Class: Rack::Authenticate::Middleware::Auth

Inherits:

Rack::Auth::AbstractRequest

• Object
• Rack::Auth::AbstractRequest
• Rack::Authenticate::Middleware::Auth

Defined in:

lib/rack/authenticate/middleware.rb

Instance Method Summary

• #access_id ⇒ Object
• #basic? ⇒ Boolean
• #calculated_digest ⇒ Object
• #canonicalized_request ⇒ Object
• #content_md5 ⇒ Object

  TODO: replace the request body with a proxy object that verifies this when it is read.

• #given_digest ⇒ Object
• #has_all_required_parts? ⇒ Boolean
• #has_content? ⇒ Boolean
• #hmac? ⇒ Boolean
• #initialize(env, configuration = Configuration.new) ⇒ Auth constructor

  A new instance of Auth.

• #request ⇒ Object
• #secret_key ⇒ Object
• #valid? ⇒ Boolean
• #valid_current_date? ⇒ Boolean

Constructor Details

#initialize(env, configuration = Configuration.new) ⇒ Auth

Returns a new instance of Auth.

# File 'lib/rack/authenticate/middleware.rb', line 32

def initialize(env, configuration = Configuration.new)
  super(env)
  @configuration = configuration
end

Instance Method Details

#access_id ⇒ Object

# File 'lib/rack/authenticate/middleware.rb', line 84

def access_id
  @access_id ||= params.split(':').first
end

#basic? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/authenticate/middleware.rb', line 37

def basic?
  scheme.to_s == 'basic'
end

#calculated_digest ⇒ Object

# File 'lib/rack/authenticate/middleware.rb', line 96

def calculated_digest
  @calculated_digest ||= HMAC::SHA1.hexdigest(secret_key, canonicalized_request)
end

#canonicalized_request ⇒ Object

# File 'lib/rack/authenticate/middleware.rb', line 78

def canonicalized_request
  parts = [ request.request_method, request.url, date ]
  parts << content_md5 if has_content?
  parts.join("\n")
end

#content_md5 ⇒ Object

TODO: replace the request body with a proxy object that verifies this when it is read.

# File 'lib/rack/authenticate/middleware.rb', line 74

def content_md5
  request.env['HTTP_CONTENT_MD5']
end

#given_digest ⇒ Object

# File 'lib/rack/authenticate/middleware.rb', line 92

def given_digest
  @given_digest ||= params.split(':').last
end

#has_all_required_parts? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/authenticate/middleware.rb', line 45

def has_all_required_parts?
  return false unless date

  if has_content?
    content_md5.to_s != ''
  else
    true
  end
end

#has_content? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/authenticate/middleware.rb', line 69

def has_content?
  request.content_length.to_i > 0
end

#hmac? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/authenticate/middleware.rb', line 41

def hmac?
  scheme.to_s == 'hmac'
end

#request ⇒ Object

# File 'lib/rack/authenticate/middleware.rb', line 55

def request
  @request ||= ::Rack::Request.new(@env)
end

#secret_key ⇒ Object

# File 'lib/rack/authenticate/middleware.rb', line 88

def secret_key
  @configuration.hmac_secret_key_for(access_id)
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/authenticate/middleware.rb', line 100

def valid?
  provided? &&
  secret_key &&
  valid_current_date? &&
  calculated_digest == given_digest
end

#valid_current_date? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/authenticate/middleware.rb', line 59

def valid_current_date?
  timestamp = Time.httpdate(date)
rescue ArgumentError
  return false
else
  tolerance = @configuration.timestamp_minute_tolerance * 60
  now = Time.now
  (now - tolerance) <= timestamp && (now + tolerance) >= timestamp
end