Module: OoAuth
- Defined in:
- lib/oo_auth.rb,
lib/oo_auth/nonce.rb,
lib/oo_auth/errors.rb,
lib/oo_auth/version.rb,
lib/oo_auth/constants.rb,
lib/oo_auth/signature.rb,
lib/oo_auth/credentials.rb,
lib/oo_auth/request_proxy.rb,
lib/oo_auth/nonce/redis_store.rb,
lib/oo_auth/nonce/abstract_store.rb
Defined Under Namespace
Modules: Signature Classes: ConfigurationError, Credentials, Error, Nonce, RequestProxy, UnsupportedSignatureMethod
Constant Summary collapse
- VERSION =
'1.0.1'
- OUT_OF_BAND =
request tokens are passed between the consumer and the provider out of band (i.e. callbacks cannot be used), per section 6.1.1
'oob'
- PARAMETERS =
FIXME: ordering required parameters, per sections 6.1.1, 6.3.1, and 7
%w(oauth_callback oauth_consumer_key oauth_token oauth_signature_method oauth_timestamp oauth_nonce oauth_verifier oauth_version oauth_signature oauth_body_hash)
- RESERVED_CHARACTERS =
reserved character regexp, per section 5.1
/[^a-zA-Z0-9\-\.\_\~]/
- HMAC_SHA1 =
Supported signature methods
'HMAC-SHA1'
- HMAC_SHA256 =
'HMAC-SHA256'
- HMAC_SHA512 =
'HMAC-SHA512'
- SUPPORTED_SIGNATURE_METHODS =
{ HMAC_SHA1 => OpenSSL::Digest::SHA1, HMAC_SHA256 => OpenSSL::Digest::SHA256, HMAC_SHA512 => OpenSSL::Digest::SHA512 }
- DEFAULT_SIGNATURE_METHOD =
HMAC_SHA1
- MAX_TIMESTAMP_DEVIATION =
5 * 60
Class Attribute Summary collapse
-
.authorization_store ⇒ Object
Define a lookup method for access token verification It should be callable (proc) or provide an
authorization
method, with the argument being the consumer key and token. -
.nonce_store ⇒ Object
Initialize with instance of store OoAuth.nonce_store = OoAuth::Nonce::RedisStore.new(namespace: ‘foo’).
Class Method Summary collapse
- .authorization(consumer_key, token) ⇒ Object
-
.authorize!(*args) ⇒ Object
Use this in your controllers to verify the OAuth signature of a request.
-
.encode(*components) ⇒ Object
cf.
-
.escape(value) ⇒ Object
Escape
value
by URL encoding all non-reserved character. -
.generate_key(size = 32) ⇒ Object
(also: generate_nonce)
Generate a random key of up to
size
bytes. -
.sign!(*args) ⇒ Object
Use this to sign Net::HTTP or ActionDispatch requests.
- .signature_method ⇒ Object
-
.signature_method=(value) ⇒ Object
Set the signature method to use.
- .signature_methods ⇒ Object
-
.signature_methods=(methods) ⇒ Object
Set the available signature methods You can either use strings or symbols, e.g.
-
.timestamp ⇒ Object
Current UTC timestamp.
- .unescape(value) ⇒ Object
-
.verify_signature_method!(value) ⇒ Object
Check if the signature method is valid, raise error if not.
Class Attribute Details
.authorization_store ⇒ Object
Define a lookup method for access token verification It should be callable (proc) or provide an authorization
method, with the argument being the consumer key and token. The proc or method call should return
-
if the consumer key/token combination exists: an object which responding to
credentials
with an initialized instance of OoAuth::Credentials -
nil otherwise.
