Module: ApiAuth

Extended by:
Helpers
Defined in:
lib/api_auth/base.rb,
lib/api_auth/errors.rb,
lib/api_auth/headers.rb,
lib/api_auth/helpers.rb,
lib/api_auth/railtie.rb,
lib/api_auth/request_drivers/curb.rb,
lib/api_auth/request_drivers/rack.rb,
lib/api_auth/request_drivers/net_http.rb,
lib/api_auth/request_drivers/rest_client.rb,
lib/api_auth/request_drivers/action_dispatch.rb,
lib/api_auth/request_drivers/action_controller.rb

Overview

The gem will sign your requests on the client side and authenticate that signature on the server side. If your server resources are implemented as a Rails ActiveResource, it will integrate with that. It will even generate the secret keys necessary for your clients to sign their requests.

Defined Under Namespace

Modules: Helpers, RequestDrivers Classes: ApiAuthError, Headers, Rails, UnknownHTTPRequest

Class Method Summary collapse

Methods included from Helpers

b64_encode, capitalize_keys

Class Method Details

.access_id(request) ⇒ Object

Returns the access id from the request's authorization header


40
41
42
43
44
45
46
47
# File 'lib/api_auth/base.rb', line 40

def access_id(request)
  headers = Headers.new(request)
  if match_data = parse_auth_header(headers.authorization_header)
    return match_data[1]
  end

  nil
end

.authentic?(request, secret_key) ⇒ Boolean

Determines if the request is authentic given the request and the client's secret key. Returns true if the request is authentic and false otherwise.

Returns:

  • (Boolean)

33
34
35
36
37
# File 'lib/api_auth/base.rb', line 33

def authentic?(request, secret_key)
  return false if secret_key.nil?

  return !md5_mismatch?(request) && signatures_match?(request, secret_key) && !request_too_old?(request)
end

.generate_secret_keyObject

Generates a Base64 encoded, randomized secret key

Store this key along with the access key that will be used for authenticating the client


53
54
55
56
# File 'lib/api_auth/base.rb', line 53

def generate_secret_key
  random_bytes = OpenSSL::Random.random_bytes(512)
  b64_encode(Digest::SHA2.new(512).digest(random_bytes))
end

.sign!(request, access_id, secret_key) ⇒ Object

Signs an HTTP request using the client's access id and secret key. Returns the HTTP request object with the modified headers.

request: The request can be a Net::HTTP, ActionController::Request, Curb (Curl::Easy) or a RestClient object.

access_id: The public unique identifier for the client

secret_key: assigned secret key that is known to both parties


24
25
26
27
28
29
# File 'lib/api_auth/base.rb', line 24

def sign!(request, access_id, secret_key)
  headers = Headers.new(request)
  headers.calculate_md5
  headers.set_date
  headers.sign_header auth_header(request, access_id, secret_key)
end