vidibus-secure 0.0.4 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,6 @@
1
+ pkg/*
2
+ Gemfile.lock
3
+ *.gem
4
+ .bundle
5
+ rdoc
6
+ coverage
data/.travis.yml ADDED
@@ -0,0 +1 @@
1
+ script: "bundle exec rspec spec --format progress"
data/Gemfile CHANGED
@@ -1,12 +1,4 @@
1
- source "http://rubygems.org"
1
+ source :gemcutter
2
2
 
3
- gem "mongoid", "~> 2.0.0.beta.20"
4
- gem "activesupport", "~> 3.0.0"
5
- gem "vidibus-core_extensions"
6
-
7
- group :development do
8
- gem "rails", "~> 3.0.0"
9
- gem "rspec", "~> 2.0.0.beta.20"
10
- gem "rr"
11
- gem "relevance-rcov"
12
- end
3
+ # Specify your gem's dependencies in vidibus-resource.gemspec
4
+ gemspec
data/README.rdoc CHANGED
@@ -1,8 +1,15 @@
1
- = vidibus-secure
1
+ = Vidibus::Secure
2
2
 
3
- This gem is part of the open source SOA framework Vidibus: http://www.vidibus.org
3
+ Allows encryption and signing of requests and storing encrypted data within Mongoid documents.
4
4
 
5
- TODO: Describe
5
+ This gem is part of {Vidibus}[http://vidibus.org], an open source toolset for building distributed (video) applications.
6
+
7
+
8
+ == Compatibility
9
+
10
+ Vidibus::Secure is tested against Ruby 1.8.7.
11
+
12
+ http://travis-ci.org/vidibus/vidibus-secure.png {Build History}[http://travis-ci.org/vidibus/vidibus-secure]
6
13
 
7
14
 
8
15
  == Installation
@@ -13,7 +20,7 @@ Add the dependency to the Gemfile of your application:
13
20
 
14
21
  Then call `bundle install` on your console.
15
22
 
16
- If you want to use Vidibus::Secure::Mongoid in your models, you should generate an initializer to set an unique encryption key:
23
+ If you want to use Vidibus::Secure::Mongoid on your models, you should generate an initializer to set an unique encryption key:
17
24
 
18
25
  rails generate vidibus_secure_key
19
26
 
@@ -35,4 +42,4 @@ TODO: Describe
35
42
 
36
43
  == Copyright
37
44
 
38
- Copyright (c) 2010 Andre Pankratz. See LICENSE for details.
45
+ Copyright (c) 2010-2011 Andre Pankratz. See LICENSE for details.
data/Rakefile CHANGED
@@ -1,40 +1,25 @@
1
- require "rubygems"
2
- require "rake"
3
- require "rake/rdoctask"
1
+ require "bundler"
2
+ require "rdoc/task"
4
3
  require "rspec"
5
4
  require "rspec/core/rake_task"
6
5
 
7
- begin
8
- require "jeweler"
9
- Jeweler::Tasks.new do |gem|
10
- gem.name = "vidibus-secure"
11
- gem.rubyforge_project = "vidibus-secure"
12
- gem.summary = %Q{Security tools for Vidibus applications}
13
- gem.description = %Q{Description...}
14
- gem.email = "andre@vidibus.com"
15
- gem.homepage = "http://github.com/vidibus/vidibus-secure"
16
- gem.authors = ["Andre Pankratz"]
17
- gem.add_dependency "mongoid", "~> 2.0.0.beta.20"
18
- gem.add_dependency "activesupport", "~> 3.0.0"
19
- gem.add_dependency "rack"
20
- gem.add_dependency "vidibus-core_extensions"
21
- end
22
- Jeweler::GemcutterTasks.new
23
- rescue LoadError
24
- puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
25
- end
6
+ Bundler::GemHelper.install_tasks
7
+
8
+ $LOAD_PATH.unshift File.expand_path("../lib", __FILE__)
9
+ require "vidibus/secure/version"
26
10
 
27
- Rspec::Core::RakeTask.new(:rcov) do |t|
11
+ RSpec::Core::RakeTask.new(:rcov) do |t|
28
12
  t.pattern = "spec/**/*_spec.rb"
29
13
  t.rcov = true
30
14
  t.rcov_opts = ["--exclude", "^spec,/gems/"]
31
15
  end
32
16
 
33
17
  Rake::RDocTask.new do |rdoc|
34
- version = File.exist?("VERSION") ? File.read("VERSION") : ""
35
18
  rdoc.rdoc_dir = "rdoc"
36
- rdoc.title = "vidibus-secure #{version}"
19
+ rdoc.title = "vidibus-sysinfo #{Vidibus::Secure::VERSION}"
37
20
  rdoc.rdoc_files.include("README*")
38
21
  rdoc.rdoc_files.include("lib/**/*.rb")
39
22
  rdoc.options << "--charset=utf-8"
40
23
  end
24
+
25
+ task :default => :rcov
@@ -1,7 +1,11 @@
1
+ require "openssl"
2
+ require "rack"
3
+ require "uri"
4
+ require "active_support/secure_random"
1
5
  require "active_support/core_ext"
6
+ require "json"
2
7
  require "vidibus-core_extensions"
3
8
 
4
- $:.unshift(File.join(File.dirname(__FILE__), "..", "lib", "vidibus"))
5
- require "secure"
6
- require "secure/mongoid"
7
- require "secure/extensions"
9
+ require "vidibus/secure"
10
+ require "vidibus/secure/mongoid"
11
+ require "vidibus/secure/extensions"
@@ -1,12 +1,9 @@
1
- require "openssl"
2
- require "active_support/secure_random"
3
- require "rack"
4
- require "uri"
5
-
6
1
  module Vidibus
7
2
  module Secure
8
3
 
9
- class KeyError < StandardError; end
4
+ class Error < StandardError; end
5
+ class KeyError < Error; end
6
+ class InputError < Error; end
10
7
 
