Class: Akamai::EdgeAuth

Inherits:

Object

• Object
• Akamai::EdgeAuth

Defined in:

lib/akamai/edgeauth.rb

Instance Attribute Summary

• #acl_delimiter ⇒ Object

  Returns the value of attribute acl_delimiter.

• #algorithm ⇒ Object

  Returns the value of attribute algorithm.

• #end_time ⇒ Object

  Returns the value of attribute end_time.

• #escape_early ⇒ Object

  Returns the value of attribute escape_early.

• #field_delimiter ⇒ Object

  Returns the value of attribute field_delimiter.

• #ip ⇒ Object

  Returns the value of attribute ip.

• #key ⇒ Object

  Returns the value of attribute key.

• #payload ⇒ Object

  Returns the value of attribute payload.

• #salt ⇒ Object

  Returns the value of attribute salt.

• #session_id ⇒ Object

  Returns the value of attribute session_id.

• #start_time ⇒ Object

  Returns the value of attribute start_time.

• #token_name ⇒ Object

  Returns the value of attribute token_name.

• #token_type ⇒ Object

  Returns the value of attribute token_type.

• #verbose ⇒ Object

  Returns the value of attribute verbose.

• #window_seconds ⇒ Object

  Returns the value of attribute window_seconds.

Instance Method Summary

• #_escapeEarly(text) ⇒ Object
• #_generateToken(path, isUrl) ⇒ Object
• #generateACLToken(acl) ⇒ Object
• #generateURLToken(url) ⇒ Object
• #initialize(token_type: nil, token_name: '__token__', key: nil, algorithm: 'sha256', salt: nil, ip: nil, payload: nil, session_id: nil, start_time: nil, end_time: nil, window_seconds: nil, field_delimiter: '~', acl_delimiter: '!', escape_early: false, verbose: false) ⇒ EdgeAuth constructor

  A new instance of EdgeAuth.

Constructor Details

#initialize(token_type: nil, token_name: '__token__', key: nil, algorithm: 'sha256', salt: nil, ip: nil, payload: nil, session_id: nil, start_time: nil, end_time: nil, window_seconds: nil, field_delimiter: '~', acl_delimiter: '!', escape_early: false, verbose: false) ⇒ EdgeAuth

Returns a new instance of EdgeAuth.

# File 'lib/akamai/edgeauth.rb', line 36

def initialize(token_type: nil, token_name: '__token__', 
        key: nil, algorithm: 'sha256', salt: nil,
        ip: nil, payload: nil, session_id: nil,
        start_time: nil, end_time: nil, window_seconds: nil, 
        field_delimiter: '~', acl_delimiter: '!', 
        escape_early: false, verbose: false)
    @token_type = token_type
    @token_name = token_name
    if !key || key.length <= 0
        raise EdgeAuthError, 
            'You must provide a secret in order to generate a new token.'
    end
    @key = key
    @salt = salt
    @algorithm = algorithm
    @ip = ip
    @payload = payload
    @session_id = session_id
    @start_time = start_time
    @end_time = end_time
    @window_seconds = window_seconds
    @field_delimiter = field_delimiter
    @acl_delimiter = acl_delimiter
    @escape_early = escape_early
    @verbose = verbose
end

Instance Attribute Details

#acl_delimiter ⇒ Object

Returns the value of attribute acl_delimiter.

# File 'lib/akamai/edgeauth.rb', line 31

def acl_delimiter
  @acl_delimiter
end

#algorithm ⇒ Object

Returns the value of attribute algorithm.

# File 'lib/akamai/edgeauth.rb', line 31

def algorithm
  @algorithm
end

#end_time ⇒ Object

Returns the value of attribute end_time.

# File 'lib/akamai/edgeauth.rb', line 31

def end_time
  @end_time
end

#escape_early ⇒ Object

Returns the value of attribute escape_early.

# File 'lib/akamai/edgeauth.rb', line 31

def escape_early
  @escape_early
end

#field_delimiter ⇒ Object

Returns the value of attribute field_delimiter.

# File 'lib/akamai/edgeauth.rb', line 31

def field_delimiter
  @field_delimiter
end

#ip ⇒ Object

Returns the value of attribute ip.

# File 'lib/akamai/edgeauth.rb', line 31

def ip
  @ip
end

#key ⇒ Object

Returns the value of attribute key.

# File 'lib/akamai/edgeauth.rb', line 31

def key
  @key
end

#payload ⇒ Object

Returns the value of attribute payload.

# File 'lib/akamai/edgeauth.rb', line 31

def payload
  @payload
end

#salt ⇒ Object

Returns the value of attribute salt.

# File 'lib/akamai/edgeauth.rb', line 31

def salt
  @salt
end

#session_id ⇒ Object

Returns the value of attribute session_id.

# File 'lib/akamai/edgeauth.rb', line 31

def session_id
  @session_id
end

#start_time ⇒ Object

Returns the value of attribute start_time.

