Class: Krn::Auth

Inherits:

Object

• Object
• Krn::Auth

Defined in:

lib/krn/auth.rb

Overview

KRN Auth Class

Instance Attribute Summary

• #crypt_key ⇒ Object

  Returns the value of attribute crypt_key.

• #hmac_secret ⇒ Object

  Returns the value of attribute hmac_secret.

• #name ⇒ Object

  Returns the value of attribute name.

• #rest_key ⇒ Object

  Returns the value of attribute rest_key.

• #rsa_key ⇒ Object

  Returns the value of attribute rsa_key.

Instance Method Summary

• #decrypt(data) ⇒ Object
• #deep_validate(passport: '') ⇒ Object
• #initialize(opts) ⇒ Auth constructor

  Your code goes here…

• #send_request(method: '', path: '', headers: [], body: '') ⇒ Object
• #sign_request(req) ⇒ Object
• #trinity_url ⇒ Object
• #validate(passport: '') ⇒ Object

Constructor Details

#initialize(opts) ⇒ Auth

Your code goes here…

# File 'lib/krn/auth.rb', line 14

def initialize(opts)
  @name = opts[:name]
  @crypt_key = opts[:crypt_key]
  @hmac_secret = opts[:hmac_secret]
  @rest_key = opts[:rest_key]
  @rsa_key  = opts[:rsa_key]
end

Instance Attribute Details

#crypt_key ⇒ Object

Returns the value of attribute crypt_key.

# File 'lib/krn/auth.rb', line 11

def crypt_key
  @crypt_key
end

#hmac_secret ⇒ Object

Returns the value of attribute hmac_secret.

# File 'lib/krn/auth.rb', line 11

def hmac_secret
  @hmac_secret
end

#name ⇒ Object

Returns the value of attribute name.

# File 'lib/krn/auth.rb', line 11

def name
  @name
end

#rest_key ⇒ Object

Returns the value of attribute rest_key.

# File 'lib/krn/auth.rb', line 11

def rest_key
  @rest_key
end

#rsa_key ⇒ Object

Returns the value of attribute rsa_key.

# File 'lib/krn/auth.rb', line 11

def rsa_key
  @rsa_key
end

Instance Method Details

#decrypt(data) ⇒ Object

# File 'lib/krn/auth.rb', line 81

def decrypt(data)
  secretdata = Base64.decode64(data)
  decipher = OpenSSL::Cipher.new('aes-256-cbc')
  iv = 'x' * decipher.iv_len
  decipher.decrypt
  decipher.key = @crypt_key
  f = decipher.update(secretdata) + decipher.final
  f = f[decipher.iv_len..-1]
  JSON.parse(f)
end

#deep_validate(passport: '') ⇒ Object

# File 'lib/krn/auth.rb', line 34

def deep_validate(passport: '')
  uri = URI("#{trinity_url}/deep-validate?token=#{passport}")
  http = Net::HTTP.new(uri.host, uri.port)
  http.use_ssl = true
  req = Net::HTTP::Post.new(uri.path, 'Content-Type' => 'application/json')
  res = http.request(req)
  JSON.parse(res.body)
rescue StandardError
  false
end

#send_request(method: '', path: '', headers: [], body: '') ⇒ Object

# File 'lib/krn/auth.rb', line 45

def send_request(method: '', path: '', headers: [], body: '')
  uri = URI("#{trinity_url}#{path}")
  http = Net::HTTP.new(uri.host, uri.port)
  http.use_ssl = false
  m = Net::HTTP::Post
  m = Net::HTTP::Get if method == 'GET'
  req = m.new(uri.path, 'Content-Type' => 'application/json')

  req['KRN-PARTNER-KEY'] = @rest_key
  req['Date'] = Time.now.getutc
  req['KRN-SIGN-URL'] = uri

  req.body = body

  req = sign_request(req)
  req['Authorization'] = nil

  res = http.request(req)
  JSON.parse(res.body)
rescue StandardError => e
  false
end

#sign_request(req) ⇒ Object

# File 'lib/krn/auth.rb', line 68

def sign_request(req)
  $context = HttpSignatures::Context.new(
    keys: { 'KMM_KEY' => {
      private_key: @rsa_key
    } },
    headers: %w[KRN-SIGN-URL KRN-PARTNER-KEY Date],
    algorithm: 'rsa-sha256'
  )
  $context.signer.sign(req)

  req
end

#trinity_url ⇒ Object

# File 'lib/krn/auth.rb', line 92

def trinity_url
  ENV['KRN_HOST_PREFIX'] ? 'http://' + ENV['KRN_HOST_PREFIX'] + 'trinity.krn.krone.at' : 'https://trinity.krone.at'
end

#validate(passport: '') ⇒ Object

# File 'lib/krn/auth.rb', line 22

def validate(passport: '')
  token_parts = passport.split(':')
  raise 'Validation Failed' if token_parts.first != @name

  begin
    decoded_token = JWT.decode token_parts.last, @hmac_secret
    decrypt(decoded_token.first['payload'])
  rescue StandardError => e
    false
  end
end