11
8
  class << self
12
9
 
@@ -49,6 +46,9 @@ module Vidibus
49
46
  def encrypt(data, key, options = {})
50
47
  raise KeyError.new("Please provide a secret key to encrypt data with.") unless key
51
48
  options = settings[:crypt].merge(options)
49
+ unless data.is_a?(String)
50
+ data = JSON.generate(data)
51
+ end
52
52
  encrypted_data = crypt(:encrypt, data, key, options)
53
53
  encode(encrypted_data, options)
54
54
  end
@@ -58,14 +58,19 @@ module Vidibus
58
58
  raise KeyError.new("Please provide a secret key to decrypt data with.") unless key
59
59
  options = settings[:crypt].merge(options)
60
60
  decoded_data = decode(data, options)
61
- crypt(:decrypt, decoded_data, key, options)
61
+ decrypted_data = crypt(:decrypt, decoded_data, key, options)
62
+ begin
63
+ JSON.parse(decrypted_data)
64
+ rescue JSON::ParserError
65
+ decrypted_data
66
+ end
62
67
  end
63
68
 
64
69
  # Signs request.
65
70
  def sign_request(verb, path, params, key, signature_param = nil)
66
71
  default_signature_param = :sign
67
72
  params_given = !!params
68
- raise ArgumentError.new("Given params is not a Hash.") if params_given and !params.is_a?(Hash)
73
+ raise InputError.new("Given params is not a Hash.") if params_given and !params.is_a?(Hash)
69
74
  params = {} unless params_given
70
75
  signature_param ||= (params_given and params.keys.first.is_a?(String)) ? default_signature_param.to_s : default_signature_param
71
76
 
@@ -74,11 +79,15 @@ module Vidibus
74
79
  uri.query = nil
75
80
 
76
81
  _verb = verb.to_s.downcase
77
- _uri = uri.to_s.gsub(/\/+$/, "")
78
82
  _params = (params.merge(path_params)).except(signature_param.to_s, signature_param.to_s.to_sym)
79
- _params = _params.any? ? _params.to_a_rec.flatten.sort{|a,b| a.to_s <=> b.to_s}.join("|") : ""
80
83
 
81
- signature = sign("#{_verb}|#{_uri}|#{_params}", key)
84
+ signature_string = [
85
+ _verb,
86
+ uri.to_s.gsub(/\/+$/, ""),
87
+ _params.any? ? params_identifier(_params) : ""
88
+ ].join("|")
89
+
90
+ signature = sign(signature_string, key)
82
91
 
83
92
  if %w[post put].include?(_verb) or (params_given and path_params.empty?)
84
93
  params[signature_param] = signature
@@ -126,6 +135,23 @@ module Vidibus
126
135
  data.unpack("m*").to_s
127
136
  end
128
137
  end
138
+
139
+ # Returns an identifier string from given params input.
140
+ #
141
+ # Example:
142
+ # {:some=>{:nested=>{:really=>["serious", "stuff"]}, :are=>"params"}}
143
+ # # => 1:some:2:are:params|2:nested:3:really:4:serious:|4:stuff:
144
+ #
145
+ def params_identifier(params, level = 1)
146
+ array = []
147
+ for key, value in params
148
+ if [Array, Hash].include?(value.class)
149
+ value = params_identifier(value, level + 1)
150
+ end
151
+ array << "#{level}:#{key}:#{value}"
152
+ end
153
+ array.sort.join("|")
154
+ end
129
155
  end
130
156
  end
131
157
  end
@@ -1,4 +1,4 @@
1
- require "secure/extensions/controller"
1
+ require "vidibus/secure/extensions/controller"
2
2
 
3
3
  ActiveSupport.on_load(:action_controller) do
4
4
  include Vidibus::Secure::Extensions::Controller
@@ -0,0 +1,5 @@
1
+ module Vidibus
2
+ module Secure
3
+ VERSION = "0.1.0"
4
+ end
5
+ end
@@ -18,7 +18,7 @@ describe "Vidibus::Secure::Extensions::Controller" do
18
18
  end
19
19
 
20
20
  describe "#valid_request?" do
21
- it "should available to controllers that stem from ActionController::Base" do
21
+ it "should be available to controllers that stem from ActionController::Base" do
22
22
  controller.should respond_to(:valid_request?)
23
23
  end
24
24
 
@@ -3,8 +3,14 @@ require "spec_helper"
3
3
  describe "Vidibus::Secure" do
4
4
  let(:key) { "8KTbTanrBTQ5c8CjANpJQjPWcIstFxq/uFIUQBF3gRnztM565xIfe8MStVcLilbEhjYwfZiD4lFWINF22Aw8gVEbkSf2rLN0fnuO9YtNqFLQU6m/OldO5JbsBJPCwuzsPYmZ1w==" }
5
5
  let(:data) { "My name is Bond. You know the rest." }
6
+ let(:data_hash) {{"name" => "James Bond"}}
7
+ let(:data_array) {["Bond", "James"]}
6
8
  let(:encrypted_base64) { "hXUWa3gHRpYr/Fi2qm9xdTyZg7NSpYq8X2p1EL+/wffUg9IeIjVbSvyUYAvy\nTLbc\n" }
9
+ let(:encrypted_base64_array) { "pG9SNq9r2fQVxCiN8jYNciukklnZ+5YagtCE0LAj2bg=\n" }
10
+ let(:encrypted_base64_hash) { "kjV3/v52KcsGKoNs7zgcmHih90uvc+hP5X90s6X27GE=\n" }
7
11
  let(:encrypted_hex) { "8575166b780746962bfc58b6aa6f71753c9983b352a58abc5f6a7510bfbfc1f7d483d21e22355b4afc94600bf24cb6dc" }
12
+ let(:encrypted_hex_array) { "8575166b780746962bfc58b6aa6f71753c9983b352a58abc5f6a7510bfbfc1f7d483d21e22355b4afc94600bf24cb6dc" }
13
+ let(:encrypted_hex_hash) { "8575166b780746962bfc58b6aa6f71753c9983b352a58abc5f6a7510bfbfc1f7d483d21e22355b4afc94600bf24cb6dc" }
8
14
  let(:signature_base64) { "AhTlmymUI9q2bdrtJ0vLdyV8Y8eUf2U5xrzoK5PdWKQ=\n" }
9
15
  let(:signature_hex) { "0214e59b299423dab66ddaed274bcb77257c63c7947f6539c6bce82b93dd58a4" }
10
16
  let(:base64_format) { /([A-Z]|\+|\/)/ }
@@ -81,8 +87,8 @@ describe "Vidibus::Secure" do
81
87
  Vidibus::Secure.settings[:sign][:encoding] = :hex
82
88
  end
83
89
 
