Module: WSSE

Defined in:

lib/wsse.rb

Class Method Summary

• .auth(request, password, expire = nil) ⇒ Object

  Authorize X-WSSE header with password.

• .header(username, password) ⇒ Object

  Generate X-WSSE header with name and password.

• .parse(request) ⇒ Object

  Convert X-WSSE header to Hash.

Class Method Details

.auth(request, password, expire = nil) ⇒ Object

Authorize X-WSSE header with password

# File 'lib/wsse.rb', line 43

def auth(request, password, expire=nil)
  h_header = self.parse(request)
  unless nil==expire
    false if (Time.parse(h_header['created']) -Time.now ) >= expire
  end
  false if nil==h_header

  h_header['pd'] == [Digest::SHA1.digest(h_header['nonce'].unpack('m')[0] + h_header['created'] + password)].pack("m").chomp
end

.header(username, password) ⇒ Object

Generate X-WSSE header with name and password

# File 'lib/wsse.rb', line 15

def header(username, password)
  nonce        = Array.new(10){ rand(0x100000000) }.pack('I*')
  nonce_base64 = [nonce].pack("m").chomp
  created      = Time.now.utc.iso8601
  pd           = [Digest::SHA1.digest(nonce + created + password)].pack("m").chomp

  'UsernameToken Username="' + username\
    + '", PasswordDigest="' + pd\
    + '", Nonce="' + nonce_base64\
    + '", Created="' + created + '"'\
end

.parse(request) ⇒ Object

Convert X-WSSE header to Hash

# File 'lib/wsse.rb', line 31

def parse(request)
  if(request =~ /^UsernameToken Username="([^"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/) 
    {'name' =>  $1, 'pd'=> $2, 'nonce' => $3, 'created' => $4}
  else
    nil
  end
end