Class: OAuth2::Server::Request
- Inherits:
-
Object
- Object
- OAuth2::Server::Request
- Includes:
- Attributes
- Defined in:
- lib/oauth2/server/request.rb
Class Method Summary collapse
Instance Method Summary collapse
- #bearer? ⇒ Boolean
-
#calculate_signature ⇒ Object
Calculates the header signature as described on: tools.ietf.org/html/draft-hammer-oauth2-00#section-5.3.1.
- #cryptographic? ⇒ Boolean
- #errors ⇒ Object
-
#initialize(attributes = {}, &block) ⇒ Request
constructor
A new instance of Request.
- #original_request_header ⇒ Object
-
#request_header ⇒ Object
Overwrite attribute reader #request_header See OAuth2::Server::Attributes.
- #type ⇒ Object
- #valid? ⇒ Boolean
- #validate ⇒ Object
- #validate_access_token ⇒ Object
- #validate_request_header ⇒ Object
- #validate_signature ⇒ Object
Constructor Details
#initialize(attributes = {}, &block) ⇒ Request
Returns a new instance of Request.
28 29 30 |
# File 'lib/oauth2/server/request.rb', line 28 def initialize(attributes = {}, &block) self.attributes.merge!(attributes) end |
Class Method Details
.validate(*args) ⇒ Object
20 21 22 23 24 |
# File 'lib/oauth2/server/request.rb', line 20 def validate(*args) request = new(*args) request.validate request end |
Instance Method Details
#bearer? ⇒ Boolean
57 58 59 60 61 62 63 |
# File 'lib/oauth2/server/request.rb', line 57 def bearer? if request_header.attributes.values.compact.size != 1 return false end not request_header.token.nil? end |
#calculate_signature ⇒ Object
Calculates the header signature as described on: tools.ietf.org/html/draft-hammer-oauth2-00#section-5.3.1
76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
# File 'lib/oauth2/server/request.rb', line 76 def calculate_signature normalized_string = [ request_header., request_header.nonce, request_header.algorithm, method.upcase, host_with_port, request_uri ].join(',') digest = HMAC::SHA256.digest(secret, normalized_string) ActiveSupport::Base64.encode64s(digest) end |
#cryptographic? ⇒ Boolean
65 66 67 68 69 70 71 72 |
# File 'lib/oauth2/server/request.rb', line 65 def cryptographic? required_attributes = %w{token nonce timestamp algorithm signature} required_attributes.map! do |attribute| request_header.send(attribute.to_sym).nil? end required_attributes.uniq == [false] end |
#errors ⇒ Object
32 33 34 |
# File 'lib/oauth2/server/request.rb', line 32 def errors @errors ||= [] end |
#original_request_header ⇒ Object
36 |
# File 'lib/oauth2/server/request.rb', line 36 alias_method :original_request_header, :request_header |
#request_header ⇒ Object
Overwrite attribute reader #request_header See OAuth2::Server::Attributes
40 41 42 43 44 45 46 47 48 |
# File 'lib/oauth2/server/request.rb', line 40 def request_header value = original_request_header if value.is_a?(String) value = Headers::Authorization.parse(value) end value end |
#type ⇒ Object
50 51 52 53 54 55 |
# File 'lib/oauth2/server/request.rb', line 50 def type return :bearer if bearer? return :cryptographic if cryptographic? :unknown end |
#valid? ⇒ Boolean
134 135 136 |
# File 'lib/oauth2/server/request.rb', line 134 def valid? @valid end |
#validate ⇒ Object
123 124 125 126 127 128 129 130 131 132 |
# File 'lib/oauth2/server/request.rb', line 123 def validate errors.clear if validate_request_header validate_access_token validate_signature if type == :cryptographic end @valid = errors.empty? end |
#validate_access_token ⇒ Object
100 101 102 103 104 105 106 107 108 109 110 111 112 |
# File 'lib/oauth2/server/request.rb', line 100 def validate_access_token unless access_token errors << :access_token_invalid return false end if access_token_expired? errors << :access_token_expired return false end true end |
#validate_request_header ⇒ Object
114 115 116 117 118 119 120 121 |
# File 'lib/oauth2/server/request.rb', line 114 def validate_request_header unless request_header errors << :missing_authorization_header return false end true end |
#validate_signature ⇒ Object
91 92 93 94 95 96 97 98 |
# File 'lib/oauth2/server/request.rb', line 91 def validate_signature if calculate_signature != request_header.signature errors << :signature_invalid return false end true end |