84
- it "should raise an error if given secret key is nil" do
85
- expect { Vidibus::Secure.sign(data, nil) }.to raise_error(Vidibus::Secure::KeyError)
90
+ it "should raise a KeyError if given secret key is nil" do
91
+ expect {Vidibus::Secure.sign(data, nil)}.to raise_error(Vidibus::Secure::KeyError)
86
92
  end
87
93
  end
88
94
 
@@ -102,7 +108,15 @@ describe "Vidibus::Secure" do
102
108
  end
103
109
 
104
110
  it "should raise an error if given secret key is nil" do
105
- expect { Vidibus::Secure.sign(data, nil) }.to raise_error(Vidibus::Secure::KeyError)
111
+ expect {Vidibus::Secure.sign(data, nil)}.to raise_error(Vidibus::Secure::KeyError)
112
+ end
113
+
114
+ it "should encrypt array data" do
115
+ Vidibus::Secure.encrypt(data_array, key).should eql(encrypted_base64_array)
116
+ end
117
+
118
+ it "should encrypt hash data" do
119
+ Vidibus::Secure.encrypt(data_hash, key).should eql(encrypted_base64_hash)
106
120
  end
107
121
  end
108
122
 
@@ -111,6 +125,14 @@ describe "Vidibus::Secure" do
111
125
  Vidibus::Secure.decrypt(encrypted_base64, key).should eql(data)
112
126
  end
113
127
 
128
+ it "should decrypt array data from base64 string" do
129
+ Vidibus::Secure.decrypt(encrypted_base64_array, key).should eql(data_array)
130
+ end
131
+
132
+ it "should decrypt hash data from base64 string" do
133
+ Vidibus::Secure.decrypt(encrypted_base64_hash, key).should eql(data_hash)
134
+ end
135
+
114
136
  it "should decrypt a hexadecimal string if :encoding is provided" do
115
137
  Vidibus::Secure.decrypt(encrypted_hex, key, :encoding => :hex).should eql(data)
116
138
  end
@@ -121,8 +143,8 @@ describe "Vidibus::Secure" do
121
143
  Vidibus::Secure.settings[:crypt][:encoding] = :base64
122
144
  end
123
145
 
124
- it "should raise an error if given secret key is nil" do
125
- expect { Vidibus::Secure.sign(data, nil) }.to raise_error(Vidibus::Secure::KeyError)
146
+ it "should raise a KeyError if given secret key is nil" do
147
+ expect {Vidibus::Secure.sign(data, nil)}.to raise_error(Vidibus::Secure::KeyError)
126
148
  end
127
149
  end
128
150
 
@@ -134,11 +156,9 @@ describe "Vidibus::Secure" do
134
156
  end
135
157
  end
136
158
 
137
- it "should require that given params is a Hash" do
159
+ it "should raise an InputError if given params is not a Hash" do
138
160
  params = %w[1 2 3]
139
- expect {
140
- Vidibus::Secure.sign_request(:post, "/", params, key)
141
- }.to raise_error(ArgumentError, "Given params is not a Hash.")
161
+ expect {Vidibus::Secure.sign_request(:post, "/", params, key)}.to raise_error(Vidibus::Secure::InputError, "Given params is not a Hash.")
142
162
  end
143
163
 
144
164
  context "for requests without body" do
@@ -162,7 +182,7 @@ describe "Vidibus::Secure" do
162
182
  path = "http://vidibus.org/status?feel=good"
163
183
  params = {}
164
184
  Vidibus::Secure.sign_request(:get, path, params, key)
165
- path.should eql("http://vidibus.org/status?feel=good&sign=528bbd5f791960570bd1a53ea5540d9970361b7abff72e8ecc02b12673330270")
185
+ path.should eql("http://vidibus.org/status?feel=good&sign=2be2169f27f11ccc519456887838dcbfef54eb461492d60b847d2f01adca9326")
166
186
  params.should eql({})
167
187
  end
168
188
 
@@ -199,11 +219,11 @@ describe "Vidibus::Secure" do
199
219
  it "should create a signature of URI with params" do
200
220
  path = "http://vidibus.org/status?type=server"
201
221
  Vidibus::Secure.sign_request(:get, path, {}, key)
202
- path.should eql("http://vidibus.org/status?type=server&sign=afdc286310f98b36a4ad71e493a13ff35b5d841472328faadee270b6c62ca321")
222
+ path.should eql("http://vidibus.org/status?type=server&sign=ff98a086cca8af703537afe873009f16ea5554826fa5d2665c212a13e44f7da0")
203
223
  end
204
224
 
205
225
  it "should create identical signatures for URIs with params with and without trailing slash" do
206
- signature = "afdc286310f98b36a4ad71e493a13ff35b5d841472328faadee270b6c62ca321"
226
+ signature = "ff98a086cca8af703537afe873009f16ea5554826fa5d2665c212a13e44f7da0"
207
227
  Vidibus::Secure.sign_request(:get, "http://vidibus.org/status?type=server", {}, key).first.should match(signature)
208
228
  Vidibus::Secure.sign_request(:get, "http://vidibus.org/status/?type=server", {}, key).first.should match(signature)
209
229
  end
@@ -211,7 +231,7 @@ describe "Vidibus::Secure" do
211
231
  it "should replace signature in URI with params" do
212
232
  path = "http://vidibus.org/status?interval=2&sign=something&type=server"
213
233
  Vidibus::Secure.sign_request(:get, path, {}, key)
214
- path.should eql("http://vidibus.org/status?interval=2&sign=647b0f8278ad6536b02886fa2e74ae31574941e74a7a1c1f3abe2c70b5c84625&type=server")
234
+ path.should eql("http://vidibus.org/status?interval=2&sign=bd66fe642c39d01005090bb9d0a7f62f5c6d563878e6397261ed12bd79bdb92d&type=server")
215
235
  end
216
236
 
