Class: OAuth2::MACToken

Inherits:
AccessToken show all
Defined in:
lib/oauth2/mac_token.rb

Instance Attribute Summary collapse

Attributes inherited from AccessToken

#client, #expires_at, #expires_in, #expires_latency, #options, #params, #refresh_token, #response, #token

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from AccessToken

#[], #delete, #expired?, #expires?, from_hash, from_kvform, #get, #patch, #post, #put, #refresh, #to_hash

Constructor Details

#initialize(client, token, secret, opts = {}) ⇒ MACToken

Initialize a MACToken

Parameters:

  • client (Client)

    the OAuth2::Client instance

  • token (String)

    the Access Token value

  • opts (Hash) (defaults to: {})

    the options to create the Access Token with

  • [String] (Hash)

    a customizable set of options

Options Hash (opts):

  • :refresh_token (String) — default: nil

    the refresh_token value

  • :expires_in (FixNum, String) — default: nil

    the number of seconds in which the AccessToken will expire

  • :expires_at (FixNum, String) — default: nil

    the epoch time in seconds in which AccessToken will expire

  • :algorithm (FixNum, String) — default: hmac-sha-256

    the algorithm to use for the HMAC digest (one of 'hmac-sha-256', 'hmac-sha-1')


32
33
34
35
36
37
38
39
40
# File 'lib/oauth2/mac_token.rb', line 32

def initialize(client, token, secret, opts = {})
  @secret = secret
  @seq_nr = SecureRandom.random_number(2**64)
  @kid = opts.delete(:kid) || Base64.strict_encode64(Digest::SHA1.digest(token))

  self.algorithm = opts.delete(:algorithm) || 'hmac-sha-256'

  super(client, token, opts)
end

Instance Attribute Details

#algorithmObject

Returns the value of attribute algorithm


20
21
22
# File 'lib/oauth2/mac_token.rb', line 20

def algorithm
  @algorithm
end

#secretObject (readonly)

Returns the value of attribute secret


20
21
22
# File 'lib/oauth2/mac_token.rb', line 20

def secret
  @secret
end

Class Method Details

.from_access_token(token, secret, options = {}) ⇒ Object

Generates a MACToken from an AccessToken and secret

Parameters:

  • token (AccessToken)

    the OAuth2::Token instance

  • options (Hash) (defaults to: {})

    the options to create the Access Token with

  • [String] (Hash)

    a customizable set of options

See Also:


16
17
18
# File 'lib/oauth2/mac_token.rb', line 16

def self.from_access_token(token, secret, options = {})
  new(token.client, token.token, secret, token.params.merge(refresh_token: token.refresh_token, expires_in: token.expires_in, expires_at: token.expires_at).merge(options))
end

Instance Method Details

#header(verb, url) ⇒ Object

Generate the MAC header

Parameters:

  • verb (Symbol)

    the HTTP request method

  • url (String)

    the HTTP URL path of the request

Raises:

  • (ArgumentError)

66
67
68
69
70
71
72
73
74
75
76
77
# File 'lib/oauth2/mac_token.rb', line 66

def header(verb, url)
  timestamp = (Time.now.to_f * 1000).floor
  @seq_nr = (@seq_nr + 1) % (2**64)

  uri = URI(url)

  raise(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP)

  mac = signature(timestamp, verb, uri)

  "MAC kid=\"#{@kid}\", ts=\"#{timestamp}\", seq-nr=\"#{@seq_nr}\", mac=\"#{mac}\""
end

#headersObject

Get the headers hash (always an empty hash)


58
59
60
# File 'lib/oauth2/mac_token.rb', line 58

def headers
  {}
end

#request(verb, path, opts = {}, &block) ⇒ Object

Make a request with the MAC Token

Parameters:

  • verb (Symbol)

    the HTTP request method

  • path (String)

    the HTTP URL path of the request

  • opts (Hash) (defaults to: {})

    the options to make the request with

See Also:


48
49
50
51
52
53
54
55
# File 'lib/oauth2/mac_token.rb', line 48

def request(verb, path, opts = {}, &block)
  url = client.connection.build_url(path, opts[:params]).to_s

  opts[:headers] ||= {}
  opts[:headers]['Authorization'] = header(verb, url)

  @client.request(verb, path, opts, &block)
end

#signature(timestamp, verb, uri) ⇒ Object

Generate the Base64-encoded HMAC digest signature

Parameters:

  • timestamp (Fixnum)

    the timestamp of the request in seconds since epoch

  • verb (Symbol)

    the HTTP request method

  • uri (URI::HTTP)

    the HTTP URL path of the request


84
85
86
87
88
89
90
91
92
93
# File 'lib/oauth2/mac_token.rb', line 84

def signature(timestamp, verb, uri)
  signature = [
    "#{verb.to_s.upcase} #{uri.request_uri} HTTP/1.1",
    timestamp,
    @seq_nr,
    '',
  ].join("\n")

  Base64.strict_encode64(OpenSSL::HMAC.digest(@algorithm, secret, signature))
end