RubyGems - wechat-validation - Versions diffs - 0.1 → 0.2 - Mend

wechat-validation 0.1 → 0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +7 -0
data/README.md +13 -3
data/ROADMAP.md +7 -0
data/lib/wechat/validation/signature.rb +16 -0
data/lib/wechat/validation/version.rb +1 -1
data/lib/wechat/validation.rb +7 -1
data/wechat-validation.gemspec +9 -11
metadata +8 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 86a5efa4aaea1d3df796953e19576eb311a1cedd
-  data.tar.gz: 5a55b63c6ee9eff52f768c2e4988d01914a5af8e
+  metadata.gz: 1c629402eaab5269660d6b09eb47cdf8d673c120
+  data.tar.gz: 8e95ee8fbeff736beebc9982fc0780d0cb1b30b9
 SHA512:
-  metadata.gz: 7f3d360b788fbcb9b6655adf657148ba4743303cbc883f4b658f1a39668d490fa66c5682b0c57417ca76a7c1dc18ce55158b4d3ec776729d0f970968c1bbe7c2
-  data.tar.gz: 4f094e21fccde9729cad2221184a598c0821307bd54b9574ed368922a1c29a8b8efa775de17ddc170a956bbd25ac9896292bb670e1da352c07c1640e42272a06
+  metadata.gz: 81b33bb566aed05505355c73221b6be6891f84162aae844ca1fd45c50899f8013d7f1f0a45b7988c1193475aff0b349890740823654be99994ceeb47b907f105
+  data.tar.gz: c35f3b713556ebfbe79373cc5fe0cc3e55d37f1de01ea5015fd6566f2e43e2fcdd616c19530ed8e2a6fd72161ada5fea49c886fe63bb20b451ed6cf3a0e1db3e

data/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,7 @@
+# Wechat Validation Change Log 微信验证库变更日志
+## v0.1
+1. Wechat::Validation.sign method.
+## v0.2
+1. Deprecated the Wechat Validation ::sign method, use Wechat Validation Signature ::create instead.

data/README.md CHANGED Viewed

@@ -1,6 +1,10 @@
-# Wechat::Validation
+# Wechat Validation 微信服务器验证库
+[![License](https://img.shields.io/badge/license-MIT-green.svg)](http://opensource.org/licenses/MIT)
+[![Gem Version](https://badge.fury.io/rb/wechat-validation.svg)](https://badge.fury.io/rb/wechat-validation)
 The Wechat Server Validation Library is a code base for validating the HTTP server in Wechat.
+微信服务器验证库用于处理[微信服务器验证请求](http://mp.weixin.qq.com/wiki/8/f9a0b8382e0b77d87b3bcc1ce6fbc104.html#.E7.AC.AC.E4.BA.8C.E6.AD.A5.EF.BC.9A.E9.AA.8C.E8.AF.81.E6.9C.8D.E5.8A.A1.E5.99.A8.E5.9C.B0.E5.9D.80.E7.9A.84.E6.9C.89.E6.95.88.E6.80.A7)。
 ## Installation
@@ -20,8 +24,14 @@ Or install it yourself as:
 ## Usage
-actual_signature = ::Wechat::Validation.sign(nonce, timestamp, token)
+```ruby
+actual_signature = ::Wechat::Validation.sign(params[:nonce], params[:timestamp], Rails.application.secrets.wechat_validation_token)
+if params[:signature]==actual_signature
+  # Correct
+else
+  # Wrong
+end
+```
 ## Development
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/ROADMAP.md ADDED Viewed

@@ -0,0 +1,7 @@
+# Wechat Validation Road Map 微信验证库路线图
+## v0.1
+1. Wechat::Validation.sign method.
+## v0.2
+1. Deprecated the Wechat Validation ::sign method, use Wechat Validation Signature ::create instead.

