Class: LockBox
- Inherits:
-
Object
- Object
- LockBox
- Includes:
- HTTParty, LockBoxCache
- Defined in:
- lib/lockbox_middleware.rb
Constant Summary collapse
- @@config =
nil
Class Method Summary collapse
Instance Method Summary collapse
- #auth_response(api_key, env = {}) ⇒ Object
- #call(env) ⇒ Object
- #call!(env) ⇒ Object
-
#initialize(app) ⇒ LockBox
constructor
A new instance of LockBox.
- #protected_paths ⇒ Object
Constructor Details
#initialize(app) ⇒ LockBox
Returns a new instance of LockBox.
38 39 40 41 |
# File 'lib/lockbox_middleware.rb', line 38 def initialize(app) @app = app @cache = LockBoxCache::Cache.new end |
Class Method Details
.config ⇒ Object
12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
# File 'lib/lockbox_middleware.rb', line 12 def self.config return @@config if @@config if defined?(Rails) root_dir = Rails.root else root_dir = '.' end yaml_config = YAML.load_file(File.join(root_dir,'config','lockbox.yml')) return_config = {} environment = Rails.env if defined? Rails environment ||= ENV['RACK_ENV'] environment ||= 'test' if !environment.nil? if !yaml_config['all'].nil? $stderr.puts "The 'all' environment is deprecated in lockbox.yml; use built-in yaml convention instead." return_config = yaml_config['all'] return_config.merge!(yaml_config[environment]) else return_config = yaml_config[environment] end end @@config = return_config end |
Instance Method Details
#auth_response(api_key, env = {}) ⇒ Object
87 88 89 90 91 92 93 94 95 96 97 98 99 |
# File 'lib/lockbox_middleware.rb', line 87 def auth_response(api_key, env={}) if api_key != 'hmac' cached_auth = auth_cache(api_key) if !cached_auth.nil? # currently we don't cache forward headers return {:authorized => cached_auth, :headers => {}} end end auth_response = self.class.get("/authentication/#{api_key}", {:headers => auth_headers(env), :request => {:application_name => LockBox.config['application_name']}}) = (auth_response.code == 200) cache_response_if_allowed(api_key, auth_response) if {:authorized => , :headers => response_headers(auth_response)} end |
#call(env) ⇒ Object
43 44 45 |
# File 'lib/lockbox_middleware.rb', line 43 def call(env) dup.call!(env) end |
#call!(env) ⇒ Object
53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'lib/lockbox_middleware.rb', line 53 def call!(env) #attempt to authenticate any requests to /api request = Rack::Request.new(env) path_protected = false protected_paths.each do |path| if env['PATH_INFO'] =~ path path_protected = true = false key = request['key'] if key.blank? key = 'hmac' end auth = auth_response(key,env) = auth[:authorized] auth_headers = auth[:headers] if app_response = @app.call(env) app_headers = app_response[1] response_headers = app_headers.merge(auth_headers) return [app_response[0], response_headers, app_response[2]] else = "Access Denied" return [401, {'Content-Type' => 'text/plain', 'Content-Length' => "#{.length}"}, []] end end end unless path_protected #pass everything else straight through to app return @app.call(env) end end |
#protected_paths ⇒ Object
47 48 49 50 51 |
# File 'lib/lockbox_middleware.rb', line 47 def protected_paths self.class.config['protect_paths'].map do |path| Regexp.new(path) end end |