simple-hmac 0.3.2 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9163d06bbb21ad88fecc7593c9b7c852bbbd0531
-  data.tar.gz: ed7590ce93a7fd060f40deb5558a27868421688d
+  metadata.gz: 8df9b536189c550e347e8957860c825671827340
+  data.tar.gz: b212b86247013ebfa722bacebf794e933bb02cac
 SHA512:
-  metadata.gz: 20f18e0693252889a7b475d87d67169fce203de500a6996dccb4b64e97f4b6b1e90bfc7d528a91e5c7808e5c29fe7b6488e64cc38887718b6a304998225d8900
-  data.tar.gz: 9b35d75510fadb91a227b7dd535aada1d006efe0ebd01db007a0d6d914e5c60d71ceeae6cf1d512aecde6e1afb3fabb317db80f9cfd40975330d4717aec4693b
+  metadata.gz: 50544713054a17897ca7bc22e390485adf670acec661bf774adc9fd64ad07e34a1f5c43ed3318d2ddaaa5b3e6012b6db5e3a5253ad90690371837ef809e28589
+  data.tar.gz: 54677f8d988498a8fbac9b92dde9724ba26c43c9715440f2adfae7bed991363052c73936fb127eaf65d816857fcb3e2e83443a06d2165275952acb3de2ac4db4

data/lib/rest-client/request.rb

@@ -1,27 +1,9 @@
-require 'time'
-require 'digest'
-
 module RestClient
   class Request
     include SimpleHmac::Helper
 
     def sign!(api_id, api_secret, options={})
-      sign_headers(processed_headers, method, api_id, api_secret, options)
-    end
-
-    private
-
-    def set_md5_header
-      return '' unless [:post, :put, :patch].include?(method)
-      if payload
-        body = payload.read
-        payload.instance_variable_get(:@stream).seek(0)
-      else
-        body = ''
-      end
-      content_md5 = Digest::MD5.base64digest(body)
-      processed_headers.merge! 'Content-MD5' => content_md5
-      content_md5
+      processed_headers.merge! authentication_headers(method, processed_headers['Content-Type'], payload, url, api_id, api_secret, options={})
     end
   end
-end
+end

data/lib/simple-hmac/helper.rb

@@ -1,6 +1,7 @@
 require 'base64'
 require 'openssl'
 require 'time'
+require 'digest'
 
 module SimpleHmac
   module Helper
@@ -13,14 +14,32 @@ module SimpleHmac
       Base64.strict_encode64(OpenSSL::HMAC.digest(options[:algorithm], api_secret, string_to_sign))
     end
 
-    def sign_headers(headers, verb, api_key, api_secret, options={})
+    def authentication_headers(verb, content_type, payload, url, api_key, api_secret, options={})
       options         = { auth_prefix: 'WIZYPAY' }.merge(options)
       auth_prefix     = options.delete :auth_prefix
       date = Time.now.httpdate
-      headers.merge! 'Date' => date
-      content_type = (headers['Content-Type'] ||= 'text/plain')
-      hmac_token = hmac_token(verb, content_type, set_md5_header, url, date, api_secret, options)
-      headers.merge! 'Authorization' => "#{auth_prefix} #{api_key}:#{hmac_token}"
+      content_type ||= 'text/plain'
+      content_md5 = digest_md5(verb, payload)
+      hmac_token = hmac_token(verb, content_type, content_md5, url, date, api_secret, options)
+      {
+        'Date' => date,
+        'Content-Type' => content_type,
+        'Content-MD5' => content_md5,
+        'Authorization' => "#{auth_prefix} #{api_key}:#{hmac_token}"
+      }
+    end
+
+    def digest_md5(verb, payload)
+      return '' unless [:post, :put, :patch].include?(verb.downcase.to_sym)
+      if payload.nil?
+        body = ''
+      elsif payload.respond_to? :read
+        body = payload.read
+        payload.instance_variable_get(:@stream).seek(0)
+      else
+        body = payload
+      end
+      Digest::MD5.base64digest(body)
     end
   end
-end
+end

