Chefstyle and modernisev1.4.1

Signed-off-by: Thom May <thom@may.lt>
author: Thom May <thom@chef.io> 2016-06-08 11:25:56 +0100
committer: Thom May <thom@may.lt> 2016-06-08 11:25:56 +0100
commit: 8cd4ab1ad2b48cf92b45cd980279f7d5b836892f (patch)
tree: b1226b3f5f56a05ed34bc7d55422be18106b3064 /lib/mixlib/authentication
parent: 2dffcfb7ce778efb60834c66aa1e0cd4ec500901 (diff)
download: mixlib-authentication-8cd4ab1ad2b48cf92b45cd980279f7d5b836892f.tar.gz
5 files changed, 68 insertions, 75 deletions
diff --git a/lib/mixlib/authentication/digester.rb b/lib/mixlib/authentication/digester.rb
index c456824..8628d53 100644
--- a/lib/mixlib/authentication/digester.rb
+++ b/lib/mixlib/authentication/digester.rb
@@ -6,9 +6,9 @@
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
-# 
+#
 #     http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -16,15 +16,15 @@
 # limitations under the License.
 #
 
-require 'mixlib/authentication'
-require 'openssl'
+require "mixlib/authentication"
+require "openssl"
 
 module Mixlib
   module Authentication
     class Digester
       class << self
 
-        def hash_file(f, digest=OpenSSL::Digest::SHA1)
+        def hash_file(f, digest = OpenSSL::Digest::SHA1)
           digester = digest.new
           buf = ""
           while f.read(16384, buf)
@@ -37,7 +37,7 @@ module Mixlib
         #
         # ====Parameters
         #
-        def hash_string(str, digest=OpenSSL::Digest::SHA1)
+        def hash_string(str, digest = OpenSSL::Digest::SHA1)
           ::Base64.encode64(digest.digest(str)).chomp
         end
 
diff --git a/lib/mixlib/authentication/http_authentication_request.rb b/lib/mixlib/authentication/http_authentication_request.rb
index ad8354f..819f8f5 100644
--- a/lib/mixlib/authentication/http_authentication_request.rb
+++ b/lib/mixlib/authentication/http_authentication_request.rb
@@ -6,9 +6,9 @@
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
-# 
+#
 #     http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -16,7 +16,7 @@
 # limitations under the License.
 #
 
-require 'mixlib/authentication'
+require "mixlib/authentication"
 
 module Mixlib
   module Authentication
@@ -33,7 +33,7 @@ module Mixlib
       end
 
       def headers
-        @headers ||= @request.env.inject({ }) { |memo, kv| memo[$2.gsub(/\-/,"_").downcase.to_sym] = kv[1] if kv[0] =~ /^(HTTP_)(.*)/; memo }
+        @headers ||= @request.env.inject({}) { |memo, kv| memo[$2.tr("-", "_").downcase.to_sym] = kv[1] if kv[0] =~ /^(HTTP_)(.*)/; memo }
       end
 
       def http_method
@@ -70,13 +70,12 @@ module Mixlib
 
       def request_signature
         unless @request_signature
-          @request_signature = headers.find_all { |h| h[0].to_s =~ /^x_ops_authorization_/ }.sort { |x,y| x.to_s <=> y.to_s}.map { |i| i[1] }.join("\n")
+          @request_signature = headers.find_all { |h| h[0].to_s =~ /^x_ops_authorization_/ }.sort { |x, y| x.to_s <=> y.to_s }.map { |i| i[1] }.join("\n")
           Mixlib::Authentication::Log.debug "Reconstituted (user-supplied) request signature: #{@request_signature}"
         end
         @request_signature
       end
 
-
       def validate_headers!
         missing_headers = MANDATORY_HEADERS - headers.keys
         unless missing_headers.empty?
diff --git a/lib/mixlib/authentication/signatureverification.rb b/lib/mixlib/authentication/signatureverification.rb
index 20b18a5..842fc1f 100644
--- a/lib/mixlib/authentication/signatureverification.rb
+++ b/lib/mixlib/authentication/signatureverification.rb
@@ -7,9 +7,9 @@
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
-# 
+#
 #     http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,11 +17,11 @@
 # limitations under the License.
 #
 