217
237
  it "should replace signature in URI without other params" do
@@ -221,7 +241,7 @@ describe "Vidibus::Secure" do
221
241
  end
222
242
 
223
243
  it "should create identical signatures for URIs with different params order" do
224
- signature = "23a74d6a231961700e45b907b72fd3d47e10f7bc4618d74cb6e839d1de1b8fb7"
244
+ signature = "116b6628f5b79a42ea9f8eb0e7901404ff641c34baa289dc32b6e2aa57c9281d"
225
245
  Vidibus::Secure.sign_request(:get, "http://vidibus.org/status?a=1&b=2", {}, key).first.should match(signature)
226
246
  Vidibus::Secure.sign_request(:get, "http://vidibus.org/status/?b=2&a=1", {}, key).first.should match(signature)
227
247
  end
@@ -231,22 +251,25 @@ describe "Vidibus::Secure" do
231
251
  it "should create a signature of path and params" do
232
252
  params = {:some => "thing"}
233
253
  Vidibus::Secure.sign_request(:post, "/", params, key)
234
- params[:some].should eql("thing")
235
- params[:sign].should eql("1c038202044005a8da96c780b79c691af849604dab9dabd283e65271c8012aae")
254
+ params[:sign].should eql("a41b51acf01f7207d250a0a486e60ed385050f848237251efcdb58448e57d20d")
236
255
  end
237
256
 
238
257
  it "should create a signature of path and nested params" do
239
258
  params = {:some => {:nested => "params", :are => {:really => ["serious", "stuff"]}}}
240
259
  Vidibus::Secure.sign_request(:post, "/", params, key)
241
- params[:some].should eql({:nested => "params", :are => {:really => ["serious", "stuff"]}})
242
- params[:sign].should eql("9419d44fc65b515b31923e2f3f4a166b384df107b61b323a1f7a3be1d7ad27f5")
260
+ params[:sign].should eql("3a899c65b9a68fa473e3bc3388b7656538c85498cc63cdcac59eebfe9f68ce07")
261
+ end
262
+
263
+ it "should create a different signature of path and nested params with switched keys" do
264
+ params = {:some => {:are => "params", :nested => {:really => ["serious", "stuff"]}}}
265
+ Vidibus::Secure.sign_request(:post, "/", params, key)
266
+ params[:sign].should eql("d28b073381dad3c30bc8f5ff5984d7ff29e04dd95bc9ca04cd1ac95e878e4663")
243
267
  end
244
268
 
245
269
  it "should replace existing signature" do
246
270
  params = {:some => "thing", :sign => "something"}
247
271
  Vidibus::Secure.sign_request(:post, "/", params, key)
248
- params[:some].should eql("thing")
249
- params[:sign].should eql("1c038202044005a8da96c780b79c691af849604dab9dabd283e65271c8012aae")
272
+ params[:sign].should eql("a41b51acf01f7207d250a0a486e60ed385050f848237251efcdb58448e57d20d")
250
273
  end
251
274
 
252
275
  it "should add signature param as string if params are given as strings" do
@@ -275,44 +298,44 @@ describe "Vidibus::Secure" do
275
298
 
276
299
  describe ".verify_request" do
277
300
  it "should return true for a valid GET request" do
278
- path = "http://vidibus.org/status?type=server&sign=afdc286310f98b36a4ad71e493a13ff35b5d841472328faadee270b6c62ca321"
301
+ path = "http://vidibus.org/status?type=server&sign=ff98a086cca8af703537afe873009f16ea5554826fa5d2665c212a13e44f7da0"
279
302
  Vidibus::Secure.verify_request(:get, path, {}, key).should be_true
280
303
  end
281
304
 
282
305
  it "should return true for a valid GET request even if verb is upcase" do
283
- path = "http://vidibus.org/status?type=server&sign=afdc286310f98b36a4ad71e493a13ff35b5d841472328faadee270b6c62ca321"
306
+ path = "http://vidibus.org/status?type=server&sign=ff98a086cca8af703537afe873009f16ea5554826fa5d2665c212a13e44f7da0"
284
307
  Vidibus::Secure.verify_request("GET", path, {}, key).should be_true
285
308
  end
286
309
 
287
310
  it "should return true for a valid GET request if params are given as hash" do
288
311
  path = "http://vidibus.org/status"
289
- params = {:type => "server", :sign => "afdc286310f98b36a4ad71e493a13ff35b5d841472328faadee270b6c62ca321"}
312
+ params = {:type => "server", :sign => "ff98a086cca8af703537afe873009f16ea5554826fa5d2665c212a13e44f7da0"}
290
313
  Vidibus::Secure.verify_request("GET", path, params, key).should be_true
291
314
  end
292
315
 
293
316
  it "should return false if additional params are given" do
294
- path = "http://vidibus.org/status?type=server&sign=83d49980a04004431602a35941d2f927bfa9a2440fa04ccd2abbbad96309aa07"
317
+ path = "http://vidibus.org/status?type=server&sign=ff98a086cca8af703537afe873009f16ea5554826fa5d2665c212a13e44f7da0"
295
318
  Vidibus::Secure.verify_request("GET", path, { :some => "thing" }, key).should be_false
296
319
  end
297
320
 
298
321
  it "should return true for a valid POST request with params given as symbols" do
299
- params = {:sign => "1c038202044005a8da96c780b79c691af849604dab9dabd283e65271c8012aae", :some => "thing"}
322
+ params = {:some => "thing", :sign => "a41b51acf01f7207d250a0a486e60ed385050f848237251efcdb58448e57d20d"}
323
+ Vidibus::Secure.verify_request(:post, "/", params, key).should be_true
324
+ end
325
+
326
+ it "should return true for a valid POST request with params given as string" do
327
+ params = {"some"=>"thing", "sign"=>"a41b51acf01f7207d250a0a486e60ed385050f848237251efcdb58448e57d20d"}
300
328
  Vidibus::Secure.verify_request(:post, "/", params, key).should be_true
301
329
  end
302
330
 
