Use for https url

fwininger · fwininger · commit c734a88b6ecb · 2022-05-18T14:40:59.000+02:00
diff --git a/README.md b/README.md
@@ -48,7 +48,7 @@ Authorization = APIAuth "#{client access id}:#{signature from step 2}"
 A cURL request would look like:
 
 ```sh
-curl -X POST --header 'Content-Type: application/json' --header "Date: Tue, 30 May 2017 03:51:43 GMT" --header "Authorization: ${AUTHORIZATION}"  http://my-app.com/request_path`
+curl -X POST --header 'Content-Type: application/json' --header "Date: Tue, 30 May 2017 03:51:43 GMT" --header "Authorization: ${AUTHORIZATION}"  https://my-app.com/request_path`
 ```
 
 5. On the server side, the SHA2 HMAC is computed in the same way using the
@@ -60,10 +60,10 @@ minutes in order to avoid replay attacks.
 
 ## References
 
-* [Hash functions](http://en.wikipedia.org/wiki/Cryptographic_hash_function)
-* [SHA-2 Hash function](http://en.wikipedia.org/wiki/SHA-2)
-* [HMAC algorithm](http://en.wikipedia.org/wiki/HMAC)
-* [RFC 2104 (HMAC)](http://tools.ietf.org/html/rfc2104)
+* [Hash functions](https://en.wikipedia.org/wiki/Cryptographic_hash_function)
+* [SHA-2 Hash function](https://en.wikipedia.org/wiki/SHA-2)
+* [HMAC algorithm](https://en.wikipedia.org/wiki/HMAC)
+* [RFC 2104 (HMAC)](https://tools.ietf.org/html/rfc2104)
 
 ## Requirement
 
@@ -285,9 +285,9 @@ the public methods for each driver are required to be implemented by your driver
 
 ## Authors
 
-* [Mauricio Gomes](http://github.com/mgomes)
-* [Kevin Glowacz](http://github.com/kjg)
-* [Florian Wininger](http://github.com/fwininger)
+* [Mauricio Gomes](https://github.com/mgomes)
+* [Kevin Glowacz](https://github.com/kjg)
+* [Florian Wininger](https://github.com/fwininger)
 
 ## Copyright
 
diff --git a/spec/api_auth_spec.rb b/spec/api_auth_spec.rb
@@ -24,7 +24,7 @@ def hmac(secret_key, request, canonical_string = nil, digest = 'sha1')
   end
 
   describe '.sign!' do
-    let(:request) { RestClient::Request.new(url: 'http://google.com', method: :get) }
+    let(:request) { RestClient::Request.new(url: 'https://google.com', method: :get) }
     let(:headers) { ApiAuth::Headers.new(request) }
 
     it 'generates date header before signing' do
@@ -182,7 +182,7 @@ def hmac(secret_key, request, canonical_string = nil, digest = 'sha1')
     context 'normal APIAuth Auth header' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://google.com',
+          url: 'https://google.com',
           method: :get,
           headers: { authorization: 'APIAuth 1044:aGVsbG8gd29ybGQ=' }
         )
@@ -196,7 +196,7 @@ def hmac(secret_key, request, canonical_string = nil, digest = 'sha1')
     context 'Corporate prefixed APIAuth header' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://google.com',
+          url: 'https://google.com',
           method: :get,
           headers: { authorization: 'Corporate APIAuth 1044:aGVsbG8gd29ybGQ=' }
         )
diff --git a/spec/headers_spec.rb b/spec/headers_spec.rb
@@ -8,7 +8,7 @@
       let(:uri) { '' }
 
       context 'uri with just host without /' do
-        let(:uri) { 'http://google.com'.freeze }
+        let(:uri) { 'https://google.com'.freeze }
 
         it 'return / as canonical string path' do
           expect(subject.canonical_string).to eq('GET,,,/,')
@@ -20,7 +20,7 @@
       end
 
       context 'uri with host and /' do
-        let(:uri) { 'http://google.com/'.freeze }
+        let(:uri) { 'https://google.com/'.freeze }
 
         it 'return / as canonical string path' do
           expect(subject.canonical_string).to eq('GET,,,/,')
@@ -31,8 +31,8 @@
         end
       end
 
