class Gorilla::Middleware::SignatureAuth

Constants

SIGNATURE_ALGO
SIGNATURE_METHOD

Public Class Methods

new(app, opts={}) click to toggle source
Calls superclass method
# File lib/gorilla/middleware/signature_auth.rb, line 8
def initialize(app, opts={})
  [:key, :secret].each do |key|
    raise ArgumentError, "#{key.inspect} is required" if !opts[key]
  end

  opts[:token_duration] ||= 5 * 60

  super(app)
  @opts = opts
end

Public Instance Methods

call(env) click to toggle source
# File lib/gorilla/middleware/signature_auth.rb, line 19
def call(env)
  env[:request_headers]['Authorization'] = build_auth_header(env)
  @app.call(env)
end

Private Instance Methods

build_auth_header(env) click to toggle source
# File lib/gorilla/middleware/signature_auth.rb, line 26
def build_auth_header(env)
  token = build_token(env)
  "#{SIGNATURE_METHOD} #{@opts[:key]} #{token}"
end
build_token(env) click to toggle source
# File lib/gorilla/middleware/signature_auth.rb, line 31
def build_token(env)
  JWT.encode({
    exp: Time.now.utc.to_i + @opts[:token_duration].to_i,
    method: env[:method].to_s.upcase,
    path: env[:url].path.split('?').first
  }, @opts[:secret], SIGNATURE_ALGO)
end