signed_request 1.0.2 → 1.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/Rakefile +1 -0
- data/VERSION +1 -1
- data/init.rb +1 -0
- data/lib/signed_request.rb +1 -1
- data/signed_request.gemspec +8 -3
- data/spec/signed_request_spec.rb +35 -0
- metadata +4 -3
data/Rakefile
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.0.
|
1
|
+
1.0.3
|
data/init.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require 'signed_request'
|
data/lib/signed_request.rb
CHANGED
@@ -24,7 +24,7 @@ module SignedRequest
|
|
24
24
|
|
25
25
|
# Validate an incoming request on the receiving end.
|
26
26
|
def self.validate(params, secret_key)
|
27
|
-
signature = params.delete('signature')
|
27
|
+
signature = params.delete('signature') || params.delete(:signature)
|
28
28
|
return false if !signature
|
29
29
|
|
30
30
|
strip_keys_from!(params, *STRIP_PARAMS)
|
data/signed_request.gemspec
CHANGED
@@ -1,12 +1,15 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
1
4
|
# -*- encoding: utf-8 -*-
|
2
5
|
|
3
6
|
Gem::Specification.new do |s|
|
4
7
|
s.name = %q{signed_request}
|
5
|
-
s.version = "1.0.
|
8
|
+
s.version = "1.0.3"
|
6
9
|
|
7
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
8
11
|
s.authors = ["David Balatero"]
|
9
|
-
s.date = %q{
|
12
|
+
s.date = %q{2010-03-05}
|
10
13
|
s.email = %q{dbalatero@evri.com}
|
11
14
|
s.extra_rdoc_files = [
|
12
15
|
"LICENSE",
|
@@ -19,6 +22,7 @@ Gem::Specification.new do |s|
|
|
19
22
|
"README.rdoc",
|
20
23
|
"Rakefile",
|
21
24
|
"VERSION",
|
25
|
+
"init.rb",
|
22
26
|
"lib/signed_request.rb",
|
23
27
|
"signed_request.gemspec",
|
24
28
|
"spec/signed_request_spec.rb",
|
@@ -28,7 +32,7 @@ Gem::Specification.new do |s|
|
|
28
32
|
s.rdoc_options = ["--charset=UTF-8"]
|
29
33
|
s.require_paths = ["lib"]
|
30
34
|
s.rubyforge_project = %q{evrigems}
|
31
|
-
s.rubygems_version = %q{1.3.
|
35
|
+
s.rubygems_version = %q{1.3.5}
|
32
36
|
s.summary = %q{A simple gem that allows you to sign HTTP requests between two parties with a shared secret key.}
|
33
37
|
s.test_files = [
|
34
38
|
"spec/signed_request_spec.rb",
|
@@ -45,3 +49,4 @@ Gem::Specification.new do |s|
|
|
45
49
|
else
|
46
50
|
end
|
47
51
|
end
|
52
|
+
|
data/spec/signed_request_spec.rb
CHANGED
@@ -36,6 +36,24 @@ describe SignedRequest do
|
|
36
36
|
end
|
37
37
|
|
38
38
|
describe "validate" do
|
39
|
+
it "should decode params with hashes as values correctly" do
|
40
|
+
params = {
|
41
|
+
:user => {
|
42
|
+
:username => 'dbalatero',
|
43
|
+
:password => 'password',
|
44
|
+
:password_confirmation => 'password',
|
45
|
+
:token => 'z883481299kxkldksjkfdsalfdasfdas'
|
46
|
+
},
|
47
|
+
:test => 'ok'
|
48
|
+
}
|
49
|
+
|
50
|
+
sig = SignedRequest.sign(params, @test_key)
|
51
|
+
params['signature'] = sig
|
52
|
+
|
53
|
+
result = SignedRequest.validate(params, @test_key)
|
54
|
+
result.should be_true
|
55
|
+
end
|
56
|
+
|
39
57
|
it "should return true given a correct request" do
|
40
58
|
good_params = {
|
41
59
|
"tokenID" => "N1CHGCG13NNB4JMVJN1Q1JXIKBQDO4DQ595NRSCTILAU47P7GA7JVQMMJNXRUJFM",
|
@@ -67,5 +85,22 @@ describe SignedRequest do
|
|
67
85
|
result = SignedRequest.validate({'signature' => 'bad', 'param1' => 'ok'}, @test_key)
|
68
86
|
result.should be_false
|
69
87
|
end
|
88
|
+
|
89
|
+
describe "validating with different key names" do
|
90
|
+
before(:each) do
|
91
|
+
@params = { :dude => 12345 }
|
92
|
+
@signature = SignedRequest.sign(@params, 'awesome')
|
93
|
+
end
|
94
|
+
|
95
|
+
it "should work with a string key" do
|
96
|
+
result = SignedRequest.validate(@params.merge('signature' => @signature), 'awesome')
|
97
|
+
result.should be_true
|
98
|
+
end
|
99
|
+
|
100
|
+
it "should work with a symbol key" do
|
101
|
+
result = SignedRequest.validate(@params.merge(:signature => @signature), 'awesome')
|
102
|
+
result.should be_true
|
103
|
+
end
|
104
|
+
end
|
70
105
|
end
|
71
106
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: signed_request
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Balatero
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date:
|
12
|
+
date: 2010-03-05 00:00:00 -08:00
|
13
13
|
default_executable:
|
14
14
|
dependencies: []
|
15
15
|
|
@@ -29,6 +29,7 @@ files:
|
|
29
29
|
- README.rdoc
|
30
30
|
- Rakefile
|
31
31
|
- VERSION
|
32
|
+
- init.rb
|
32
33
|
- lib/signed_request.rb
|
33
34
|
- signed_request.gemspec
|
34
35
|
- spec/signed_request_spec.rb
|
@@ -57,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
57
58
|
requirements: []
|
58
59
|
|
59
60
|
rubyforge_project: evrigems
|
60
|
-
rubygems_version: 1.3.
|
61
|
+
rubygems_version: 1.3.5
|
61
62
|
signing_key:
|
62
63
|
specification_version: 3
|
63
64
|
summary: A simple gem that allows you to sign HTTP requests between two parties with a shared secret key.
|