RubyGems - url_signature - Versions diffs - 0.0.1 → 0.0.3 - Mend

url_signature 0.0.1 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/.github/workflows/tests.yml +11 -13
data/.rubocop.yml +1 -7
data/CHANGELOG.md +4 -0
data/README.md +5 -5
data/lib/url_signature/url.rb +3 -1
data/lib/url_signature/version.rb +1 -1
data/lib/url_signature.rb +26 -9
data/url_signature.gemspec +4 -2
metadata +23 -11

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 403aa1e79b5d5f67e7179061d8458f0121dd1a0541efb43af01854a109d7d8c5
-  data.tar.gz: 7c1de86c5265f134981ea8872c7a7875c617510b338e12b2674e0bd11ecb8875
+  metadata.gz: 0f8e7a493e109af4c7514cd86ae15d205262c93f4a11aa81b4f8c9b6adf7897d
+  data.tar.gz: d101c591b29090ee928178bdb8c343cf76d71a2735475dbda7e6f72f6b58bbcc
 SHA512:
-  metadata.gz: 70d88e10de08b6653c911c47a85b298c0dba0de6a927ec9fc41af3c72fb9732d9e0e31bdcb35bcff86ffdb97b53b89795ff22e7471313d6533bfcd7ec7b6880e
-  data.tar.gz: 1e80fbb63970e492e61332f030d30f9de64dc8d128f4232bfd230f8ac22d3748bcf15fc631e6e9ab0b11007dd71b658d6c93c7adcbd59a3f53a6fc17ac712ddd
+  metadata.gz: c52cef371511617e11e12ac72c9d5a405abaed1d7954925c7d2148518fbee9a0ab8272f67baecc4ea7db2a7a8155ac943e5ebfa2adf281d65b757537c78c4a11
+  data.tar.gz: 479dbd35067a5cce1818a5e504d507dae8ba8b8eb8639773cc830b81f098d123a8523ee04fd0ddf7a85c50b36e44f8ece2d5aa90d49b318683c932358a849f16

data/.github/workflows/tests.yml CHANGED Viewed

@@ -1,15 +1,11 @@
+---
 name: Tests
 on:
   pull_request:
-    branches:
-      - main
   push:
-    branches:
-      - main
-  schedule:
-    - cron: "0 10 * * *"
+  workflow_dispatch:
+    inputs: {}
 jobs:
   build:
@@ -18,23 +14,25 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        ruby: [2.6.x, 2.7.x]
+        ruby: ["3.3", "3.4"]
         gemfile:
           - Gemfile
     steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v4
-      - uses: actions/cache@v2
+      - uses: actions/cache@v4
         with:
           path: vendor/bundle
           key: >
-            ${{ runner.os }}-${{ matrix.ruby }}-gems-${{ hashFiles(matrix.gemfile) }}
+            ${{ runner.os }}-${{ matrix.ruby }}-gems-${{
+            hashFiles(matrix.gemfile) }}
           restore-keys: >
-            ${{ runner.os }}-${{ matrix.ruby }}-gems-${{ hashFiles(matrix.gemfile) }}
+            ${{ runner.os }}-${{ matrix.ruby }}-gems-${{
+            hashFiles(matrix.gemfile) }}
       - name: Set up Ruby
-        uses: actions/setup-ruby@v1
+        uses: ruby/setup-ruby@v1
         with:
           ruby-version: ${{ matrix.ruby }}

data/.rubocop.yml CHANGED Viewed

@@ -3,11 +3,5 @@ inherit_gem:
   rubocop-fnando: .rubocop.yml
 AllCops:
-  TargetRubyVersion: 2.6
+  TargetRubyVersion: 3.3
   NewCops: enable
-Metrics/ParameterLists:
-  Enabled: false
-Metrics/AbcSize:
-  Enabled: false

data/CHANGELOG.md CHANGED Viewed

@@ -11,6 +11,10 @@ Prefix your message with one of the following:
 - [Security] in case of vulnerabilities.
 -->
+## v0.0.2 - 2020-11-04
+- [Changed] Replace HMAC algorithm with a proc that can be customized.
 ## v0.0.1 - 2020-11-04
 - Initial release.

