Module: SimpleApiAuth::Helpers::Auth

Included in:

Authenticator

Defined in:

lib/simple-api-auth/helpers/auth_helpers.rb

Instance Method Summary

• #allowed_methods ⇒ Object
• #check_data(request) ⇒ Object
• #extract_signature(headers) ⇒ Object
• #options ⇒ Object
• #request_timeout ⇒ Object
• #required_headers ⇒ Object
• #secure_equals?(m1, m2, key) ⇒ Boolean
• #sha1_hmac(key, message) ⇒ Object
• #too_old?(request) ⇒ Boolean

Instance Method Details

#allowed_methods ⇒ Object

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 18

def allowed_methods
  options[:allowed_methods] || SimpleApiAuth.config.allowed_methods
end

#check_data(request) ⇒ Object

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 26

def check_data(request)
  required_headers.each do |k, _|
    return false unless request.headers.key?(k)
  end
  allowed_methods.include?(request.http_verb)
end

#extract_signature(headers) ⇒ Object

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 4

def extract_signature(headers)
  header_key = SimpleApiAuth.config.header_keys[:authorization]
  match = /Signature: (.+)/.match(headers[header_key])
  match && match[1]
end

#options ⇒ Object

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 22

def options
  @options || {}
end

#request_timeout ⇒ Object

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 14

def request_timeout
  (options[:request_timeout] || SimpleApiAuth.config.request_timeout) * 60
end

#required_headers ⇒ Object

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 10

def required_headers
  options[:required_headers] || SimpleApiAuth.config.required_headers
end

#secure_equals?(m1, m2, key) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 40

def secure_equals?(m1, m2, key)
  sha1_hmac(key, m1) == sha1_hmac(key, m2)
end

#sha1_hmac(key, message) ⇒ Object

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 44

def sha1_hmac(key, message)
  SimpleApiAuth::Hasher::SHA1.new.hmac(key, message)
end

#too_old?(request) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 33

def too_old?(request)
  request_time = request.time
  return false if request_time.nil?
  difference = Time.now - request_time
  difference < 0 || difference > request_timeout
end