Class: ApiSigv2::Validator
- Inherits:
-
Object
- Object
- ApiSigv2::Validator
- Defined in:
- lib/api_sigv2/validator.rb
Overview
Validate a request
request = {
http_method: 'PUT',
url: 'https://domain.com',
headers: {
'Authorization' => 'API-HMAC-SHA256 Credential=access_key/20191227/api_request...',
'Host' => 'example.com,
'X-Content-Sha256' => '...',
'X-Datetime' => '2019-12-27T09:13:14.873+0000'
},
body: 'body'
}
validator = ApiSigv2::Validator.new(request, uri_escape_path: true)
validator.access_key # get key from request headers
validator.valid?('secret_key')
Instance Attribute Summary collapse
-
#request ⇒ Object
readonly
Returns the value of attribute request.
Instance Method Summary collapse
- #access_key ⇒ Object
-
#initialize(request, options = {}) ⇒ Validator
constructor
A new instance of Validator.
- #signed_headers ⇒ Object
-
#valid?(secret_key) ⇒ Boolean
Validate a signature.
- #valid_authorization? ⇒ Boolean
- #valid_credential? ⇒ Boolean
- #valid_signature?(secret_key) ⇒ Boolean
- #valid_timestamp? ⇒ Boolean
Constructor Details
#initialize(request, options = {}) ⇒ Validator
Returns a new instance of Validator.
24 25 26 27 |
# File 'lib/api_sigv2/validator.rb', line 24 def initialize(request, = {}) @request = request @options = end |
Instance Attribute Details
#request ⇒ Object (readonly)
Returns the value of attribute request.
22 23 24 |
# File 'lib/api_sigv2/validator.rb', line 22 def request @request end |
Instance Method Details
#access_key ⇒ Object
29 30 31 32 33 |
# File 'lib/api_sigv2/validator.rb', line 29 def access_key return unless valid_credential? @access_key ||= auth_header.credential.split('/')[0] end |
#signed_headers ⇒ Object
35 36 37 |
# File 'lib/api_sigv2/validator.rb', line 35 def signed_headers @signed_headers ||= headers.slice(*auth_header.signed_headers) end |
#valid?(secret_key) ⇒ Boolean
Validate a signature. Returns boolean
validator.valid?('secret_key_here')
45 46 47 |
# File 'lib/api_sigv2/validator.rb', line 45 def valid?(secret_key) && && valid_signature?(secret_key) end |
#valid_authorization? ⇒ Boolean
49 50 51 |
# File 'lib/api_sigv2/validator.rb', line 49 def valid_credential? && !auth_header.signature.nil? end |
#valid_credential? ⇒ Boolean
53 54 55 |
# File 'lib/api_sigv2/validator.rb', line 53 def valid_credential? !auth_header.credential.nil? end |
#valid_signature?(secret_key) ⇒ Boolean
61 62 63 64 65 66 67 68 69 70 71 |
# File 'lib/api_sigv2/validator.rb', line 61 def valid_signature?(secret_key) return false unless secret_key signer = Signer.new(access_key, secret_key, @options) data = signer.sign_request(request) Utils.secure_compare( auth_header.signature, data.signature ) end |
#valid_timestamp? ⇒ Boolean
57 58 59 |
# File 'lib/api_sigv2/validator.rb', line 57 def && ttl_range.cover?(.to_time) end |