Skip to content
Commits on Apr 6, 2013
  1. @tdegrunt
Commits on Oct 8, 2012
  1. @fxposter
  2. @gregory-m

    Fixed Singer to work with Faraday

    gregory-m committed Oct 8, 2012
    Also added Faraday integration test to avoid similar errors in the future.
Commits on Oct 6, 2012
  1. @gregory-m

    Removed addressable gem

    gregory-m committed Oct 6, 2012
Commits on Jul 9, 2012
  1. @Xylakant

    Change method for comparing the computed and presented signature to p…

    Xylakant committed Jul 9, 2012
    …revent sidechannel attacks
    
    Use a less efficient method for comparing the computed and the presented signature that compares
    all characters in pretty much all cases. This prevents timing sidechannel attacks that would allow
    the attacker to efficiently guess the signature with less than brute-force effort.
    
    Fixes #16
  2. @darrinholst @Xylakant

    Implement the default ttl value.

    darrinholst committed with Xylakant Jun 14, 2012
    The documentation says that the default ttl is 900 seconds, however
    there was nothing in there that did that. This sets the default to 900
    seconds if a ttl was not passed in the config.
Commits on May 21, 2012
  1. @Xylakant

    Updated API doc

    Xylakant committed May 21, 2012
    Clarify that the extra_auth_params key will be ignored for header-based
    auth.
Commits on Apr 13, 2012
  1. @skade
  2. @Xylakant
  3. @Xylakant

    Merge branch 'master' into feature/ignore-parameters

    Xylakant committed Apr 13, 2012
    Conflicts:
    	lib/hmac/signer.rb
Commits on Apr 12, 2012
  1. @skade

    Short-circuit validate_url_signature if auth_params are missing

    skade committed Apr 12, 2012
    It crashed before...
Commits on Feb 2, 2012
  1. @skade

    Add "ignore_params" option

    skade committed Feb 2, 2012
Commits on Feb 1, 2012
  1. @skade

    Move defaults to a constant

    skade committed Feb 1, 2012
Commits on Jan 15, 2012
  1. @Xylakant

    fixes issue #12

    Xylakant committed Jan 15, 2012
    headers in the request are uppercase
Commits on Jan 8, 2012
  1. @neerfri
Commits on Dec 29, 2011
  1. @Xylakant
Commits on Dec 28, 2011
  1. @Xylakant

    -fixed a crash bug that occured if no config was given in the warden env

    Xylakant committed Dec 28, 2011
    - fixed a crash bug that occured if a nonce was required
  2. @Xylakant

    refactored valid?, extracted a check for the signature in the params …

    Xylakant committed Dec 28, 2011
    …so that the check can be changed withouth overwriting all of valid?
Commits on Dec 14, 2011
  1. @Xylakant

    the :retrieve_user option now accepts a proc that will be called

    Xylakant committed Dec 14, 2011
    to retrieve the user
  2. @Xylakant

    simplify using the :auth_header_format option by autogenerating a pro…

    Xylakant committed Dec 14, 2011
    …per :auth_header_parse expression that should cover pretty much all cases
    
    simplifies usage of multiple authentication secrets with header-based authentication
Commits on Dec 13, 2011
  1. @Xylakant

    update doc

    Xylakant committed Dec 13, 2011
  2. @Xylakant

    remove query_values parameter

    Xylakant committed Dec 13, 2011
  3. @Xylakant
  4. @Xylakant
  5. @Xylakant

    add full support for different authorization header formats in header…

    Xylakant committed Dec 13, 2011
    …-based authentication
    
    - allows supporting multiple signing keys in header-based auth
  6. @Xylakant

    add some testcases

    Xylakant committed Dec 13, 2011
  7. @Xylakant
  8. @Xylakant

    use Time.gm instead of Time.local in tests

    Xylakant committed Dec 13, 2011
    This should fix the travis issues for good
    
    revert debug prints that were needed for test debugging
  9. @Xylakant

    add some output to the testcases to help me debug a problem in the te…

    Xylakant committed Dec 13, 2011
    …stsuite that only occurs on travis
  10. @Xylakant
Commits on Jul 17, 2011
  1. @Xylakant

    reorganized code, proper module structure etc.

    Xylakant committed Jul 17, 2011
    This should have happened earlier in the dev process
Commits on Jul 16, 2011
  1. @Xylakant

    fix bug that occured when signing urls without query parameters, adde…

    Xylakant committed Jul 16, 2011
    …d tests
    
    closes issue #1
  2. @Xylakant

    renamed methods:

    Xylakant committed Jul 16, 2011
     - check_signature to validate_signature
     - check_url_signature to validate_url_signature
    
    Updated tests and docs accordingly
    
    Added short chapter about the HMACSigner class to the readme.
  3. @Xylakant

    added class documentations

    Xylakant committed Jul 16, 2011
  4. @Xylakant
Something went wrong with that request. Please try again.