lib/atom/configuration.rb @@ -1,3 +1,7 @@ +== 0.5.1 2008-08-05 + +* Added AuthHMAC support + == 0.5.0 2008-07-28 * Fix bug where processing instructions break parsing. History.txt @@ -9,6 +9,7 @@ lib/atom.rb lib/atom/pub.rb lib/atom/version.rb lib/atom/xml/parser.rb +lib/atom/configuration.rb setup.rb spec/app/member_entry.atom spec/app/service.xml Manifest.txt @@ -6,6 +6,7 @@ # require 'atom' +require 'atom/configuration' require 'atom/xml/parser' require 'atom/version' require 'xml/libxml' @@ -126,6 +127,12 @@ module Atom request = Net::HTTP::Post.new(uri.path, headers) if opts[:user] && opts[:pass] request.basic_auth(opts[:user], opts[:pass]) + elsif opts[:hmac_access_id] && opts[:hmac_secret_key] + if Atom::Configuration.auth_hmac_enabled? + AuthHMAC.sign!(request, opts[:hmac_access_id], opts[:hmac_secret_key]) + else + raise ArgumentError, "AuthHMAC credentials provides by auth-hmac gem is not installed" + end end response = http.request(request, entry.to_xml.to_s) end @@ -171,7 +178,14 @@ module Atom request = Net::HTTP::Put.new(uri.path, headers) if opts[:user] && opts[:pass] request.basic_auth(opts[:user], opts[:pass]) + elsif opts[:hmac_access_id] && opts[:hmac_secret_key] + if Atom::Configuration.auth_hmac_enabled? + AuthHMAC.sign!(request, opts[:hmac_access_id], opts[:hmac_secret_key]) + else + raise ArgumentError, "AuthHMAC credentials provides by auth-hmac gem is not installed" + end end + response = http.request(request, self.to_xml) end @@ -193,7 +207,14 @@ module Atom request = Net::HTTP::Delete.new(uri.path, {'Accept' => 'application/atom+xml', 'User-Agent' => "rAtom #{Atom::VERSION::STRING}"}) if opts[:user] && opts[:pass] request.basic_auth(opts[:user], opts[:pass]) + elsif opts[:hmac_access_id] && opts[:hmac_secret_key] + if Atom::Configuration.auth_hmac_enabled? + AuthHMAC.sign!(request, opts[:hmac_access_id], opts[:hmac_secret_key]) + else + raise ArgumentError, "AuthHMAC credentials provides by auth-hmac gem is not installed" + end end + response = http.request(request) end lib/atom/pub.rb @@ -8,7 +8,7 @@ module Atom #:nodoc: module VERSION #:nodoc: MAJOR = 0 MINOR = 5 - TINY = 0 + TINY = 1 STRING = [MAJOR, MINOR, TINY].join('.') end lib/atom/version.rb @@ -248,6 +248,27 @@ describe Atom::Pub do created = @collection.publish(entry, :user => 'user', :pass => 'pass') created.should == entry end + + if Atom::Configuration.auth_hmac_enabled? + it "should send a POST with hmac authentication when an entry is published" do + entry = Atom::Entry.load_entry(File.open('spec/fixtures/entry.atom')) + + response = mock_response(Net::HTTPCreated, entry.to_xml.to_s) + + http = mock('http') + http.should_receive(:request) do |request, entry_xml| + request['Authorization'].should match(/^AuthHMAC access_id:[a-zA-Z0-9\/+]+=*/) + response + end + + Net::HTTP.should_receive(:start).with('example.org', 80).and_yield(http) + + created = @collection.publish(entry, :hmac_access_id => 'access_id', :hmac_secret_key => 'secret') + created.should == entry + end + else + xit "should send a POST with hmac authentication when an entry is published" + end it "should behave well when no content is returned" do entry = Atom::Entry.load_entry(File.open('spec/fixtures/entry.atom')) @@ -366,6 +387,23 @@ describe Atom::Pub do entry.save!(:user => 'user', :pass => 'pass') end + if Atom::Configuration.auth_hmac_enabled? + it "should send a PUT with hmac auth to the edit link on save!" do + entry = Atom::Entry.load_entry(File.open('spec/app/member_entry.atom')) + response = mock_response(Net::HTTPSuccess, nil) + + http = mock('http') + http.should_receive(:request) do |request, entry_xml| + request['Authorization'].should match(/^AuthHMAC access_id:[a-zA-Z0-9\/+]+=*$/) + response + end + + Net::HTTP.should_receive(:start).with('example.org', 80).and_yield(http) + + entry.save!(:hmac_access_id => 'access_id', :hmac_secret_key => 'secret') + end + end + it "should send a DELETE to the edit link on delete!" do entry = Atom::Entry.load_entry(File.open('spec/app/member_entry.atom')) response = mock_response(Net::HTTPSuccess, nil) @@ -380,20 +418,37 @@ describe Atom::Pub do entry.destroy! end - it "should send a DELETE to the edit link on delete!" do + it "should send a DELETE with basic auth to the edit link on delete!" do + entry = Atom::Entry.load_entry(File.open('spec/app/member_entry.atom')) + response = mock_response(Net::HTTPSuccess, nil) + + request = mock('request') + request.should_receive(:basic_auth).with('user', 'pass') + Net::HTTP::Delete.should_receive(:new).with('/member_entry.atom', an_instance_of(Hash)).and_return(request) + + http = mock('http') + http.should_receive(:request).with(request).and_return(response) + Net::HTTP.should_receive(:start).with('example.org', 80).and_yield(http) + + entry.destroy!(:user => 'user', :pass => 'pass') + end + + if Atom::Configuration.auth_hmac_enabled? + it "should send a DELETE with hmac auth to the edit link on delete!" do entry = Atom::Entry.load_entry(File.open('spec/app/member_entry.atom')) response = mock_response(Net::HTTPSuccess, nil) - request = mock('request') - request.should_receive(:basic_auth).with('user', 'pass') - Net::HTTP::Delete.should_receive(:new).with('/member_entry.atom', an_instance_of(Hash)).and_return(request) - http = mock('http') - http.should_receive(:request).with(request).and_return(response) + http.should_receive(:request) do |request| + request['Authorization'].should match(/^AuthHMAC access_id:[a-zA-Z0-9\/+]+=*$/) + response + end + Net::HTTP.should_receive(:start).with('example.org', 80).and_yield(http) - entry.destroy!(:user => 'user', :pass => 'pass') + entry.destroy!(:hmac_access_id => 'access_id', :hmac_secret_key => 'secret') end + end it "should raise exception on save! without an edit link" do entry = Atom::Entry.load_entry(File.open('spec/fixtures/entry.atom')) spec/atom/pub_spec.rb @@ -143,9 +143,6 @@ describe Atom do lambda { Atom::Feed.load_feed(uri, :user => 'user', :pass => 'pass') }.should_not raise_error end - - it "should pass basic-auth credentials on the request" do - end end describe 'Atom::Entry.load_entry' do spec/atom_spec.rb 3f43294fbbd47f28beb0ad980ae3f04fa21dfed2 Sean Geoghegan seangeo@gmail.com http://github.com/seangeo/ratom/commit/b234d97c4e00e6ff87b7d0caa5fdb4c7cf54cc5c b234d97c4e00e6ff87b7d0caa5fdb4c7cf54cc5c 2008-08-04T22:44:35-07:00 2008-08-04T22:38:37-07:00 Added AuthHMAC support 2be04a7b043910027906aa7566615d9a4ec327bc Sean Geoghegan seangeo@gmail.com