class GrapeAPISignature::Authorization

Attributes

auth_header[RW]
authorization[RW]
body[RW]
headers[RW]
max_request_age_in_sec[RW]
request_method[RW]
secret_key[RW]
uri[RW]

Public Class Methods

new(request_method, headers, uri, body, max_request_age_in_sec = 900) click to toggle source
# File lib/grape_api_signature/authorization.rb, line 6
def initialize(request_method, headers, uri, body, max_request_age_in_sec = 900)
  self.request_method = request_method.upcase
  self.headers = headers.each_with_object({}) { |(key, value), result_hash| result_hash[key.downcase] = value }
  self.body = body
  self.auth_header = {}
  self.uri = uri
  self.max_request_age_in_sec = max_request_age_in_sec
  self.authorization = GrapeAPISignature::AWSAuthParser.parse(self.headers['authorization']) if auth_header?
end

Public Instance Methods

auth_header?() click to toggle source
# File lib/grape_api_signature/authorization.rb, line 47
def auth_header?
  headers['authorization'].present?
end
authentic?(secret_key) click to toggle source
# File lib/grape_api_signature/authorization.rb, line 51
def authentic?(secret_key)
  return false if secret_key.nil?

  auth_header? && signatures_match?(secret_key) && !request_too_old?
end
calculated_signature(secret_key) click to toggle source
# File lib/grape_api_signature/authorization.rb, line 37
def calculated_signature(secret_key)
  signer = GrapeAPISignature::AWSSigner.new(
      access_key: user_id,
      secret_key: secret_key,
      region: authorization.region
  )

  signer.signature_only(request_method, uri, signed_headers, body)
end
datetime() click to toggle source
# File lib/grape_api_signature/authorization.rb, line 28
def datetime
  (headers['date'] || headers['x-amz-date'] || max_request_age - 1).to_time
end
max_request_age() click to toggle source
# File lib/grape_api_signature/authorization.rb, line 65
def max_request_age
  Time.now.utc - max_request_age_in_sec
end
region() click to toggle source
# File lib/grape_api_signature/authorization.rb, line 20
def region
  authorization.region
end
request_too_old?() click to toggle source
# File lib/grape_api_signature/authorization.rb, line 61
def request_too_old?
  datetime.utc < max_request_age
end
secure_compare(a, b) click to toggle source
# File lib/grape_api_signature/authorization.rb, line 69
def secure_compare(a, b)
  return false unless a.to_s.bytesize == b.to_s.bytesize

  l = a.unpack 'C*'

  res = 0
  b.each_byte { |byte| res |= byte ^ l.shift }
  res == 0
end
service() click to toggle source
# File lib/grape_api_signature/authorization.rb, line 24
def service
  authorization.service
end
signatures_match?(secret_key) click to toggle source
# File lib/grape_api_signature/authorization.rb, line 57
def signatures_match?(secret_key)
  authorization.signature.present? && secure_compare(calculated_signature(secret_key), authorization.signature)
end
signed_headers() click to toggle source
# File lib/grape_api_signature/authorization.rb, line 32
def signed_headers
  return {} unless authorization.signed_headers.present?
  headers.slice(*authorization.signed_headers)
end
user_id() click to toggle source
# File lib/grape_api_signature/authorization.rb, line 16
def user_id
  authorization.access_key
end