31 32 33 |
# File 'lib/oo_auth.rb', line 31 def @authorization_store end |
.nonce_store ⇒ Object
Initialize with instance of store OoAuth.nonce_store = OoAuth::Nonce::RedisStore.new(namespace: ‘foo’)
20 21 22 |
# File 'lib/oo_auth.rb', line 20 def nonce_store @nonce_store end |
Class Method Details
.authorization(consumer_key, token) ⇒ Object
101 102 103 104 105 106 107 108 109 |
# File 'lib/oo_auth.rb', line 101 def (consumer_key, token) if .respond_to?(:call) .call(consumer_key, token) elsif .respond_to?(:authorization) .(consumer_key, token) else fail ConfigurationError, 'authorization store not callable' end end |
.authorize!(*args) ⇒ Object
Use this in your controllers to verify the OAuth signature of a request.
120 121 122 123 124 125 |
# File 'lib/oo_auth.rb', line 120 def (*args) proxy = RequestProxy.new(*args) return unless = self.(proxy.consumer_key, proxy.token) return unless Signature.verify!(proxy, .credentials) end |
.encode(*components) ⇒ Object
92 93 94 |
# File 'lib/oo_auth.rb', line 92 def encode(*components) components.map { |component| OoAuth.escape(component) }.join('&') end |
.escape(value) ⇒ Object
Escape value
by URL encoding all non-reserved character.
See Also: OAuth core spec version 1.0, section 5.1
80 81 82 83 84 |
# File 'lib/oo_auth.rb', line 80 def escape(value) URI.escape(value.to_s, RESERVED_CHARACTERS) rescue ArgumentError URI.escape(value.to_s.force_encoding(Encoding::UTF_8), RESERVED_CHARACTERS) end |
.generate_key(size = 32) ⇒ Object Also known as: generate_nonce
Generate a random key of up to size
bytes. The value returned is Base64 encoded with non-word characters removed.
71 72 73 |
# File 'lib/oo_auth.rb', line 71 def generate_key(size = 32) Base64.encode64(OpenSSL::Random.random_bytes(size)).gsub(/\W/, '') end |
.sign!(*args) ⇒ Object
Use this to sign Net::HTTP or ActionDispatch requests
112 113 114 115 116 |
# File 'lib/oo_auth.rb', line 112 def sign!(*args) credentials = args.pop proxy = RequestProxy.new(*args) Signature.sign!(proxy, credentials) end |
.signature_method ⇒ Object
59 60 61 |
# File 'lib/oo_auth.rb', line 59 def signature_method @signature_method ||= DEFAULT_SIGNATURE_METHOD end |
.signature_method=(value) ⇒ Object
Set the signature method to use
64 65 66 67 |
# File 'lib/oo_auth.rb', line 64 def signature_method=(value) verify_signature_method!(value) @signature_method = value end |
.signature_methods ⇒ Object
33 34 35 |
# File 'lib/oo_auth.rb', line 33 def signature_methods @signature_methods ||= SUPPORTED_SIGNATURE_METHODS end |
.signature_methods=(methods) ⇒ Object
Set the available signature methods You can either use strings or symbols, e.g.
- ‘HMAC_SHA1’, :hmac_sha256
40 41 42 43 44 45 46 |
# File 'lib/oo_auth.rb', line 40 def signature_methods=(methods) @signature_methods = methods.collect do |method| method = method.to_s.upcase.sub('_', '-') raise UnsupportedSignatureMethod, method.inspect unless SUPPORTED_SIGNATURE_METHODS.include?(method) method end end |
.timestamp ⇒ Object
Current UTC timestamp
97 98 99 |
# File 'lib/oo_auth.rb', line 97 def Time.now.utc.to_i end |
.unescape(value) ⇒ Object
86 87 88 |
# File 'lib/oo_auth.rb', line 86 def unescape(value) URI.unescape(value.gsub('+', '%2B')) end |
.verify_signature_method!(value) ⇒ Object
Check if the signature method is valid, raise error if not
Supported values:
-
‘HMAC-SHA1’
-
‘HMAC-SHA256’
-
‘HMAC-SHA512’
55 56 57 |
# File 'lib/oo_auth.rb', line 55 def verify_signature_method!(value) raise UnsupportedSignatureMethod, value.inspect unless signature_methods.include?(value) end |