Module: SimpleApiAuth::Helpers::Auth
- Included in:
- Authenticator
- Defined in:
- lib/simple-api-auth/helpers/auth_helpers.rb
Instance Method Summary collapse
- #allowed_methods ⇒ Object
- #check_data(request) ⇒ Object
- #extract_signature(headers) ⇒ Object
- #log_and_fail(message) ⇒ Object
- #missing_header_message(header_name) ⇒ Object
- #options ⇒ Object
- #request_timeout ⇒ Object
- #required_headers ⇒ Object
- #secure_equals?(m1, m2, key) ⇒ Boolean
- #sha1_hmac(key, message) ⇒ Object
- #valid_time?(request) ⇒ Boolean
Instance Method Details
#allowed_methods ⇒ Object
18 19 20 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 18 def allowed_methods [:allowed_methods] || SimpleApiAuth.config.allowed_methods end |
#check_data(request) ⇒ Object
26 27 28 29 30 31 32 33 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 26 def check_data(request) required_headers.each do |k, _| return log_and_fail((k)) unless request.headers.key?(k) end allowed_verb = allowed_methods.include?(request.http_verb) return log_and_fail("verb #{request.http_verb} not allowed") unless allowed_verb true end |
#extract_signature(headers) ⇒ Object
4 5 6 7 8 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 4 def extract_signature(headers) header_key = SimpleApiAuth.config.header_keys[:authorization] match = /Signature: (.+)/.match(headers[header_key]) match && match[1] end |
#log_and_fail(message) ⇒ Object
49 50 51 52 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 49 def log_and_fail() SimpleApiAuth.log(Logger::DEBUG, ) false end |
#missing_header_message(header_name) ⇒ Object
35 36 37 38 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 35 def (header_name) available_headers = request.headers.keys.join(', ') "missing header #{header_name}. available headers are: #{available_headers}" end |
#options ⇒ Object
22 23 24 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 22 def @options || {} end |
#request_timeout ⇒ Object
14 15 16 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 14 def request_timeout ([:request_timeout] || SimpleApiAuth.config.request_timeout) * 60 end |
#required_headers ⇒ Object
10 11 12 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 10 def required_headers [:required_headers] || SimpleApiAuth.config.required_headers end |
#secure_equals?(m1, m2, key) ⇒ Boolean
54 55 56 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 54 def secure_equals?(m1, m2, key) sha1_hmac(key, m1) == sha1_hmac(key, m2) end |
#sha1_hmac(key, message) ⇒ Object
58 59 60 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 58 def sha1_hmac(key, ) SimpleApiAuth::Hasher::SHA1.new.hmac(key, ) end |
#valid_time?(request) ⇒ Boolean
40 41 42 43 44 45 46 47 |
# File 'lib/simple-api-auth/helpers/auth_helpers.rb', line 40 def valid_time?(request) request_time = request.time return log_and_fail('request time not found') if request_time.nil? difference = Time.now - request_time return log_and_fail('negative time') if difference < 0 return log_and_fail('request too old') if difference > request_timeout true end |