Class: OpenGraphPlus::Rails::Signature::Scope

Inherits:

Object

Object
OpenGraphPlus::Rails::Signature::Scope

show all

Defined in:: lib/opengraphplus/rails/signature/scope.rb

Instance Method Summary collapse

#initialize(param: :signature) ⇒ Scope constructor

Rails route constraint that sets up signature verification for controller to handle.
#matches?(request) ⇒ Boolean

Constructor Details

#initialize(param: :signature) ⇒ `Scope`

Rails route constraint that sets up signature verification for controller to handle. Always matches so controller can decide how to handle errors (e.g., show fallback image).

Usage in routes.rb:

scope "signed/:signature", constraints: OpenGraphPlus::Rails::Signature::Scope.new do
  get "opengraph", to: "screenshots#show"
end

Then in controller:

verifier = request.env["opengraphplus.verifier"]
if verifier&.public_key
  api_key = ApiKey.find_by(public_key: verifier.public_key)
  if api_key && verifier.valid?(api_key.secret_key)
    # success
  else
    # invalid signature
  end
else
  # malformed signature
end



29
30
31

# File 'lib/opengraphplus/rails/signature/scope.rb', line 29

def initialize(param: :signature)
  @param = param
end

Instance Method Details

#matches?(request) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/opengraphplus/rails/signature/scope.rb', line 33

def matches?(request)
  signature = request.params[@param]
  return true unless signature

  path_and_query = build_path_and_query(request, signature)
  verifier = OpenGraphPlus::Signature::Verifier.new(signature: signature, path_and_query: path_and_query)

  request.env[ENV_KEY] = verifier

  true
end