class Smaak::Server
Attributes
nonce_store[RW]
private_key[R]
verify_recipient[RW]
Public Class Methods
new()
click to toggle source
Calls superclass method
Smaak::Associate::new
# File lib/smaak/server.rb, line 11 def initialize super @nonce_store = Persistent::Cache.new("nonce_store", @token_life, Persistent::Cache::STORAGE_RAM) @verify_recipient = true end
Public Instance Methods
auth_message_unique?(auth_message)
click to toggle source
# File lib/smaak/server.rb, line 25 def auth_message_unique?(auth_message) if nonce_store[auth_message.nonce].nil? nonce_store[auth_message.nonce] = 1 return true end false end
build_auth_message_from_request(adaptor)
click to toggle source
# File lib/smaak/server.rb, line 33 def build_auth_message_from_request(adaptor) puts "[smaak error]: x-smaak-* headers not all present. Is this a smaak request?" unless smaak_headers_all_present?(adaptor) recipient_public_key = Smaak::Crypto.decode64(adaptor.header("x-smaak-recipient")) psk = adaptor.header("x-smaak-psk") expires = adaptor.header("x-smaak-expires") identifier = adaptor.header("x-smaak-identifier") route_info = adaptor.header("x-smaak-route-info") nonce = adaptor.header("x-smaak-nonce") encrypt = adaptor.header("x-smaak-encrypt") Smaak::AuthMessage.build(recipient_public_key, psk, expires, identifier, route_info, nonce, encrypt) end
compile_response(auth_message, data)
click to toggle source
# File lib/smaak/server.rb, line 69 def compile_response(auth_message, data) return Smaak::Crypto.encrypt(data, @association_store[auth_message.identifier]['public_key']) if auth_message.encrypt data end
set_private_key(key)
click to toggle source
# File lib/smaak/server.rb, line 21 def set_private_key(key) @private_key = adapt_rsa_key(key) end
set_public_key(key)
click to toggle source
# File lib/smaak/server.rb, line 17 def set_public_key(key) set_key(key) end
verify_auth_message(auth_message)
click to toggle source
# File lib/smaak/server.rb, line 45 def verify_auth_message(auth_message) return false unless verify_message_characteristics?(auth_message) identifier = auth_message.identifier verify_association_characteristics?(auth_message, identifier) end
verify_signed_request(request)
click to toggle source
# File lib/smaak/server.rb, line 51 def verify_signed_request(request) adaptor = Smaak.create_adaptor(request) auth_message = build_auth_message_from_request(adaptor) unless verify_auth_message(auth_message) puts "[smaak error]: could not verify auth_message" return false end pubkey = @association_store[auth_message.identifier]['public_key'] puts "[smaak warning]: pubkey not specified" if (pubkey.nil?) or (pubkey == "") body = Smaak::Crypto.sink(adaptor.body) body = Smaak::Crypto.decrypt(body, @private_key) if auth_message.encrypt unless Smaak.verify_authorization_headers(adaptor, pubkey) puts "[smaak error]: could not verify authorization headers" return false, nil end return auth_message, body # TBD return ID from cert end
Private Instance Methods
smaak_headers_all_present?(adaptor)
click to toggle source
# File lib/smaak/server.rb, line 88 def smaak_headers_all_present?(adaptor) not (adaptor.header("x-smaak-recipient").nil? or adaptor.header("x-smaak-psk").nil? or adaptor.header("x-smaak-expires").nil? or adaptor.header("x-smaak-identifier").nil? or adaptor.header("x-smaak-nonce").nil? or adaptor.header("x-smaak-encrypt").nil?) end
verify_associate?(identifier)
click to toggle source
# File lib/smaak/server.rb, line 131 def verify_associate?(identifier) if @association_store[identifier].nil? puts "[smaak error]: unknown associate #{identifier}" return false end true end
verify_association_characteristics?(auth_message, identifier)
click to toggle source
# File lib/smaak/server.rb, line 82 def verify_association_characteristics?(auth_message, identifier) verify_associate?(identifier) and verify_expiry?(auth_message) and verify_psk?(auth_message, identifier) end
verify_expiry?(auth_message)
click to toggle source
# File lib/smaak/server.rb, line 139 def verify_expiry?(auth_message) if auth_message.expired? puts "[smaak error]: message expired. Are the sender and receiver's clocks in sync?" return false end true end
verify_intended_recipient?(auth_message)
click to toggle source
# File lib/smaak/server.rb, line 114 def verify_intended_recipient?(auth_message) if (@verify_recipient) and (not auth_message.intended_for_recipient?(@key.export)) puts "[smaak error]: message not intended for this recipient" return false # verified = false # TBD - IOC this to smaak_bus # if auth_message.router_info # verified = auth_message.intended_for_recipient?(@association_store[auth_message.router_info]) # end # unless verified # puts "[smaak error]: message not intended for this recipient" # return false # end end true end
verify_message_characteristics?(auth_message)
click to toggle source
# File lib/smaak/server.rb, line 76 def verify_message_characteristics?(auth_message) verify_unique?(auth_message) and verify_public_key? and verify_intended_recipient?(auth_message) end
verify_psk?(auth_message, identifier)
click to toggle source
# File lib/smaak/server.rb, line 147 def verify_psk?(auth_message, identifier) psk = @association_store[identifier]['psk'] unless auth_message.verify(psk) puts "[smaak error]: PSK mismatch" return false end true end
verify_public_key?()
click to toggle source
# File lib/smaak/server.rb, line 106 def verify_public_key? if @key.nil? puts "[smaak error]: public key not set. Did you call set_public_key() ?" return false end true end
verify_unique?(auth_message)
click to toggle source
# File lib/smaak/server.rb, line 98 def verify_unique?(auth_message) unless auth_message_unique?(auth_message) puts "[smaak error]: message not unique" return false end true end