data/lib/simple-hmac/version.rb

@@ -1,4 +1,3 @@
 module SimpleHmac
-  VERSION = '0.3.2'
+  VERSION = '0.4.0'
 end
-

data/spec/authentication_headers_spec.rb

@@ -0,0 +1,34 @@
+RSpec.describe SimpleHmac::Helper do
+  context '#authentication_headers' do
+    before do
+      @signer = Object.new
+      @signer.extend SimpleHmac::Helper
+    end
+
+    it 'returns the correct GET headers' do
+      Timecop.freeze do
+        expect(@signer).to receive(:hmac_token).and_return 'hmac_token'
+        h = @signer.authentication_headers('GET', nil, nil, '/something', 'my_key', 'my_secret', auth_prefix: 'TEST')
+        expect(h).to match({
+          'Date' => Time.now.httpdate,
+          'Content-Type' => 'text/plain',
+          'Content-MD5' => '',
+          'Authorization' => "TEST my_key:hmac_token"
+        })
+      end
+    end
+
+    it 'returns the correct POST headers' do
+      Timecop.freeze do
+        expect(@signer).to receive(:hmac_token).and_return 'hmac_token'
+        h = @signer.authentication_headers('POST', 'application/json', '{a: 1}', '/something', 'my_key', 'my_secret', auth_prefix: 'TEST')
+        expect(h).to match({
+          'Date' => Time.now.httpdate,
+          'Content-Type' => 'application/json',
+          'Content-MD5' => 'B9JGFlnJCn1YCMEwtd2eFA==',
+          'Authorization' => "TEST my_key:hmac_token"
+        })
+      end
+    end
+  end
+end

data/spec/sign_request_spec.rb

@@ -0,0 +1,30 @@
+require 'rest-client'
+
+RSpec.describe RestClient::Request do
+  context '#sign!' do
+    let!(:req) do
+      RestClient::Request.new({
+        url: 'http://example.com/something',
+        method: :post,
+        headers: { accept: :json, content_type: :json },
+        payload: '{a: 1}'
+      })
+    end
+
+    it 'is signed' do
+      Timecop.freeze do
+        expect(req).to receive(:hmac_token).and_return 'hmac_token'
+        req.sign!('my_key', 'my_secret')
+        expect(req.processed_headers).to match({
+          'Date' => Time.now.httpdate,
+          'Accept' => 'application/json',
+          'Accept-Encoding' => 'gzip, deflate',
+          'Authorization' => 'WIZYPAY my_key:hmac_token',
+          'Content-Length' => '6',
+          'Content-MD5' => 'B9JGFlnJCn1YCMEwtd2eFA==',
+          'Content-Type' => 'application/json'
+        })
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -1,6 +1,7 @@
 require 'rspec'
 require 'simple-hmac'
 require 'webmock/rspec'
+require 'timecop'
 
 # Conventionally, all specs live under a `spec` directory, which RSpec adds to
 # the `$LOAD_PATH`. The generated `.rspec` file contains `--require spec_helper`

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: simple-hmac
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 0.4.0
 platform: ruby
 authors:
 - Chaker Nakhli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-29 00:00:00.000000000 Z
+date: 2016-01-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -80,6 +80,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.20'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.8.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.8.0
 description: 
 email:
 - chaker@wizypay.com
@@ -94,7 +108,9 @@ files:
 - lib/simple-hmac.rb
 - lib/simple-hmac/helper.rb
 - lib/simple-hmac/version.rb
+- spec/authentication_headers_spec.rb
 - spec/hmac_token_spec.rb
+- spec/sign_request_spec.rb
 - spec/spec_helper.rb
 homepage: http://www.wizypay.com
 licenses:
@@ -122,5 +138,7 @@ signing_key:
 specification_version: 4
 summary: Lightweight HMAC implementation for Rails + Restclient.
 test_files:
+- spec/authentication_headers_spec.rb
 - spec/hmac_token_spec.rb
+- spec/sign_request_spec.rb
 - spec/spec_helper.rb