303
331
  it "should return true for a valid POST request with nested params" do
304
332
  params = {
305
- :sign => "9419d44fc65b515b31923e2f3f4a166b384df107b61b323a1f7a3be1d7ad27f5",
333
+ :sign => "3a899c65b9a68fa473e3bc3388b7656538c85498cc63cdcac59eebfe9f68ce07",
306
334
  :some => {:nested => "params", :are => {:really => ["serious", "stuff"]}}
307
335
  }
308
336
  Vidibus::Secure.verify_request(:post, "/", params, key).should be_true
309
337
  end
310
338
 
311
- it "should return true for a valid POST request with params given as string" do
312
- params = {"sign"=>"1c038202044005a8da96c780b79c691af849604dab9dabd283e65271c8012aae", "some"=>"thing"}
313
- Vidibus::Secure.verify_request(:post, "/", params, key).should be_true
314
- end
315
-
316
339
  it "should return false if signature is invalid" do
317
340
  path = "http://vidibus.org/status?type=server&sign=invalid"
318
341
  Vidibus::Secure.verify_request(:get, path, {}, key).should be_false
@@ -324,12 +347,12 @@ describe "Vidibus::Secure" do
324
347
  end
325
348
 
326
349
  it "should return false if request verb does not match signature" do
327
- path = "http://vidibus.org/status?type=server&sign=068dbf2695798e3cda2710ae34d74043653eae41d82cbbdf39edebd7e2ae9a50"
350
+ path = "http://vidibus.org/status?type=server&sign=ff98a086cca8af703537afe873009f16ea5554826fa5d2665c212a13e44f7da0"
328
351
  Vidibus::Secure.verify_request(:delete, path, {}, key).should be_false
329
352
  end
330
353
 
331
354
  it "should return false if params do not match signature" do
332
- params = {"sign" => "90c71e477ea155e99b8a85b7f9ad0614e5445acfc33702cd3db614941f1a7df9", "some" => "invalid"}
355
+ params = {"sign" => "ff98a086cca8af703537afe873009f16ea5554826fa5d2665c212a13e44f7da0", "some" => "invalid"}
333
356
  Vidibus::Secure.verify_request(:post, "/", params, key).should be_false
334
357
  end
335
358
 
@@ -1,95 +1,37 @@
1
- # Generated by jeweler
2
- # DO NOT EDIT THIS FILE DIRECTLY
3
- # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
1
  # -*- encoding: utf-8 -*-
2
+ lib = File.expand_path("../lib/", __FILE__)
3
+ $:.unshift lib unless $:.include?(lib)
4
+
5
+ require "vidibus/secure/version"
5
6
 
6
7
  Gem::Specification.new do |s|
7
- s.name = %q{vidibus-secure}
8
- s.version = "0.0.4"
8
+ s.name = "vidibus-secure"
9
+ s.version = Vidibus::Secure::VERSION
10
+ s.platform = Gem::Platform::RUBY
11
+ s.authors = "Andre Pankratz"
12
+ s.email = "andre@vidibus.com"
13
+ s.homepage = "https://github.com/vidibus/vidibus-secure"
14
+ s.summary = "Security tools for Vidibus applications"
15
+ s.description = "Allows encryption and signing of requests and storing encrypted data within Mongoid documents."
9
16
 
10
- s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
- s.authors = ["Andre Pankratz"]
12
- s.date = %q{2011-02-02}
13
- s.description = %q{Description...}
14
- s.email = %q{andre@vidibus.com}
15
- s.extra_rdoc_files = [
16
- "LICENSE",
17
- "README.rdoc"
18
- ]
19
- s.files = [
20
- ".bundle/config",
21
- ".rspec",
22
- "Gemfile",
23
- "Gemfile.lock",
24
- "LICENSE",
25
- "README.rdoc",
26
- "Rakefile",
27
- "VERSION",
28
- "lib/generators/vidibus_secure_key/vidibus_secure_key_generator.rb",
29
- "lib/vidibus-secure.rb",
30
- "lib/vidibus/secure.rb",
31
- "lib/vidibus/secure/extensions.rb",
32
- "lib/vidibus/secure/extensions/controller.rb",
33
- "lib/vidibus/secure/mongoid.rb",
34
- "spec/spec_helper.rb",
35
- "spec/vidibus/secure/extensions/controller_spec.rb",
36
- "spec/vidibus/secure/mongoid_spec.rb",
37
- "spec/vidibus/secure_spec.rb",
38
- "vidibus-secure.gemspec"
39
- ]
40
- s.homepage = %q{http://github.com/vidibus/vidibus-secure}
41
- s.require_paths = ["lib"]
42
- s.rubyforge_project = %q{vidibus-secure}
43
- s.rubygems_version = %q{1.3.7}
44
- s.summary = %q{Security tools for Vidibus applications}
45
- s.test_files = [
46
- "spec/spec_helper.rb",
47
- "spec/vidibus/secure/extensions/controller_spec.rb",
48
- "spec/vidibus/secure/mongoid_spec.rb",
49
- "spec/vidibus/secure_spec.rb"
50
- ]
17
+ s.required_rubygems_version = ">= 1.3.6"
18
+ s.rubyforge_project = "vidibus-resource"
51
19
 
52
- if s.respond_to? :specification_version then
53
- current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
54
- s.specification_version = 3
20
+ s.add_dependency "rack", "~> 1.2.1"
21
+ s.add_dependency "mongoid", "~> 2"
22
+ s.add_dependency "activesupport", "~> 3"
23
+ s.add_dependency "json"
24
+ s.add_dependency "vidibus-core_extensions"
55
25
 
