summaryrefslogtreecommitdiff
path: root/lib/mixlib/authentication/signatureverification.rb
Commit message (Collapse)AuthorAgeFilesLines
* Optimize our requiresTim Smith2020-08-211-2/+2
| | | | | | Avoid requiring things that are already defined. Rubygems is very slow at traversing the filesystem. Signed-off-by: Tim Smith <tsmith@chef.io>
* Substitute require for require_relativerelativeTim Smith2019-12-201-3/+3
| | | | | | require_relative is significantly faster and should be used when available. Signed-off-by: Tim Smith <tsmith@chef.io>
* Chefstyle fixesTim Smith2019-08-061-1/+1
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update copyrights and e-mailsTim Smith2018-07-301-3/+3
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Move mixlib-auth debugging to trace leveltm/loggingThom May2018-04-111-14/+14
| | | | Signed-off-by: Thom May <thom@chef.io>
* [CLOUD-319] Make mixlib-log an optional dependencyRyan Cragun2017-04-201-12/+12
| | | | | | | | | | This change makes mixlib-log an optional dependency. When it's available in the LOAD_PATH it will be used by default, otherwise, all logging will will be forwarded to a null logger that does nothing. This is useful for cases where small utilities can consume mixlib-authentication and not have to pull in additional gems. Signed-off-by: Ryan Cragun <me@ryan.ec>
* Chefstyle and modernisev1.4.1Thom May2016-06-081-35/+30
| | | | Signed-off-by: Thom May <thom@may.lt>
* Make hashing functions backwards compatible with mixlib-authentication 1.3Jay Mundrawala2015-12-161-2/+2
| | | | | | | I had assumed that those functions were only used internally to mixlib-authentication. It seems that oc-chef-pedant tests use these functions. This patch makes the function backwards compatible by defaulting to using SHA1 for the digester if one is not supplied
* Sign x-ops-server-api-version headerJay Mundrawala2015-11-301-0/+2
|
* Modify validate function to use the same parameter ordering as other functionsJay Mundrawala2015-11-301-1/+1
|
* Added signature verification for signing version 1.3Jay Mundrawala2015-11-301-2/+9
|
* Pass digest to all the functions that will need itJay Mundrawala2015-11-301-3/+3
|
* Allow passing in the digest type to digesterJay Mundrawala2015-11-101-2/+2
| | | | | It was assuming SHA1, we're going to want to be able to pass in other values
* version 1.2.1: fix for parsing 1.0 client signing descriptions which do not ↵Tim Hinderliter2012-05-141-0/+6
| | | | contain 'algorithm': default to 'sha1' if it's not there.
* fixes for long user idChristopher Brown2012-05-091-13/+7
|
* inheriting from a struct fails when the file is loaded twiceDaniel DeLeo2010-07-221-2/+1
| | | | | | | | for some totally weird reason, starting chef-server via the rackup file causes mixlib/authentication to get loaded twice. This causes a superclass mismatch when inheriting from Struct.new. Since we aren't adding any behavior to the struct, we can just assign it to a constant and get the same results.
* [CHEF-761] revert to verifying the headers in initializeDaniel DeLeo2010-07-211-2/+1
| | | | | ...so that malformed requests are caught before we try to use any of their headers
* [CHEF-761] initialize with the request to access normalized headersDaniel DeLeo2010-07-211-7/+14
| | | | | | | | * Can now create the signature verification object w/ the request and then access values computed by the HTTPAuthenticationRequest object. * created a #authenticate_reqest method that can be used when signature verification is initialized w/ the request * #authenticate_user_request works as before
* [CHEF-761] rewrite delegation using ForwardableDaniel DeLeo2010-07-211-33/+18
|
* [CHEF-761] extract header handling into its own classDaniel DeLeo2010-07-211-42/+44
|
* [CHEF-761] provide visibility into time skew related auth failuresDaniel DeLeo2010-07-211-47/+139
| | | | | higher layers will use this to inform the user if they got a 401 b/c of incorrect clock on the client
* Merge branch 'CHEF-780' into CHEF-780-2 (fixes CHEF-780)Tim Hinderliter2010-03-041-4/+13
|\ | | | | | | | | Conflicts: lib/mixlib/authentication/signedheaderauth.rb
| * fix CHEF-780 by signing the entire post body (including multipart boundaries)Tim Hinderliter2009-12-281-4/+13
| | | | | | | | | | when the POST's 'file' parameter isn't actually a File. Needs mixlib-authen CHEF-780 changes to work. modified some comments for clarity.
* | Hashing path in request signatureChris Walters2010-02-271-2/+2
| |
* | PL-232: Adding request path to signatureChris Walters2010-02-011-3/+5
|/
* fix log level call and remove spurious auth header dump in a debug statementChristopher Brown2009-12-101-1/+1
|
* Modified to handle both Merb and Passenger, as they pass the File part of aTim Hinderliter2009-11-191-19/+31
| | | | | multipart form upload differently. Added unit tests for this and other behaviors.
* cleanup for PL-316Christopher Brown2009-11-091-12/+4
|
* Merge branch 'PL-316'Christopher Brown2009-11-041-4/+24
|\
| * fixed PL-316 - now splitting Authorization header into multiple headers ↵PL-316Tim Hinderliter2009-11-031-1/+17
| | | | | | | | X-Ops-Authorization-1, ...
| * fix issues with cookbook uploading by encoding/authenticating more kinds of ↵Tim Hinderliter2009-10-271-4/+8
| | | | | | | | File form input
* | Updating the NOTICE file, adding apache headerproductionalpha_deploy_1Adam Jacob2009-10-291-0/+18
|/
* adjust for the headers symbol/string confusionChristopher Brown2009-08-181-1/+1
|
* cleanup the digester requireChristopher Brown2009-08-101-2/+1
|
* initial commit for new repositoryChristopher Brown2009-08-061-0/+101
View Lorry Controller Status