class ClientAuthentication
Attributes
header_keys[RW]
Public Class Methods
new(headers, max_seconds = 5, model = Application, logger=nil)
click to toggle source
model must respond to :key and :secret
# File lib/client_authentication.rb, line 5 def initialize(headers, max_seconds = 5, model = Application, logger=nil) @headers = headers @max_seconds = max_seconds @model = model @logger = logger @header_keys = { time: "X-Level3-Digest-Time", key: "X-Level3-Application-Key", digest: "X-Level3-Digest", } end
Public Instance Methods
authenticate_client!()
click to toggle source
# File lib/client_authentication.rb, line 18 def authenticate_client! key = @headers[ header_keys[:key] ] time = @headers[ header_keys[:time] ] digest = @headers[ header_keys[:digest] ] authenticate_header_values!(key, digest, time) key end
authenticate_header_values!(key, digest, time)
click to toggle source
# File lib/client_authentication.rb, line 27 def authenticate_header_values!(key, digest, time) diff = (time.to_i - salt.to_i).abs raise ClientAuthenticationException.new if diff > @max_seconds application = @model.find_by_key(key) raise ClientAuthenticationException.new unless application secret = application.secret raise ClientAuthenticationException.new unless secret raise ClientAuthenticationException.new unless digest.eql? generate_digest(time, secret) true end
generate_digest(salt, secret)
click to toggle source
# File lib/client_authentication.rb, line 41 def generate_digest(salt, secret) Base64.encode64( OpenSSL::HMAC.digest( 'sha256',secret, salt) ). strip end
salt()
click to toggle source
# File lib/client_authentication.rb, line 48 def salt Time.now.to_i.to_s end