class Rack::UrlAuth::Signer

Attributes

secret[R]

Public Class Methods

new(secret) click to toggle source
# File lib/rack/url_auth/signer.rb, line 9
def initialize(secret)
  @secret = secret
end

Public Instance Methods

sign(message) click to toggle source
# File lib/rack/url_auth/signer.rb, line 13
def sign(message)
  HMAC::SHA256.hexdigest(secret, message)
end
sign_url(url, method) click to toggle source
# File lib/rack/url_auth/signer.rb, line 23
def sign_url(url, method)
  purl, query = parse_and_extract_query(url)
  normalized = purl.normalize.to_s
  query['signature'] = sign(method.to_s.downcase + normalized)

  build_url(purl, query)
end
verify(message, signature) click to toggle source
# File lib/rack/url_auth/signer.rb, line 17
def verify(message, signature)
  actual = Digest::SHA1.hexdigest sign(message)
  expected = Digest::SHA1.hexdigest signature
  actual == expected
end
verify_url(url, method) click to toggle source
# File lib/rack/url_auth/signer.rb, line 31
def verify_url(url, method)
  purl, query = parse_and_extract_query(url)
  signature = query.delete('signature').to_s
  message = method.to_s.downcase + build_url(purl, query)

  verify(message, signature)
end

Private Instance Methods

build_url(purl, query) click to toggle source
# File lib/rack/url_auth/signer.rb, line 47
def build_url(purl, query)
  purl.query = Rack::Utils.build_query(query)
  purl.normalize.to_s
end
parse_and_extract_query(url) click to toggle source
# File lib/rack/url_auth/signer.rb, line 41
def parse_and_extract_query(url)
  purl = Addressable::URI.parse(url)
  query = purl.query_values || {}
  [purl, query]
end