Module: S2S::Auth

Defined in:

lib/s2s/auth.rb,
lib/s2s/auth/version.rb

Constant Summary

VERSION =

"0.0.1"

Class Method Summary

• .clear ⇒ Object

  Clears the settings that were set during setup.

• .generate_token ⇒ Object

  Generate an encypted and signed token.

• .header ⇒ Object

  Returns a hash representing the auth header needed to be sent with the S2S request.

• .parse_token(token) ⇒ Object

  Checks that a token is valid and return a hash with its content.

• .settings ⇒ Object

  Returns the module’s settings.

• .setup(opts = {}) ⇒ Bool

  Setups the S2S::Auth module.

Class Method Details

.clear ⇒ Object

Clears the settings that were set during setup.

# File 'lib/s2s/auth.rb', line 44

def clear
  @secret = nil
  @salt = nil
  @sign_salt = nil
  @app_name = nil
  @iterations = nil
  @encryptor = nil
  @serializer = nil
end

.generate_token ⇒ Object

Generate an encypted and signed token. Tokens are time sensitive and usually expire in a few seconds.

# File 'lib/s2s/auth.rb', line 78

def generate_token
  if @app_name.nil? || @encryptor.nil?
    raise ArgumentError.new("Can't generate a S2S header before setting up the class")
  end
  @encryptor.encrypt_and_sign({app: @app_name, ts: Time.now.utc.iso8601})
end

.header ⇒ Object

Returns a hash representing the auth header needed to be sent with the S2S request. Make sure to call #setup first.

Returns:

# File 'lib/s2s/auth.rb', line 72

def header
  {Authorization: "Bearer #{generate_token}"}
end

.parse_token(token) ⇒ Object

Checks that a token is valid and return a hash with its content. Note that no logic is done to verify that the token is recent.

Raises:

• (ActiveSupport::MessageVerifier::InvalidSignature)

# File 'lib/s2s/auth.rb', line 88

def parse_token(token)
  @encryptor.decrypt_and_verify(token)
end

.settings ⇒ Object

Returns the module’s settings.

# File 'lib/s2s/auth.rb', line 55

def settings
  {
    secret: @secret,
    salt: @salt,
    sign_salt: @sign_salt,
    app_name: @app_name,
    serializer: @serializer,
    iterations: @iterations,
    encryptor: @encryptor
  }
end

.setup(opts = {}) ⇒ Bool

Setups the S2S::Auth module.

secret.

Returns:

• (Bool) —

  true

Raises:

• (ArgumentError) —

  if the passed option doesn’t contain a

# File 'lib/s2s/auth.rb', line 25

def setup(opts={})
  clear
  @secret = opts[:secret] || opts["secret"]
  @app_name = opts[:app] || opts["app"] 
  @salt = opts[:salt] || opts["salt"]
  @sign_salt = opts[:sign_salt] || opts["sign_salt"]
  if [@secret, @app_name, @salt, @sign_salt].any?{|v| v.nil? || v.empty?}
    raise ArgumentError.new("This module needs to be setup following keys: secret, app, salt, sign_salt")
  end
  @iterations = opts[:iterations] || opts["iterations"] || 1000
  @serializer = opts[:serializer] || opts["serializer"] || JSON
  keygen = ActiveSupport::CachingKeyGenerator.new(ActiveSupport::KeyGenerator.new(@secret, iterations: @iteration))
  secret = keygen.generate_key(@salt)
  sign_secret = keygen.generate_key(@sign_salt)
  @encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, { serializer: @serializer } )
  return true
end