-require 'net/http'
-require 'forwardable'
-require 'mixlib/authentication'
-require 'mixlib/authentication/http_authentication_request'
-require 'mixlib/authentication/signedheaderauth'
+require "net/http"
+require "forwardable"
+require "mixlib/authentication"
+require "mixlib/authentication/http_authentication_request"
+require "mixlib/authentication/signedheaderauth"
 
 module Mixlib
   module Authentication
@@ -52,7 +52,7 @@ module Mixlib
 
       include Mixlib::Authentication::SignedHeaderAuth
 
-      def initialize(request=nil)
+      def initialize(request = nil)
         @auth_request = HTTPAuthenticationRequest.new(request) if request
 
         @valid_signature, @valid_timestamp, @valid_content_hash = false, false, false
@@ -60,8 +60,7 @@ module Mixlib
         @hashed_body = nil
       end
 
-
-      def authenticate_user_request(request, user_lookup, time_skew=(15*60))
+      def authenticate_user_request(request, user_lookup, time_skew = (15 * 60))
         @auth_request = HTTPAuthenticationRequest.new(request)
         authenticate_request(user_lookup, time_skew)
       end
@@ -74,9 +73,9 @@ module Mixlib
       # X-Ops-Sign: algorithm=sha1;version=1.0;
       # X-Ops-UserId: <user_id>
       # X-Ops-Timestamp:
-      # X-Ops-Content-Hash: 
+      # X-Ops-Content-Hash:
       # X-Ops-Authorization-#{line_number}
-      def authenticate_request(user_secret, time_skew=(15*60))
+      def authenticate_request(user_secret, time_skew = (15 * 60))
         Mixlib::Authentication::Log.debug "Initializing header auth : #{request.inspect}"
 
         @user_secret       = user_secret
@@ -87,14 +86,14 @@ module Mixlib
 
           # version 1.0 clients don't include their algorithm in the
           # signing description, so default to sha1
-          parts[:algorithm] ||= 'sha1'
+          parts[:algorithm] ||= "sha1"
 
           verify_signature(parts[:algorithm], parts[:version])
           verify_timestamp
           verify_content_hash
 
-        rescue StandardError=>se
-          raise AuthenticationError,"Failed to authenticate user request. Check your client key and clock: #{se.message}", se.backtrace
+        rescue StandardError => se
+          raise AuthenticationError, "Failed to authenticate user request. Check your client key and clock: #{se.message}", se.backtrace
         end
 
         if valid_request?
@@ -121,11 +120,11 @@ module Mixlib
       end
 
       # The authorization header is a Base64-encoded version of an RSA signature.
-      # The client sent it on multiple header lines, starting at index 1 - 
+      # The client sent it on multiple header lines, starting at index 1 -
       # X-Ops-Authorization-1, X-Ops-Authorization-2, etc. Pull them out and
       # concatenate.
       def headers
-        @headers ||= request.env.inject({ }) { |memo, kv| memo[$2.gsub(/\-/,"_").downcase.to_sym] = kv[1] if kv[0] =~ /^(HTTP_)(.*)/; memo }
+        @headers ||= request.env.inject({}) { |memo, kv| memo[$2.tr("-", "_").downcase.to_sym] = kv[1] if kv[0] =~ /^(HTTP_)(.*)/; memo }
       end
 
       private
@@ -142,7 +141,7 @@ module Mixlib
         candidate_block = canonicalize_request(algorithm, version)
         signature = Base64.decode64(request_signature)
         @valid_signature = case version
-                           when '1.3'
+                           when "1.3"
                              digest = validate_sign_version_digest!(algorithm, version)
                              @user_secret.verify(digest.new, signature, candidate_block)
                            else
@@ -177,10 +176,9 @@ module Mixlib
         @valid_content_hash
       end
 
-
       # The request signature is based on any file attached, if any. Otherwise
       # it's based on the body of the request.
-      def hashed_body(digest=Digest::SHA1)
+      def hashed_body(digest = Digest::SHA1)
         unless @hashed_body
           # TODO: tim: 2009-112-28: It'd be nice to remove this special case, and
           # always hash the entire request body. In the file case it would just be
@@ -189,22 +187,22 @@ module Mixlib
           # Pull out any file that was attached to this request, using multipart
           # form uploads.
           # Depending on the server we're running in, multipart form uploads are
-          # handed to us differently. 
-          # - In Passenger (Cookbooks Community Site), the File is handed to us 
-          #   directly in the params hash. The name is whatever the client used, 
-          #   its value is therefore a File or Tempfile. 
+          # handed to us differently.
+          # - In Passenger (Cookbooks Community Site), the File is handed to us
+          #   directly in the params hash. The name is whatever the client used,
+          #   its value is therefore a File or Tempfile.
           #   e.g. request['file_param'] = File
-          #   
-          # - In Merb (Chef server), the File is wrapped. The original parameter 
+          #
+          # - In Merb (Chef server), the File is wrapped. The original parameter
           #   name used for the file is used, but its value is a Hash. Within
-          #   the hash is a name/value pair named 'file' which actually 
+          #   the hash is a name/value pair named 'file' which actually
           #   contains the Tempfile instance.
           #   e.g. request['file_param'] = { :file => Tempfile }
           file_param = request.params.values.find { |value| value.respond_to?(:read) }
 
