Class: Akamai::AuthToken

Inherits:
Object
  • Object
show all
Defined in:
lib/akamai/authtoken.rb

Constant Summary collapse

@@acl_delimiter = 
'!'

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(token_type: nil, token_name: '__token__', key: nil, algorithm: 'sha256', salt: nil, start_time: nil, end_time: nil, window_seconds: nil, field_delimiter: '~', escape_early: false, verbose: false) ⇒ AuthToken

Returns a new instance of AuthToken.



40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/akamai/authtoken.rb', line 40

def initialize(token_type: nil, token_name: '__token__', key: nil,
        algorithm: 'sha256', salt: nil, start_time: nil, end_time: nil,
        window_seconds: nil, field_delimiter: '~', escape_early: false, verbose: false)

    @token_type = token_type
    @token_name = token_name
    @start_time = start_time
    @end_time = end_time
    @window_seconds = window_seconds
    if !key || key.length <= 0
        raise AuthTokenError, 
            'You must provide a secret in order to generate a new token.'
    end
    @key = key
    @algorithm = algorithm
    @salt = salt
    @field_delimiter = field_delimiter
    @escape_early = escape_early
    @verbose = verbose
end

Instance Attribute Details

#acl_delimiterObject

Returns the value of attribute acl_delimiter.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def acl_delimiter
  @acl_delimiter
end

#algorithmObject

Returns the value of attribute algorithm.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def algorithm
  @algorithm
end

#end_timeObject

Returns the value of attribute end_time.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def end_time
  @end_time
end

#escape_earlyObject

Returns the value of attribute escape_early.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def escape_early
  @escape_early
end

#field_delimiterObject

Returns the value of attribute field_delimiter.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def field_delimiter
  @field_delimiter
end

#keyObject

Returns the value of attribute key.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def key
  @key
end

#saltObject

Returns the value of attribute salt.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def salt
  @salt
end

#start_timeObject

Returns the value of attribute start_time.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def start_time
  @start_time
end

#token_nameObject

Returns the value of attribute token_name.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def token_name
  @token_name
end

#token_typeObject

Returns the value of attribute token_type.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def token_type
  @token_type
end

#verboseObject

Returns the value of attribute verbose.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def verbose
  @verbose
end

#window_secondseObject

Returns the value of attribute window_secondse.



31
32
33
 
# File 'lib/akamai/authtoken.rb', line 31

def window_secondse
  @window_secondse
end

Class Method Details

.ACL_DELIMITERObject 



36
37
38
 
# File 'lib/akamai/authtoken.rb', line 36

def self.ACL_DELIMITER
    @@acl_delimiter
end

Instance Method Details

#_escapeEarly(text) ⇒ Object 



61
62
63
64
65
66
67
 
# File 'lib/akamai/authtoken.rb', line 61

def _escapeEarly(text)
    if @escape_early
        return CGI::escape(text).gsub(/(%..)/) {$1.downcase}
    else
        return text
    end
end

#generateToken(url: nil, acl: nil, start_time: nil, end_time: nil, window_seconds: nil, ip: nil, payload: nil, session_id: nil) ⇒ Object 



69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
 
# File 'lib/akamai/authtoken.rb', line 69

def generateToken(url: nil, acl: nil, start_time: nil, end_time: nil, window_seconds: nil,
                ip: nil, payload: nil, session_id: nil)
    
    if !start_time
        start_time = @start_time
    end
    if !end_time
        end_time = @end_time
    end
    if !window_seconds
        window_seconds = @window_seconds
    end

    if start_time.to_s.downcase == 'now'
        start_time = Time.new.getgm.to_i
    elsif start_time
        begin
            if start_time <= 0
                raise AuthTokenError, 'start_time must be ( > 0 )'
            end
        rescue
            raise AuthTokenError, 'start_time must be numeric or now'
        end
        
    end

    if end_time
        begin
            if end_time <= 0
                raise AuthTokenError, 'end_time must be ( > 0 )'
            end
        rescue
            raise AuthTokenError, 'end_time must be numeric'
        end
    end

    if window_seconds
        begin
            if window_seconds <= 0
                raise AuthTokenError, 'window_seconds must be ( > 0 )'
            end
        rescue
            raise AuthTokenError, 'window_seconds must be numeric'
        end
    end

    if !end_time
        if window_seconds.to_i > 0
            if !start_time
                end_time = Time.new.getgm.to_i + window_seconds
            else
                end_time = start_time + window_seconds
            end
        else
            raise AuthTokenError, 'You must provide an expiration time or a duration window..'
        end
    end

    if start_time && end_time <= start_time
        raise AuthTokenError, 'Token will have already expired.'
    end

    if (!acl && !url) || (acl && url)
        raise AuthTokenError, 'You must provide a URL or an ACL'
    end

    if @verbose
        puts "Akamai Token Generation Parameters"
        puts "Token Type      : #{@token_type}"
        puts "Token Name      : #{@token_name}"
        puts "Start Time      : #{start_time}"
        puts "End Time        : #{end_time}"
        puts "Window(seconds) : #{window_seconds}"
        puts "IP              : #{ip}"
        puts "URL             : #{url}"
        puts "ACL             : #{acl}"
        puts "Key/Secret      : #{@key}"
        puts "Payload         : #{payload}"
        puts "Algo            : #{@algo}"
        puts "Salt            : #{@salt}"
        puts "Session ID      : #{session_id}"
        puts "Field Delimiter : #{@field_delimiter}"
        puts "ACL Delimiter   : #{@@acl_delimiter}"
        puts "Escape Early    : #{@escape_early}"
    end

    hash_code = Array.new
    new_token = Array.new

    if ip
        new_token.push('ip=%s' % _escapeEarly(ip))
    end
    if start_time
        new_token.push('st=%s' % start_time)
    end
    new_token.push('exp=%s' % end_time)

    if acl
        new_token.push('acl=%s' % acl)
    end
    if session_id
        new_token.push('id=%s' % _escapeEarly(session_id))
    end
    if payload
       new_token.push('data=%s' % _escapeEarly(payload))
    end

    hash_code = new_token.clone
    
    if url and !acl
        hash_code.push('url=%s' % _escapeEarly(url))
    end

    if @salt
        hash_code.push('salt=%s' % @salt)
    end
    if !(['sha256', 'sha1', 'md5'].include? @algorithm)
        raise AuthTokenError, 'Unknown algorithm'
    end
    
    bin_key = Array(@key.gsub(/\s/,'')).pack("H*")
    digest = OpenSSL::Digest.new(@algorithm)
    token_hmac = OpenSSL::HMAC.new(bin_key, digest)
    token_hmac.update(hash_code.join(@field_delimiter))

    new_token.push('hmac=%s' % token_hmac)

    return new_token.join(@field_delimiter)
end