signed_request 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +1 -1
- data/VERSION +1 -1
- data/lib/signed_request.rb +10 -1
- data/signed_request.gemspec +2 -2
- data/spec/signed_request_spec.rb +16 -1
- metadata +2 -2
data/README.rdoc
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.0.
|
|
1
|
+
1.0.2
|
data/lib/signed_request.rb
CHANGED
|
@@ -3,10 +3,19 @@ require 'openssl'
|
|
|
3
3
|
require 'openssl/digest'
|
|
4
4
|
|
|
5
5
|
module SignedRequest
|
|
6
|
-
STRIP_PARAMS = ['action', 'controller']
|
|
6
|
+
STRIP_PARAMS = ['action', 'controller', 'format']
|
|
7
7
|
|
|
8
8
|
# Sign a request on the sending end.
|
|
9
9
|
def self.sign(params, secret_key)
|
|
10
|
+
params = params.dup
|
|
11
|
+
|
|
12
|
+
# Flatten any sub-hashes to a single string.
|
|
13
|
+
params.keys.each do |key|
|
|
14
|
+
if params[key].is_a?(Hash)
|
|
15
|
+
params[key] = params[key].sort_by { |k, v| k.to_s.downcase }.to_s
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
10
19
|
query = params.sort_by { |k,v| k.to_s.downcase }
|
|
11
20
|
digest = OpenSSL::Digest::Digest.new('sha1')
|
|
12
21
|
hmac = OpenSSL::HMAC.digest(digest, secret_key, query.to_s)
|
data/signed_request.gemspec
CHANGED
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = %q{signed_request}
|
|
5
|
-
s.version = "1.0.
|
|
5
|
+
s.version = "1.0.2"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["David Balatero"]
|
|
9
|
-
s.date = %q{2009-06-
|
|
9
|
+
s.date = %q{2009-06-30}
|
|
10
10
|
s.email = %q{dbalatero@evri.com}
|
|
11
11
|
s.extra_rdoc_files = [
|
|
12
12
|
"LICENSE",
|
data/spec/signed_request_spec.rb
CHANGED
|
@@ -17,8 +17,23 @@ describe SignedRequest do
|
|
|
17
17
|
result = SignedRequest.sign(params, @test_key)
|
|
18
18
|
result.should == "uoOmSftU4gnUMK6Q1ylyGnr5hEw="
|
|
19
19
|
end
|
|
20
|
-
end
|
|
21
20
|
|
|
21
|
+
it "should handle params with hashes as values deterministically" do
|
|
22
|
+
params = {
|
|
23
|
+
:user => {
|
|
24
|
+
:username => 'dbalatero',
|
|
25
|
+
:password => 'password',
|
|
26
|
+
:password_confirmation => 'password',
|
|
27
|
+
:token => 'z883481299kxkldksjkfdsalfdasfdas'
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
sig = SignedRequest.sign(params, @test_key)
|
|
32
|
+
20.times do
|
|
33
|
+
SignedRequest.sign(params.dup, @test_key).should == sig
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
22
37
|
|
|
23
38
|
describe "validate" do
|
|
24
39
|
it "should return true given a correct request" do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: signed_request
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Balatero
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-06-
|
|
12
|
+
date: 2009-06-30 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies: []
|
|
15
15
|
|