Module: HmacAuthRails::HmacController

Defined in:

lib/hmac_auth_rails.rb

Class Method Summary

• .encrypt(secret_key, string) ⇒ Object

Instance Method Summary

• #hmac_auth(model = "User") ⇒ Object

Class Method Details

.encrypt(secret_key, string) ⇒ Object

# File 'lib/hmac_auth_rails.rb', line 62

def self.encrypt(secret_key,string)
  digest = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), secret_key, string)
  if Base64.respond_to?(:strict_encode64)
    Base64.strict_encode64(digest)
  else
    Base64.encode64(digest).gsub(/\n/, '')
  end
end

Instance Method Details

#hmac_auth(model = "User") ⇒ Object

# File 'lib/hmac_auth_rails.rb', line 36

def hmac_auth model="User"
  @my_user
  begin
    raise 'Missing X_HMAC_AUTHORIZATION header' unless header_exists? :HTTP_X_HMAC_AUTHORIZATION
    raise 'Missing header HTTP_X_HMAC_CONTENT_MD5 header' unless header_exists? :HTTP_X_HMAC_CONTENT_MD5
    raise 'Missing header HTTP_X_HMAC_CONTENT_TYPE header' unless header_exists? :HTTP_X_HMAC_CONTENT_TYPE
    raise 'Missing header HTTP_X_HMAC_DATE header' unless header_exists? :HTTP_X_HMAC_DATE
    raise 'Could not determine Devise model name' unless model = Object.const_get(model)
    credentials = load_header
    raise "Invalid #{model.auth_token_field}" unless user = model.where("#{model.auth_token_field}" => credentials[:auth_token] ).first
    raise "Invalid #{model.secret_key_field}" unless secret_key = user[model.secret_key_field]
    @my_user = user
    if credentials[:signature] == HmacAuthRails::HmacController.encrypt(secret_key, canonical_string)
      sign_in(user, store: false)
    else
      raise 'Authentication failed.'
    end
  rescue => e
    Rails.logger.error e.to_s
    head :unauthorized
  rescue => e
    Rails.logger.error e
    head :unauthorized
  end
end