-      context 'uri has a string matching http:// in it' do
-        let(:uri) { 'http://google.com/?redirect_to=https://www.example.com'.freeze }
+      context 'uri has a string matching https:// in it' do
+        let(:uri) { 'https://google.com/?redirect_to=https://www.example.com'.freeze }
 
         it 'return /?redirect_to=https://www.example.com as canonical string path' do
           expect(subject.canonical_string).to eq('GET,,,/?redirect_to=https://www.example.com,')
@@ -46,7 +46,7 @@
 
     context 'string construction' do
       context 'with a driver that supplies http_method' do
-        let(:request) { RestClient::Request.new(url: 'http://google.com', method: :get) }
+        let(:request) { RestClient::Request.new(url: 'https://google.com', method: :get) }
         subject(:headers) { described_class.new(request) }
         let(:driver) { headers.instance_variable_get('@request') }
 
@@ -161,7 +161,7 @@
     context 'no content hash already calculated' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://google.com',
+          url: 'https://google.com',
           method: :post,
           payload: "hello\nworld"
         )
@@ -176,7 +176,7 @@
     context 'hash already calculated' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://google.com',
+          url: 'https://google.com',
           method: :post,
           payload: "hello\nworld",
           headers: { 'X-Authorization-Content-SHA256' => 'abcd' }
@@ -191,7 +191,7 @@
   end
 
   describe '#content_hash_mismatch?' do
-    let(:request) { RestClient::Request.new(url: 'http://google.com', method: :get) }
+    let(:request) { RestClient::Request.new(url: 'https://google.com', method: :get) }
     subject(:headers) { described_class.new(request) }
     let(:driver) { headers.instance_variable_get('@request') }
 
diff --git a/spec/railtie_spec.rb b/spec/railtie_spec.rb
@@ -116,7 +116,7 @@ def generated_request
   describe 'Rails ActiveResource integration' do
     class TestResource < ActiveResource::Base
       with_api_auth '1044', API_KEY_STORE['1044']
-      self.site = 'http://localhost/'
+      self.site = 'https://localhost/'
       self.format = :xml
     end
 
diff --git a/spec/request_drivers/http_spec.rb b/spec/request_drivers/http_spec.rb
@@ -13,7 +13,7 @@
   end
 
   let(:verb) { :put }
-  let(:uri) { 'http://localhost/resource.xml?foo=bar&bar=foo' }
+  let(:uri) { 'https://localhost/resource.xml?foo=bar&bar=foo' }
   let(:body) { "hello\nworld" }
 
   let(:headers) do
diff --git a/spec/request_drivers/httpi_spec.rb b/spec/request_drivers/httpi_spec.rb
@@ -4,7 +4,7 @@
   let(:timestamp) { Time.now.utc.httpdate }
 
   let(:request) do
-    httpi_request = HTTPI::Request.new('http://localhost/resource.xml?foo=bar&bar=foo')
+    httpi_request = HTTPI::Request.new('https://localhost/resource.xml?foo=bar&bar=foo')
     httpi_request.headers.merge!('Authorization' => 'APIAuth 1044:12345',
                                  'X-Authorization-Content-SHA256' => '47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=',
                                  'content-type' => 'text/plain',
@@ -56,7 +56,7 @@
 
   describe 'setting headers correctly' do
     let(:request) do
-      httpi_request = HTTPI::Request.new('http://localhost/resource.xml?foo=bar&bar=foo')
+      httpi_request = HTTPI::Request.new('https://localhost/resource.xml?foo=bar&bar=foo')
       httpi_request.headers['content-type'] = 'text/plain'
       httpi_request
     end
diff --git a/spec/request_drivers/rest_client_spec.rb b/spec/request_drivers/rest_client_spec.rb
@@ -3,7 +3,7 @@
 describe ApiAuth::RequestDrivers::RestClientRequest do
   let(:timestamp) { Time.now.utc.httpdate }
 
