Browse files

Merge pull request #88 from tarcieri/fix/auth-encoding

Strict encode authorization header value
  • Loading branch information...
2 parents 5e8d1c2 + a3e19ca commit 42512b20063a6f99845edbf05b3854dcde601d7a @sferik sferik committed Feb 18, 2014
View
2 Rakefile
@@ -22,7 +22,7 @@ end
require 'yardstick/rake/verify'
Yardstick::Rake::Verify.new do |verify|
- verify.threshold = 56.7
+ verify.threshold = 56.8
end
task :default => [:spec, :rubocop, :verify_measurements]
View
2 lib/http.rb
@@ -9,7 +9,7 @@
require 'http/response'
require 'http/response/body'
require 'http/response/parser'
-require 'http/uri_backport' if RUBY_VERSION < '1.9.0'
+require 'http/backports' if RUBY_VERSION < '1.9.0'
# HTTP should be easy
module HTTP
View
2 lib/http/authorization_header/basic_auth.rb
@@ -15,7 +15,7 @@ def initialize(opts)
# :nodoc:
def to_s
- 'Basic ' << Base64.encode64("#{@user}:#{@pass}")
+ 'Basic ' << Base64.strict_encode64("#{@user}:#{@pass}")
end
end
View
2 lib/http/authorization_header/bearer_token.rb
@@ -14,7 +14,7 @@ def initialize(opts)
end
def token
- return Base64.encode64 @token if @encode
+ return Base64.strict_encode64 @token if @encode
@token
end
View
2 lib/http/backports.rb
@@ -0,0 +1,2 @@
+require 'http/backports/uri'
+require 'http/backports/base64'
View
6 lib/http/backports/base64.rb
@@ -0,0 +1,6 @@
+module Base64
+ # :nodoc:
+ def self.strict_encode64(data)
+ encode64(data).gsub(/\n/, '')
+ end
+end
View
0 lib/http/uri_backport.rb → lib/http/backports/uri.rb
File renamed without changes.
View
9 spec/http/authorization_header/basic_auth_spec.rb
@@ -16,13 +16,14 @@
end
describe '#to_s' do
- let(:user) { 'foobar' }
- let(:pass) { 'foobar' }
- let(:credentials) { "#{user}:#{pass}" }
+ let(:user) { 'foo' }
+ let(:pass) { 'bar' * 100 }
+ let(:user_n_pass) { user + ':' + pass }
let(:builder) { described_class.new :user => user, :pass => pass }
subject { builder.to_s }
- it { should eq "Basic #{Base64.encode64 credentials}" }
+ it { should eq "Basic #{Base64.strict_encode64 user_n_pass}" }
+ it { should match(/^Basic [^\s]+$/) }
end
end
View
5 spec/http/authorization_header/bearer_token_spec.rb
@@ -12,14 +12,15 @@
end
describe '#to_s' do
- let(:token) { 'foobar' }
+ let(:token) { 'foobar' * 100 }
let(:builder) { described_class.new options.merge :token => token }
subject { builder.to_s }
context 'when :encode => true' do
let(:options) { {:encode => true} }
- it { should eq "Bearer #{Base64.encode64 token}" }
+ it { should eq "Bearer #{Base64.strict_encode64 token}" }
+ it { should match(/^Bearer [^\s]+$/) }
end
context 'when :encode => false' do
View
13 spec/http/backports/base64_spec.rb
@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+describe Base64 do
+ specify { expect(Base64).to respond_to :strict_encode64 }
+
+ describe '.strict_encode64' do
+ let(:long_string) { (0...256).map { ('a'..'z').to_a[rand(26)] }.join }
+
+ it 'returns a String without whitespaces' do
+ expect(Base64.strict_encode64 long_string).to_not match(/\s/)
+ end
+ end
+end

0 comments on commit 42512b2

Please sign in to comment.