vidibus-secure 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/Gemfile.lock CHANGED
@@ -36,14 +36,14 @@ GEM
36
36
  erubis (2.6.6)
37
37
  abstract (>= 1.0.0)
38
38
  i18n (0.4.1)
39
- mail (2.2.5)
39
+ mail (2.2.6.1)
40
40
  activesupport (>= 2.3.6)
41
41
  mime-types
42
42
  treetop (>= 1.4.5)
43
43
  mime-types (1.16)
44
44
  mongo (1.0.7)
45
45
  bson (>= 1.0.4)
46
- mongoid (2.0.0.beta.17)
46
+ mongoid (2.0.0.beta.18)
47
47
  activemodel (~> 3.0.0)
48
48
  bson (= 1.0.4)
49
49
  mongo (= 1.0.7)
@@ -53,7 +53,7 @@ GEM
53
53
  rack (1.2.1)
54
54
  rack-mount (0.6.13)
55
55
  rack (>= 1.0.0)
56
- rack-test (0.5.4)
56
+ rack-test (0.5.6)
57
57
  rack (>= 1.0)
58
58
  rails (3.0.0)
59
59
  actionmailer (= 3.0.0)
@@ -71,19 +71,21 @@ GEM
71
71
  rake (0.8.7)
72
72
  relevance-rcov (0.9.2.1)
73
73
  rr (1.0.0)
74
- rspec (2.0.0.beta.20)
75
- rspec-core (= 2.0.0.beta.20)
76
- rspec-expectations (= 2.0.0.beta.20)
77
- rspec-mocks (= 2.0.0.beta.20)
78
- rspec-core (2.0.0.beta.20)
79
- rspec-expectations (2.0.0.beta.20)
74
+ rspec (2.0.0.beta.22)
75
+ rspec-core (= 2.0.0.beta.22)
76
+ rspec-expectations (= 2.0.0.beta.22)
77
+ rspec-mocks (= 2.0.0.beta.22)
78
+ rspec-core (2.0.0.beta.22)
79
+ rspec-expectations (2.0.0.beta.22)
80
80
  diff-lcs (>= 1.1.2)
81
- rspec-mocks (2.0.0.beta.20)
82
- thor (0.14.0)
81
+ rspec-mocks (2.0.0.beta.22)
82
+ rspec-core (= 2.0.0.beta.22)
83
+ rspec-expectations (= 2.0.0.beta.22)
84
+ thor (0.14.2)
83
85
  treetop (1.4.8)
84
86
  polyglot (>= 0.3.1)
85
87
  tzinfo (0.3.23)
86
- vidibus-core_extensions (0.3.5)
88
+ vidibus-core_extensions (0.3.7)
87
89
  will_paginate (3.0.pre2)
88
90
 
89
91
  PLATFORMS
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.1
1
+ 0.0.2
@@ -1,3 +1,6 @@
1
+ require "uri"
2
+ require "rack/utils"
3
+
1
4
  module Vidibus
2
5
  module Secure
3
6
  module Extensions
@@ -25,7 +28,10 @@ module Vidibus
25
28
  def valid_request?(secret, options = {})
26
29
  method = options.delete(:method) || request.method
27
30
  uri = options.delete(:uri) || request.protocol + request.host_with_port + request.fullpath
28
- params = options.delete(:params) || request.params.except(:action, "action", :controller, "controller", :id, "id")
31
+ params = options.delete(:params) || begin
32
+ query = URI.parse(uri).query
33
+ query ? Rack::Utils.parse_query(query) : {}
34
+ end
29
35
  Vidibus::Secure.verify_request(method, uri, params, secret)
30
36
  end
31
37
  end
@@ -34,9 +34,9 @@ describe "Vidibus::Secure::Extensions::Controller" do
34
34
  controller.valid_request?(secret, :uri => "something", :params => {})
35
35
  end
36
36
 
37
- it "should use request.params if no :params are provided" do
38
- mock(controller.request).params {{}}
39
- controller.valid_request?(secret, :uri => "something", :method => "get")
37
+ it "should extract params from request uri unless params are provided" do
38
+ mock(Rack::Utils).parse_query("with=params").twice {{}}
39
+ controller.valid_request?(secret, :uri => "something/?with=params", :method => "get")
40
40
  end
41
41
 
42
42
  it "should use given params" do
@@ -45,23 +45,13 @@ describe "Vidibus::Secure::Extensions::Controller" do
45
45
  end
46
46
 
47
47
  it "should return true for valid requests" do
48
- Vidibus::Secure.sign_request(:get, "http://vidibus.org/", controller.request.params, secret)
49
- controller.valid_request?(secret).should be_true
50
- end
51
-
52
- it "should omit :action, :controller, and :id from request.params" do
53
- Vidibus::Secure.sign_request(:get, "http://vidibus.org/", controller.request.params, secret)
54
- controller.request.params.merge(:action => "index", :controller => "application", :id => nil)
55
- controller.valid_request?(secret).should be_true
56
- end
57
-
58
- it "should omit 'action', 'controller', and 'id' from request.params" do
59
- Vidibus::Secure.sign_request(:get, "http://vidibus.org/", controller.request.params, secret)
60
- controller.request.params.merge("action" => "index", "controller" => "application", "id" => nil)
48
+ params = {}
49
+ Vidibus::Secure.sign_request(:get, "http://vidibus.org/", params, secret)
50
+ controller.request.fullpath = "?sign=#{params[:sign]}"
61
51
  controller.valid_request?(secret).should be_true
62
52
  end
63
53
 
64
- it "should keep :action, :controller, and :id in custom params" do
54
+ it "should use given custom params" do
65
55
  params = { :action => "index", :controller => "application", :id => "12" }
66
56
  Vidibus::Secure.sign_request(:get, "http://vidibus.org/", params, secret)
67
57
  controller.valid_request?(secret, :params => params).should be_true
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{vidibus-secure}
8
- s.version = "0.0.1"
8
+ s.version = "0.0.2"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Andre Pankratz"]
12
- s.date = %q{2010-09-23}
12
+ s.date = %q{2010-09-29}
13
13
  s.description = %q{Description...}
14
14
  s.email = %q{andre@vidibus.com}
15
15
  s.extra_rdoc_files = [
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vidibus-secure
3
3
  version: !ruby/object:Gem::Version
4
- hash: 29
4
+ hash: 27
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 1
10
- version: 0.0.1
9
+ - 2
10
+ version: 0.0.2
11
11
  platform: ruby
12
12
  authors:
13
13
  - Andre Pankratz
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-09-23 00:00:00 +02:00
18
+ date: 2010-09-29 00:00:00 +02:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency