Class: Warden::Strategies::HMAC::Base

Inherits:

Base

• Object
• Base
• Warden::Strategies::HMAC::Base

Defined in:

lib/hmac/strategies/base.rb

Overview

Base class for hmac authentication in warden. Provides shared methods such as config access and various helpers.

Author:

• Felix Gilcher <felix.gilcher@asquera.de>

Direct Known Subclasses

Header, Query

Instance Method Summary

• #authenticate! ⇒ Object

  Performs authentication.

• #debug(msg) ⇒ Object

  Log a debug message if a logger is available.

• #headers ⇒ Hash

  Retrieve the request headers.

• #logger ⇒ Logger

  Retrieve a logger.

• #params ⇒ Hash

  Retrieve the request query parameters.

• #request_method ⇒ String

  Retrieve the current request method.

• #retrieve_user ⇒ Mixed

  Retrieve a user from the database.

Instance Method Details

#authenticate! ⇒ Object

Performs authentication. Calls success! if authentication was performed successfully and halt! if the authentication information is invalid.

Delegates parts of the work to signature_valid? which must be implemented in child-strategies.

See Also:

• https://github.com/hassox/warden/wiki/Strategies

# File 'lib/hmac/strategies/base.rb', line 21

def authenticate!
  if "" == secret.to_s
    debug("authentication attempt with an empty secret")
    return fail!("Cannot authenticate with an empty secret")
  end
  
  if check_ttl? && !timestamp_valid?
    debug("authentication attempt with an invalid timestamp. Given was #{timestamp}, expected was #{Time.now.gmtime}")
    return fail!("Invalid timestamp")  
  end
    
  if signature_valid?
    success!(retrieve_user)
  else
    debug("authentication attempt with an invalid signature.")
    fail!("Invalid token passed")
  end
end

#debug(msg) ⇒ Object

Log a debug message if a logger is available.

Parameters:

• msg (String) —

  The message to log

# File 'lib/hmac/strategies/base.rb', line 78

def debug(msg)
  if logger
    logger.debug(msg)
  end
end

#headers ⇒ Hash

Retrieve the request headers. Header names are normalized by this method by stripping the ‘HTTP_`-prefix and replacing underscores with dashes. `HTTP_X_Foo` is normalized to `X-Foo`.

Returns:

• (Hash) —

  The request headers

# File 'lib/hmac/strategies/base.rb', line 59

def headers
  pairs = env.select {|k,v| k.start_with? 'HTTP_'}
      .collect {|pair| [pair[0].sub(/^HTTP_/, '').gsub(/_/, '-'), pair[1]]}
      .sort
   headers = Hash[*pairs.flatten]
   headers   
end

#logger ⇒ Logger

Retrieve a logger. Current implementation can only handle Padrino loggers

Returns:

• (Logger) —

  the logger, nil if none is available

# File 'lib/hmac/strategies/base.rb', line 88

def logger
  if defined? Padrino
    Padrino.logger
  end
end

#params ⇒ Hash

Retrieve the request query parameters

Returns:

• (Hash) —

  The query parameters

# File 'lib/hmac/strategies/base.rb', line 50

def params
  request.GET
end

#request_method ⇒ String

Retrieve the current request method

Returns:

• (String) —

  The request method in capital letters

# File 'lib/hmac/strategies/base.rb', line 43

def request_method
  env['REQUEST_METHOD'].upcase
end

#retrieve_user ⇒ Mixed

Retrieve a user from the database. Calls the proc given in :retrieve_user, else returns true

Returns:

• (Mixed) —

  The result of the configured proc, true is no proc was given

# File 'lib/hmac/strategies/base.rb', line 70

def retrieve_user
  @user ||= config[:retrieve_user].respond_to?(:call) ? config[:retrieve_user].call(self) : true
  @user
end