Class: Rack::Auth::HMAC

Inherits:

Object

Object
Rack::Auth::HMAC

Defined in:: lib/rack/auth/hmac.rb

Overview

Rack middleware to authenticate requests using the HMAC-SHA1 protocol.

It take a Proc as argument to find the entity secret key using the access id provided in the request. Once returned, the entity secret key is compared with secret key provided by the the request. Unless the two keys match, a 401 Unauthorized HTTP Error page is sent.

Options:

environment: bypass authentication if set to “test”
except: list of HTTP paths with no authentication required

Example:

use Rack::Auth::HMAC do |request_access_id|
  return entity_secret_key if request_access_id == entity_access_id
end

Instance Method Summary collapse

#_call(env) ⇒ Object
#call(env) ⇒ Object
#initialize(app, options = {}, &block) ⇒ HMAC constructor

A new instance of HMAC.

Constructor Details

#initialize(app, options = {}, &block) ⇒ `HMAC`

Returns a new instance of HMAC.

# File 'lib/rack/auth/hmac.rb', line 21

def initialize(app, options={}, &block)
  @app = app
  options[:except] ||= []
  @options = options
  @block = block
end

Instance Method Details

#_call(env) ⇒ `Object`

# File 'lib/rack/auth/hmac.rb', line 32

def _call(env)
  return @app.call(env) if @options[:except].include?(env["PATH_INFO"])

  env = fix_content_type(env)

  request = Rack::Request.new(env)
  access_id = ApiAuth.access_id(request)
  secret_key = @block.call(access_id)

  if ApiAuth.authentic?(request, secret_key)
    status, headers, response = @app.call(env)
  else
    send_401(content_type: env["HTTP_ACCEPT"], ip: request.ip)
  end
end

#call(env) ⇒ `Object`



28
29
30

# File 'lib/rack/auth/hmac.rb', line 28

def call(env)
  dup._call(env)
end