class GrapeAPISignature::Authorization
Attributes
auth_header[RW]
body[RW]
headers[RW]
max_request_age_in_sec[RW]
request_method[RW]
secret_key[RW]
uri[RW]
Public Class Methods
new(request_method, headers, uri, body, max_request_age_in_sec = 900)
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 6 def initialize(request_method, headers, uri, body, max_request_age_in_sec = 900) self.request_method = request_method.upcase self.headers = headers.each_with_object({}) { |(key, value), result_hash| result_hash[key.downcase] = value } self.body = body self.auth_header = {} self.uri = uri self.max_request_age_in_sec = max_request_age_in_sec self.authorization = GrapeAPISignature::AWSAuthParser.parse(self.headers['authorization']) if auth_header? end
Public Instance Methods
auth_header?()
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 47 def auth_header? headers['authorization'].present? end
authentic?(secret_key)
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 51 def authentic?(secret_key) return false if secret_key.nil? auth_header? && signatures_match?(secret_key) && !request_too_old? end
calculated_signature(secret_key)
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 37 def calculated_signature(secret_key) signer = GrapeAPISignature::AWSSigner.new( access_key: user_id, secret_key: secret_key, region: authorization.region ) signer.signature_only(request_method, uri, signed_headers, body) end
datetime()
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 28 def datetime (headers['date'] || headers['x-amz-date'] || max_request_age - 1).to_time end
max_request_age()
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 65 def max_request_age Time.now.utc - max_request_age_in_sec end
region()
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 20 def region authorization.region end
request_too_old?()
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 61 def request_too_old? datetime.utc < max_request_age end
secure_compare(a, b)
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 69 def secure_compare(a, b) return false unless a.to_s.bytesize == b.to_s.bytesize l = a.unpack 'C*' res = 0 b.each_byte { |byte| res |= byte ^ l.shift } res == 0 end
service()
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 24 def service authorization.service end
signatures_match?(secret_key)
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 57 def signatures_match?(secret_key) authorization.signature.present? && secure_compare(calculated_signature(secret_key), authorization.signature) end
signed_headers()
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 32 def signed_headers return {} unless authorization.signed_headers.present? headers.slice(*authorization.signed_headers) end
user_id()
click to toggle source
# File lib/grape_api_signature/authorization.rb, line 16 def user_id authorization.access_key end