Class: Carpool::SeatBelt
- Inherits:
-
Object
- Object
- Carpool::SeatBelt
- Includes:
- Mixins::Core
- Defined in:
- lib/carpool/seatbelt.rb
Instance Attribute Summary collapse
-
#env ⇒ Object
Returns the value of attribute env.
-
#redirect_uri ⇒ Object
Returns the value of attribute redirect_uri.
-
#user ⇒ Object
Returns the value of attribute user.
Instance Method Summary collapse
-
#create_payload! ⇒ Object
Create a redirection payload to be sent back to our passenger.
-
#fasten!(user) ⇒ Object
‘Attaches’ the current user into the session so it can be re-authenticated when a passenger requests it at a later date.
-
#initialize(env) ⇒ SeatBelt
constructor
SeatBelt instances require access to the rack environment.
-
#remove! ⇒ Object
Restore the user from our payload.
- #to_s ⇒ Object
Methods included from Mixins::Core
Constructor Details
#initialize(env) ⇒ SeatBelt
SeatBelt instances require access to the rack environment.
14 15 16 |
# File 'lib/carpool/seatbelt.rb', line 14 def initialize(env) @env = env end |
Instance Attribute Details
#env ⇒ Object
Returns the value of attribute env.
9 10 11 |
# File 'lib/carpool/seatbelt.rb', line 9 def env @env end |
#redirect_uri ⇒ Object
Returns the value of attribute redirect_uri.
10 11 12 |
# File 'lib/carpool/seatbelt.rb', line 10 def redirect_uri @redirect_uri end |
#user ⇒ Object
Returns the value of attribute user.
11 12 13 |
# File 'lib/carpool/seatbelt.rb', line 11 def user @user end |
Instance Method Details
#create_payload! ⇒ Object
Create a redirection payload to be sent back to our passenger
51 52 53 54 55 56 57 58 59 60 |
# File 'lib/carpool/seatbelt.rb', line 51 def create_payload! seatbelt = self.to_s referrer = [:redirect_to] driver = Digest::SHA256.new driver = driver.update([:current_passenger][:secret]).digest.to_s new_uri = "#{referrer.scheme}://" new_uri << referrer.host new_uri << ((referrer.port != 80 && referrer.port != 443) ? ":#{referrer.port}" : "") new_uri << "/sso/authorize?seatbelt=#{seatbelt}&driver=#{driver}" end |
#fasten!(user) ⇒ Object
‘Attaches’ the current user into the session so it can be re-authenticated when a passenger requests it at a later date. We ‘fasten’ the users seatbelt for the trip back to the referring site. Fasten! returns a url for redirection back to our passenger site including the seatbelt used for authentication on the other end.
24 25 26 27 28 29 30 |
# File 'lib/carpool/seatbelt.rb', line 24 def fasten!(user) [:passenger_token] = generate_token(user) Carpool.auth_attempt = false payload = create_payload! [:redirect_to] = nil payload end |
#remove! ⇒ Object
Restore the user from our payload. We ‘remove’ their seatbelt because they have arrived!
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# File 'lib/carpool/seatbelt.rb', line 33 def remove! payload = @env['X-CARPOOL-PAYLOAD'] payload = payload.flatten.first if payload.is_a?(Array) # TODO: Figure out why our header is an array? seatbelt = YAML.load(Base64.decode64(CGI.unescape(payload))).to_hash puts "Seatbelt: #{seatbelt.inspect}" user = Base64.decode64(seatbelt[:user]) key = Carpool.generate_site_key(@env['SERVER_NAME']) secret = Carpool::Passenger.secret digest = Digest::SHA256.new digest.update("#{key}--#{secret}") aes = FastAES.new(digest.digest) data = aes.decrypt(user) @redirect_uri = seatbelt[:redirect_uri].to_s @user = YAML.load(data).to_hash self end |
#to_s ⇒ Object
62 63 64 |
# File 'lib/carpool/seatbelt.rb', line 62 def to_s CGI.escape(Base64.encode64({:redirect_uri => [:redirect_to].to_s, :user => [:passenger_token] }.to_yaml.to_s).gsub( /\s/, '')) end |