           # No file_param; we're running in Merb, or it's just not there..
           if file_param.nil?
-            hash_param = request.params.values.find { |value| value.respond_to?(:has_key?) }  # Hash responds to :has_key? .
+            hash_param = request.params.values.find { |value| value.respond_to?(:has_key?) } # Hash responds to :has_key? .
             if !hash_param.nil?
               file_param = hash_param.values.find { |value| value.respond_to?(:read) } # File/Tempfile responds to :read.
             end
@@ -225,22 +223,19 @@ module Mixlib
       end
 
       # Compare the request timestamp with boundary time
-      # 
-      # 
+      #
+      #
       # ====Parameters
       # time1<Time>:: minuend
       # time2<Time>:: subtrahend
       #
       def timestamp_within_bounds?(time1, time2)
-        time_diff = (time2-time1).abs
+        time_diff = (time2 - time1).abs
         is_allowed = (time_diff < @allowed_time_skew)
         Mixlib::Authentication::Log.debug "Request time difference: #{time_diff}, within #{@allowed_time_skew} seconds? : #{!!is_allowed}"
-        is_allowed      
+        is_allowed
       end
     end
 
-
   end
 end
-
-
diff --git a/lib/mixlib/authentication/signedheaderauth.rb b/lib/mixlib/authentication/signedheaderauth.rb
index 09a22ee..ab8d989 100644
--- a/lib/mixlib/authentication/signedheaderauth.rb
+++ b/lib/mixlib/authentication/signedheaderauth.rb
@@ -17,11 +17,11 @@
 # limitations under the License.
 #
 
-require 'time'
-require 'base64'
-require 'openssl/digest'
-require 'mixlib/authentication'
-require 'mixlib/authentication/digester'
+require "time"
+require "base64"
+require "openssl/digest"
+require "mixlib/authentication"
+require "mixlib/authentication/digester"
 
 module Mixlib
   module Authentication
@@ -31,18 +31,18 @@ module Mixlib
       NULL_ARG = Object.new
 
       ALGORITHM_FOR_VERSION = {
-        '1.0' => 'sha1',
-        '1.1' => 'sha1',
-        '1.3' => 'sha256',
+        "1.0" => "sha1",
+        "1.1" => "sha1",
+        "1.3" => "sha256",
       }.freeze()
 
       # Use of SUPPORTED_ALGORITHMS and SUPPORTED_VERSIONS is deprecated. Use
       # ALGORITHM_FOR_VERSION instead
-      SUPPORTED_ALGORITHMS = ['sha1'].freeze
-      SUPPORTED_VERSIONS = ['1.0', '1.1'].freeze
+      SUPPORTED_ALGORITHMS = ["sha1"].freeze
+      SUPPORTED_VERSIONS = ["1.0", "1.1"].freeze
 
-      DEFAULT_SIGN_ALGORITHM = 'sha1'.freeze
-      DEFAULT_PROTO_VERSION = '1.0'.freeze
+      DEFAULT_SIGN_ALGORITHM = "sha1".freeze
+      DEFAULT_PROTO_VERSION = "1.0".freeze
 
       # === signing_object
       # This is the intended interface for signing requests with the
@@ -72,7 +72,7 @@ module Mixlib
       # ==== Other Parameters:
       # These parameters are accepted but not used in the computation of the signature.
       # * `:host`: The host part of the URI
-      def self.signing_object(args={ })
+      def self.signing_object(args = {})
         SigningObject.new(args[:http_method],
                           args[:path],
                           args[:body],
@@ -97,7 +97,7 @@ module Mixlib
       # compute the signature from the request, using the looked-up user secret
       # ====Parameters
       # private_key<OpenSSL::PKey::RSA>:: user's RSA private key.
-      def sign(private_key, sign_algorithm=algorithm, sign_version=proto_version)
+      def sign(private_key, sign_algorithm = algorithm, sign_version = proto_version)
         digest = validate_sign_version_digest!(sign_algorithm, sign_version)
         # Our multiline hash for authorization will be encoded in multiple header
         # lines - X-Ops-Authorization-1, ... (starts at 1, not 0!)
@@ -132,9 +132,9 @@ module Mixlib
         end
 
