Class: Baidubce::Auth::BceV1Signer

Inherits:

Object

• Object
• Baidubce::Auth::BceV1Signer

Defined in:

lib/baidubce/auth/bce_v1_signer.rb

Instance Method Summary

• #get_canonical_headers(headers, headers_to_sign = nil) ⇒ Object
• #get_canonical_uri_path(path) ⇒ Object
• #sign(credentials, http_method, path, headers, params, timestamp = nil, expiration_in_seconds = 1800, headers_to_sign = nil) ⇒ Object

  Create the authorization.

Instance Method Details

#get_canonical_headers(headers, headers_to_sign = nil) ⇒ Object

# File 'lib/baidubce/auth/bce_v1_signer.rb', line 24

def get_canonical_headers(headers, headers_to_sign = nil)
    default = false
    if headers_to_sign.to_a.empty?
        default = true
        headers_to_sign = ["host", "content-md5", "content-length", "content-type"]
    end

    ret_arr = []
    headers_arr = []
    headers.each do |key, value|
        next if value.to_s.strip.empty?
        if headers_to_sign.include?(key.downcase) ||
                (default && key.downcase.to_s.start_with?(Http::BCE_PREFIX))
            str = ERB::Util.url_encode(key.downcase) + ":" + ERB::Util.url_encode(value.to_s.strip)
            ret_arr << str
            headers_arr << key.downcase
        end
    end
    ret_arr.sort!
    headers_arr.sort!
    return ret_arr.join("\n"), headers_arr
end

#get_canonical_uri_path(path) ⇒ Object

# File 'lib/baidubce/auth/bce_v1_signer.rb', line 47

def get_canonical_uri_path(path)
    return '/' if path.to_s.empty?
    encoded_path = Utils.url_encode_except_slash(path)
    return path[0] == '/' ? encoded_path : '/' + encoded_path
end

#sign(credentials, http_method, path, headers, params, timestamp = nil, expiration_in_seconds = 1800, headers_to_sign = nil) ⇒ Object

Create the authorization.

# File 'lib/baidubce/auth/bce_v1_signer.rb', line 54

def sign(credentials, http_method, path, headers, params,
         timestamp=nil, expiration_in_seconds=1800, headers_to_sign=nil)

    timestamp = Time.now.to_i if timestamp.nil?
    sign_key_info = sprintf('bce-auth-v1/%s/%s/%d',
                            credentials.access_key_id,
                            Time.at(timestamp).utc.iso8601,
                            expiration_in_seconds)
    sign_key = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
                                       credentials.secret_access_key, sign_key_info)
    canonical_uri = get_canonical_uri_path(path)
    canonical_querystring = Utils.get_canonical_querystring(params, true)
    canonical_headers, headers_to_sign = get_canonical_headers(headers, headers_to_sign)
    canonical_request = [http_method, canonical_uri, canonical_querystring, canonical_headers].join("\n")
    signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'),
                                        sign_key, canonical_request)

    headers_str = headers_to_sign.join(';') unless headers_to_sign.nil?
    sign_key_info + '/' + headers_str + '/' + signature
end