data/README.md CHANGED Viewed

@@ -10,7 +10,6 @@
 <p align="center">
   <a href="https://github.com/fnando/url_signature"><img src="https://github.com/fnando/url_signature/workflows/Tests/badge.svg" alt="Tests"></a>
-  <a href="https://codeclimate.com/github/fnando/url_signature"><img src="https://codeclimate.com/github/fnando/url_signature/badges/gpa.svg" alt="Code Climate"></a>
   <a href="https://rubygems.org/gems/url_signature"><img src="https://img.shields.io/gem/v/url_signature.svg" alt="Version"></a>
   <a href="https://rubygems.org/gems/url_signature"><img src="https://img.shields.io/gem/dt/url_signature.svg" alt="Downloads"></a>
 </p>
@@ -36,8 +35,9 @@ arguments are:
 - `params`: Any additional params you want to add as query strings.
 - `expires`: Any integer representing an epoch time. Urls won't be verified
   after this date. By default, urls don't expire.
-- `algorithm`: The hashing algorithm that will be used. By default, SHA256 will
-  be used.
+- `hmac_proc`: `Proc` that will generate the signature. By default, it generates
+  a `base64url(sha512_hmac(data))` signature (with no padding). The proc will be
+  called with two parameters: `key` and `data`.
 - `signature_param`: The signature's param name. By default it's `signature`.
 - `expires_param`: The expires' param name. By default it's `expires`.
@@ -45,7 +45,7 @@ arguments are:
 key = "secret"
 signed_url = SignedURL.call("https://nandovieira.com", key: key)
-#=> "https://nandovieira.com/?signature=87fdf44a5109c54edff2e0258b354e32ba5baf3dd21ec5af82f08b82ce362fbf"
+#=> "https://nandovieira.com/?signature=87fdf44a5109c54edff2e0258b354e32ba5b..."
 ```
 You can use the method `SignedURL.verified?(url, **kwargs)` to verify if a
@@ -79,7 +79,7 @@ signed_url = SignedURL.call(
   key: secret,
   expires: Time.now.to_i + 120
 )
-#=> "https://nandovieira.com/?expires=1604477596&signature=7ac5eaee20d316c6cd3f81db14cde98c3c669d423a32d2c546730cbb0dcbc6f2"
+#=> "https://nandovieira.com/?expires=1604477596&signature=7ac5eaee20d316..."
 ```
 ## Maintainer

data/lib/url_signature/url.rb CHANGED Viewed

@@ -40,6 +40,8 @@ module URLSignature
       return if params.empty?
       query = params.each_with_object([]) do |(param, value), buffer|
+        param = param.to_s
         if param.include?("[")
           value.each {|v| buffer << "#{encode(param)}=#{encode(v)}" }
         else
@@ -69,7 +71,7 @@ module URLSignature
     end
     private def parse_query(query)
-      Hash[CGI.parse(query.to_s).to_a]
+      CGI.parse(query.to_s)
     end
     private def parse_url(url)

data/lib/url_signature/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module URLSignature
-  VERSION = "0.0.1"
+  VERSION = "0.0.3"
 end

