON string signed with OpenSSL HMAC. Great for signed cookies.
113
113
  test_files: []
114
114