url_store 0.1.0 → 0.2.0

data/README.markdown

@@ -1,15 +1,23 @@
 Data securely stored in urls.
 
+ - url-save output
+ - short codes through GZip
+ - serializing through __:marshal__ :yaml
+ - hashing through DSS DSS1 MD2 MD4 MD5 MDC2 RIPEMD160 SHA __SHA1__ SHA224 SHA256 SHA384 SHA512
+
+
 Install
 =======
  - As gem: ` sudo gem install url_store `
  - As Rails plugin: ` script/plugin install git://github.com/grosser/url_store.git `
 
-
 Usage
 =====
+    # config (e.g environment.rb)
+    UrlStore.secret = 'adadasd2adsdasd4ads4eas4dea4dsea4sd'
+
     # View:
-    <%= link_to 'paid', :controller=>:payments, :action=>:paid, :data=>UrlStore.encode(:id=>1, :status=>'paid')%>
+    <%= link_to 'paid', :controller=>:payments, :action=>:paid, :data=>UrlStore.encode(:id=>1, :status=>'paid') %>
 
     # Controller:
     if data = UrlStore.decode(params[:data])
@@ -18,6 +26,11 @@ Usage
       raise 'FRAUD!'
     end
 
+### Options
+    UrlStore.secret = 'something random'
+    UrlStore.hasher = 'MD5' # default: 'SHA1'
+    UrlStore.serializer = :yaml # default: :marshal
+
 Author
 =======
 [Michael Grosser](http://pragmatig.wordpress.com)  

data/VERSION

@@ -1 +1 @@
-0.1.0
+0.2.0

data/lib/url_store/compact_encoder.rb

@@ -0,0 +1,62 @@
+require 'base64'
+require 'zlib'
+
+class UrlStore
+  class CompactEncoder
+    def initialize(secret, options={})
+      @secret = secret
+      @hasher = options[:hasher] || 'SHA1'
+      @serializer = options[:serializer] || :marshal
+    end
+
+    def encode(data)
+      data = compress(serialize(data))
+      data+digest(data)
+    end
+
+    def decode(data)
+      hash = data[-hash_length..-1]
+      data = data[0...-hash_length]
+
+      if digest(data) == hash
+        deserialize extract(data)
+      else
+        nil
+      end
+    end
+
+    private
+
+    def serialize(data)
+      case @serializer.to_sym
+      when :yaml then data.to_yaml
+      when :marshal then Marshal.dump(data)  
+      end
+    end
+
+    def deserialize(data)
+      case @serializer.to_sym
+      when :yaml then YAML.load(data)
+      when :marshal then Marshal.load(data)
+      end
+    end
+
+    def compress(data)
+      Base64.encode64( Zlib::Deflate.deflate(data)).gsub("\n",'')
+    end
+
+    def extract(data)
+      Zlib::Inflate.inflate Base64.decode64(data)
+    end
+
+    def hash_length
+      digest('x').size
+    end
+
+    # stolen from ActiveSupport
+    def digest(data)
+      require 'openssl' unless defined?(OpenSSL)
+      OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new(@hasher.to_s), @secret, data)
+    end
+  end
+end

data/lib/url_store.rb

@@ -1,37 +1,44 @@
-require 'active_support'
+require 'url_store/compact_encoder'
 
 class UrlStore
   VERSION = File.read( File.join(File.dirname(__FILE__),'..','VERSION') ).strip
   SECRET = 'asdkasjlwqjdqaccxnjkasdfh2313'
-  METHOD = 'SHA1'
+  HASHER = 'SHA1'
+  SERIALIZER = :marshal
 
   # (convert to base64url <-> RFC4648) and '|'
   # which is not url-safe if you ask ERB/CGI, but browsers accept it
   IN = '+/='
   OUT = '-_|'
 
-  cattr_accessor :secret
-  self.secret = SECRET
+  @@secret = SECRET
+  def self.secret=(x); @@secret=x; end
+  def self.secret; @@secret; end
+
+  @@hasher = HASHER
+  def self.hasher=(x); @@hasher=x; end
+  def self.hasher; @@hasher; end
+
+  @@serializer = SERIALIZER
+  def self.serializer=(x); @@serializer=x; end
+  def self.serializer; @@serializer; end
 
   def self.encode(data)
-    string = encoder.generate(data)
-    string = string.sub('--', ';') # seperator of verifier
+    string = encoder.encode(data)
     string.to_s.tr(IN,OUT)
   end
 
   def self.decode(string)
     string = string.to_s.tr(OUT,IN) # convert to base64url <-> RFC4648
-    string = string.sub(';','--') # seperator of verifier
-    begin
-      encoder.verify(string)
-    rescue ActiveSupport::MessageVerifier::InvalidSignature
-      nil
-    end
+    encoder.decode(string)
   end
 