data/lib/url_signature.rb CHANGED Viewed

@@ -3,6 +3,7 @@
 require "uri"
 require "cgi"
 require "openssl"
+require "base64"
 module URLSignature
   require "url_signature/version"
@@ -12,6 +13,13 @@ module URLSignature
   ExpiredURL = Class.new(StandardError)
   InvalidSignature = Class.new(StandardError)
+  HMAC_PROC = lambda do |key, data|
+    Base64.urlsafe_encode64(
+      OpenSSL::HMAC.digest("SHA256", key, data.to_s),
+      padding: false
+    )
+  end
   # Create a new signed url.
   def self.call(
     url,
@@ -20,12 +28,12 @@ module URLSignature
     expires: 0,
     signature_param: "signature",
     expires_param: "expires",
-    algorithm: "SHA256"
+    hmac_proc: HMAC_PROC
   )
     expires = expires.to_i
     params[expires_param] = expires if expires.positive?
     url = build_url(url, params)
-    signature = OpenSSL::HMAC.hexdigest(algorithm, key, url.to_s)
+    signature = hmac_proc.call(key, url)
     url.add_query(signature_param, signature)
     url.to_s
   end
@@ -33,14 +41,14 @@ module URLSignature
   def self.verified?(
     url,
     key:,
-    algorithm: "SHA256",
     expires_param: "expires",
-    signature_param: "signature"
+    signature_param: "signature",
+    hmac_proc: HMAC_PROC
   )
     verify!(
       url,
       key: key,
-      algorithm: algorithm,
+      hmac_proc: hmac_proc,
       expires_param: expires_param,
       signature_param: signature_param
     )
@@ -51,18 +59,27 @@ module URLSignature
   def self.verify!(
     url,
     key:,
-    algorithm: "SHA256",
+    hmac_proc: HMAC_PROC,
     expires_param: "expires",
     signature_param: "signature"
   )
     url = build_url(url)
-    actual_signature, * = url.remove_query(signature_param)
-    expected_signature = OpenSSL::HMAC.hexdigest(algorithm, key, url.to_s)
+    actual_url = url.to_s
+    url.remove_query(signature_param)
+    expected_url = call(
+      url.to_s,
+      key: key,
+      expires_param: expires_param,
+      hmac_proc: hmac_proc,
+      signature_param: signature_param
+    )
     expires = url.params[expires_param]&.first.to_i
     raise ExpiredURL if expires.positive? && expires < Time.now.to_i
-    raise InvalidSignature unless actual_signature == expected_signature
+    raise InvalidSignature unless actual_url == expected_url
     true
   end

data/url_signature.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-require_relative "./lib/url_signature/version"
+require_relative "lib/url_signature/version"
 Gem::Specification.new do |spec|
   spec.name    = "url_signature"
@@ -11,7 +11,7 @@ Gem::Specification.new do |spec|
   spec.summary     = "Create and verify signed urls. Supports expiration time."
   spec.description = spec.summary
   spec.license     = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.6.0")
+  spec.required_ruby_version = Gem::Requirement.new(">= 3.3.0")
   github_url = "https://github.com/fnando/url_signature"
   github_tree_url = "#{github_url}/tree/v#{spec.version}"
@@ -23,6 +23,7 @@ Gem::Specification.new do |spec|
   spec.metadata["changelog_uri"] = "#{github_tree_url}/CHANGELOG.md"
   spec.metadata["documentation_uri"] = "#{github_tree_url}/README.md"
   spec.metadata["license_uri"] = "#{github_tree_url}/LICENSE.md"
+  spec.metadata["rubygems_mfa_required"] = "true"
   spec.files = Dir.chdir(File.expand_path(__dir__)) do
     `git ls-files -z`
@@ -34,6 +35,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) {|f| File.basename(f) }
   spec.require_paths = ["lib"]
+  spec.add_dependency "base64"
   spec.add_development_dependency "minitest"
   spec.add_development_dependency "minitest-utils"
   spec.add_development_dependency "pry-meta"

metadata CHANGED Viewed

@@ -1,15 +1,28 @@
 --- !ruby/object:Gem::Specification
 name: url_signature
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.3
 platform: ruby
 authors:
 - Nando Vieira
-autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-11-04 00:00:00.000000000 Z
+date: 2025-03-21 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: base64
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -143,11 +156,11 @@ licenses:
 metadata:
   homepage_uri: https://github.com/fnando/url_signature
   bug_tracker_uri: https://github.com/fnando/url_signature/issues
-  source_code_uri: https://github.com/fnando/url_signature/tree/v0.0.1
-  changelog_uri: https://github.com/fnando/url_signature/tree/v0.0.1/CHANGELOG.md
-  documentation_uri: https://github.com/fnando/url_signature/tree/v0.0.1/README.md
-  license_uri: https://github.com/fnando/url_signature/tree/v0.0.1/LICENSE.md
-post_install_message:
+  source_code_uri: https://github.com/fnando/url_signature/tree/v0.0.3
+  changelog_uri: https://github.com/fnando/url_signature/tree/v0.0.3/CHANGELOG.md
+  documentation_uri: https://github.com/fnando/url_signature/tree/v0.0.3/README.md
+  license_uri: https://github.com/fnando/url_signature/tree/v0.0.3/LICENSE.md
+  rubygems_mfa_required: 'true'
 rdoc_options: []
 require_paths:
 - lib
@@ -155,15 +168,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: 3.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
-signing_key:
+rubygems_version: 3.6.6
 specification_version: 4
 summary: Create and verify signed urls. Supports expiration time.
 test_files: []