class TeamSnap::AuthMiddleware

Public Class Methods

new(app, options) click to toggle source
Calls superclass method
# File lib/teamsnap/auth_middleware.rb, line 5
def initialize(app, options)
  @options = options
  super(app)
end

Public Instance Methods

call(env) click to toggle source
# File lib/teamsnap/auth_middleware.rb, line 10
def call(env)
  if token
    env[:request_headers].merge!({"Authorization" => "Bearer #{token}"})
  elsif client_id && client_secret
    query_params = Hash[URI.decode_www_form(env.url.query || "")]
      .merge({
        hmac_client_id: client_id,
        hmac_nonce: SecureRandom.uuid,
        hmac_timestamp: Time.now.to_i
      })
    env.url.query = URI.encode_www_form(query_params)

    env.request_headers["X-Teamsnap-Hmac"] = OpenSSL::HMAC.hexdigest(
      digest, client_secret, message_hash(env)
    )
  end

  @app.call(env)
end
client_id() click to toggle source
# File lib/teamsnap/auth_middleware.rb, line 34
def client_id
  @client_id ||= @options[:client_id]
end
client_secret() click to toggle source
# File lib/teamsnap/auth_middleware.rb, line 38
def client_secret
  @client_secret ||= @options[:client_secret]
end
digest() click to toggle source
# File lib/teamsnap/auth_middleware.rb, line 42
def digest
  OpenSSL::Digest.new("sha256")
end
message(env) click to toggle source
# File lib/teamsnap/auth_middleware.rb, line 56
def message(env)
  env.body.to_s || ""
end
message_hash(env) click to toggle source
# File lib/teamsnap/auth_middleware.rb, line 46
def message_hash(env)
  digest.hexdigest(
    query_string(env) + message(env)
  )
end
query_string(env) click to toggle source
# File lib/teamsnap/auth_middleware.rb, line 52
def query_string(env)
  "/?" + env.url.query.to_s
end
token() click to toggle source
# File lib/teamsnap/auth_middleware.rb, line 30
def token
  @token ||= @options[:token]
end