Class: Canistor::Authorization

Inherits:

Object

• Object
• Canistor::Authorization

Defined in:

lib/canistor/authorization.rb

Instance Attribute Summary

• #access_key_id ⇒ Object readonly

  Returns the value of attribute access_key_id.

• #date ⇒ Object readonly

  Returns the value of attribute date.

• #protocol ⇒ Object readonly

  Returns the value of attribute protocol.

• #region ⇒ Object readonly

  Returns the value of attribute region.

• #signature ⇒ Object readonly

  Returns the value of attribute signature.

Instance Method Summary

• #initialize(authorization) ⇒ Authorization constructor

  A new instance of Authorization.

• #valid_signature?(request, credentials) ⇒ Boolean

Constructor Details

#initialize(authorization) ⇒ Authorization

Returns a new instance of Authorization.

# File 'lib/canistor/authorization.rb', line 11

def initialize(authorization)
  @protocol, params = authorization.split(' ', 2)
  params.split(', ').inject({}) do |unpacked, part|
    name, values = part.split('=')
    case name
    when 'Credential'
      self.credential = values.split('/')
    when 'Signature'
      self.signature = values
    end
    unpacked
  end
end

Instance Attribute Details

#access_key_id ⇒ Object (readonly)

Returns the value of attribute access_key_id.

# File 'lib/canistor/authorization.rb', line 7

def access_key_id
  @access_key_id
end

#date ⇒ Object (readonly)

Returns the value of attribute date.

# File 'lib/canistor/authorization.rb', line 9

def date
  @date
end

#protocol ⇒ Object (readonly)

Returns the value of attribute protocol.

# File 'lib/canistor/authorization.rb', line 5

def protocol
  @protocol
end

#region ⇒ Object (readonly)

Returns the value of attribute region.

# File 'lib/canistor/authorization.rb', line 6

def region
  @region
end

#signature ⇒ Object

Returns the value of attribute signature.

# File 'lib/canistor/authorization.rb', line 8

def signature
  @signature
end

Instance Method Details

#valid_signature?(request, credentials) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/canistor/authorization.rb', line 25

def valid_signature?(request, credentials)
  return false if signature.to_s.strip == ''
  signer = Aws::Sigv4::Signer.new(
    service: 's3',
    region: region,
    credentials_provider: credentials,
    uri_escape_path: false,
    unsigned_headers: ['content-length', 'x-amzn-trace-id']
  )
  signed_request = signer.sign_request(
    http_method: request.http_method,
    url: request.endpoint.to_s,
    headers: request.headers.to_hash,
    body: request.body
  )
  signature == signer.send(
    :signature,
    credentials.secret_access_key,
    date,
    signed_request.string_to_sign
  )
end