signed_request 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Rakefile +1 -0
- data/VERSION +1 -1
- data/init.rb +1 -0
- data/lib/signed_request.rb +1 -1
- data/signed_request.gemspec +8 -3
- data/spec/signed_request_spec.rb +35 -0
- metadata +4 -3
data/Rakefile
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.0.
|
1
|
+
1.0.3
|
data/init.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require 'signed_request'
|
data/lib/signed_request.rb
CHANGED
@@ -24,7 +24,7 @@ module SignedRequest
|
|
24
24
|
|
25
25
|
# Validate an incoming request on the receiving end.
|
26
26
|
def self.validate(params, secret_key)
|
27
|
-
signature = params.delete('signature')
|
27
|
+
signature = params.delete('signature') || params.delete(:signature)
|
28
28
|
return false if !signature
|
29
29
|
|
30
30
|
strip_keys_from!(params, *STRIP_PARAMS)
|
data/signed_request.gemspec
CHANGED
@@ -1,12 +1,15 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
1
4
|
# -*- encoding: utf-8 -*-
|
2
5
|
|
3
6
|
Gem::Specification.new do |s|
|
4
7
|
s.name = %q{signed_request}
|
5
|
-
s.version = "1.0.
|
8
|
+
s.version = "1.0.3"
|
6
9
|
|
7
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
8
11
|
s.authors = ["David Balatero"]
|
9
|
-
s.date = %q{
|
12
|
+
s.date = %q{2010-03-05}
|
10
13
|
s.email = %q{dbalatero@evri.com}
|
11
14
|
s.extra_rdoc_files = [
|
12
15
|
"LICENSE",
|
@@ -19,6 +22,7 @@ Gem::Specification.new do |s|
|
|
19
22
|
"README.rdoc",
|
20
23
|
"Rakefile",
|
21
24
|
"VERSION",
|
25
|
+
"init.rb",
|
22
26
|
"lib/signed_request.rb",
|
23
27
|
"signed_request.gemspec",
|
24
28
|
"spec/signed_request_spec.rb",
|
@@ -28,7 +32,7 @@ Gem::Specification.new do |s|
|
|
28
32
|
s.rdoc_options = ["--charset=UTF-8"]
|
29
33
|
s.require_paths = ["lib"]
|
30
34
|
s.rubyforge_project = %q{evrigems}
|
31
|
-
s.rubygems_version = %q{1.3.
|
35
|
+
s.rubygems_version = %q{1.3.5}
|
32
36
|
s.summary = %q{A simple gem that allows you to sign HTTP requests between two parties with a shared secret key.}
|
33
37
|
s.test_files = [
|
34
38
|
"spec/signed_request_spec.rb",
|
@@ -45,3 +49,4 @@ Gem::Specification.new do |s|
|
|
45
49
|
else
|
46
50
|
end
|
47
51
|
end
|
52
|
+
|
data/spec/signed_request_spec.rb
CHANGED
@@ -36,6 +36,24 @@ describe SignedRequest do
|
|
36
36
|
end
|
37
37
|
|
38
38
|
describe "validate" do
|
39
|
+
it "should decode params with hashes as values correctly" do
|
40
|
+
params = {
|
41
|
+
:user => {
|
42
|
+
:username => 'dbalatero',
|
43
|
+
:password => 'password',
|
44
|
+
:password_confirmation => 'password',
|
45
|
+
:token => 'z883481299kxkldksjkfdsalfdasfdas'
|
46
|
+
},
|
47
|
+
:test => 'ok'
|
48
|
+
}
|
49
|
+
|
50
|
+
sig = SignedRequest.sign(params, @test_key)
|
51
|
+
params['signature'] = sig
|
52
|
+
|
53
|
+
result = SignedRequest.validate(params, @test_key)
|
54
|
+
result.should be_true
|
55
|
+
end
|
56
|
+
|
39
57
|
it "should return true given a correct request" do
|
40
58
|
good_params = {
|
41
59
|
"tokenID" => "N1CHGCG13NNB4JMVJN1Q1JXIKBQDO4DQ595NRSCTILAU47P7GA7JVQMMJNXRUJFM",
|
@@ -67,5 +85,22 @@ describe SignedRequest do
|
|
67
85
|
result = SignedRequest.validate({'signature' => 'bad', 'param1' => 'ok'}, @test_key)
|
68
86
|
result.should be_false
|
69
87
|
end
|
88
|
+
|
89
|
+
describe "validating with different key names" do
|
90
|
+
before(:each) do
|
91
|
+
@params = { :dude => 12345 }
|
92
|
+
@signature = SignedRequest.sign(@params, 'awesome')
|
93
|
+
end
|
94
|
+
|
95
|
+
it "should work with a string key" do
|
96
|
+
result = SignedRequest.validate(@params.merge('signature' => @signature), 'awesome')
|
97
|
+
result.should be_true
|
98
|
+
end
|
99
|
+
|
100
|
+
it "should work with a symbol key" do
|
101
|
+
result = SignedRequest.validate(@params.merge(:signature => @signature), 'awesome')
|
102
|
+
result.should be_true
|
103
|
+
end
|
104
|
+
end
|
70
105
|
end
|
71
106
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: signed_request
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Balatero
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date:
|
12
|
+
date: 2010-03-05 00:00:00 -08:00
|
13
13
|
default_executable:
|
14
14
|
dependencies: []
|
15
15
|
|
@@ -29,6 +29,7 @@ files:
|
|
29
29
|
- README.rdoc
|
30
30
|
- Rakefile
|
31
31
|
- VERSION
|
32
|
+
- init.rb
|
32
33
|
- lib/signed_request.rb
|
33
34
|
- signed_request.gemspec
|
34
35
|
- spec/signed_request_spec.rb
|
@@ -57,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
57
58
|
requirements: []
|
58
59
|
|
59
60
|
rubyforge_project: evrigems
|
60
|
-
rubygems_version: 1.3.
|
61
|
+
rubygems_version: 1.3.5
|
61
62
|
signing_key:
|
62
63
|
specification_version: 3
|
63
64
|
summary: A simple gem that allows you to sign HTTP requests between two parties with a shared secret key.
|