Class: CarrierWaveDirect::Policies::Aws4HmacSha256
- Defined in:
- lib/carrierwave_direct/policies/aws4_hmac_sha256.rb
Instance Attribute Summary
Attributes inherited from Base
Instance Method Summary collapse
- #algorithm ⇒ Object
- #clear! ⇒ Object
- #credential ⇒ Object
- #date ⇒ Object
- #direct_fog_hash(policy_options = {}) ⇒ Object
- #generate(options) {|conditions| ... } ⇒ Object
- #signature ⇒ Object
- #signing_key(options = {}) ⇒ Object
- #timestamp ⇒ Object
Methods inherited from Base
Constructor Details
This class inherits a constructor from CarrierWaveDirect::Policies::Base
Instance Method Details
#algorithm ⇒ Object
60 61 62 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 60 def algorithm 'AWS4-HMAC-SHA256' end |
#clear! ⇒ Object
64 65 66 67 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 64 def clear! super @timestamp = nil end |
#credential ⇒ Object
56 57 58 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 56 def credential "#{uploader.aws_access_key_id}/#{.strftime("%Y%m%d")}/#{uploader.region}/s3/aws4_request" end |
#date ⇒ Object
20 21 22 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 20 def date .strftime("%Y%m%dT%H%M%SZ") end |
#direct_fog_hash(policy_options = {}) ⇒ Object
7 8 9 10 11 12 13 14 15 16 17 18 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 7 def direct_fog_hash( = {}) { key: uploader.key, acl: uploader.acl, policy: policy(), 'X-Amz-Signature': signature, 'X-Amz-Credential': credential, 'X-Amz-Algorithm': algorithm, 'X-Amz-Date': date, uri: uploader.direct_fog_url, } end |
#generate(options) {|conditions| ... } ⇒ Object
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 24 def generate(, &block) return @policy if @policy.present? conditions = [] conditions << ["starts-with", "$utf8", ""] if [:enforce_utf8] conditions << ["starts-with", "$key", uploader.key.sub(/#{Regexp.escape(CarrierWaveDirect::Uploader::FILENAME_WILDCARD)}\z/, "")] conditions << {'X-Amz-Algorithm' => algorithm} conditions << {'X-Amz-Credential' => credential} conditions << {'X-Amz-Date' => date } conditions << ["starts-with", "$Content-Type", ""] if uploader.will_include_content_type conditions << {"bucket" => uploader.fog_directory} conditions << {"acl" => uploader.acl} if uploader.use_action_status conditions << {"success_action_status" => uploader.success_action_status} else conditions << {"success_action_redirect" => uploader.success_action_redirect} end conditions << ["content-length-range", [:min_file_size], [:max_file_size]] yield conditions if block_given? @policy = Base64.encode64( { 'expiration' => (Time.now + [:expiration]).utc.iso8601, 'conditions' => conditions }.to_json ).gsub("\n","") end |
#signature ⇒ Object
69 70 71 72 73 74 75 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 69 def signature OpenSSL::HMAC.hexdigest( 'sha256', signing_key, policy ) end |
#signing_key(options = {}) ⇒ Object
77 78 79 80 81 82 83 84 85 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 77 def signing_key( = {}) #AWS Signature Version 4 kDate = OpenSSL::HMAC.digest('sha256', "AWS4" + uploader.aws_secret_access_key, .strftime("%Y%m%d")) kRegion = OpenSSL::HMAC.digest('sha256', kDate, uploader.region) kService = OpenSSL::HMAC.digest('sha256', kRegion, 's3') kSigning = OpenSSL::HMAC.digest('sha256', kService, "aws4_request") kSigning end |
#timestamp ⇒ Object
87 88 89 |
# File 'lib/carrierwave_direct/policies/aws4_hmac_sha256.rb', line 87 def @timestamp ||= Time.now.utc end |