Closed DBA closed 14 years ago
aflatter
commented
14 years ago I found a basic benchmark: http://blog.nathanielbibler.com/post/63031273/openssl-hmac-vs-ruby-hmac-benchmarks
We could support both. Though I doubt there is any environment where ruby-openssl is not available.
DBA
commented
14 years ago While scanning the source files I assume that the HMCA calls are all covered with tests. Could you confirm that I didn't miss something?
I agree that we could support both, checking if the OpenSSL one is available or not.
aflatter
commented
14 years ago Yep, there is one call in request.rb which is tested in request_spec.rb.
DBA
commented
14 years ago Alex, for now, I've removed the ruby-hmac dependency completely.
The code just looked odd with OpenSSL (which comes with Ruby core) falling back ruby-hmac gem, which is less performant and of unrecommended use.
If you disagree, feel free to rollback my commit: http://github.com/aflatter/oauth2-ruby/commit/0ee8f9781d1a215da063330ef1ed929ca61103d3
aflatter
commented
14 years ago I'm okay with that. Closed.
ruby-hmac website states the following: NOTE: If your apps can assume Ruby/OpenSSL available, consider using OpenSSL::HMAC instead.
Should we consider using OpenSSL::HMAC instead. Can / should we make that assumption?