Class: OAuth2::MACToken

Inherits:

AccessToken

• Object
• AccessToken
• OAuth2::MACToken

Defined in:

lib/oauth2/mac_token.rb

Instance Attribute Summary

• #algorithm ⇒ Object

  Returns the value of attribute algorithm.

• #secret ⇒ Object readonly

  Returns the value of attribute secret.

Attributes inherited from AccessToken

#client, #expires_at, #expires_in, #options, #params, #refresh_token, #token

Class Method Summary

• .from_access_token(token, secret, options = {}) ⇒ Object

  Generates a MACToken from an AccessToken and secret.

Instance Method Summary

• #header(verb, url) ⇒ Object

  Generate the MAC header.

• #headers ⇒ Object

  Get the headers hash (always an empty hash).

• #initialize(client, token, secret, opts = {}) ⇒ MACToken constructor

  Initalize a MACToken.

• #request(verb, path, opts = {}, &block) ⇒ Object

  Make a request with the MAC Token.

• #signature(timestamp, nonce, verb, uri) ⇒ Object

  Generate the Base64-encoded HMAC digest signature.

Methods inherited from AccessToken

#[], #delete, #expired?, #expires?, from_hash, from_kvform, #get, #patch, #post, #put, #refresh!, #to_hash

Constructor Details

#initialize(client, token, secret, opts = {}) ⇒ MACToken

Initalize a MACToken

Parameters:

• client (Client) —

  the OAuth2::Client instance

• token (String) —

  the Access Token value

• opts (Hash) (defaults to: {}) —

  the options to create the Access Token with

• [String] (Hash) —

  a customizable set of options

Options Hash (opts):

• :refresh_token (String) — default: nil —

  the refresh_token value

• :expires_in (FixNum, String) — default: nil —

  the number of seconds in which the AccessToken will expire

• :expires_at (FixNum, String) — default: nil —

  the epoch time in seconds in which AccessToken will expire

• :algorithm (FixNum, String) — default: hmac-sha-256 —

  the algorithm to use for the HMAC digest (one of ‘hmac-sha-256’, ‘hmac-sha-1’)

# File 'lib/oauth2/mac_token.rb', line 32

def initialize(client, token, secret, opts = {})
  @secret = secret
  self.algorithm = opts.delete(:algorithm) || 'hmac-sha-256'

  super(client, token, opts)
end

Instance Attribute Details

#algorithm ⇒ Object

Returns the value of attribute algorithm.

# File 'lib/oauth2/mac_token.rb', line 20

def algorithm
  @algorithm
end

#secret ⇒ Object (readonly)

Returns the value of attribute secret.

# File 'lib/oauth2/mac_token.rb', line 20

def secret
  @secret
end

Class Method Details

.from_access_token(token, secret, options = {}) ⇒ Object

Generates a MACToken from an AccessToken and secret

Parameters:

• token (AccessToken) —

  the OAuth2::Token instance

• opts (Hash) —

  the options to create the Access Token with

• [String] (Hash) —

  a customizable set of options

See Also:

• #initialize

# File 'lib/oauth2/mac_token.rb', line 16

def self.from_access_token(token, secret, options = {})
  new(token.client, token.token, secret, token.params.merge(:refresh_token => token.refresh_token, :expires_in => token.expires_in, :expires_at => token.expires_at).merge(options))
end

Instance Method Details

#header(verb, url) ⇒ Object

Generate the MAC header

Parameters:

• verb (Symbol) —

  the HTTP request method

• url (String) —

  the HTTP URL path of the request

Raises:

• (ArgumentError)

# File 'lib/oauth2/mac_token.rb', line 63

def header(verb, url)
  timestamp = Time.now.utc.to_i
  nonce = Digest::SHA256.hexdigest([timestamp, SecureRandom.hex].join(':'))

  uri = URI.parse(url)

  raise(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP)

  mac = signature(timestamp, nonce, verb, uri)

  "MAC id=\"#{token}\", ts=\"#{timestamp}\", nonce=\"#{nonce}\", mac=\"#{mac}\""
end

#headers ⇒ Object

Get the headers hash (always an empty hash)

# File 'lib/oauth2/mac_token.rb', line 55

def headers
  {}
end

#request(verb, path, opts = {}, &block) ⇒ Object

Make a request with the MAC Token

Parameters:

• verb (Symbol) —

  the HTTP request method

• path (String) —

  the HTTP URL path of the request

• opts (Hash) (defaults to: {}) —

  the options to make the request with

See Also:

• Client#request

# File 'lib/oauth2/mac_token.rb', line 45

def request(verb, path, opts = {}, &block)
  url = client.connection.build_url(path, opts[:params]).to_s

  opts[:headers] ||= {}
  opts[:headers]['Authorization'] = header(verb, url)

  @client.request(verb, path, opts, &block)
end

#signature(timestamp, nonce, verb, uri) ⇒ Object

Generate the Base64-encoded HMAC digest signature

Parameters:

• timestamp (Fixnum) —

  the timestamp of the request in seconds since epoch

• nonce (String) —

  the MAC header nonce

• verb (Symbol) —

  the HTTP request method

• url (String) —

  the HTTP URL path of the request

# File 'lib/oauth2/mac_token.rb', line 82

def signature(timestamp, nonce, verb, uri)
  signature = [
    timestamp,
    nonce,
    verb.to_s.upcase,
    uri.request_uri,
    uri.host,
    uri.port,
    '', nil
  ].join("\n")

  strict_encode64(OpenSSL::HMAC.digest(@algorithm, secret, signature))
end