slosilo 2.0.0 → 2.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/lib/slosilo/key.rb +12 -1
- data/lib/slosilo/version.rb +1 -1
- data/spec/key_spec.rb +13 -0
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b2f977e53f906393dcac0918f5fb5b2b2b41563b
|
|
4
|
+
data.tar.gz: 967b35f4ed8f91c24dfab09245ff0cb798b585ed
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fd31b09380e3f9411aca6a7ee9244d727e0962954da29c18adffa68b81b58265607205b5a519de8d211da07f412600788c1b5579fc0a604e06328e5bb86e62a8
|
|
7
|
+
data.tar.gz: 3454255c91a0a62c59bedf5b425e5b5a9fdb1ba29283d85ae0e5be7ca9b5cd2b1fa44b4fa280d65d37441d802e634309a928373848ad4cf199c9e5ac58d074cd
|
data/CHANGELOG.md
ADDED
data/lib/slosilo/key.rb
CHANGED
|
@@ -114,7 +114,7 @@ module Slosilo
|
|
|
114
114
|
# Note that this is currently somewhat shallow stringification --
|
|
115
115
|
# to implement originating tokens we may need to make it deeper.
|
|
116
116
|
def stringify value
|
|
117
|
-
case value
|
|
117
|
+
string = case value
|
|
118
118
|
when Hash
|
|
119
119
|
value.to_a.sort.to_json
|
|
120
120
|
when String
|
|
@@ -122,6 +122,17 @@ module Slosilo
|
|
|
122
122
|
else
|
|
123
123
|
value.to_json
|
|
124
124
|
end
|
|
125
|
+
|
|
126
|
+
# Make sure that the string is ascii_8bit (i.e. raw bytes), and represents
|
|
127
|
+
# the utf-8 encoding of the string. This accomplishes two things: it normalizes
|
|
128
|
+
# the representation of the string at the byte level (so we don't have an error if
|
|
129
|
+
# one username is submitted as ISO-whatever, and the next as UTF-16), and it prevents
|
|
130
|
+
# an incompatible encoding error when we concatenate it with the salt.
|
|
131
|
+
if string.encoding != Encoding::ASCII_8BIT
|
|
132
|
+
string.encode(Encoding::UTF_8).force_encoding(Encoding::ASCII_8BIT)
|
|
133
|
+
else
|
|
134
|
+
string
|
|
135
|
+
end
|
|
125
136
|
end
|
|
126
137
|
|
|
127
138
|
def shake_salt
|
data/lib/slosilo/version.rb
CHANGED
data/spec/key_spec.rb
CHANGED
|
@@ -145,6 +145,19 @@ describe Slosilo::Key do
|
|
|
145
145
|
expect(key.sign("this sentence is not this sentence")).to eq(expected_signature)
|
|
146
146
|
end
|
|
147
147
|
end
|
|
148
|
+
|
|
149
|
+
context "when given a Hash containing non-ascii characters" do
|
|
150
|
+
let(:unicode){ "adèle.dupuis" }
|
|
151
|
+
let(:encoded){
|
|
152
|
+
unicode.dup.tap{|s| s.force_encoding Encoding::ASCII_8BIT}
|
|
153
|
+
}
|
|
154
|
+
let(:hash){ {"data" => unicode} }
|
|
155
|
+
|
|
156
|
+
it "converts the value to raw bytes before signing it" do
|
|
157
|
+
expect(key).to receive(:sign_string).with("[[\"data\",\"#{encoded}\"]]").and_call_original
|
|
158
|
+
key.sign hash
|
|
159
|
+
end
|
|
160
|
+
end
|
|
148
161
|
end
|
|
149
162
|
|
|
150
163
|
describe "#signed_token" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: slosilo
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rafał Rzepecki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2016-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|
|
@@ -118,6 +118,7 @@ extra_rdoc_files: []
|
|
|
118
118
|
files:
|
|
119
119
|
- .gitignore
|
|
120
120
|
- .kateproject
|
|
121
|
+
- CHANGELOG.md
|
|
121
122
|
- Gemfile
|
|
122
123
|
- LICENSE
|
|
123
124
|
- README.md
|
|
@@ -167,7 +168,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
167
168
|
version: '0'
|
|
168
169
|
requirements: []
|
|
169
170
|
rubyforge_project:
|
|
170
|
-
rubygems_version: 2.0.14
|
|
171
|
+
rubygems_version: 2.0.14.1
|
|
171
172
|
signing_key:
|
|
172
173
|
specification_version: 4
|
|
173
174
|
summary: Store SSL keys in a database
|