summaryrefslogtreecommitdiff
path: root/lib/mixlib/authentication
Commit message (Collapse)AuthorAgeFilesLines
* Move mixlib-auth debugging to trace leveltm/loggingThom May2018-04-114-20/+20
| | | | Signed-off-by: Thom May <thom@chef.io>
* Bump version to 1.4.2Ryan Cragun2017-08-171-1/+1
| | | | Signed-off-by: Ryan Cragun <me@ryan.ec>
* fix chefstyle offensesLamont Granquist2017-06-201-3/+3
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Merge pull request #24 from chef/ryan/fix-constant-lookupRyan Cragun2017-04-251-1/+2
|\ | | | | Fix SignedObject::DEFAULT_SERVER_API_VERSION constant scope
| * Fix SignedObject::DEFAULT_SERVER_API_VERSION constant scoperyan/fix-constant-lookupRyan Cragun2017-04-211-1/+2
| | | | | | | | | | | | | | | | | | | | The DEFAULT_SERVER_API_VERSION is not a constant of the SignedHeaderAuth module. Rather than forcing the constant lookup in that module we'll remove the namespace and allow the Ruby constant lookup to handle it for us. This resolves a bug where the constant lookup fails when mixlib-authentication is vendored into other projects. Signed-off-by: Ryan Cragun <me@ryan.ec>
* | [CLOUD-319] Make mixlib-log an optional dependencyRyan Cragun2017-04-203-17/+42
|/ | | | | | | | | | This change makes mixlib-log an optional dependency. When it's available in the LOAD_PATH it will be used by default, otherwise, all logging will will be forwarded to a null logger that does nothing. This is useful for cases where small utilities can consume mixlib-authentication and not have to pull in additional gems. Signed-off-by: Ryan Cragun <me@ryan.ec>
* fix Struct.new issueLamont Granquist2016-12-061-4/+4
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Chefstyle fixesTim Smith2016-10-132-4/+2
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Fix following bug:jonyrock2016-06-081-1/+2
| | | | | | It's possible that a request contains more than nine headers like "x_ops_authorization_n". In this case headers will be sorted in the wrong way. The first will be "x_ops_authorization_1", the second "x_ops_authorization_10" and so on. So that request signature transfered by parts in "x_ops_authorization_n" headers will be reconstructed in wrong way. So that authentication will fail.
* Chefstyle and modernisev1.4.1Thom May2016-06-085-75/+68
| | | | Signed-off-by: Thom May <thom@may.lt>
* bump version for releaseThom May2016-06-081-1/+1
| | | | Signed-off-by: Thom May <thom@may.lt>
* Bump version for 1.4.0v1.4.0Jay Mundrawala2016-01-191-1/+1
|
* Bump to 1.4.0.rc.1Jay Mundrawala2015-12-161-1/+1
|
* Make hashing functions backwards compatible with mixlib-authentication 1.3Jay Mundrawala2015-12-163-8/+9
| | | | | | | I had assumed that those functions were only used internally to mixlib-authentication. It seems that oc-chef-pedant tests use these functions. This patch makes the function backwards compatible by defaulting to using SHA1 for the digester if one is not supplied
* Prepare 1.4.0.rc.0jdm/1.4.0.rc.0Jay Mundrawala2015-12-111-1/+1
|
* Update 1.3 message to match the new one proposed from the RFC processjdm/v1.3-rfcJay Mundrawala2015-12-051-3/+5
| | | | We no longer has user id and path as it is not required.
