Class: Carpool::SeatBelt

Inherits:

Object

• Object
• Carpool::SeatBelt

Includes:

Mixins::Core

Defined in:

lib/carpool/seatbelt.rb

Instance Attribute Summary

• #env ⇒ Object

  Returns the value of attribute env.

• #redirect_uri ⇒ Object

  Returns the value of attribute redirect_uri.

• #user ⇒ Object

  Returns the value of attribute user.

Instance Method Summary

• #create_payload! ⇒ Object

  Create a redirection payload to be sent back to our passenger.

• #fasten!(user) ⇒ Object

  ‘Attaches’ the current user into the session so it can be re-authenticated when a passenger requests it at a later date.

• #initialize(env) ⇒ SeatBelt constructor

  SeatBelt instances require access to the rack environment.

• #remove! ⇒ Object

  Restore the user from our payload.

• #to_s ⇒ Object

Methods included from Mixins::Core

included

Constructor Details

#initialize(env) ⇒ SeatBelt

SeatBelt instances require access to the rack environment.

# File 'lib/carpool/seatbelt.rb', line 14

def initialize(env)
  @env = env
end

Instance Attribute Details

#env ⇒ Object

Returns the value of attribute env.

# File 'lib/carpool/seatbelt.rb', line 9

def env
  @env
end

#redirect_uri ⇒ Object

Returns the value of attribute redirect_uri.

# File 'lib/carpool/seatbelt.rb', line 10

def redirect_uri
  @redirect_uri
end

#user ⇒ Object

Returns the value of attribute user.

# File 'lib/carpool/seatbelt.rb', line 11

def user
  @user
end

Instance Method Details

#create_payload! ⇒ Object

Create a redirection payload to be sent back to our passenger

# File 'lib/carpool/seatbelt.rb', line 51

def create_payload!
  seatbelt = self.to_s
  referrer = cookies[:redirect_to]
  driver   = Digest::SHA256.new
  driver   = driver.update(cookies[:current_passenger][:secret]).digest.to_s
  new_uri  = "#{referrer.scheme}://"
  new_uri << referrer.host
  new_uri << ((referrer.port != 80 && referrer.port != 443) ? ":#{referrer.port}" : "")
  new_uri << "/sso/authorize?seatbelt=#{seatbelt}&driver=#{driver}"
end

#fasten!(user) ⇒ Object

‘Attaches’ the current user into the session so it can be re-authenticated when a passenger requests it at a later date. We ‘fasten’ the users seatbelt for the trip back to the referring site. Fasten! returns a url for redirection back to our passenger site including the seatbelt used for authentication on the other end.

# File 'lib/carpool/seatbelt.rb', line 24

def fasten!(user)
  cookies[:passenger_token] = generate_token(user)
  Carpool.auth_attempt = false
  payload = create_payload!
  cookies[:redirect_to] = nil
  payload
end

#remove! ⇒ Object

Restore the user from our payload. We ‘remove’ their seatbelt because they have arrived!

# File 'lib/carpool/seatbelt.rb', line 33

def remove!
  payload  = @env['X-CARPOOL-PAYLOAD']
  payload  = payload.flatten.first if payload.is_a?(Array) # TODO: Figure out why our header is an array?
  seatbelt = YAML.load(Base64.decode64(CGI.unescape(payload))).to_hash
  puts "Seatbelt: #{seatbelt.inspect}"
  user     = Base64.decode64(seatbelt[:user])
  key      = Carpool.generate_site_key(@env['SERVER_NAME'])
  secret   = Carpool::Passenger.secret
  digest   = Digest::SHA256.new
  digest.update("#{key}--#{secret}")
  aes  = FastAES.new(digest.digest)
  data = aes.decrypt(user)
  @redirect_uri = seatbelt[:redirect_uri].to_s
  @user         = YAML.load(data).to_hash
  self
end

#to_s ⇒ Object

# File 'lib/carpool/seatbelt.rb', line 62

def to_s
  CGI.escape(Base64.encode64({:redirect_uri => cookies[:redirect_to].to_s, :user => cookies[:passenger_token] }.to_yaml.to_s).gsub( /\s/, ''))
end