         case sign_algorithm
-        when 'sha1'
+        when "sha1"
           OpenSSL::Digest::SHA1
-        when 'sha256'
+        when "sha256"
           OpenSSL::Digest::SHA256
         else
           # This case should never happen
@@ -156,11 +156,11 @@ module Mixlib
       # ====Parameters
       #
       def canonical_path
-        p = path.gsub(/\/+/,'/')
-        p.length > 1 ? p.chomp('/') : p
+        p = path.gsub(/\/+/, "/")
+        p.length > 1 ? p.chomp("/") : p
       end
 
-      def hashed_body(digest=OpenSSL::Digest::SHA1)
+      def hashed_body(digest = OpenSSL::Digest::SHA1)
         # This is weird. sign() is called with the digest type and signing
         # version. These are also expected to be properties of the object.
         # Hence, we're going to assume the one that is passed to sign is
@@ -189,7 +189,7 @@ module Mixlib
       # ====Parameters
       #
       #
-      def canonicalize_request(sign_algorithm=algorithm, sign_version=proto_version)
+      def canonicalize_request(sign_algorithm = algorithm, sign_version = proto_version)
         digest = validate_sign_version_digest!(sign_algorithm, sign_version)
         canonical_x_ops_user_id = canonicalize_user_id(user_id, sign_version, digest)
         case sign_version
@@ -209,12 +209,12 @@ module Mixlib
             "Hashed Path:#{digester.hash_string(canonical_path, digest)}",
             "X-Ops-Content-Hash:#{hashed_body(digest)}",
             "X-Ops-Timestamp:#{canonical_time}",
-            "X-Ops-UserId:#{canonical_x_ops_user_id}"
+            "X-Ops-UserId:#{canonical_x_ops_user_id}",
           ].join("\n")
         end
       end
 
-      def canonicalize_user_id(user_id, proto_version, digest=OpenSSL::Digest::SHA1)
+      def canonicalize_user_id(user_id, proto_version, digest = OpenSSL::Digest::SHA1)
         case proto_version
         when "1.1"
           # and 1.2 if that ever gets implemented
@@ -230,7 +230,7 @@ module Mixlib
       # ====Parameters
       #
       def parse_signing_description
-        parts = signing_description.strip.split(";").inject({ }) do |memo, part|
+        parts = signing_description.strip.split(";").inject({}) do |memo, part|
           field_name, field_value = part.split("=")
           memo[field_name.to_sym] = field_value.strip
           memo
@@ -248,7 +248,7 @@ module Mixlib
         string_to_sign = canonicalize_request(sign_algorithm, sign_version)
         Mixlib::Authentication::Log.debug "String to sign: '#{string_to_sign}'"
         case sign_version
-        when '1.3'
+        when "1.3"
           private_key.sign(digest.new, string_to_sign)
         else
           private_key.private_encrypt(string_to_sign)
@@ -269,12 +269,12 @@ module Mixlib
       include SignedHeaderAuth
 
       def proto_version
-        (self[:proto_version] or DEFAULT_PROTO_VERSION).to_s
+        (self[:proto_version] || DEFAULT_PROTO_VERSION).to_s
       end
 
       def server_api_version
         key = (self[:headers] || {}).keys.select do |k|
-          k.downcase == 'x-ops-server-api-version'
+          k.downcase == "x-ops-server-api-version"
         end.first
         if key
           self[:headers][key]
diff --git a/lib/mixlib/authentication/version.rb b/lib/mixlib/authentication/version.rb
index 3af3f48..8a832fd 100644
--- a/lib/mixlib/authentication/version.rb
+++ b/lib/mixlib/authentication/version.rb
@@ -13,9 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-
 module Mixlib
   module Authentication
-    VERSION = '1.4.1'
+    VERSION = "1.4.1"
   end
 end
author	Thom May <thom@chef.io>	2016-06-08 11:25:56 +0100
committer	Thom May <thom@may.lt>	2016-06-08 11:25:56 +0100
commit	8cd4ab1ad2b48cf92b45cd980279f7d5b836892f (patch)
tree	b1226b3f5f56a05ed34bc7d55422be18106b3064 /lib/mixlib/authentication
parent	2dffcfb7ce778efb60834c66aa1e0cd4ec500901 (diff)
download	mixlib-authentication-8cd4ab1ad2b48cf92b45cd980279f7d5b836892f.tar.gz