* Our signing versions only support 1 hashing algorithm eachJay Mundrawala2015-12-051-24/+10
| | | | This removes SHA1 from v1.3. v1.0 and v1.1 support SHA1 only
* Use DEFAULT_SERVER_API_VERSION in all the placesjdm/sign-v1.3Jay Mundrawala2015-11-302-3/+1
|
* Sign x-ops-server-api-version headerJay Mundrawala2015-11-303-6/+23
|
* Modify validate function to use the same parameter ordering as other functionsJay Mundrawala2015-11-302-4/+4
|
* Add some notes about deprecations and private thingsJay Mundrawala2015-11-301-14/+17
|
* Added signature verification for signing version 1.3Jay Mundrawala2015-11-301-2/+9
|
* Add signing algorithm v1.3Jay Mundrawala2015-11-301-22/+59
|
* Pass digest to all the functions that will need itJay Mundrawala2015-11-302-12/+59
|
* Allow passing in the digest type to digesterJay Mundrawala2015-11-103-15/+14
| | | | | It was assuming SHA1, we're going to want to be able to pass in other values
* Add version.rbJay Mundrawala2015-11-101-0/+21
|
* Get tests to runJay Mundrawala2015-11-101-1/+8
|
* make proto version switching work correctly with signing_objectDaniel DeLeo2012-08-021-6/+6
|
* change default sign version back to 1.0Daniel DeLeo2012-07-311-43/+94
| | | | | | We need to wait until Chef 11, when we can make a break to change to 1.1, because this relies on the server side supporting 1.1 to work correctly.
* version 1.2.1: fix for parsing 1.0 client signing descriptions which do not ↵Tim Hinderliter2012-05-141-0/+6
| | | | contain 'algorithm': default to 'sha1' if it's not there.
* fixes for long user idChristopher Brown2012-05-092-20/+26
|
* inheriting from a struct fails when the file is loaded twiceDaniel DeLeo2010-07-221-2/+1
| | | | | | | | for some totally weird reason, starting chef-server via the rackup file causes mixlib/authentication to get loaded twice. This causes a superclass mismatch when inheriting from Struct.new. Since we aren't adding any behavior to the struct, we can just assign it to a constant and get the same results.
* [CHEF-761] revert to verifying the headers in initializeDaniel DeLeo2010-07-212-2/+2
| | | | | ...so that malformed requests are caught before we try to use any of their headers
* [CHEF-761] initialize with the request to access normalized headersDaniel DeLeo2010-07-212-10/+18
| | | | | | | | * Can now create the signature verification object w/ the request and then access values computed by the HTTPAuthenticationRequest object. * created a #authenticate_reqest method that can be used when signature verification is initialized w/ the request * #authenticate_user_request works as before
* [CHEF-761] ostructs and extend both are very slowDaniel DeLeo2010-07-211-1/+7
|
* [CHEF-761] rewrite delegation using ForwardableDaniel DeLeo2010-07-211-33/+18
|
* [CHEF-761] extract header handling into its own classDaniel DeLeo2010-07-213-44/+130
|
* [CHEF-761] provide visibility into time skew related auth failuresDaniel DeLeo2010-07-211-47/+139
| | | | | higher layers will use this to inform the user if they got a 401 b/c of incorrect clock on the client
* Merge branch 'CHEF-780' into CHEF-780-2 (fixes CHEF-780)Tim Hinderliter2010-03-042-5/+19
|\ | | | | | | | | Conflicts: lib/mixlib/authentication/signedheaderauth.rb
| * fix CHEF-780 by signing the entire post body (including multipart boundaries)Tim Hinderliter2009-12-282-5/+20
| | | | | | | | | | when the POST's 'file' parameter isn't actually a File. Needs mixlib-authen CHEF-780 changes to work. modified some comments for clarity.
* | Hashing path in request signatureChris Walters2010-02-273-43/+36
| |
* | Merge branch 'total-integration' of ↵Adam Jacob2010-02-182-9/+23
|\ \ | | | | | | | | | git://github.com/skeptomai/mixlib-authentication into skeptomai/total-integration
| * | PL-232: Adding request path to signatureChris Walters2010-02-012-9/+23
| |/
* | Whoops I'm bad at committingIan Meyer2010-01-291-3/+1
| |
* | Another way to fix the problem for Ruby 1.8.5 on CentOSIan Meyer2010-01-292-3/+5
| |
* | CHEF-902 remove digest/hmac and use openssl insteadIan Meyer2010-01-292-5/+3
|/
* fix log level call and remove spurious auth header dump in a debug statementChristopher Brown2009-12-101-1/+1
|
* Modified to handle both Merb and Passenger, as they pass the File part of aTim Hinderliter2009-11-191-19/+31
| | | | | multipart form upload differently. Added unit tests for this and other behaviors.
* cleanup for PL-316Christopher Brown2009-11-091-12/+4
|
* Merge branch 'PL-316'Christopher Brown2009-11-042-11/+39
|\
View Lorry Controller Status