wechat-validation 0.1 → 0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/README.md +13 -3
  4. data/ROADMAP.md +7 -0
  5. data/lib/wechat/validation/signature.rb +16 -0
  6. data/lib/wechat/validation/version.rb +1 -1
  7. data/lib/wechat/validation.rb +7 -1
  8. data/wechat-validation.gemspec +9 -11
  9. metadata +8 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 86a5efa4aaea1d3df796953e19576eb311a1cedd
4
- data.tar.gz: 5a55b63c6ee9eff52f768c2e4988d01914a5af8e
3
+ metadata.gz: 1c629402eaab5269660d6b09eb47cdf8d673c120
4
+ data.tar.gz: 8e95ee8fbeff736beebc9982fc0780d0cb1b30b9
5
5
  SHA512:
6
- metadata.gz: 7f3d360b788fbcb9b6655adf657148ba4743303cbc883f4b658f1a39668d490fa66c5682b0c57417ca76a7c1dc18ce55158b4d3ec776729d0f970968c1bbe7c2
7
- data.tar.gz: 4f094e21fccde9729cad2221184a598c0821307bd54b9574ed368922a1c29a8b8efa775de17ddc170a956bbd25ac9896292bb670e1da352c07c1640e42272a06
6
+ metadata.gz: 81b33bb566aed05505355c73221b6be6891f84162aae844ca1fd45c50899f8013d7f1f0a45b7988c1193475aff0b349890740823654be99994ceeb47b907f105
7
+ data.tar.gz: c35f3b713556ebfbe79373cc5fe0cc3e55d37f1de01ea5015fd6566f2e43e2fcdd616c19530ed8e2a6fd72161ada5fea49c886fe63bb20b451ed6cf3a0e1db3e
data/CHANGELOG.md ADDED
@@ -0,0 +1,7 @@
1
+ # Wechat Validation Change Log 微信验证库变更日志
2
+
3
+ ## v0.1
4
+ 1. Wechat::Validation.sign method.
5
+
6
+ ## v0.2
7
+ 1. Deprecated the Wechat Validation ::sign method, use Wechat Validation Signature ::create instead.
data/README.md CHANGED
@@ -1,6 +1,10 @@
1
- # Wechat::Validation
1
+ # Wechat Validation 微信服务器验证库
2
+
3
+ [![License](https://img.shields.io/badge/license-MIT-green.svg)](http://opensource.org/licenses/MIT)
4
+ [![Gem Version](https://badge.fury.io/rb/wechat-validation.svg)](https://badge.fury.io/rb/wechat-validation)
2
5
 
3
6
  The Wechat Server Validation Library is a code base for validating the HTTP server in Wechat.
7
+ 微信服务器验证库用于处理[微信服务器验证请求](http://mp.weixin.qq.com/wiki/8/f9a0b8382e0b77d87b3bcc1ce6fbc104.html#.E7.AC.AC.E4.BA.8C.E6.AD.A5.EF.BC.9A.E9.AA.8C.E8.AF.81.E6.9C.8D.E5.8A.A1.E5.99.A8.E5.9C.B0.E5.9D.80.E7.9A.84.E6.9C.89.E6.95.88.E6.80.A7)。
4
8
 
5
9
  ## Installation
6
10
 
@@ -20,8 +24,14 @@ Or install it yourself as:
20
24
 
21
25
  ## Usage
22
26
 
23
- actual_signature = ::Wechat::Validation.sign(nonce, timestamp, token)
24
-
27
+ ```ruby
28
+ actual_signature = ::Wechat::Validation.sign(params[:nonce], params[:timestamp], Rails.application.secrets.wechat_validation_token)
29
+ if params[:signature]==actual_signature
30
+ # Correct
31
+ else
32
+ # Wrong
33
+ end
34
+ ```
25
35
  ## Development
26
36
 
27
37
  After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
data/ROADMAP.md ADDED
@@ -0,0 +1,7 @@
1
+ # Wechat Validation Road Map 微信验证库路线图
2
+
3
+ ## v0.1
4
+ 1. Wechat::Validation.sign method.
5
+
6
+ ## v0.2
7
+ 1. Deprecated the Wechat Validation ::sign method, use Wechat Validation Signature ::create instead.
data/lib/wechat/validation/signature.rb ADDED
@@ -0,0 +1,16 @@
1
+ class Wechat::Validation::Signature
2
+
3
+ # 验证服务器地址的有效性
4
+ # http://mp.weixin.qq.com/wiki/8/f9a0b8382e0b77d87b3bcc1ce6fbc104.html#.E7.AC.AC.E4.BA.8C.E6.AD.A5.EF.BC.9A.E9.AA.8C.E8.AF.81.E6.9C.8D.E5.8A.A1.E5.99.A8.E5.9C.B0.E5.9D.80.E7.9A.84.E6.9C.89.E6.95.88.E6.80.A7
5
+ #
6
+ # 开发者通过检验signature对请求进行校验(下面有校验方式)。
7
+ # 若确认此次GET请求来自微信服务器,请原样返回echostr参数内容,则接入生效,成为开发者成功,否则接入失败。
8
+ # 加密/校验流程如下:
9
+ # 1. 将token、timestamp、nonce三个参数进行字典序排序
10
+ # 2. 将三个参数字符串拼接成一个字符串进行sha1加密
11
+ # 3. 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
12
+ def self.create(nonce, timestamp, token)
13
+ Digest::SHA1.hexdigest [ nonce, timestamp, token ].sort.join
14
+ end
15
+
16
+ end
data/lib/wechat/validation/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Wechat
2
2
  module Validation
3
- VERSION = '0.1'.freeze
3
+ VERSION = '0.2'.freeze
4
4
  end
5
5
  end
data/lib/wechat/validation.rb CHANGED
@@ -1,11 +1,17 @@
1
1
  require 'wechat/validation/version'
2
2
 
