Class: Rack::OAuth2::AccessToken::MAC
- Inherits:
-
Rack::OAuth2::AccessToken
- Object
- Rack::OAuth2::AccessToken
- Rack::OAuth2::AccessToken::MAC
- Defined in:
- lib/rack/oauth2/access_token/mac.rb,
lib/rack/oauth2/access_token/mac/verifier.rb,
lib/rack/oauth2/access_token/mac/signature.rb,
lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb more...
Defined Under Namespace
Classes: Sha256HexVerifier, Signature, Verifier
Instance Attribute Summary collapse
-
#ext ⇒ Object
readonly
Returns the value of attribute ext.
-
#nonce ⇒ Object
readonly
Returns the value of attribute nonce.
-
#signature ⇒ Object
readonly
Returns the value of attribute signature.
Instance Method Summary collapse
- #authenticate(request) ⇒ Object
-
#initialize(attributes = {}) ⇒ MAC
constructor
A new instance of MAC.
- #token_response ⇒ Object
- #verify!(request) ⇒ Object
Constructor Details
permalink #initialize(attributes = {}) ⇒ MAC
Returns a new instance of MAC.
9 10 11 12 13 |
# File 'lib/rack/oauth2/access_token/mac.rb', line 9 def initialize(attributes = {}) super(attributes) @issued_at = Time.now.utc @ts_expires_in ||= 5.minutes end |
Instance Attribute Details
permalink #ext ⇒ Object (readonly)
Returns the value of attribute ext.
7 8 9 |
# File 'lib/rack/oauth2/access_token/mac.rb', line 7 def ext @ext end |
permalink #nonce ⇒ Object (readonly)
Returns the value of attribute nonce.
7 8 9 |
# File 'lib/rack/oauth2/access_token/mac.rb', line 7 def nonce @nonce end |
permalink #signature ⇒ Object (readonly)
Returns the value of attribute signature.
7 8 9 |
# File 'lib/rack/oauth2/access_token/mac.rb', line 7 def signature @signature end |
Instance Method Details
permalink #authenticate(request) ⇒ Object
[View source]
53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 |
# File 'lib/rack/oauth2/access_token/mac.rb', line 53 def authenticate(request) @nonce = generate_nonce @ts_generated = @ts || Time.now.utc if self.ext_verifier.present? @ext = self.ext_verifier.new( :raw_body => request.body, :algorithm => self.mac_algorithm ).calculate end @signature = Signature.new( :secret => self.mac_key, :algorithm => self.mac_algorithm, :nonce => self.nonce, :method => request.header.request_method, :request_uri => request.header.create_query_uri, :host => request.header.request_uri.host, :port => request.header.request_uri.port, :ts => @ts_generated, :ext => @ext ).calculate request.header['Authorization'] = end |
permalink #token_response ⇒ Object
[View source]
15 16 17 18 19 20 |
# File 'lib/rack/oauth2/access_token/mac.rb', line 15 def token_response super.merge( :mac_key => mac_key, :mac_algorithm => mac_algorithm ) end |
permalink #verify!(request) ⇒ Object
[View source]
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/rack/oauth2/access_token/mac.rb', line 22 def verify!(request) if self.ext_verifier.present? body = request.body.read request.body.rewind # for future use self.ext_verifier.new( :raw_body => body, :algorithm => self.mac_algorithm ).verify!(request.ext) end now = Time.now.utc.to_i now = @ts.to_i if @ts.present? raise Rack::OAuth2::AccessToken::MAC::Verifier::VerificationFailed.new("Request ts expired") if now - request.ts.to_i > @ts_expires_in.to_i Signature.new( :secret => self.mac_key, :algorithm => self.mac_algorithm, :nonce => request.nonce, :method => request.request_method, :request_uri => request.fullpath, :host => request.host, :port => request.port, :ts => request.ts, :ext => request.ext ).verify!(request.signature) rescue Verifier::VerificationFailed => e request.invalid_token! e. end |