Class: OAuth2::Server::Request
- Inherits:
-
Object
- Object
- OAuth2::Server::Request
- Includes:
- Attributes
- Defined in:
- lib/oauth2/server/request.rb
Class Method Summary collapse
Instance Method Summary collapse
- #bearer? ⇒ Boolean
-
#calculate_signature ⇒ Object
Calculates the header signature as described on: tools.ietf.org/html/draft-hammer-oauth2-00#section-5.3.1.
- #cryptographic? ⇒ Boolean
- #errors ⇒ Object
-
#initialize(attributes = {}) {|_self| ... } ⇒ Request
constructor
A new instance of Request.
- #original_request_header ⇒ Object
-
#request_header(&block) ⇒ Object
Overwrite attribute reader #request_header See OAuth2::Core::Attributes.
- #type ⇒ Object
- #valid? ⇒ Boolean
- #validate ⇒ Object
- #validate_access_token ⇒ Object
- #validate_request_header ⇒ Object
- #validate_signature ⇒ Object
Constructor Details
#initialize(attributes = {}) {|_self| ... } ⇒ Request
Returns a new instance of Request.
28 29 30 31 |
# File 'lib/oauth2/server/request.rb', line 28 def initialize(attributes = {}, &block) self.attributes.merge!(attributes) yield self if block_given? end |
Class Method Details
.validate(*args) ⇒ Object
20 21 22 23 24 |
# File 'lib/oauth2/server/request.rb', line 20 def validate(*args) request = new(*args) request.validate request end |
Instance Method Details
#bearer? ⇒ Boolean
58 59 60 61 62 63 64 |
# File 'lib/oauth2/server/request.rb', line 58 def bearer? if request_header.attributes.values.compact.size != 1 return false end not request_header.token.nil? end |
#calculate_signature ⇒ Object
Calculates the header signature as described on: tools.ietf.org/html/draft-hammer-oauth2-00#section-5.3.1
77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
# File 'lib/oauth2/server/request.rb', line 77 def calculate_signature normalized_string = [ request_header., request_header.nonce, request_header.algorithm, method.upcase, host_with_port, request_uri ].join(',') digest = HMAC::SHA256.digest(secret, normalized_string) ActiveSupport::Base64.encode64s(digest) end |
#cryptographic? ⇒ Boolean
66 67 68 69 70 71 72 73 |
# File 'lib/oauth2/server/request.rb', line 66 def cryptographic? required_attributes = %w{token nonce timestamp algorithm signature} required_attributes.map! do |attribute| request_header.send(attribute.to_sym).nil? end required_attributes.uniq == [false] end |
#errors ⇒ Object
33 34 35 |
# File 'lib/oauth2/server/request.rb', line 33 def errors @errors ||= [] end |
#original_request_header ⇒ Object
37 |
# File 'lib/oauth2/server/request.rb', line 37 alias_method :original_request_header, :request_header |
#request_header(&block) ⇒ Object
Overwrite attribute reader #request_header See OAuth2::Core::Attributes
41 42 43 44 45 46 47 48 49 |
# File 'lib/oauth2/server/request.rb', line 41 def request_header(&block) value = original_request_header(&block) if value.is_a?(String) value = Headers::Authorization.parse(value) end value end |
#type ⇒ Object
51 52 53 54 55 56 |
# File 'lib/oauth2/server/request.rb', line 51 def type return :bearer if bearer? return :cryptographic if cryptographic? :unknown end |
#valid? ⇒ Boolean
135 136 137 |
# File 'lib/oauth2/server/request.rb', line 135 def valid? @valid end |
#validate ⇒ Object
124 125 126 127 128 129 130 131 132 133 |
# File 'lib/oauth2/server/request.rb', line 124 def validate errors.clear if validate_request_header validate_access_token validate_signature if type == :cryptographic end @valid = errors.empty? end |
#validate_access_token ⇒ Object
101 102 103 104 105 106 107 108 109 110 111 112 113 |
# File 'lib/oauth2/server/request.rb', line 101 def validate_access_token unless access_token errors << :access_token_invalid return false end if access_token_expired? errors << :access_token_expired return false end true end |
#validate_request_header ⇒ Object
115 116 117 118 119 120 121 122 |
# File 'lib/oauth2/server/request.rb', line 115 def validate_request_header unless request_header errors << :missing_authorization_header return false end true end |
#validate_signature ⇒ Object
92 93 94 95 96 97 98 99 |
# File 'lib/oauth2/server/request.rb', line 92 def validate_signature if calculate_signature != request_header.signature errors << :signature_invalid return false end true end |