diff --git a/.gitignore b/.gitignore index 6936990..7141a31 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ /target **/*.rs.bk Cargo.lock +.idea +.vscode diff --git a/Cargo.toml b/Cargo.toml index e354feb..106d890 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,12 +17,12 @@ all-features = true members = ["http-sig-validator"] [dependencies] -chrono = "0.4.11" -http = "0.2.1" +chrono = { version = "0.4.26", default-features = false, features = ["clock"] } +http = "1.1" sha2 = "0.10.1" base64 = "0.12.0" -reqwest = {version = "0.11", features = ["blocking"], optional = true} -rouille = {version = "3.0.0", optional = true} +reqwest = { version = "0.12", features = ["blocking"], optional = true } +rouille = { version = "3.0.0", optional = true } subtle = "2.2.2" ring = { version = "0.16.12", features = ["std"], optional = true } url = "2.1.1" diff --git a/src/lib.rs b/src/lib.rs index 095ad70..4bf6b8e 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -83,8 +83,6 @@ pub mod mock_request; #[cfg(feature = "reqwest")] mod reqwest_impls; -#[cfg(feature = "reqwest")] -pub use reqwest_impls::*; #[cfg(feature = "rouille")] mod rouille_impls; diff --git a/src/reqwest_impls.rs b/src/reqwest_impls.rs index ff5c123..2d75b7d 100644 --- a/src/reqwest_impls.rs +++ b/src/reqwest_impls.rs @@ -11,7 +11,13 @@ impl RequestLike for reqwest::Request { Header::Pseudo(PseudoHeader::RequestTarget) => { let method = self.method().as_str().to_ascii_lowercase(); let path = self.url().path(); - format!("{} {}", method, path).try_into().ok() + if let Some(query) = self.url().query() { + format!("{} {}?{}", method, path, query) + } else { + format!("{} {}", method, path) + } + .try_into() + .ok() } _ => None, } @@ -77,12 +83,12 @@ mod tests { let client = reqwest::Client::new(); let without_sig = client - .post("http://test.com/foo/bar") + .post("http://test.com/foo/bar?test=1") .header(CONTENT_TYPE, "application/json") .header( DATE, - Utc.ymd(2014, 7, 8) - .and_hms(9, 10, 11) + Utc.with_ymd_and_hms(2014, 7, 8, 9, 10, 11) + .unwrap() .format("%a, %d %b %Y %T GMT") .to_string(), ) @@ -92,7 +98,7 @@ mod tests { let with_sig = without_sig.signed(&config).unwrap(); - assert_eq!(with_sig.headers().get(AUTHORIZATION).unwrap(), "Signature keyId=\"test_key\",algorithm=\"hs2019\",signature=\"F8gZiriO7dtKFiP5eSZ+Oh1h61JIrAR6D5Mdh98DjqA=\",headers=\"(request-target) host date digest\""); + assert_eq!(with_sig.headers().get(AUTHORIZATION).unwrap(), "Signature keyId=\"test_key\",algorithm=\"hs2019\",signature=\"WrDTJ4PdMype8XFHAXBB8IsCW4WgNyvkn+CM8Opy8LU=\",headers=\"(request-target) host date digest\""); assert_eq!( with_sig .headers() diff --git a/src/rouille_impls.rs b/src/rouille_impls.rs index 9a18ac8..8c16c86 100644 --- a/src/rouille_impls.rs +++ b/src/rouille_impls.rs @@ -103,8 +103,8 @@ mod tests { vec![ ("Host".into(), "test.com".into()), ("ContentType".into(), "application/json".into()), - ("Date".into(), Utc.ymd(2014, 7, 8) - .and_hms(9, 10, 11) + ("Date".into(), Utc.with_ymd_and_hms(2014, 7, 8, 9, 10, 11) + .unwrap() .format("%a, %d %b %Y %T GMT") .to_string()), ("Digest".into(), "SHA-256=2vgEVkfe4d6VW+tSWAziO7BUx7uT/rA9hn1EoxUJi2o=".into()), @@ -129,8 +129,8 @@ mod tests { "GET", "/foo/bar", vec![ - ("Date".into(), Utc.ymd(2014, 7, 8) - .and_hms(9, 10, 11) + ("Date".into(), Utc.with_ymd_and_hms(2014, 7, 8, 9, 10, 11) + .unwrap() .format("%a, %d %b %Y %T GMT") .to_string()), ("Authorization".into(), "Signature keyId=\"test_key\",algorithm=\"hmac-sha256\",signature=\"sGQ3hA9KB40CU1pHbRLXLvLdUWYn+c3fcfL+Sw8kIZE=\",headers=\"(request-target) date".into()), diff --git a/src/verifying.rs b/src/verifying.rs index e9e2398..db8c337 100644 --- a/src/verifying.rs +++ b/src/verifying.rs @@ -506,7 +506,7 @@ fn verify_except_digest( })?; // Then parse into a datetime - let provided_date = DateTime::::from_utc( + let provided_date = DateTime::::from_naive_utc_and_offset( NaiveDateTime::parse_from_str(date_value, DATE_FORMAT) .ok() .or_else(|| {