summaryrefslogtreecommitdiff
path: root/lib/mixlib
Commit message (Collapse)AuthorAgeFilesLines
...
* | [CLOUD-319] Make mixlib-log an optional dependencyRyan Cragun2017-04-204-21/+54
|/ | | | | | | | | | This change makes mixlib-log an optional dependency. When it's available in the LOAD_PATH it will be used by default, otherwise, all logging will will be forwarded to a null logger that does nothing. This is useful for cases where small utilities can consume mixlib-authentication and not have to pull in additional gems. Signed-off-by: Ryan Cragun <me@ryan.ec>
* fix Struct.new issueLamont Granquist2016-12-061-4/+4
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Chefstyle fixesTim Smith2016-10-132-4/+2
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Fix following bug:jonyrock2016-06-081-1/+2
| | | | | | It's possible that a request contains more than nine headers like "x_ops_authorization_n". In this case headers will be sorted in the wrong way. The first will be "x_ops_authorization_1", the second "x_ops_authorization_10" and so on. So that request signature transfered by parts in "x_ops_authorization_n" headers will be reconstructed in wrong way. So that authentication will fail.
* Chefstyle and modernisev1.4.1Thom May2016-06-086-84/+75
| | | | Signed-off-by: Thom May <thom@may.lt>
* bump version for releaseThom May2016-06-081-1/+1
| | | | Signed-off-by: Thom May <thom@may.lt>
* Bump version for 1.4.0v1.4.0Jay Mundrawala2016-01-191-1/+1
|
* Bump to 1.4.0.rc.1Jay Mundrawala2015-12-161-1/+1
|
* Make hashing functions backwards compatible with mixlib-authentication 1.3Jay Mundrawala2015-12-163-8/+9
| | | | | | | I had assumed that those functions were only used internally to mixlib-authentication. It seems that oc-chef-pedant tests use these functions. This patch makes the function backwards compatible by defaulting to using SHA1 for the digester if one is not supplied
* Prepare 1.4.0.rc.0jdm/1.4.0.rc.0Jay Mundrawala2015-12-111-1/+1
|
* Update 1.3 message to match the new one proposed from the RFC processjdm/v1.3-rfcJay Mundrawala2015-12-051-3/+5
| | | | We no longer has user id and path as it is not required.
* Our signing versions only support 1 hashing algorithm eachJay Mundrawala2015-12-051-24/+10
| | | | This removes SHA1 from v1.3. v1.0 and v1.1 support SHA1 only
* Use DEFAULT_SERVER_API_VERSION in all the placesjdm/sign-v1.3Jay Mundrawala2015-11-303-3/+3
|
* Sign x-ops-server-api-version headerJay Mundrawala2015-11-303-6/+23
|
* Modify validate function to use the same parameter ordering as other functionsJay Mundrawala2015-11-302-4/+4
|
* Add some notes about deprecations and private thingsJay Mundrawala2015-11-301-14/+17
|
* Added signature verification for signing version 1.3Jay Mundrawala2015-11-301-2/+9
|
* Add signing algorithm v1.3Jay Mundrawala2015-11-301-22/+59
|
* Pass digest to all the functions that will need itJay Mundrawala2015-11-302-12/+59
|
* Allow passing in the digest type to digesterJay Mundrawala2015-11-103-15/+14
| | | | | It was assuming SHA1, we're going to want to be able to pass in other values
* Add version.rbJay Mundrawala2015-11-101-0/+21
|
* Get tests to runJay Mundrawala2015-11-101-1/+8
|
* make proto version switching work correctly with signing_objectDaniel DeLeo2012-08-021-6/+6
|
* change default sign version back to 1.0Daniel DeLeo2012-07-311-43/+94
| | | | | | We need to wait until Chef 11, when we can make a break to change to 1.1, because this relies on the server side supporting 1.1 to work correctly.
* version 1.2.1: fix for parsing 1.0 client signing descriptions which do not ↵Tim Hinderliter2012-05-141-0/+6
| | | | contain 'algorithm': default to 'sha1' if it's not there.
