module Paypal::Permissions::Oauth
Constants
- OAUTH_RESERVED_CHARACTERS
Note: OAuth does not encode '.', but PayPal does.
- OAUTH_SIGNATURE_METHOD
Public Instance Methods
generate_signature(token, token_secret, http_method, endpoint)
click to toggle source
Create the X-PP-AUTHORIZATION header
# File lib/paypal/permissions/oauth.rb, line 13 def generate_signature(token, token_secret, http_method, endpoint) raise "Invalid HTTP Method. Valid values: GET, POST, DELETE, UPDATE." unless ['GET','POST','DELETE','UPDATE'].include? http_method timestamp = Time.now.to_i.to_s signature_key = "#{@password}&#{oauth_escape(token_secret)}" oauth_params = { 'oauth_consumer_key' => @userid, 'oauth_signature_method' => OAUTH_SIGNATURE_METHOD, 'oauth_timestamp' => timestamp, 'oauth_token' => token, 'oauth_version' => '1.0', } input_string = "#{http_method}&#{oauth_escape(endpoint)}&" input_string += oauth_params.map{ |k,v| "#{k}=#{v}" }.join('&') # HMAC SHA1 digest_key = ::Digest::SHA1.digest(signature_key) sha1_hash = ::OpenSSL::Digest::Digest.new('sha1') signature = ::OpenSSL::HMAC.hexdigest(sha1_hash, digest_key, input_string) "timestamp=#{timestamp},token=#{token},signature=#{signature}" end
oauth_escape(value)
click to toggle source
# File lib/paypal/permissions/oauth.rb, line 38 def oauth_escape(value) URI::escape(value.to_s, OAUTH_RESERVED_CHARACTERS) end