simple-hmac 0.0.2 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/action-dispatch/request.rb +12 -6
- data/lib/rest-client/request.rb +8 -5
- data/lib/simple-hmac/helper.rb +5 -3
- data/lib/simple-hmac/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a10a8941921b21175048b5eb843a6659aa56696c
|
4
|
+
data.tar.gz: 24ba421c173c95419d29f53b4ab5b77419ed2033
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 33f3efcfb8596e4993879f7ed782556266cb11591a78717122cc82b88001716757f9d1e4571ca21dd557f981d1e4a95c4207f6ac22c81384045b6eecd3d13469
|
7
|
+
data.tar.gz: 8eff9a10374382d84975e96a7e922d3fd9b5f66ef46b6c1bdaca03f82515e9fc58029f0934cccff7cac8711a4397eac741e7bde0e541ba456e5df23518abae97
|
@@ -3,12 +3,18 @@ module ActionDispatch
|
|
3
3
|
include SimpleHmac::Helper
|
4
4
|
|
5
5
|
def hmac_api_id(auth_prefix='\w+')
|
6
|
-
parse_hmac(auth_prefix)
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
6
|
+
result = parse_hmac(auth_prefix)
|
7
|
+
result && result[1]
|
8
|
+
end
|
9
|
+
|
10
|
+
def hmac_valid?(api_secret, options={})
|
11
|
+
options = { timeout_seconds: 900, auth_prefix: '\w+' }.merge(options)
|
12
|
+
timeout_seconds = options.delete :timeout_seconds
|
13
|
+
auth_prefix = options.delete :auth_prefix
|
14
|
+
result = parse_hmac(auth_prefix)
|
15
|
+
result &&
|
16
|
+
((Time.now.utc - Time.httpdate(timestamp).utc < timeout_seconds) rescue false) &&
|
17
|
+
result[2] == hmac_token(request_method, content_type, calculate_content_md5, url, timestamp, api_secret, options)
|
12
18
|
end
|
13
19
|
|
14
20
|
private
|
data/lib/rest-client/request.rb
CHANGED
@@ -2,18 +2,21 @@ module RestClient
|
|
2
2
|
class Request
|
3
3
|
include SimpleHmac::Helper
|
4
4
|
|
5
|
-
def sign!(api_id, api_secret,
|
6
|
-
|
7
|
-
|
5
|
+
def sign!(api_id, api_secret, options={})
|
6
|
+
options = { auth_prefix: 'WIZYPAY' }.merge(options)
|
7
|
+
auth_prefix = options.delete :auth_prefix
|
8
|
+
date = Time.now.utc.httpdate
|
8
9
|
processed_headers.merge! 'Date' => date
|
9
|
-
|
10
|
+
content_type = processed_headers['Content-Type'] || 'text/plain'
|
11
|
+
processed_headers.merge! 'Content-Type' => content_type
|
12
|
+
hmac_token = hmac_token(method, content_type, set_md5_header, url, date, api_secret, options)
|
10
13
|
processed_headers.merge! 'Authorization' => "#{auth_prefix} #{api_id}:#{hmac_token}"
|
11
14
|
end
|
12
15
|
|
13
16
|
private
|
14
17
|
|
15
18
|
def set_md5_header
|
16
|
-
return '' unless [:post, :put, :patch].include?(
|
19
|
+
return '' unless [:post, :put, :patch].include?(method)
|
17
20
|
if payload
|
18
21
|
body = payload.read
|
19
22
|
payload.instance_variable_get(:@stream).seek(0)
|
data/lib/simple-hmac/helper.rb
CHANGED
@@ -1,8 +1,10 @@
|
|
1
1
|
module SimpleHmac
|
2
2
|
module Helper
|
3
|
-
def hmac_token(content_type, md5, url, date, api_secret)
|
4
|
-
|
5
|
-
|
3
|
+
def hmac_token(verb, content_type, md5, url, date, api_secret, options={})
|
4
|
+
options = { separator: "\n" }.merge(options)
|
5
|
+
data = [content_type, md5, url.gsub(/https?:\/\/[^(,|\?|\/)]*/, ''), date]
|
6
|
+
data.unshift(verb.upcase) if options[:include_verb]
|
7
|
+
Base64.strict_encode64(OpenSSL::HMAC.digest('sha1', api_secret, data.join(options[:separator])))
|
6
8
|
end
|
7
9
|
end
|
8
10
|
end
|
data/lib/simple-hmac/version.rb
CHANGED