56
- if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
57
- s.add_runtime_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
58
- s.add_runtime_dependency(%q<activesupport>, ["~> 3.0.0"])
59
- s.add_runtime_dependency(%q<vidibus-core_extensions>, [">= 0"])
60
- s.add_development_dependency(%q<rails>, ["~> 3.0.0"])
61
- s.add_development_dependency(%q<rspec>, ["~> 2.0.0.beta.20"])
62
- s.add_development_dependency(%q<rr>, [">= 0"])
63
- s.add_development_dependency(%q<relevance-rcov>, [">= 0"])
64
- s.add_runtime_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
65
- s.add_runtime_dependency(%q<activesupport>, ["~> 3.0.0"])
66
- s.add_runtime_dependency(%q<rack>, [">= 0"])
67
- s.add_runtime_dependency(%q<vidibus-core_extensions>, [">= 0"])
68
- else
69
- s.add_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
70
- s.add_dependency(%q<activesupport>, ["~> 3.0.0"])
71
- s.add_dependency(%q<vidibus-core_extensions>, [">= 0"])
72
- s.add_dependency(%q<rails>, ["~> 3.0.0"])
73
- s.add_dependency(%q<rspec>, ["~> 2.0.0.beta.20"])
74
- s.add_dependency(%q<rr>, [">= 0"])
75
- s.add_dependency(%q<relevance-rcov>, [">= 0"])
76
- s.add_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
77
- s.add_dependency(%q<activesupport>, ["~> 3.0.0"])
78
- s.add_dependency(%q<rack>, [">= 0"])
79
- s.add_dependency(%q<vidibus-core_extensions>, [">= 0"])
80
- end
81
- else
82
- s.add_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
83
- s.add_dependency(%q<activesupport>, ["~> 3.0.0"])
84
- s.add_dependency(%q<vidibus-core_extensions>, [">= 0"])
85
- s.add_dependency(%q<rails>, ["~> 3.0.0"])
86
- s.add_dependency(%q<rspec>, ["~> 2.0.0.beta.20"])
87
- s.add_dependency(%q<rr>, [">= 0"])
88
- s.add_dependency(%q<relevance-rcov>, [">= 0"])
89
- s.add_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
90
- s.add_dependency(%q<activesupport>, ["~> 3.0.0"])
91
- s.add_dependency(%q<rack>, [">= 0"])
92
- s.add_dependency(%q<vidibus-core_extensions>, [">= 0"])
93
- end
94
- end
26
+ s.add_development_dependency "bundler", ">= 1.0.0"
27
+ s.add_development_dependency "rake"
28
+ s.add_development_dependency "rdoc"
29
+ s.add_development_dependency "rspec", "~> 2"
30
+ s.add_development_dependency "rr"
31
+ s.add_development_dependency "rcov"
32
+ s.add_development_dependency "actionpack", "~> 3"
95
33
 
