diff options
author | Daniel DeLeo <dan@opscode.com> | 2012-08-02 11:49:35 -0700 |
---|---|---|
committer | Daniel DeLeo <dan@opscode.com> | 2012-08-02 11:49:35 -0700 |
commit | a47a14e569b5c0b12c476498dfb7a79d11e0bc8a (patch) | |
tree | 9afb9212140629babb539bb4afeb32ba353d551c | |
parent | 696df3e0122900fc95c0355d09c7b15fc7be7ee1 (diff) | |
download | mixlib-authentication-a47a14e569b5c0b12c476498dfb7a79d11e0bc8a.tar.gz |
make proto version switching work correctly with signing_object
-rw-r--r-- | lib/mixlib/authentication/signedheaderauth.rb | 12 | ||||
-rw-r--r-- | spec/mixlib/authentication/mixlib_authentication_spec.rb | 12 |
2 files changed, 13 insertions, 11 deletions
diff --git a/lib/mixlib/authentication/signedheaderauth.rb b/lib/mixlib/authentication/signedheaderauth.rb index 4ee7f98..f37471d 100644 --- a/lib/mixlib/authentication/signedheaderauth.rb +++ b/lib/mixlib/authentication/signedheaderauth.rb @@ -80,7 +80,7 @@ module Mixlib # compute the signature from the request, using the looked-up user secret # ====Parameters # private_key<OpenSSL::PKey::RSA>:: user's RSA private key. - def sign(private_key, sign_algorithm=DEFAULT_SIGN_ALGORITHM, sign_version=DEFAULT_PROTO_VERSION) + def sign(private_key, sign_algorithm=algorithm, sign_version=proto_version) # Our multiline hash for authorization will be encoded in multiple header # lines - X-Ops-Authorization-1, ... (starts at 1, not 0!) header_hash = { @@ -136,12 +136,12 @@ module Mixlib # ====Parameters # # - def canonicalize_request(algorithm=DEFAULT_SIGN_ALGORITHM, version=DEFAULT_PROTO_VERSION) - unless SUPPORTED_ALGORITHMS.include?(algorithm) && SUPPORTED_VERSIONS.include?(version) - raise AuthenticationError, "Bad algorithm '#{algorithm}' (allowed: #{SUPPORTED_ALGORITHMS.inspect}) or version '#{version}' (allowed: #{SUPPORTED_VERSIONS.inspect})" + def canonicalize_request(sign_algorithm=algorithm, sign_version=proto_version) + unless SUPPORTED_ALGORITHMS.include?(sign_algorithm) && SUPPORTED_VERSIONS.include?(sign_version) + raise AuthenticationError, "Bad algorithm '#{sign_algorithm}' (allowed: #{SUPPORTED_ALGORITHMS.inspect}) or version '#{sign_version}' (allowed: #{SUPPORTED_VERSIONS.inspect})" end - canonical_x_ops_user_id = canonicalize_user_id(user_id, version) + canonical_x_ops_user_id = canonicalize_user_id(user_id, sign_version) "Method:#{http_method.to_s.upcase}\nHashed Path:#{digester.hash_string(canonical_path)}\nX-Ops-Content-Hash:#{hashed_body}\nX-Ops-Timestamp:#{canonical_time}\nX-Ops-UserId:#{canonical_x_ops_user_id}" end @@ -186,7 +186,7 @@ module Mixlib include SignedHeaderAuth def proto_version - self[:proto_version] or DEFAULT_PROTO_VERSION + (self[:proto_version] or DEFAULT_PROTO_VERSION).to_s end end diff --git a/spec/mixlib/authentication/mixlib_authentication_spec.rb b/spec/mixlib/authentication/mixlib_authentication_spec.rb index 2103304..2c5afe1 100644 --- a/spec/mixlib/authentication/mixlib_authentication_spec.rb +++ b/spec/mixlib/authentication/mixlib_authentication_spec.rb @@ -81,15 +81,16 @@ describe "Mixlib::Authentication::SignedHeaderAuth" do end it "should generate the correct string to sign and signature, version 1.1" do - algorithm = 'sha1' - version = '1.1' + #algorithm = 'sha1' + #version = '1.1' - V1_1_SIGNING_OBJECT.canonicalize_request(algorithm, version).should == V1_1_CANONICAL_REQUEST + V1_1_SIGNING_OBJECT.proto_version.should == "1.1" + V1_1_SIGNING_OBJECT.canonicalize_request.should == V1_1_CANONICAL_REQUEST # If you need to regenerate the constants in this test spec, print out # the results of res.inspect and copy them as appropriate into the # the constants in this file. - V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY, algorithm, version).should == EXPECTED_SIGN_RESULT_V1_1 + V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY).should == EXPECTED_SIGN_RESULT_V1_1 end it "should not choke when signing a request for a long user id with version 1.1" do @@ -247,7 +248,8 @@ V1_1_ARGS = { :http_method => :post, :timestamp => TIMESTAMP_ISO8601, # fixed timestamp so we get back the same answer each time. :file => MockFile.new, - :path => PATH + :path => PATH, + :proto_version => 1.1 } LONG_PATH_LONG_USER_ARGS = { |