Permalink
Browse files

add some testcases

  • Loading branch information...
1 parent 0ffdc99 commit 22f874a4c1c7330aac67aa8e9676315fd534d1f1 @Xylakant Xylakant committed Dec 13, 2011
Showing with 100 additions and 39 deletions.
  1. +2 −0 Gemfile
  2. +38 −39 lib/faraday/request/hmac.rb
  3. +60 −0 test/faraday/request/hmac_test.rb
View
@@ -4,4 +4,6 @@ gem "rdiscount", :group => "documentation", :platforms => [:ruby_19] # added
gem "yard", :group => "documentation", :platforms => [:ruby_19] # added here since jruby does not like rdiscount
gem "jruby-openssl", :platforms => [:jruby]
+gem "faraday", :group => :development
+
gemspec
@@ -1,49 +1,48 @@
require 'faraday'
+require 'hmac/signer'
module Faraday
- module Request
- class Hmac < Faraday::Middleware
+ class Request::Hmac < Faraday::Middleware
- # create a new Hmac middleware instance
- #
- # @param [Object] app The url of the request
- # @param [String] secret The shared secret for the signature
- # @param [Hash] options Options for the signature generation
- # @param [Hash] query_values Additional query values to inject in the request as part of the signing process
- #
- # @option options [String] :nonce ('') The nonce to use in the signature
- # @option options [String, #strftime] :date (Time.now) The date to use in the signature
- # @option options [Hash] :headers ({}) A list of optional headers to include in the signature
- #
- # @option options [String] :auth_scheme ('HMAC') The name of the authorization scheme used in the Authorization header and to construct various header-names
- # @option options [String] :auth_param ('auth') The name of the authentication param to use for query based authentication
- # @option options [String] :auth_header ('Authorization') The name of the authorization header to use
- # @option options [String] :auth_header_format ('%{auth_scheme} %{signature}') The format of the authorization header. Will be interpolated with the given options and the signature.
- # @option options [String] :nonce_header ('X-#{auth_scheme}-Nonce') The header name for the request nonce
- # @option options [String] :alternate_date_header ('X-#{auth_scheme}-Date') The header name for the alternate date header
- # @option options [Bool] :query_based (false) Whether to use query based authentication
- # @option options [Bool] :use_alternate_date_header (false) Use the alternate date header instead of `Date`
- #
- def initialize(app, secret, options = {}, query_values = {})
- @app, @secret, @options, @query_values = app, secret, options, query_values
- end
+ # create a new Hmac middleware instance
+ #
+ # @param [Object] app The url of the request
+ # @param [String] secret The shared secret for the signature
+ # @param [Hash] options Options for the signature generation
+ # @param [Hash] query_values Additional query values to inject in the request as part of the signing process
+ #
+ # @option options [String] :nonce ('') The nonce to use in the signature
+ # @option options [String, #strftime] :date (Time.now) The date to use in the signature
+ # @option options [Hash] :headers ({}) A list of optional headers to include in the signature
+ #
+ # @option options [String] :auth_scheme ('HMAC') The name of the authorization scheme used in the Authorization header and to construct various header-names
+ # @option options [String] :auth_param ('auth') The name of the authentication param to use for query based authentication
+ # @option options [String] :auth_header ('Authorization') The name of the authorization header to use
+ # @option options [String] :auth_header_format ('%{auth_scheme} %{signature}') The format of the authorization header. Will be interpolated with the given options and the signature.
+ # @option options [String] :nonce_header ('X-#{auth_scheme}-Nonce') The header name for the request nonce
+ # @option options [String] :alternate_date_header ('X-#{auth_scheme}-Date') The header name for the alternate date header
+ # @option options [Bool] :query_based (false) Whether to use query based authentication
+ # @option options [Bool] :use_alternate_date_header (false) Use the alternate date header instead of `Date`
+ #
+ def initialize(app, secret, options = {}, query_values = {})
+ @app, @secret, @options, @query_values = app, secret, options, query_values
+ end
- def call(env)
- sign(env)
- @app.call(env)
- end
+ def call(env)
+ sign(env)
+ @app.call(env)
+ end
- def sign(env)
- signer = HMAC::Signer.new
- url = env[:url]
- url.query_values = (url.query_values || {}).merge(@query_values)
- headers, url = *signer.sign_request(url, @secret, @options)
+ def sign(env)
+ signer = HMAC::Signer.new
+ url = env[:url]
+ url.query_values = (url.query_values || {}).merge(@query_values)
+ headers, url = *signer.sign_request(url, @secret, @options)
- env[:request_headers] = (env[:request_headers] || {}).merge(headers)
- env[:url] = Addressable::URI.parse(url)
- env
- end
-
+ env[:request_headers] = (env[:request_headers] || {}).merge(headers)
+ env[:url] = Addressable::URI.parse(url)
+ env
end
+
end
end
@@ -0,0 +1,60 @@
+require 'faraday'
+require 'faraday/request/hmac'
+
+
+context "the faraday middleware" do
+
+ setup do
+ Timecop.freeze Time.gm(2011, 7, 1, 20, 28, 55)
+ end
+
+ teardown do
+ Timecop.return
+ end
+
+ context "> using header-based auth" do
+ setup do
+ m = Faraday::Request::Hmac.new(nil, "testsecret")
+ m.sign({ :request_headers => {}, :url => Addressable::URI.parse('http://www.example.com') })
+ end
+
+ asserts("authorization header") {topic[:request_headers]["Authorization"]}.equals("HMAC 539263f4f83878a4917d2f9c1521320c28b926a9")
+ asserts("date header") {topic[:request_headers]["Date"]}.equals("Fri, 1 Jul 2011 20:28:55 GMT")
+ asserts("query values") {topic[:url].query_values}.empty
+
+ context "> using a different auth header format" do
+ setup do
+ m = Faraday::Request::Hmac.new(nil, "testsecret", {:auth_key => 'TESTKEYID', :auth_header_format => '%{auth_scheme} %{auth_key} %{signature}'})
+ m.sign({ :request_headers => {}, :url => Addressable::URI.parse('http://www.example.com') })
+ end
+
+ asserts("authorization header") {topic[:request_headers]["Authorization"]}.equals("HMAC TESTKEYID 539263f4f83878a4917d2f9c1521320c28b926a9")
+ asserts("date header") {topic[:request_headers]["Date"]}.equals("Fri, 1 Jul 2011 20:28:55 GMT")
+ asserts("query values") {topic[:url].query_values}.empty
+ end
+
+ end
+
+ context "> using query-based auth" do
+ setup do
+ m = Faraday::Request::Hmac.new(nil, "testsecret", {:query_based => true})
+ m.sign({ :request_headers => {}, :url => Addressable::URI.parse('http://www.example.com') })
+ end
+
+ asserts("authorization header") {topic[:request_headers]["Authorization"]}.nil
+ asserts("date header") {topic[:request_headers]["Date"]}.nil
+
+ context "> query values" do
+
+ setup do
+ topic[:url].query_values
+ end
+
+ asserts("auth date") {topic["auth"]["date"]}.equals("Fri, 1 Jul 2011 20:28:55 GMT")
+ asserts("auth date") {topic["auth"]["signature"]}.equals("539263f4f83878a4917d2f9c1521320c28b926a9")
+ end
+
+ end
+
+
+end

0 comments on commit 22f874a

Please sign in to comment.