Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request ryanb#19 from jameshuynh/master
Truncate message private pub token after publish authentication.
  • Loading branch information
ryanb committed Jun 29, 2011
2 parents c3c958b + ee4a601 commit feb04ad
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 0 deletions.
2 changes: 2 additions & 0 deletions lib/private_pub/faye_extension.rb
Expand Up @@ -25,6 +25,8 @@ def authenticate_publish(message)
raise Error, "No secret_token config set, ensure private_pub.yml is loaded properly."
elsif message["ext"]["private_pub_token"] != PrivatePub.config[:secret_token]
message["error"] = "Incorrect token."
else
message["ext"]["private_pub_token"] = nil
end
end
end
Expand Down
9 changes: 9 additions & 0 deletions spec/private_pub/faye_extension_spec.rb
Expand Up @@ -54,4 +54,13 @@
message = @faye.incoming(@message, lambda { |m| m })
message["error"].should be_nil
end

it "should not let message carry the private pub token after server's validation" do
PrivatePub.config[:secret_token] = "good"
@message["channel"] = "/custom/channel"
@message["ext"]["private_pub_token"] = PrivatePub.config[:secret_token]
message = @faye.incoming(@message, lambda { |m| m })
message['ext']["private_pub_token"].should be_nil
end

end

0 comments on commit feb04ad

Please sign in to comment.