data/lib/wechat/validation/signature.rb ADDED Viewed

@@ -0,0 +1,16 @@
+class Wechat::Validation::Signature
+  # 验证服务器地址的有效性
+  # http://mp.weixin.qq.com/wiki/8/f9a0b8382e0b77d87b3bcc1ce6fbc104.html#.E7.AC.AC.E4.BA.8C.E6.AD.A5.EF.BC.9A.E9.AA.8C.E8.AF.81.E6.9C.8D.E5.8A.A1.E5.99.A8.E5.9C.B0.E5.9D.80.E7.9A.84.E6.9C.89.E6.95.88.E6.80.A7
+  #
+  # 开发者通过检验signature对请求进行校验（下面有校验方式）。
+  # 若确认此次GET请求来自微信服务器，请原样返回echostr参数内容，则接入生效，成为开发者成功，否则接入失败。
+  # 加密/校验流程如下：
+  # 1. 将token、timestamp、nonce三个参数进行字典序排序
+  # 2. 将三个参数字符串拼接成一个字符串进行sha1加密
+  # 3. 开发者获得加密后的字符串可与signature对比，标识该请求来源于微信
+  def self.create(nonce, timestamp, token)
+    Digest::SHA1.hexdigest [ nonce, timestamp, token ].sort.join
+  end
+end

data/lib/wechat/validation/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Wechat
   module Validation
-    VERSION = '0.1'.freeze
+    VERSION = '0.2'.freeze
   end
 end

data/lib/wechat/validation.rb CHANGED Viewed

@@ -1,11 +1,17 @@
 require 'wechat/validation/version'
+require 'wechat/validation/signature'
 module Wechat
   module Validation
-    def sign(nonce, timestamp, token)
+    def self.sign(nonce, timestamp, token)
       actual_signature = Digest::SHA1.hexdigest [ nonce, timestamp, token ].sort.join('')
     end
+    class << self
+      deprecate sign: :'Wechat::Validation::Signature.create', deprecator: ActiveSupport::Deprecation.new('1.0', 'wechat-validation')
+    end
   end
 end

data/wechat-validation.gemspec CHANGED Viewed

@@ -4,16 +4,14 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'wechat/validation/version'
 Gem::Specification.new do |spec|
-  spec.name          = 'wechat-validation'
-  spec.version       = Wechat::Validation::VERSION
-  spec.authors       = [ 'Topbit Du' ]
-  spec.email         = [ 'topbit.du@gmail.com' ]
-  spec.summary       = %q{Wechat Server Validation Library}
-  spec.description   = %q{This gem is a low level library for Wechat Server Validation.}
-  spec.homepage      = 'https://github.com/topbitdu/wechat-validation'
-  spec.license       = 'MIT'
+  spec.name        = 'wechat-validation'
+  spec.version     = Wechat::Validation::VERSION
+  spec.authors     = [ 'Topbit Du' ]
+  spec.email       = [ 'topbit.du@gmail.com' ]
+  spec.summary     = 'Wechat Server Validation Library 微信服务器验证库'
+  spec.description = 'Wechat Server Validation Library handles the validation requests from the Wechat servers. 微信服务器验证库用于处理微信服务器发出的验证请求。'
+  spec.homepage    = 'https://github.com/topbitdu/wechat-validation'
+  spec.license     = 'MIT'
   # Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
   # delete this section to allow pushing this gem to any host.
@@ -24,7 +22,7 @@ Gem::Specification.new do |spec|
   #end
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  spec.bindir        = "exe"
+  spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = [ 'lib' ]

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wechat-validation
 version: !ruby/object:Gem::Version
-  version: '0.1'
+  version: '0.2'
 platform: ruby
 authors:
 - Topbit Du
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2016-02-14 00:00:00.000000000 Z
+date: 2016-02-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,7 +52,8 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
-description: This gem is a low level library for Wechat Server Validation.
+description: Wechat Server Validation Library handles the validation requests from
+  the Wechat servers. 微信服务器验证库用于处理微信服务器发出的验证请求。
 email:
 - topbit.du@gmail.com
 executables: []
@@ -62,14 +63,17 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
+- CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE.txt
 - README.md
+- ROADMAP.md
 - Rakefile
 - bin/console
 - bin/setup
 - lib/wechat/validation.rb
+- lib/wechat/validation/signature.rb
 - lib/wechat/validation/version.rb
 - wechat-validation.gemspec
 homepage: https://github.com/topbitdu/wechat-validation
@@ -95,5 +99,5 @@ rubyforge_project:
 rubygems_version: 2.4.5.1
 signing_key:
 specification_version: 4
-summary: Wechat Server Validation Library
+summary: Wechat Server Validation Library 微信服务器验证库
 test_files: []