* fixes for long user idChristopher Brown2012-05-092-20/+26
|
* inheriting from a struct fails when the file is loaded twiceDaniel DeLeo2010-07-221-2/+1
| | | | | | | | for some totally weird reason, starting chef-server via the rackup file causes mixlib/authentication to get loaded twice. This causes a superclass mismatch when inheriting from Struct.new. Since we aren't adding any behavior to the struct, we can just assign it to a constant and get the same results.
* [CHEF-761] revert to verifying the headers in initializeDaniel DeLeo2010-07-212-2/+2
| | | | | ...so that malformed requests are caught before we try to use any of their headers
* [CHEF-761] initialize with the request to access normalized headersDaniel DeLeo2010-07-212-10/+18
| | | | | | | | * Can now create the signature verification object w/ the request and then access values computed by the HTTPAuthenticationRequest object. * created a #authenticate_reqest method that can be used when signature verification is initialized w/ the request * #authenticate_user_request works as before
* [CHEF-761] ostructs and extend both are very slowDaniel DeLeo2010-07-211-1/+7
|
* [CHEF-761] rewrite delegation using ForwardableDaniel DeLeo2010-07-211-33/+18
|
* [CHEF-761] extract header handling into its own classDaniel DeLeo2010-07-214-44/+136
|
* [CHEF-761] provide visibility into time skew related auth failuresDaniel DeLeo2010-07-211-47/+139
| | | | | higher layers will use this to inform the user if they got a 401 b/c of incorrect clock on the client
* Merge branch 'CHEF-780' into CHEF-780-2 (fixes CHEF-780)Tim Hinderliter2010-03-042-5/+19
|\ | | | | | | | | Conflicts: lib/mixlib/authentication/signedheaderauth.rb
| * fix CHEF-780 by signing the entire post body (including multipart boundaries)Tim Hinderliter2009-12-282-5/+20
| | | | | | | | | | when the POST's 'file' parameter isn't actually a File. Needs mixlib-authen CHEF-780 changes to work. modified some comments for clarity.
* | Hashing path in request signatureChris Walters2010-02-273-43/+36
| |
* | Merge branch 'total-integration' of ↵Adam Jacob2010-02-182-9/+23
|\ \ | | | | | | | | | git://github.com/skeptomai/mixlib-authentication into skeptomai/total-integration
| * | PL-232: Adding request path to signatureChris Walters2010-02-012-9/+23
| |/
* | Whoops I'm bad at committingIan Meyer2010-01-291-3/+1
| |
* | Another way to fix the problem for Ruby 1.8.5 on CentOSIan Meyer2010-01-292-3/+5
| |
* | CHEF-902 remove digest/hmac and use openssl insteadIan Meyer2010-01-292-5/+3
|/
* fix log level call and remove spurious auth header dump in a debug statementChristopher Brown2009-12-102-2/+2
|
* Modified to handle both Merb and Passenger, as they pass the File part of aTim Hinderliter2009-11-191-19/+31
| | | | | multipart form upload differently. Added unit tests for this and other behaviors.
* cleanup for PL-316Christopher Brown2009-11-091-12/+4
|
* Merge branch 'PL-316'Christopher Brown2009-11-042-11/+39
|\
| * fixed PL-316 - now splitting Authorization header into multiple headers ↵PL-316Tim Hinderliter2009-11-032-3/+27
| | | | | | | | X-Ops-Authorization-1, ...
| * fix issues with cookbook uploading by encoding/authenticating more kinds of ↵Tim Hinderliter2009-10-272-10/+14
| | | | | | | | File form input
* | Updating the NOTICE file, adding apache headerproductionalpha_deploy_1Adam Jacob2009-10-294-0/+72
|/
* set default log level to errorChristopher Brown2009-10-181-0/+3
|
* Removing couchrestAdam Jacob2009-08-181-1/+0
|
View Lorry Controller Status