Class: Rack::Authenticate::Middleware::Auth
- Inherits:
-
Rack::Auth::AbstractRequest
- Object
- Rack::Auth::AbstractRequest
- Rack::Authenticate::Middleware::Auth
- Defined in:
- lib/rack/authenticate/middleware.rb
Instance Method Summary collapse
- #access_id ⇒ Object
- #basic? ⇒ Boolean
- #calculated_digest ⇒ Object
- #canonicalized_request ⇒ Object
-
#content_md5 ⇒ Object
TODO: replace the request body with a proxy object that verifies this when it is read.
- #date ⇒ Object
- #given_digest ⇒ Object
- #has_all_required_parts? ⇒ Boolean
- #has_content? ⇒ Boolean
- #hmac? ⇒ Boolean
-
#initialize(env, configuration = Configuration.new) ⇒ Auth
constructor
A new instance of Auth.
- #request ⇒ Object
- #secret_key ⇒ Object
- #valid? ⇒ Boolean
- #valid_current_date? ⇒ Boolean
Constructor Details
#initialize(env, configuration = Configuration.new) ⇒ Auth
Returns a new instance of Auth.
32 33 34 35 |
# File 'lib/rack/authenticate/middleware.rb', line 32 def initialize(env, configuration = Configuration.new) super(env) @configuration = configuration end |
Instance Method Details
#access_id ⇒ Object
88 89 90 |
# File 'lib/rack/authenticate/middleware.rb', line 88 def access_id @access_id ||= params.split(':').first end |
#basic? ⇒ Boolean
37 38 39 |
# File 'lib/rack/authenticate/middleware.rb', line 37 def basic? :basic == scheme end |
#calculated_digest ⇒ Object
100 101 102 |
# File 'lib/rack/authenticate/middleware.rb', line 100 def calculated_digest @calculated_digest ||= HMAC::SHA1.hexdigest(secret_key, canonicalized_request) end |
#canonicalized_request ⇒ Object
82 83 84 85 86 |
# File 'lib/rack/authenticate/middleware.rb', line 82 def canonicalized_request parts = [ request.request_method, request.url, date ] parts += [ request.content_type, content_md5 ] if has_content? parts.join("\n") end |
#content_md5 ⇒ Object
TODO: replace the request body with a proxy object that verifies this when it is read.
78 79 80 |
# File 'lib/rack/authenticate/middleware.rb', line 78 def content_md5 request.env['HTTP_CONTENT_MD5'] end |
#date ⇒ Object
59 60 61 |
# File 'lib/rack/authenticate/middleware.rb', line 59 def date request.env['HTTP_DATE'] end |
#given_digest ⇒ Object
96 97 98 |
# File 'lib/rack/authenticate/middleware.rb', line 96 def given_digest @given_digest ||= params.split(':').last end |
#has_all_required_parts? ⇒ Boolean
45 46 47 48 49 50 51 52 53 |
# File 'lib/rack/authenticate/middleware.rb', line 45 def has_all_required_parts? return false unless date if has_content? content_md5.to_s != '' && request.content_type.to_s != '' else true end end |
#has_content? ⇒ Boolean
73 74 75 |
# File 'lib/rack/authenticate/middleware.rb', line 73 def has_content? request.content_length.to_i > 0 end |
#hmac? ⇒ Boolean
41 42 43 |
# File 'lib/rack/authenticate/middleware.rb', line 41 def hmac? :hmac == scheme end |
#request ⇒ Object
55 56 57 |
# File 'lib/rack/authenticate/middleware.rb', line 55 def request @request ||= ::Rack::Request.new(@env) end |
#secret_key ⇒ Object
92 93 94 |
# File 'lib/rack/authenticate/middleware.rb', line 92 def secret_key @configuration.hmac_secret_key_for(access_id) end |
#valid? ⇒ Boolean
104 105 106 107 108 109 |
# File 'lib/rack/authenticate/middleware.rb', line 104 def valid? provided? && secret_key && valid_current_date? && calculated_digest == given_digest end |
#valid_current_date? ⇒ Boolean
63 64 65 66 67 68 69 70 71 |
# File 'lib/rack/authenticate/middleware.rb', line 63 def valid_current_date? = Time.httpdate(date) rescue ArgumentError return false else tolerance = @configuration. * 60 now = Time.now (now - tolerance) <= && (now + tolerance) >= end |