module SimpleApiAuth::Helpers::Auth
Public Instance Methods
allowed_methods()
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 18 def allowed_methods options[:allowed_methods] || SimpleApiAuth.config.allowed_methods end
check_data(request)
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 26 def check_data(request) required_headers.each do |k, _| return log_and_fail(missing_header_message(k)) unless request.headers.key?(k) end allowed_verb = allowed_methods.include?(request.http_verb) return log_and_fail("verb #{request.http_verb} not allowed") unless allowed_verb true end
extract_signature(headers)
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 4 def extract_signature(headers) header_key = SimpleApiAuth.config.header_keys[:authorization] match = /Signature: (.+)/.match(headers[header_key]) match && match[1] end
log_and_fail(message)
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 49 def log_and_fail(message) SimpleApiAuth.log(Logger::DEBUG, message) false end
missing_header_message(header_name)
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 35 def missing_header_message(header_name) available_headers = request.headers.keys.join(', ') "missing header #{header_name}. available headers are: #{available_headers}" end
options()
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 22 def options @options || {} end
request_timeout()
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 14 def request_timeout (options[:request_timeout] || SimpleApiAuth.config.request_timeout) * 60 end
required_headers()
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 10 def required_headers options[:required_headers] || SimpleApiAuth.config.required_headers end
secure_equals?(m1, m2, key)
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 54 def secure_equals?(m1, m2, key) sha1_hmac(key, m1) == sha1_hmac(key, m2) end
sha1_hmac(key, message)
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 58 def sha1_hmac(key, message) SimpleApiAuth::Hasher::SHA1.new.hmac(key, message) end
valid_time?(request)
click to toggle source
# File lib/simple-api-auth/helpers/auth_helpers.rb, line 40 def valid_time?(request) request_time = request.time return log_and_fail('request time not found') if request_time.nil? difference = Time.now - request_time return log_and_fail('negative time') if difference < 0 return log_and_fail('request too old') if difference > request_timeout true end