class Wix::Apps::SignedInstanceMiddleware

Public Class Methods

new(app, options={}) click to toggle source

Initializes the middleware to secure a given set of paths. Options: :secret_key - the Wix secret key as String :secured_paths (optional) - an Array of String and Regexp objects which every request's path is matched against. Matching paths are required to pass a Wix signed instance.

# File lib/wix-apps/signed_instance_middleware.rb, line 9
def initialize(app, options={})
  self.app = app
  self.secret_key = options[:secret_key]
  self.secured_paths = options[:secured_paths] || []
  self.paths = options[:paths] || []
end

Public Instance Methods

call(env) click to toggle source

Checks current URL path for Wix instance requirement, parses given signed instance and adds GET param 'parsed_instance' with the instance's parsed properties. @param [Hash] env The current environment hash @return [Array] The typical [<code>, <headers>, <body>] rack response Array

# File lib/wix-apps/signed_instance_middleware.rb, line 19
def call(env)
  path = env['PATH_INFO']

  secured_path = secured_path? path
  if secured_path || path?(path)
    # path must be handled (instance is either required or optional)
    request = Rack::Request.new(env)

    env['wix.instance'] = nil
    if request.params.has_key? 'instance'
      # Wix' "instance" parameter was supplied so it must be parseable. parse and set it into env.
      begin
        env['wix.instance'] = Wix::Apps::SignedInstance.new(request.params['instance'], secret: secret_key)
      rescue Wix::Apps::SignedInstanceParseError
        # 403 Forbidden
        return [403, {}, ['Invalid Wix instance']]
      end
    elsif secured_path
      # instance is required but Wix' "instance" parameter is missing
      # 401 Unauthorized
      return [401, {}, ['Unauthorized']]
    end
  end
  app.call(env)
end

Private Instance Methods

path?(path) click to toggle source

Check if a request URL's path should be checked for a Wix signed instance or not. Checks the path against the paths option. @param [String] path URL path (=directory part) to check @return [Boolean] Indicates if given path should be checked or not

# File lib/wix-apps/signed_instance_middleware.rb, line 57
def path?(path)
  path_match? paths, path
end
path_match?(match_paths, path) click to toggle source

@param [Array<String,Regexp>] match_paths List of Strings (match exact path) amd Regexps (match whatever the regexp says) @param [String] path The path to match against

# File lib/wix-apps/signed_instance_middleware.rb, line 63
def path_match?(match_paths, path)
  match_paths.any? { |match_path|
    match_path === path
  }
end
secured_path?(path) click to toggle source

Check if a request URL's path should be required to pass a Wix signed instance or not. Checks the path against the secured_paths option. @param [String] path URL path (=directory part) to check @return [Boolean] Indicates if given path should be secured or not

# File lib/wix-apps/signed_instance_middleware.rb, line 50
def secured_path?(path)
  path_match? secured_paths, path
end