# File 'lib/akamai/edgeauth.rb', line 31

def start_time
  @start_time
end

#token_name ⇒ Object

Returns the value of attribute token_name.

# File 'lib/akamai/edgeauth.rb', line 31

def token_name
  @token_name
end

#token_type ⇒ Object

Returns the value of attribute token_type.

# File 'lib/akamai/edgeauth.rb', line 31

def token_type
  @token_type
end

#verbose ⇒ Object

Returns the value of attribute verbose.

# File 'lib/akamai/edgeauth.rb', line 31

def verbose
  @verbose
end

#window_seconds ⇒ Object

Returns the value of attribute window_seconds.

# File 'lib/akamai/edgeauth.rb', line 31

def window_seconds
  @window_seconds
end

Instance Method Details

#_escapeEarly(text) ⇒ Object

# File 'lib/akamai/edgeauth.rb', line 63

def _escapeEarly(text)
    if @escape_early
        return CGI::escape(text).gsub(/(%..)/) {$1.downcase}
    else
        return text
    end
end

#_generateToken(path, isUrl) ⇒ Object

# File 'lib/akamai/edgeauth.rb', line 71

def _generateToken(path, isUrl)
    start_time = @start_time
    end_time = @end_time

    if start_time.to_s.downcase == 'now'
        start_time = Time.new.getgm.to_i
    elsif start_time
        begin
            if start_time <= 0
                raise EdgeAuthError, 'start_time must be ( > 0 )'
            end
        rescue
            raise EdgeAuthError, 'start_time must be numeric or now'
        end
        
    end

    if end_time
        begin
            if end_time <= 0
                raise EdgeAuthError, 'end_time must be ( > 0 )'
            end
        rescue
            raise EdgeAuthError, 'end_time must be numeric'
        end
    end

    if @window_seconds
        begin
            if @window_seconds <= 0
                raise EdgeAuthError, 'window_seconds must be ( > 0 )'
            end
        rescue
            raise EdgeAuthError, 'window_seconds must be numeric'
        end
    end

    if !end_time
        if @window_seconds
            if !start_time
                end_time = Time.new.getgm.to_i + @window_seconds
            else
                end_time = start_time + @window_seconds
            end
        else
            raise EdgeAuthError, 'You must provide an expiration time or a duration window..'
        end
    end

    if start_time && end_time <= start_time
        raise EdgeAuthError, 'Token will have already expired.'
    end

    if @verbose
        puts "Akamai Token Generation Parameters"
        puts "Token Type      : #{@token_type}"
        puts "Token Name      : #{@token_name}"
        puts "Start Time      : #{start_time}"
        puts "End Time        : #{end_time}"
        puts "Window(seconds) : #{@window_seconds}"
        puts "IP              : #{@ip}"
        puts "URL/ACL         : #{path}"
        puts "Key/Secret      : #{@key}"
        puts "Payload         : #{@payload}"
        puts "Algo            : #{@algo}"
        puts "Salt            : #{@salt}"
        puts "Session ID      : #{@session_id}"
        puts "Field Delimiter : #{@field_delimiter}"
        puts "ACL Delimiter   : #{@acl_delimiter}"
        puts "Escape Early    : #{@escape_early}"
    end

    hash_code = Array.new
    new_token = Array.new

    if ip
        new_token.push('ip=%s' % _escapeEarly(@ip))
    end
    if start_time
        new_token.push('st=%s' % start_time)
    end
    new_token.push('exp=%s' % end_time)

    if !isUrl
        new_token.push('acl=%s' % path)
    end
    if session_id
        new_token.push('id=%s' % _escapeEarly(@session_id))
    end
    if payload
       new_token.push('data=%s' % _escapeEarly(@payload))
    end

    hash_code = new_token.clone
    
    if isUrl
        hash_code.push('url=%s' % _escapeEarly(path))
    end

    if @salt
        hash_code.push('salt=%s' % @salt)
    end
    if !(['sha256', 'sha1', 'md5'].include? @algorithm)
        raise EdgeAuthError, 'Unknown algorithm'
    end
    
    bin_key = Array(@key.gsub(/\s/,'')).pack("H*")
    digest = OpenSSL::Digest.new(@algorithm)
    token_hmac = OpenSSL::HMAC.new(bin_key, digest)
    token_hmac.update(hash_code.join(@field_delimiter))

    new_token.push('hmac=%s' % token_hmac)

    return new_token.join(@field_delimiter)
end

#generateACLToken(acl) ⇒ Object

# File 'lib/akamai/edgeauth.rb', line 187

def generateACLToken(acl)
    if !acl
        raise EdgeAuthError, 'You must provide the ACL(s)'
    elsif acl.is_a?(Array)
        acl = acl.join(@acl_delimiter)
    end
    return _generateToken(acl, false)
end

#generateURLToken(url) ⇒ Object

# File 'lib/akamai/edgeauth.rb', line 196

def generateURLToken(url)
    if !url
        raise EdgeAuthError, 'You must provide a URL'
    end

    return _generateToken(url, true)
end