module Enviso::Authentication
Attributes
Public Class Methods
# File lib/enviso/authentication.rb, line 98 def api_key_valid_until decoded_token = JWT.decode self.auth_token, nil, false Time.at(decoded_token.first["exp"]) end
The method calculates the login signature, as described
-
Create a SHA256 hash of this value. Based on the hashed value, a digital signature will be created.
# File lib/enviso/authentication.rb, line 33 def calculate_login_signature(timestamp) api_key = Enviso::Config.api_key return Digest::SHA256.hexdigest("#{api_key}_#{timestamp}") # return OpenSSL::Digest::SHA256.new("#{api_key}_#{timestamp}") end
Get new access token using refresh token from login request response
# File lib/enviso/authentication.rb, line 77 def get_new_token body = { refreshToken: refresh_token } puts "Refreshing token" if Enviso::Config.verbose begin result = Enviso::API.send_request(type: :post, endpoint: "apis/getnewtoken", body: body) if result["token"] self.auth_token = result["token"] end return result rescue puts "Signing in again to refresh token" if Enviso::Config.verbose login end end
Parses the current API
key and checks if the 'exp' attribute represents a date in the future.
# File lib/enviso/authentication.rb, line 94 def has_valid_api_key return self.auth_token != nil && api_key_valid_until > Time.now end
Set's the default value's to nil and false @return [Hash] configuration options
# File lib/enviso/authentication.rb, line 14 def init! @defaults = { :@auth_token => nil, :@refresh_token => nil } end
This method combines all the login steps
-
generate a key (SHA256)
-
signs the key with public_key
-
sends request to
API
endpoint
# File lib/enviso/authentication.rb, line 56 def login(signed_key: nil) self.auth_token = nil # reset to prevent giving auth token in login request headers timestamp = timestamp_for_authentication key = calculate_login_signature(timestamp) signed_key = sign_login_signature(key) unless signed_key body = { apikey: Enviso::Config.api_key, timestamp: timestamp, signature: signed_key } result = Enviso::API.send_request(type: :post, endpoint: "apis/login", body: body) if result["authToken"] self.refresh_token = result["refreshToken"] self.auth_token = result["authToken"] end return result end
Signs the login signature hash From the authentication documentation, chapter 4.1:
-
The combination of the created signature along with the provided
API
secret key will act as the digital signature of the call.
# File lib/enviso/authentication.rb, line 44 def sign_login_signature(key) secret = Enviso::Config.api_secret public_key = OpenSSL::PKey::RSA.new(secret) encrypted_string = Base64.encode64(public_key.public_encrypt(key)) return encrypted_string end
in the authentication documentation, chapter 4.1:
-
Concatenate the
API
key with the current timestamp in the format below: <<APIKEY>>_<<timestamp(yyyy'-'MM'-'ddTHH:mm:ss.fffZ)>>
NOTE: The timestamp is in ISO 8601
# File lib/enviso/authentication.rb, line 26 def timestamp_for_authentication return Time.now.utc.strftime('%Y-%m-%dT%H:%M:%S.%LZ') end