   private
 
   def self.encoder
-    ActiveSupport::MessageVerifier.new(secret, METHOD)
+    if secret == SECRET
+      warn "WARNING: you should not use the default secret! use UrlStore.secret='something'"
+    end
+    UrlStore::CompactEncoder.new(secret, :hasher => hasher, :serializer => serializer)
   end
 end

data/spec/url_store/compact_encoder_spec.rb

@@ -0,0 +1,31 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe UrlStore::CompactEncoder do
+  before do
+    @encoder = UrlStore::CompactEncoder.new('asdasdsa')
+    @data = {:x => 1, 'asdadadadas' => 'asdasdadawvxcxcxcvjs', 'dasdasdadsadad' => 'asdasdwxczvvcjjkdfjkdf'}
+  end
+
+  it "generates same code for same data" do
+    @encoder.encode(@data).should == @encoder.encode(@data)
+  end
+
+  it "can decode / encode" do
+    @encoder.decode(@encoder.encode(@data)).should == @data
+  end
+
+  it "generates shorter codes than pure base64" do
+    hash_length = 40
+    @encoder.encode(@data).size.should < (Base64.encode64(Marshal.dump(@data)).size + hash_length)
+  end
+
+  it "can encode/decode with yaml" do
+    @encoder = UrlStore::CompactEncoder.new('asdasdsa', :serializer => :yaml)
+    @encoder.decode(@encoder.encode(@data)).should == @data
+  end
+
+  it "can hash with other hasher" do
+    @encoder = UrlStore::CompactEncoder.new('asdasdsa', :hasher => 'MD5')
+    @encoder.decode(@encoder.encode(@data)).should == @data
+  end
+end

data/spec/url_store_spec.rb

@@ -3,6 +3,7 @@ require 'cgi'
 
 describe UrlStore do
   before do
+    UrlStore.secret = 'not the standart sssecrettt1231231áßðáïíœï©óáßïáöððííïö'
     @data = {:x => 11212, :y => 'asdasda sdasdasdASDJKSAJDLSKDLKDS', 'asdasd' => 12312312, 12.12 => 123123212312123, :asdasdasd => '2134 adasdasóáößðóöáåöäóðᜩöóöfóöåäfóöéåfó'}
   end
 
@@ -20,7 +21,7 @@ describe UrlStore do
   end
 
   it "uses a lot of different chars" do
-    UrlStore.encode(@data).split('').uniq.size.should >= 63
+    UrlStore.encode(@data).split('').uniq.size.should >= 62
   end
 
   it "uses url-save characters" do
@@ -34,6 +35,29 @@ describe UrlStore do
     UrlStore.decode(encoded).should == nil
   end
 
+  it "warns when default secret is used" do
+    UrlStore.secret = UrlStore::SECRET
+    UrlStore.should_receive(:warn)
+    UrlStore.encode(1)
+  end
+
+  it "can compress" do
+    x = 'a'*100
+    UrlStore.encode(x).size.should <= x.size
+  end
+
+  it "can serialize using a different method" do
+    old = UrlStore.encode(@data)
+    UrlStore.serializer = :yaml
+    UrlStore.encode(@data).size.should_not == old.size
+  end
+
+  it "can serialize using different hasher" do
+    old = UrlStore.encode(@data)
+    UrlStore.hasher = 'MD5'
+    UrlStore.encode(@data).size.should_not == old.size
+  end
+
   it "has a VERSION" do
     UrlStore::VERSION.should =~ /^\d+\.\d+\.\d+$/
   end

data/url_store.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{url_store}
-  s.version = "0.1.0"
+  s.version = "0.2.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Michael Grosser"]
@@ -20,7 +20,9 @@ Gem::Specification.new do |s|
      "Rakefile",
      "VERSION",
      "lib/url_store.rb",
+     "lib/url_store/compact_encoder.rb",
      "spec/spec_helper.rb",
+     "spec/url_store/compact_encoder_spec.rb",
      "spec/url_store_spec.rb",
      "url_store.gemspec"
   ]
@@ -31,7 +33,8 @@ Gem::Specification.new do |s|
   s.summary = %q{Data securely stored in urls.}
   s.test_files = [
     "spec/spec_helper.rb",
-     "spec/url_store_spec.rb"
+     "spec/url_store_spec.rb",
+     "spec/url_store/compact_encoder_spec.rb"
   ]
 
   if s.respond_to? :specification_version then

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: url_store
 version: !ruby/object:Gem::Version 
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors: 
 - Michael Grosser
@@ -26,7 +26,9 @@ files:
 - Rakefile
 - VERSION
 - lib/url_store.rb
+- lib/url_store/compact_encoder.rb
 - spec/spec_helper.rb
+- spec/url_store/compact_encoder_spec.rb
 - spec/url_store_spec.rb
 - url_store.gemspec
 has_rdoc: true
@@ -60,3 +62,4 @@ summary: Data securely stored in urls.
 test_files: 
 - spec/spec_helper.rb
 - spec/url_store_spec.rb
+- spec/url_store/compact_encoder_spec.rb