class IMS::LTI::Services::MessageAuthenticator
Attributes
consumer_key[R]
launch_url[R]
message[R]
params[R]
signature[R]
simple_oauth_header[R]
Public Class Methods
new(launch_url, params, secret)
click to toggle source
# File lib/ims/lti/services/message_authenticator.rb, line 6 def initialize(launch_url, params, secret) @launch_url = launch_url @params = params @options, @parsed_params = parse_params(params) @consumer_key = @options[:consumer_key] @signature = @parsed_params.delete(:oauth_signature) @secret = secret end
Public Instance Methods
base_string()
click to toggle source
# File lib/ims/lti/services/message_authenticator.rb, line 44 def base_string simple_oauth_header.send(:signature_base) end
signed_params()
click to toggle source
# File lib/ims/lti/services/message_authenticator.rb, line 48 def signed_params simple_oauth_header.signed_attributes.merge(@parsed_params) end
valid_signature?()
click to toggle source
# File lib/ims/lti/services/message_authenticator.rb, line 16 def valid_signature? message.jwt ? valid_jwt? : simple_oauth_header.valid?(signature: signature) end
Private Instance Methods
parse_params(params)
click to toggle source
# File lib/ims/lti/services/message_authenticator.rb, line 67 def parse_params(params) params.inject([{}, {}]) do |array, (k, v)| attr = k.to_s.sub('oauth_', '').to_sym if SimpleOAuth::Header::ATTRIBUTE_KEYS.include?(attr) array[0][attr] = v else array[1][k.to_sym] = v end array end end
valid_jwt?()
click to toggle source
# File lib/ims/lti/services/message_authenticator.rb, line 55 def valid_jwt? begin jwt = JSON::JWT.decode(message.jwt, @secret) aud1 = Addressable::URI.parse(jwt['aud']) aud2 = Addressable::URI.parse(launch_url) [aud1, aud2].each{ |aud| aud.fragment = '' } aud1.normalize == aud2.normalize rescue JSON::JWS::VerificationFailed false end end