34
+ s.files = `git ls-files`.split("\n")
35
+ s.executables = `git ls-files`.split("\n").map{|f| f =~ /^bin\/(.*)/ ? $1 : nil}.compact
36
+ s.require_path = 'lib'
37
+ end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vidibus-secure
3
3
  version: !ruby/object:Gem::Version
4
- hash: 23
5
- prerelease: false
4
+ hash: 27
5
+ prerelease:
6
6
  segments:
7
7
  - 0
8
+ - 1
8
9
  - 0
9
- - 4
10
- version: 0.0.4
10
+ version: 0.1.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Andre Pankratz
@@ -15,48 +15,57 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-02-02 00:00:00 +01:00
18
+ date: 2011-07-09 00:00:00 +02:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
22
- type: :runtime
22
+ name: rack
23
23
  prerelease: false
24
- name: mongoid
25
- version_requirements: &id001 !ruby/object:Gem::Requirement
24
+ requirement: &id001 !ruby/object:Gem::Requirement
26
25
  none: false
27
26
  requirements:
28
27
  - - ~>
29
28
  - !ruby/object:Gem::Version
30
- hash: 62196427
29
+ hash: 29
31
30
  segments:
31
+ - 1
32
32
  - 2
33
- - 0
34
- - 0
35
- - beta
36
- - 20
37
- version: 2.0.0.beta.20
38
- requirement: *id001
39
- - !ruby/object:Gem::Dependency
33
+ - 1
34
+ version: 1.2.1
40
35
  type: :runtime
36
+ version_requirements: *id001
37
+ - !ruby/object:Gem::Dependency
38
+ name: mongoid
41
39
  prerelease: false
42
- name: activesupport
43
- version_requirements: &id002 !ruby/object:Gem::Requirement
40
+ requirement: &id002 !ruby/object:Gem::Requirement
44
41
  none: false
45
42
  requirements:
46
43
  - - ~>
47
44
  - !ruby/object:Gem::Version
48
45
  hash: 7
49
46
  segments:
50
- - 3
51
- - 0
52
- - 0
53
- version: 3.0.0
54
- requirement: *id002
47
+ - 2
48
+ version: "2"
49
+ type: :runtime
50
+ version_requirements: *id002
55
51
  - !ruby/object:Gem::Dependency
52
+ name: activesupport
53
+ prerelease: false
54
+ requirement: &id003 !ruby/object:Gem::Requirement
55
+ none: false
56
+ requirements:
57
+ - - ~>
58
+ - !ruby/object:Gem::Version
59
+ hash: 5
60
+ segments:
61
+ - 3
62
+ version: "3"
56
63
  type: :runtime
64
+ version_requirements: *id003
65
+ - !ruby/object:Gem::Dependency
66
+ name: json
57
67
  prerelease: false
58
- name: vidibus-core_extensions
59
- version_requirements: &id003 !ruby/object:Gem::Requirement
68
+ requirement: &id004 !ruby/object:Gem::Requirement
60
69
  none: false
61
70
  requirements:
62
71
  - - ">="
@@ -65,46 +74,42 @@ dependencies:
65
74
  segments:
66
75
  - 0
67
76
  version: "0"
68
- requirement: *id003
77
+ type: :runtime
78
+ version_requirements: *id004
69
79
  - !ruby/object:Gem::Dependency
70
- type: :development
80
+ name: vidibus-core_extensions
71
81
  prerelease: false
72
- name: rails
73
- version_requirements: &id004 !ruby/object:Gem::Requirement
82
+ requirement: &id005 !ruby/object:Gem::Requirement
74
83
  none: false
75
84
  requirements:
76
- - - ~>
85
+ - - ">="
77
86
  - !ruby/object:Gem::Version
78
- hash: 7
87
+ hash: 3
79
88
  segments:
80
- - 3
81
89
  - 0
82
- - 0
83
- version: 3.0.0
84
- requirement: *id004
90
+ version: "0"
91
+ type: :runtime
92
+ version_requirements: *id005
85
93
  - !ruby/object:Gem::Dependency
86
- type: :development
94
+ name: bundler
87
95
  prerelease: false
88
- name: rspec
89
- version_requirements: &id005 !ruby/object:Gem::Requirement
96
+ requirement: &id006 !ruby/object:Gem::Requirement
90
97
  none: false
91
98
  requirements:
92
- - - ~>
99
+ - - ">="
93
100
  - !ruby/object:Gem::Version
94
- hash: 62196427
101
+ hash: 23
95
102
  segments:
96
- - 2
103
+ - 1
97
104
  - 0
98
105
  - 0
99
- - beta
100
- - 20
101
- version: 2.0.0.beta.20
102
- requirement: *id005
103
- - !ruby/object:Gem::Dependency
106
+ version: 1.0.0
104
107
  type: :development
108
+ version_requirements: *id006
109
+ - !ruby/object:Gem::Dependency
110
+ name: rake
105
111
  prerelease: false
106
- name: rr
107
- version_requirements: &id006 !ruby/object:Gem::Requirement
112
+ requirement: &id007 !ruby/object:Gem::Requirement
108
113
  none: false
109
114
  requirements:
110
115
  - - ">="
@@ -113,12 +118,12 @@ dependencies:
113
118
  segments:
114
119
  - 0
115
120
  version: "0"
116
- requirement: *id006
117
- - !ruby/object:Gem::Dependency
118
121
  type: :development
122
+ version_requirements: *id007
123
+ - !ruby/object:Gem::Dependency
124
+ name: rdoc
119
125
  prerelease: false
120
- name: relevance-rcov
121
- version_requirements: &id007 !ruby/object:Gem::Requirement
126
+ requirement: &id008 !ruby/object:Gem::Requirement
122
127
  none: false
123
128
  requirements:
124
129
  - - ">="
@@ -127,46 +132,40 @@ dependencies:
127
132
  segments:
128
133
  - 0
129
134
  version: "0"
130
- requirement: *id007
135
+ type: :development
136
+ version_requirements: *id008
131
137
  - !ruby/object:Gem::Dependency
132
- type: :runtime
138
+ name: rspec
133
139
  prerelease: false
134
- name: mongoid
135
- version_requirements: &id008 !ruby/object:Gem::Requirement
140
+ requirement: &id009 !ruby/object:Gem::Requirement
136
141
  none: false
137
142
  requirements:
138
143
  - - ~>
139
144
  - !ruby/object:Gem::Version
140
- hash: 62196427
145
+ hash: 7
141
146
  segments:
142
147
  - 2
143
- - 0
144
- - 0
145
- - beta
146
- - 20
147
- version: 2.0.0.beta.20
148
- requirement: *id008
148
+ version: "2"
149
+ type: :development
150
+ version_requirements: *id009
149
151
  - !ruby/object:Gem::Dependency
150
- type: :runtime
152
+ name: rr
151
153
  prerelease: false
152
- name: activesupport
153
- version_requirements: &id009 !ruby/object:Gem::Requirement
154
+ requirement: &id010 !ruby/object:Gem::Requirement
154
155
  none: false
155
156
  requirements:
156
- - - ~>
157
+ - - ">="
157
158
  - !ruby/object:Gem::Version
158
- hash: 7
159
+ hash: 3
159
160
  segments:
160
- - 3
161
- - 0
162
161
  - 0
163
- version: 3.0.0
164
- requirement: *id009
162
+ version: "0"
163
+ type: :development
164
+ version_requirements: *id010
165
165
  - !ruby/object:Gem::Dependency
166
- type: :runtime
166
+ name: rcov
167
167
  prerelease: false
168
- name: rack
169
- version_requirements: &id010 !ruby/object:Gem::Requirement
168
+ requirement: &id011 !ruby/object:Gem::Requirement
170
169
  none: false
171
170
  requirements:
172
171
  - - ">="
@@ -175,52 +174,53 @@ dependencies:
175
174
  segments:
176
175
  - 0
177
176
  version: "0"
178
- requirement: *id010
177
+ type: :development
178
+ version_requirements: *id011
179
179
  - !ruby/object:Gem::Dependency
180
- type: :runtime
180
+ name: actionpack
181
181
  prerelease: false
182
- name: vidibus-core_extensions
183
- version_requirements: &id011 !ruby/object:Gem::Requirement
182
+ requirement: &id012 !ruby/object:Gem::Requirement
184
183
  none: false
185
184
  requirements:
186
- - - ">="
185
+ - - ~>
187
186
  - !ruby/object:Gem::Version
188
- hash: 3
187
+ hash: 5
189
188
  segments:
190
- - 0
191
- version: "0"
192
- requirement: *id011
193
- description: Description...
189
+ - 3
190
+ version: "3"
191
+ type: :development
192
+ version_requirements: *id012
193
+ description: Allows encryption and signing of requests and storing encrypted data within Mongoid documents.
194
194
  email: andre@vidibus.com
195
195
  executables: []
196
196
 
