Class: ApiAuth::RequestDrivers::ActionControllerRequest

Inherits:
Object
  • Object
show all
Includes:
Helpers
Defined in:
lib/api_auth/request_drivers/action_controller.rb

Overview

:nodoc:

Direct Known Subclasses

ActionDispatchRequest

Instance Method Summary collapse

Methods included from Helpers

#b64_encode, #capitalize_keys, #sha256_base64digest

Constructor Details

#initialize(request) ⇒ ActionControllerRequest

Returns a new instance of ActionControllerRequest.



6
7
8
9
10
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 6

def initialize(request)
  @request = request
  fetch_headers
  true
end

Instance Method Details

#authorization_headerObject 



71
72
73
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 71

def authorization_header
  find_header %w[Authorization AUTHORIZATION HTTP_AUTHORIZATION]
end

#calculated_hashObject 



18
19
20
21
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 18

def calculated_hash
  body = @request.raw_post
  sha256_base64digest(body)
end

#content_hashObject 



50
51
52
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 50

def content_hash
  find_header(%w[X-AUTHORIZATION-CONTENT-SHA256 X_AUTHORIZATION_CONTENT_SHA256 HTTP_X_AUTHORIZATION_CONTENT_SHA256])
end

#content_hash_mismatch?Boolean

Returns:

  • (Boolean) 


30
31
32
33
34
35
36
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 30

def content_hash_mismatch?
  if @request.put? || @request.post?
    calculated_hash != content_hash
  else
    false
  end
end

#content_typeObject 



46
47
48
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 46

def content_type
  find_header(%w[CONTENT-TYPE CONTENT_TYPE HTTP_CONTENT_TYPE])
end

#fetch_headersObject 



38
39
40
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 38

def fetch_headers
  @headers = capitalize_keys @request.env
end

#http_methodObject 



42
43
44
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 42

def http_method
  @request.request_method.to_s.upcase
end

#original_uriObject 



54
55
56
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 54

def original_uri
  find_header(%w[X-ORIGINAL-URI X_ORIGINAL_URI HTTP_X_ORIGINAL_URI])
end

#populate_content_hashObject 



23
24
25
26
27
28
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 23

def populate_content_hash
  return unless @request.put? || @request.post?

  @request.env['X-AUTHORIZATION-CONTENT-SHA256'] = calculated_hash
  fetch_headers
end

#request_uriObject 



58
59
60
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 58

def request_uri
  @request.request_uri
end

#set_auth_header(header) ⇒ Object 



12
13
14
15
16
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 12

def set_auth_header(header)
  @request.env['Authorization'] = header
  fetch_headers
  @request
end

#set_dateObject 



62
63
64
65
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 62

def set_date
  @request.env['HTTP_DATE'] = Time.now.utc.httpdate
  fetch_headers
end

#timestampObject 



67
68
69
 
# File 'lib/api_auth/request_drivers/action_controller.rb', line 67

def timestamp
  find_header(%w[DATE HTTP_DATE])
end