Class: OmniAuth::Strategies::Scalus
- Inherits:
-
OAuth2
- Object
- OAuth2
- OmniAuth::Strategies::Scalus
- Defined in:
- lib/omniauth/strategies/scalus.rb
Constant Summary collapse
- DEFAULT_SCOPE =
Available scopes: content themes products customers orders script_tags shipping read_* or write_*
'read_products'
- MINUTE =
60
- CODE_EXPIRES_AFTER =
10 * MINUTE
Class Method Summary collapse
Instance Method Summary collapse
- #authorize_params ⇒ Object
- #callback_phase ⇒ Object
- #callback_url ⇒ Object
- #fix_https ⇒ Object
- #request_phase ⇒ Object
- #setup_phase ⇒ Object
- #valid_signature? ⇒ Boolean
- #valid_site? ⇒ Boolean
Class Method Details
.encoded_params_for_signature(params) ⇒ Object
45 46 47 48 49 50 |
# File 'lib/omniauth/strategies/scalus.rb', line 45 def self.encoded_params_for_signature(params) params = params.dup params.delete('hmac') params.delete('signature') # deprecated signature params.map{|k,v| "#{URI.escape(k.to_s, '&=%')}=#{URI.escape(v.to_s, '&%')}"}.sort.join('&') end |
.hmac_sign(encoded_params, secret) ⇒ Object
52 53 54 |
# File 'lib/omniauth/strategies/scalus.rb', line 52 def self.hmac_sign(encoded_params, secret) OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, secret, encoded_params) end |
Instance Method Details
#authorize_params ⇒ Object
79 80 81 82 83 |
# File 'lib/omniauth/strategies/scalus.rb', line 79 def super.tap do |params| params[:scope] ||= DEFAULT_SCOPE end end |
#callback_phase ⇒ Object
73 74 75 76 77 |
# File 'lib/omniauth/strategies/scalus.rb', line 73 def callback_phase return fail!(:invalid_site) unless valid_site? return fail!(:invalid_signature) unless valid_signature? super end |
#callback_url ⇒ Object
85 86 87 |
# File 'lib/omniauth/strategies/scalus.rb', line 85 def callback_url [:callback_url] || full_host + script_name + callback_path end |
#fix_https ⇒ Object
56 57 58 |
# File 'lib/omniauth/strategies/scalus.rb', line 56 def fix_https [:client_options][:site].gsub!(/\Ahttp\:/, 'https:') end |
#request_phase ⇒ Object
65 66 67 68 69 70 71 |
# File 'lib/omniauth/strategies/scalus.rb', line 65 def request_phase if valid_site? super else fail!(:invalid_site) end end |
#setup_phase ⇒ Object
60 61 62 63 |
# File 'lib/omniauth/strategies/scalus.rb', line 60 def setup_phase super fix_https end |
#valid_signature? ⇒ Boolean
31 32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/omniauth/strategies/scalus.rb', line 31 def valid_signature? return false unless request.POST.empty? params = request.GET signature = params['hmac'] = params['timestamp'] return false unless signature && return false unless .to_i > Time.now.to_i - CODE_EXPIRES_AFTER calculated_signature = self.class.hmac_sign(self.class.encoded_params_for_signature(params), .client_secret) Rack::Utils.secure_compare(calculated_signature, signature) end |
#valid_site? ⇒ Boolean
27 28 29 |
# File 'lib/omniauth/strategies/scalus.rb', line 27 def valid_site? !!(/\A(https|http)\:\/\/[a-zA-Z0-9][a-zA-Z0-9\-]*\.#{Regexp.quote([:scalus_domain])}[\/]?\z/ =~ [:client_options][:site]) end |