class SimpleApiAuth::Signer
Attributes
hasher[RW]
Public Class Methods
new(options = {})
click to toggle source
# File lib/simple-api-auth/signer.rb, line 5 def initialize(options = {}) hahser_class = options[:hasher] || SimpleApiAuth.config.hasher self.hasher = hahser_class.new end
Public Instance Methods
make_hashed_request(request)
click to toggle source
# File lib/simple-api-auth/signer.rb, line 32 def make_hashed_request(request) canonical_request_string = make_canonical_request(request) SimpleApiAuth.log(Logger::DEBUG, "Canonical request string: #{canonical_request_string}") Digest.hexencode(hasher.hash(canonical_request_string)) end
make_string_to_sign(request)
click to toggle source
# File lib/simple-api-auth/signer.rb, line 23 def make_string_to_sign(request) hashed_request = make_hashed_request(request) SimpleApiAuth.log(Logger::DEBUG, "Hashed request: #{hashed_request}") [ request.time.iso8601, hashed_request ].join("\n") end
sign(request, secret_key)
click to toggle source
# File lib/simple-api-auth/signer.rb, line 10 def sign(request, secret_key) fail SigningError, 'time header is not present' if request.time.nil? signing_key = make_signing_key(request, secret_key) SimpleApiAuth.log(Logger::DEBUG, "Signing key(hex): #{Digest.hexencode(signing_key)}") string_to_sign = make_string_to_sign(request) SimpleApiAuth.log(Logger::DEBUG, "String to sign: #{string_to_sign}") signature = hasher.hmac(signing_key, string_to_sign) Digest.hexencode(signature) end
Private Instance Methods
make_canonical_request(request)
click to toggle source
# File lib/simple-api-auth/signer.rb, line 46 def make_canonical_request(request) [ request.http_verb, URI.encode(request.uri), URI.encode(request.query_string), Digest.hexencode(hasher.hash(request.body.read)) ].join("\n") end
make_signing_key(request, secret_key)
click to toggle source
# File lib/simple-api-auth/signer.rb, line 40 def make_signing_key(request, secret_key) date = request.time.strftime('%Y%m%d') hashed_date = hasher.hmac('saa' + secret_key, date) hasher.hmac(hashed_date, 'saa_request') end