Class: HmacSignature::Request

Inherits:

Object

Object
HmacSignature::Request

show all

Defined in:: lib/hmac_signature/request.rb

Direct Known Subclasses

Strategy::Headers::Request, Strategy::Params::Request

Constant Summary collapse

VALID_METHODS =

%w(GET POST)

ISO8601 = www.w3.org/TR/NOTE-datetime

"%Y-%m-%dT%H:%M:%SZ"

Instance Attribute Summary collapse

#credentials ⇒ Object readonly

Returns the value of attribute credentials.
#method ⇒ Object readonly

Returns the value of attribute method.
#params ⇒ Object readonly

Returns the value of attribute params.
#path ⇒ Object readonly

Returns the value of attribute path.

Instance Method Summary collapse

#authenticate ⇒ Object
#authenticate_by_token(token) ⇒ Object
#authenticate_by_token!(token) ⇒ Object
#initialize(method, path, params, credentials = nil) ⇒ Request constructor

A new instance of Request.
#sign(token, expires_in = 600) ⇒ Object

Constructor Details

#initialize(method, path, params, credentials = nil) ⇒ `Request`

Returns a new instance of Request.

Raises:

(ArgumentError)

# File 'lib/hmac_signature/request.rb', line 10

def initialize method, path, params, credentials=nil
	raise ArgumentError, "Expected GET or POST" unless method.is_a?(String) && VALID_METHODS.include?(method)
	raise ArgumentError, "Expected string" unless path.is_a?(String) && !path.empty?
	raise ArgumentError, "Expected hash" unless params.is_a?(Hash)
	raise ArgumentError, "Expected credentials" unless credentials.nil? || credentials.is_a?(HmacSignature::Credentials)

	@method = method
	@path = path
	@params = params
	@credentials = credentials
end

Instance Attribute Details

#credentials ⇒ `Object` (readonly)

Returns the value of attribute credentials.



8
9
10

# File 'lib/hmac_signature/request.rb', line 8

def credentials
  @credentials
end

#method ⇒ `Object` (readonly)

Returns the value of attribute method.



8
9
10

# File 'lib/hmac_signature/request.rb', line 8

def method
  @method
end

#params ⇒ `Object` (readonly)

Returns the value of attribute params.



8
9
10

# File 'lib/hmac_signature/request.rb', line 8

def params
  @params
end

#path ⇒ `Object` (readonly)

Returns the value of attribute path.



8
9
10

# File 'lib/hmac_signature/request.rb', line 8

def path
  @path
end

Instance Method Details

#authenticate ⇒ `Object`

Raises:

(ArgumentError)

# File 'lib/hmac_signature/request.rb', line 32

def authenticate
	raise ArgumentError, "Block required" unless block_given?
	raise AuthenticationError, "Missing parameter: key" unless credentials.key
	token = yield credentials.key
	unless token
		raise AuthenticationError, "Unknown key"
	end
	authenticate_by_token! token
	return token
end

#authenticate_by_token(token) ⇒ `Object`

# File 'lib/hmac_signature/request.rb', line 43

def authenticate_by_token token
	authenticate_by_token! token
rescue
	false
end

#authenticate_by_token!(token) ⇒ `Object`

Raises:

(HmacSignature::AuthenticationError)

# File 'lib/hmac_signature/request.rb', line 49

def authenticate_by_token! token
	raise HmacSignature::AuthenticationError, "Credentials required" unless credentials

	if token.secret.nil? || token.secret.empty?
		raise ArgumentError, "Provided token is missing secret"
	end

	# authenticates version
	raise HmacSignature::AuthenticationError, "Version required" unless credentials.version
       raise HmacSignature::AuthenticationError, "Version not supported" unless credentials.version == '1.0'
       
	# authenticates expiry
	raise HmacSignature::AuthenticationError, "Expiration timestamp required" unless credentials.expiry
	if Time.now.utc.to_i > credentials.expiry.to_i
		raise HmacSignature::AuthenticationError, "Timestamp expired: Given timestamp "\
		"(#{Time.at(credentials.expiry.to_i).utc.strftime(ISO8601)}) "\
		"has expired. The current server time is "\
		"(#{Time.now.utc.strftime(ISO8601)})"
	end

	# authenticates signature
	valid_signature = generate_signature(token, credentials.expiry, credentials.version)
	unless credentials.signature == valid_signature.to_s
		raise HmacSignature::AuthenticationError, "Invalid signature: you should have "\
		"sent HmacSHA256Hex(#{valid_signature.string_to_sign.inspect}, your_secret_key)"\
		", but you sent #{credentials.signature.inspect}"
	end
	
	true
end

#sign(token, expires_in = 600) ⇒ `Object`

# File 'lib/hmac_signature/request.rb', line 22

def sign token, expires_in=600
	expires_at 	= (Time.now.utc.to_i + expires_in).to_s
	version 	= Signature::VERSION
	key 		= token.key
	secret 		= token.secret
	signature 	= generate_signature(token, expires_at, version).to_s

	HmacSignature::Credentials.new(key, expires_at, version, signature)
end

Class: HmacSignature::Request

Direct Known Subclasses

Constant Summary collapse

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(method, path, params, credentials = nil) ⇒ Request

Instance Attribute Details

#credentials ⇒ Object (readonly)

#method ⇒ Object (readonly)

#params ⇒ Object (readonly)

#path ⇒ Object (readonly)

Instance Method Details

#authenticate ⇒ Object

#authenticate_by_token(token) ⇒ Object

#authenticate_by_token!(token) ⇒ Object

#sign(token, expires_in = 600) ⇒ Object

#initialize(method, path, params, credentials = nil) ⇒ `Request`

#credentials ⇒ `Object` (readonly)

#method ⇒ `Object` (readonly)

#params ⇒ `Object` (readonly)

#path ⇒ `Object` (readonly)

#authenticate ⇒ `Object`

#authenticate_by_token(token) ⇒ `Object`

#authenticate_by_token!(token) ⇒ `Object`

#sign(token, expires_in = 600) ⇒ `Object`