Module: IMS::LTI::RequestValidator
- Included in:
- ToolBase
- Defined in:
- lib/ims/lti/request_validator.rb
Overview
A mixin for OAuth request validation
Instance Attribute Summary collapse
-
#oauth_signature_validator ⇒ Object
readonly
Returns the value of attribute oauth_signature_validator.
Instance Method Summary collapse
-
#request_oauth_nonce ⇒ Object
convenience method for getting the oauth nonce from the request.
-
#request_oauth_timestamp ⇒ Object
convenience method for getting the oauth timestamp from the request.
-
#valid_request!(request) ⇒ Bool
Check whether the OAuth-signed request is valid and throw error if not.
-
#valid_request?(request, handle_error = true) ⇒ Bool
Validates and OAuth request using the OAuth Gem - github.com/oauth/oauth-ruby.
Instance Attribute Details
#oauth_signature_validator ⇒ Object (readonly)
Returns the value of attribute oauth_signature_validator.
5 6 7 |
# File 'lib/ims/lti/request_validator.rb', line 5 def oauth_signature_validator @oauth_signature_validator end |
Instance Method Details
#request_oauth_nonce ⇒ Object
convenience method for getting the oauth nonce from the request
46 47 48 |
# File 'lib/ims/lti/request_validator.rb', line 46 def request_oauth_nonce @oauth_signature_validator && @oauth_signature_validator.request.oauth_nonce end |
#request_oauth_timestamp ⇒ Object
convenience method for getting the oauth timestamp from the request
51 52 53 |
# File 'lib/ims/lti/request_validator.rb', line 51 def @oauth_signature_validator && @oauth_signature_validator.request. end |
#valid_request!(request) ⇒ Bool
Check whether the OAuth-signed request is valid and throw error if not
41 42 43 |
# File 'lib/ims/lti/request_validator.rb', line 41 def valid_request!(request) valid_request?(request, false) end |
#valid_request?(request, handle_error = true) ⇒ Bool
Validates and OAuth request using the OAuth Gem - github.com/oauth/oauth-ruby
To validate the OAuth signatures you need to require the appropriate request proxy for your application. For example:
# For a sinatra app:
require 'oauth/request_proxy/rack_request'
# For a rails app:
require 'oauth/request_proxy/action_controller_request'
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/ims/lti/request_validator.rb', line 18 def valid_request?(request, handle_error=true) begin @oauth_signature_validator = OAuth::Signature.build(request, :consumer_secret => @consumer_secret) @oauth_signature_validator.verify() or raise OAuth::Unauthorized.new(request) true rescue OAuth::Signature::UnknownSignatureMethod if handle_error false else raise $! end rescue OAuth::Unauthorized if handle_error false else raise OAuth::Unauthorized.new(request) end end end |