crappyrules
/
notehub
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

bugfix in signature compuation

master
Christian Mueller 12 years ago
parent
40693d39fa
commit
2e50f713fb
4 changed files with 82 additions and 69 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      API.md
  2. 34
      src/notehub/api.clj
  3. 2
      src/notehub/storage.clj
  4. 10
      test/notehub/test/api.clj

3
API.md
Unescape View File

@ -1,9 +1,10 @@ @@ -1,9 +1,10 @@
# NoteHub API
**Version 1.3, status: released.**
**Version 1.4, status: released.**
## Changelog
- **V1.4**: Bugfix: no whitespace elimination from the note text is needed now for the signature compuation.
- **V1.3**: New note ID format.
- **V1.2**: Theme & fonts can be specified during the publishing.
- **V1.1**: fields `publisher` and `title` in the response to the note retrieval.

34
src/notehub/api.clj
Unescape View File

@ -11,7 +11,7 @@ @@ -11,7 +11,7 @@
[hiccup.util :as util]
[notehub.storage :as storage]))
(def version "1.3")
(def version "1.4")
(def domain
(get-setting
@ -60,11 +60,20 @@ @@ -60,11 +60,20 @@
(str domain (url year month day title))))))
(defn version-manager [f params]
(if-let [version (:version params)]
(if (and (:noteID params) (< (Double/parseDouble version) 1.3))
(let [resp (f (assoc params
:noteID (sreplace (params :noteID) #" " "/")
:noteID* (params :noteID)))
(if-let [req-version (:version params)]
(let [req-version (Double/parseDouble req-version)
version (Double/parseDouble version)]
(if (< req-version version)
(let [args params
args (if (and (:noteID args) (< req-version 1.3))
(assoc args
:noteID (sreplace (args :noteID) #" " "/")
:noteID* (args :noteID))
args)
args (if (and (:note args) (< req-version 1.4))
(assoc args :note* (sreplace (args :note) #"[\n\r]" ""))
args)
resp (f args)
server-message (get-in resp [:status :message])]
(assoc-in resp [:status :message]
(str
@ -72,7 +81,7 @@ @@ -72,7 +81,7 @@
(when server-message "; ")
"this API version is deprecated and "
"will be disabled by the end of June 2014!")))
(f params))
(f params)))
{:status (create-response false "API version expected")}))
(defn get-note [{:keys [noteID]}]
@ -88,11 +97,12 @@ @@ -88,11 +97,12 @@
{:status (create-response false "noteID '%s' unknown" noteID)}))
(defn post-note
[{:keys [note pid signature password] :as params}]
[{:keys [note pid signature password note*] :as params}]
;(log "post-note: %s" {:pid pid :signature signature :password password :note note})
(let [errors (filter identity
[(when-not (storage/valid-publisher? pid) "pid invalid")
(when-not (= signature (storage/sign pid (storage/get-psk pid) note))
; TODO: remove note* after June 2014
(when-not (= signature (storage/sign pid (storage/get-psk pid) (or note* note)))
"signature invalid")
(when (blank? note) "note is empty")])]
(if (empty? errors)
@ -118,12 +128,14 @@ @@ -118,12 +128,14 @@
{:status (create-response false (first errors))})))
(defn update-note [{:keys [noteID note pid signature password noteID*]}]
(defn update-note [{:keys [noteID note pid signature password noteID* note*]}]
;(log "update-note: %s" {:pid pid :noteID noteID :signature signature :password password :note note})
(let [errors (filter identity
[(when-not (storage/valid-publisher? pid) "pid invalid")
; TODO: noteID* is a hack introduced by backwards-comp. to older APIs
(when-not (= signature (storage/sign pid (storage/get-psk pid) (or noteID* noteID) note password))
(when-not (= signature (storage/sign pid (storage/get-psk pid) (or noteID* noteID)
; TODO: remove note* after June 2014
(or note* note) password))
"signature invalid")
(when (blank? note) "note is empty")
(when-not (storage/valid-password? noteID password) "password invalid")])]

2
src/notehub/storage.clj
Unescape View File

@ -9,7 +9,7 @@ @@ -9,7 +9,7 @@
(defn sign
"Returns the MD5 hash for the concatenation of all passed parameters"
[& args]
(let [input (sreplace (apply str args) #"[\r\n]" "")]
(let [input (apply str args)]
(do (.reset md5Instance)
(.update md5Instance (.getBytes input))
(apply str

10
test/notehub/test/api.clj
Unescape View File

@ -69,7 +69,7 @@ @@ -69,7 +69,7 @@
(is (= "noteID 'randomString' unknown"
(get-in
(parse-string
(:body (send-request "/api/note" {:version "1.3" :noteID "randomString"})))
(:body (send-request "/api/note" {:version "1.4" :noteID "randomString"})))
["status" "message"])))
(is (= "3" (get-in (get-note post-response) [:statistics :views])))))
(testing "creation with wrong signature"
@ -119,7 +119,7 @@ @@ -119,7 +119,7 @@
{:note note
:pid pid
:signature (storage/sign pid psk note)
:version "1.0"})
:version "1.4"})
body (parse-string (:body response))
noteID (body "noteID")]
(is (has-status response 200))
@ -132,7 +132,7 @@ @@ -132,7 +132,7 @@
(:body (send-request [:get "/api/note"] {:version "1.1"
:noteID (clojure.string/replace noteID #"/" " ")}))) "note")))
(isnt (= note ((parse-string
(:body (send-request [:get "/api/note"] {:version "1.3"
(:body (send-request [:get "/api/note"] {:version "1.4"
:noteID (clojure.string/replace noteID #"/" " ")}))) "note")))
(is (do
(storage/delete-note noteID)
@ -145,7 +145,7 @@ @@ -145,7 +145,7 @@
{:note note
:pid pid
:signature (storage/sign pid psk note)
:version "1.0"
:version "1.4"
:theme "dark"
:text-font "Helvetica"})
body (parse-string (:body response))
@ -167,7 +167,7 @@ @@ -167,7 +167,7 @@
{:note note
:pid pid
:signature (storage/sign pid psk note)
:version "1.0"
:version "1.4"
:password "qwerty"})
body (parse-string (:body response))
origID (body "noteID")

Write Preview
Loading…
Cancel
Save