Class: BosClient::Authable

Inherits:

Object

• Object
• BosClient::Authable

Defined in:

lib/bos_client/auth.rb

Class Method Summary

• .authorize_request(request) ⇒ Object
• .encode(string) ⇒ Object
• .encode_slash(str) ⇒ Object
• .get_canonical_headers(request) ⇒ Object
• .get_canonical_query_string(request) ⇒ Object
• .get_canonical_time(t = Time.now.to_i) ⇒ Object
• .get_canonical_uri(request) ⇒ Object
• .get_default_headers(request) ⇒ Object
• .get_http_method(request) ⇒ Object
• .sign(request) ⇒ Object

Class Method Details

.authorize_request(request) ⇒ Object

# File 'lib/bos_client/auth.rb', line 7

def self.authorize_request(request)
  default_headers = get_default_headers request
  request.options[:headers].merge! default_headers
  authorization = sign(request)
  request.options[:headers]['Authorization'] = authorization
  request
end

.encode(string) ⇒ Object

# File 'lib/bos_client/auth.rb', line 60

def encode(string)
  URI.encode(string, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
end

.encode_slash(str) ⇒ Object

# File 'lib/bos_client/auth.rb', line 64

def encode_slash(str)
  # str.gsub(/\//, '%2F')
  str.gsub(%r{/}, '%2F')
end

.get_canonical_headers(request) ⇒ Object

# File 'lib/bos_client/auth.rb', line 42

def get_canonical_headers(request)
  headers_to_sign_keys = ['host',
                          'content-md5',
                          'content-length',
                          'content-type']
  headers_to_sign = []
  request.options[:headers].each do |k, v|
    if headers_to_sign_keys.include?(k) || k.start_with?('x-bce')
      headers_to_sign << "#{encode(k.to_s.downcase)}:#{encode(v.to_s)}"
    end
  end
  headers_to_sign.compact.sort.join("\n")
end

.get_canonical_query_string(request) ⇒ Object

# File 'lib/bos_client/auth.rb', line 34

def get_canonical_query_string(request)
  params = request.options[:params]
  params = params.map do |k, v|
    "#{URI.encode(k.to_s)}=#{encode_slash(URI.encode(v.to_s))}"
  end.compact.sort.join('&')
  params
end

.get_canonical_time(t = Time.now.to_i) ⇒ Object

# File 'lib/bos_client/auth.rb', line 16

def get_canonical_time(t = Time.now.to_i)
  Time.at(t).utc.strftime('%FT%TZ')
end

.get_canonical_uri(request) ⇒ Object

# File 'lib/bos_client/auth.rb', line 28

def get_canonical_uri(request)
  uri = URI(request.base_url)
  url_path = URI.encode(uri.path)
  url_path == '' ? '/' : url_path
end

.get_default_headers(request) ⇒ Object

# File 'lib/bos_client/auth.rb', line 20

def get_default_headers(request)
  {
    'content-type' => 'text/plain',
    'x-bce-date' => get_canonical_time,
    'content-length' => (request.options[:body] || '').length
  }
end

.get_http_method(request) ⇒ Object

# File 'lib/bos_client/auth.rb', line 56

def get_http_method(request)
  (request.options[:method] || 'get').upcase
end

.sign(request) ⇒ Object

# File 'lib/bos_client/auth.rb', line 69

def sign(request)
  digest = OpenSSL::Digest.new('sha256')
  sign_key_prefix = "bce-auth-v1/#{BosClient.access_key_id}/#{get_canonical_time}/#{BosClient.expiration_in_seconds}"
  sign_key = OpenSSL::HMAC.hexdigest digest, BosClient.secret_access_key, sign_key_prefix

  http_method = get_http_method request

  canonical_uri = get_canonical_uri request
  canonical_query_string = get_canonical_query_string request
  canonical_headers = get_canonical_headers request
  string_to_sign = [http_method,
                    canonical_uri,
                    canonical_query_string,
                    canonical_headers].join("\n")
  sign_result = OpenSSL::HMAC.hexdigest digest, sign_key, string_to_sign
  "#{sign_key_prefix}//#{sign_result}"
end