3
+ require 'wechat/validation/signature'
4
+
3
5
  module Wechat
4
6
  module Validation
5
7
 
6
- def sign(nonce, timestamp, token)
8
+ def self.sign(nonce, timestamp, token)
7
9
  actual_signature = Digest::SHA1.hexdigest [ nonce, timestamp, token ].sort.join('')
8
10
  end
9
11
 
12
+ class << self
13
+ deprecate sign: :'Wechat::Validation::Signature.create', deprecator: ActiveSupport::Deprecation.new('1.0', 'wechat-validation')
14
+ end
15
+
10
16
  end
11
17
  end
data/wechat-validation.gemspec CHANGED
@@ -4,16 +4,14 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
  require 'wechat/validation/version'
5
5
 
6
6
  Gem::Specification.new do |spec|
7
-
8
- spec.name = 'wechat-validation'
9
- spec.version = Wechat::Validation::VERSION
10
- spec.authors = [ 'Topbit Du' ]
11
- spec.email = [ 'topbit.du@gmail.com' ]
12
-
13
- spec.summary = %q{Wechat Server Validation Library}
14
- spec.description = %q{This gem is a low level library for Wechat Server Validation.}
15
- spec.homepage = 'https://github.com/topbitdu/wechat-validation'
16
- spec.license = 'MIT'
7
+ spec.name = 'wechat-validation'
8
+ spec.version = Wechat::Validation::VERSION
9
+ spec.authors = [ 'Topbit Du' ]
10
+ spec.email = [ 'topbit.du@gmail.com' ]
11
+ spec.summary = 'Wechat Server Validation Library 微信服务器验证库'
12
+ spec.description = 'Wechat Server Validation Library handles the validation requests from the Wechat servers. 微信服务器验证库用于处理微信服务器发出的验证请求。'
13
+ spec.homepage = 'https://github.com/topbitdu/wechat-validation'
14
+ spec.license = 'MIT'
17
15
 
18
16
  # Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
19
17
  # delete this section to allow pushing this gem to any host.
@@ -24,7 +22,7 @@ Gem::Specification.new do |spec|
24
22
  #end
25
23
 
26
24
  spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
27
- spec.bindir = "exe"
25
+ spec.bindir = 'exe'
28
26
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
29
27
  spec.require_paths = [ 'lib' ]
30
28
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: wechat-validation
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.1'
4
+ version: '0.2'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Topbit Du
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-02-14 00:00:00.000000000 Z
11
+ date: 2016-02-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -52,7 +52,8 @@ dependencies:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
54
  version: '3.0'
55
- description: This gem is a low level library for Wechat Server Validation.
55
+ description: Wechat Server Validation Library handles the validation requests from
56
+ the Wechat servers. 微信服务器验证库用于处理微信服务器发出的验证请求。
56
57
  email:
57
58
  - topbit.du@gmail.com
58
59
  executables: []
@@ -62,14 +63,17 @@ files:
62
63
  - ".gitignore"
63
64
  - ".rspec"
64
65
  - ".travis.yml"
66
+ - CHANGELOG.md
65
67
  - CODE_OF_CONDUCT.md
66
68
  - Gemfile
67
69
  - LICENSE.txt
68
70
  - README.md
71
+ - ROADMAP.md
69
72
  - Rakefile
70
73
  - bin/console
71
74
  - bin/setup
72
75
  - lib/wechat/validation.rb
76
+ - lib/wechat/validation/signature.rb
73
77
  - lib/wechat/validation/version.rb
74
78
  - wechat-validation.gemspec
75
79
  homepage: https://github.com/topbitdu/wechat-validation
@@ -95,5 +99,5 @@ rubyforge_project:
95
99
  rubygems_version: 2.4.5.1
96
100
  signing_key:
97
101
  specification_version: 4
98
- summary: Wechat Server Validation Library
102
+ summary: Wechat Server Validation Library 微信服务器验证库
99
103
  test_files: []