Class: WardenOpenidBearer::NetHTTPS

Inherits:
Net::HTTP
  • Object
show all
Defined in:
lib/warden_openid_bearer/net_https.rb

Overview

Like Net::HTTP, but with TLS and VERIFY_PEER always on.

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(*things) ⇒ NetHTTPS

Returns a new instance of NetHTTPS.



8
9
10
11
12
 
# File 'lib/warden_openid_bearer/net_https.rb', line 8

def initialize(*things)
  super(*things)
  self.use_ssl = true
  self.verify_mode = OpenSSL::SSL::VERIFY_PEER
end

Class Method Details

.get_response(uri, peer_cert = nil) ⇒ Object 



24
25
26
27
28
29
30
31
32
 
# File 'lib/warden_openid_bearer/net_https.rb', line 24

def self.get_response(uri, peer_cert = nil)
  https = new(uri.hostname, uri.port)
  https.peer_cert = peer_cert if peer_cert

  req = Net::HTTP::Get.new(uri)
  https.start do |https|
    https.request(req)
  end
end

Instance Method Details

#peer_cert=(peer_cert) ⇒ Object 



14
15
16
17
18
19
20
21
22
 
# File 'lib/warden_openid_bearer/net_https.rb', line 14

def peer_cert=(peer_cert)
  self.verify_hostname = false
  self.verify_callback = lambda do |preverify_ok, cert_store|
    end_cert_der = cert_store.chain[0].to_der
    return preverify_ok unless end_cert_der == cert_store.current_cert.to_der

    return end_cert_der == peer_cert.to_der
  end
end