lib/akami/wsse.rb in akami-1.2.0 vs lib/akami/wsse.rb in akami-1.2.1

- old
+ new

@@ -109,22 +109,25 @@ private # Returns a Hash containing wsse:UsernameToken details. def wsse_username_token if digest? - security_hash :wsse, "UsernameToken", + token = security_hash :wsse, "UsernameToken", "wsse:Username" => username, - "wsse:Nonce" => nonce, + "wsse:Nonce" => Base64.encode64(nonce), "wsu:Created" => timestamp, "wsse:Password" => digest_password, :attributes! => { "wsse:Password" => { "Type" => PASSWORD_DIGEST_URI } } + # clear the nonce after each use + @nonce = nil else - security_hash :wsse, "UsernameToken", + token = security_hash :wsse, "UsernameToken", "wsse:Username" => username, "wsse:Password" => password, :attributes! => { "wsse:Password" => { "Type" => PASSWORD_TEXT_URI } } end + token end def wsse_signature signature_hash = signature.to_token @@ -167,11 +170,11 @@ end # Returns the WSSE password, encrypted for digest authentication. def digest_password token = nonce + timestamp + password - Base64.encode64(Digest::SHA1.hexdigest(token)).chomp! + Base64.encode64(Digest::SHA1.digest(token)).chomp! end # Returns a WSSE nonce. def nonce @nonce ||= Digest::SHA1.hexdigest random_string + timestamp @@ -182,10 +185,10 @@ (0...100).map { ("a".."z").to_a[rand(26)] }.join end # Returns a WSSE timestamp. def timestamp - @timestamp ||= Time.now.xmlschema + @timestamp ||= Time.now.utc.xmlschema end # Returns a new number with every call. def count @count ||= 0