module UrlSigner

Sign and verify URLs

Constants

VERSION

Public Instance Methods

sign(url, *options) click to toggle source

Returns a new URI instance by appending a signature parameter to the query of url. The method accepts that url can be either a String or a URI instance.

signed_url = UrlSigner.sign('http://google.fr&q=test') # => <URI::HTTP...>

The following key/value parameters can be given to options:

  • :key - the secret key used for encryption

  • :hash_method - the hash function to pass to Digest::HMAC. Defaults to Digest::SHA1.

Note that if a URL_SIGNING_KEY environment variable is defined, it will be used as a default value for the :key option.

# File lib/url_signer.rb, line 19
def sign(url, *options)
  temp_signer = UrlSigner::Signer.new(url, *options)
  temp_signer.sign
end
valid?(url, *options) click to toggle source

Verify the authenticity of the url by checking the value of the signature query parameter (if present). The method accepts that url can be either a String or a URI instance.

The following key/value parameters can be given to options:

  • :key - the secret key used for encryption

  • :hash_method - the hash function to pass to Digest::HMAC. Defaults to Digest::SHA1.

Note that if a URL_SIGNING_KEY environment variable is defined, it will be used as a default value for the :key option.

Examples

dummy_url = 'http://google.fr?q=test
UrlSigner.valid?(dummy_url) # => false

signed_url = UrlSigner.sign('http://google.fr&q=test')
UrlSigner.valid?(signed_url) # => true
# File lib/url_signer.rb, line 40
def valid?(url, *options)
  temp_verifier = UrlSigner::Verifier.new(url, *options)
  temp_verifier.valid?
end