197
197
  extensions: []
198
198
 
199
- extra_rdoc_files:
200
- - LICENSE
201
- - README.rdoc
199
+ extra_rdoc_files: []
200
+
202
201
  files:
203
202
  - .bundle/config
203
+ - .gitignore
204
204
  - .rspec
205
+ - .travis.yml
205
206
  - Gemfile
206
- - Gemfile.lock
207
207
  - LICENSE
208
208
  - README.rdoc
209
209
  - Rakefile
210
- - VERSION
211
210
  - lib/generators/vidibus_secure_key/vidibus_secure_key_generator.rb
212
211
  - lib/vidibus-secure.rb
213
212
  - lib/vidibus/secure.rb
214
213
  - lib/vidibus/secure/extensions.rb
215
214
  - lib/vidibus/secure/extensions/controller.rb
216
215
  - lib/vidibus/secure/mongoid.rb
216
+ - lib/vidibus/secure/version.rb
217
217
  - spec/spec_helper.rb
218
218
  - spec/vidibus/secure/extensions/controller_spec.rb
219
219
  - spec/vidibus/secure/mongoid_spec.rb
220
220
  - spec/vidibus/secure_spec.rb
221
221
  - vidibus-secure.gemspec
222
222
  has_rdoc: true
223
- homepage: http://github.com/vidibus/vidibus-secure
223
+ homepage: https://github.com/vidibus/vidibus-secure
224
224
  licenses: []
225
225
 
226
226
  post_install_message:
@@ -242,19 +242,18 @@ required_rubygems_version: !ruby/object:Gem::Requirement
242
242
  requirements:
243
243
  - - ">="
244
244
  - !ruby/object:Gem::Version
245
- hash: 3
245
+ hash: 23
246
246
  segments:
247
- - 0
248
- version: "0"
247
+ - 1
248
+ - 3
249
+ - 6
250
+ version: 1.3.6
249
251
  requirements: []
250
252
 
251
- rubyforge_project: vidibus-secure
252
- rubygems_version: 1.3.7
253
+ rubyforge_project: vidibus-resource
254
+ rubygems_version: 1.6.2
253
255
  signing_key:
254
256
  specification_version: 3
255
257
  summary: Security tools for Vidibus applications
256
- test_files:
257
- - spec/spec_helper.rb
258
- - spec/vidibus/secure/extensions/controller_spec.rb
259
- - spec/vidibus/secure/mongoid_spec.rb
260
- - spec/vidibus/secure_spec.rb
258
+ test_files: []
259
+
data/Gemfile.lock DELETED
@@ -1,100 +0,0 @@
1
- GEM
2
- remote: http://rubygems.org/
3
- specs:
4
- abstract (1.0.0)
5
- actionmailer (3.0.3)
6
- actionpack (= 3.0.3)
7
- mail (~> 2.2.9)
8
- actionpack (3.0.3)
9
- activemodel (= 3.0.3)
10
- activesupport (= 3.0.3)
11
- builder (~> 2.1.2)
12
- erubis (~> 2.6.6)
13
- i18n (~> 0.4)
14
- rack (~> 1.2.1)
15
- rack-mount (~> 0.6.13)
16
- rack-test (~> 0.5.6)
17
- tzinfo (~> 0.3.23)
18
- activemodel (3.0.3)
19
- activesupport (= 3.0.3)
20
- builder (~> 2.1.2)
21
- i18n (~> 0.4)
22
- activerecord (3.0.3)
23
- activemodel (= 3.0.3)
24
- activesupport (= 3.0.3)
25
- arel (~> 2.0.2)
26
- tzinfo (~> 0.3.23)
27
- activeresource (3.0.3)
28
- activemodel (= 3.0.3)
29
- activesupport (= 3.0.3)
30
- activesupport (3.0.3)
31
- arel (2.0.4)
32
- bson (1.1.2)
33
- builder (2.1.2)
34
- diff-lcs (1.1.2)
35
- erubis (2.6.6)
36
- abstract (>= 1.0.0)
37
- i18n (0.4.2)
38
- mail (2.2.10)
39
- activesupport (>= 2.3.6)
40
- i18n (~> 0.4.1)
41
- mime-types (~> 1.16)
42
- treetop (~> 1.4.8)
43
- mime-types (1.16)
44
- mongo (1.1.2)
45
- bson (>= 1.1.1)
46
- mongoid (2.0.0.beta.20)
47
- activemodel (~> 3.0)
48
- mongo (~> 1.1)
49
- tzinfo (~> 0.3.22)
50
- will_paginate (~> 3.0.pre)
51
- polyglot (0.3.1)
52
- rack (1.2.1)
53
- rack-mount (0.6.13)
54
- rack (>= 1.0.0)
55
- rack-test (0.5.6)
56
- rack (>= 1.0)
57
- rails (3.0.3)
58
- actionmailer (= 3.0.3)
59
- actionpack (= 3.0.3)
60
- activerecord (= 3.0.3)
61
- activeresource (= 3.0.3)
62
- activesupport (= 3.0.3)
63
- bundler (~> 1.0)
64
- railties (= 3.0.3)
65
- railties (3.0.3)
66
- actionpack (= 3.0.3)
67
- activesupport (= 3.0.3)
68
- rake (>= 0.8.7)
69
- thor (~> 0.14.4)
70
- rake (0.8.7)
71
- relevance-rcov (0.9.2.1)
72
- rr (1.0.2)
73
- rspec (2.0.1)
74
- rspec-core (~> 2.0.1)
75
- rspec-expectations (~> 2.0.1)
76
- rspec-mocks (~> 2.0.1)
77
- rspec-core (2.0.1)
78
- rspec-expectations (2.0.1)
79
- diff-lcs (>= 1.1.2)
80
- rspec-mocks (2.0.1)
81
- rspec-core (~> 2.0.1)
82
- rspec-expectations (~> 2.0.1)
83
- thor (0.14.6)
84
- treetop (1.4.9)
85
- polyglot (>= 0.3.1)
86
- tzinfo (0.3.23)
87
- vidibus-core_extensions (0.3.12)
88
- will_paginate (3.0.pre2)
89
-
90
- PLATFORMS
91
- ruby
92
-
93
- DEPENDENCIES
94
- activesupport (~> 3.0.0)
95
- mongoid (~> 2.0.0.beta.20)
96
- rails (~> 3.0.0)
97
- relevance-rcov
98
- rr
99
- rspec (~> 2.0.0.beta.20)
100
- vidibus-core_extensions
data/VERSION DELETED
@@ -1 +0,0 @@
1
- 0.0.4