-  let(:request_path) { 'http://localhost/resource.xml?foo=bar&bar=foo' }
+  let(:request_path) { 'https://localhost/resource.xml?foo=bar&bar=foo' }
 
   let(:request_headers) do
     {
@@ -16,7 +16,7 @@
 
   let(:request) do
     RestClient::Request.new(
-      url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+      url: 'https://localhost/resource.xml?foo=bar&bar=foo',
       headers: request_headers,
       method: :put,
       payload: "hello\nworld"
@@ -35,7 +35,7 @@
     end
 
     it 'gets the request_uri' do
-      expect(driven_request.request_uri).to eq('http://localhost/resource.xml?foo=bar&bar=foo')
+      expect(driven_request.request_uri).to eq('https://localhost/resource.xml?foo=bar&bar=foo')
     end
 
     it 'gets the timestamp' do
@@ -53,7 +53,7 @@
 
       it 'treats no body as empty string' do
         request = RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :put
         )
@@ -66,7 +66,7 @@
       context 'when put request' do
         let(:request) do
           RestClient::Request.new(
-            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+            url: 'https://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :put
           )
@@ -80,7 +80,7 @@
       context 'when get request' do
         let(:request) do
           RestClient::Request.new(
-            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+            url: 'https://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :get
           )
@@ -104,7 +104,7 @@
       context 'when getting' do
         let(:request) do
           RestClient::Request.new(
-            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+            url: 'https://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :get
           )
@@ -119,7 +119,7 @@
       context 'when posting' do
         let(:request) do
           RestClient::Request.new(
-            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+            url: 'https://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :post,
             payload: "hello\nworld"
@@ -140,7 +140,7 @@
       context 'when putting' do
         let(:request) do
           RestClient::Request.new(
-            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+            url: 'https://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :put,
             payload: "hello\nworld"
@@ -161,7 +161,7 @@
       context 'when deleting' do
         let(:request) do
           RestClient::Request.new(
-            url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+            url: 'https://localhost/resource.xml?foo=bar&bar=foo',
             headers: request_headers,
             method: :delete
           )
@@ -203,7 +203,7 @@
     context 'when getting' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :get
         )
@@ -217,7 +217,7 @@
     context 'when posting' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :post,
           payload: "hello\nworld"
@@ -258,7 +258,7 @@
     context 'when putting' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :put,
           payload: "hello\nworld"
@@ -299,7 +299,7 @@
     context 'when deleting' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           headers: request_headers,
           method: :delete
         )
@@ -315,7 +315,7 @@
     context 'when getting' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           method: :get
         )
       end
@@ -332,7 +332,7 @@
     context 'when posting' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           method: :post,
           payload: "hello\nworld"
         )
@@ -350,7 +350,7 @@
     context 'when putting' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           method: :put,
           payload: "hello\nworld"
         )
@@ -368,7 +368,7 @@
     context 'when deleting' do
       let(:request) do
         RestClient::Request.new(
-          url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+          url: 'https://localhost/resource.xml?foo=bar&bar=foo',
           method: :delete
         )
       end
@@ -388,7 +388,7 @@
       headers = { 'X-Authorization-Content-SHA256' => 'e59ff97941044f85df5297e1c302d260',
                   :content_type => 'text/plain',
                   'Date' => 'Mon, 23 Jan 1984 03:29:56 GMT' }
-      request = RestClient::Request.new(url: 'http://localhost/resource.xml?foo=bar&bar=foo',
+      request = RestClient::Request.new(url: 'https://localhost/resource.xml?foo=bar&bar=foo',
                                         headers: headers,
                                         method: :put)
       ApiAuth.sign!(request, 'some access id', 'some secret key')
