Class: RestCore::Oauth1Header
- Inherits:
-
Object
- Object
- RestCore::Oauth1Header
show all
- Includes:
- Middleware
- Defined in:
- lib/rest-core/middleware/oauth1_header.rb
Overview
Constant Summary
Constants included
from Middleware
Middleware::UNRESERVED
Constants included
from RestCore
ASYNC, CLIENT, DRY, FAIL, HIJACK, LOG, PROMISE, REQUEST_HEADERS, REQUEST_METHOD, REQUEST_PATH, REQUEST_PAYLOAD, REQUEST_QUERY, RESPONSE_BODY, RESPONSE_HEADERS, RESPONSE_SOCKET, RESPONSE_STATUS, Simple, TIMER, Universal, VERSION
Class Method Summary
collapse
Instance Method Summary
collapse
Methods included from Middleware
contain_binary?, #contain_binary?, escape, #escape, #fail, #id, included, #log, #percent_encode, percent_encode, request_uri, #request_uri, #run, #string_keys, string_keys
Methods included from RestCore
eagerload, id
Class Method Details
.members ⇒ Object
10
11
12
13
14
15
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 10
def self.members
[:request_token_path, :access_token_path, :authorize_path,
:consumer_key, :consumer_secret,
:oauth_callback, :oauth_verifier,
:oauth_token, :oauth_token_secret, :data]
end
|
Instance Method Details
#attach_signature(env, oauth_params) ⇒ Object
42
43
44
45
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 42
def attach_signature env, oauth_params
params = reject_blank(oauth_params)
params.merge('oauth_signature' => escape(signature(env, params)))
end
|
#base_string(env, oauth_params) ⇒ Object
52
53
54
55
56
57
58
59
60
61
62
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 52
def base_string env, oauth_params
method = env[REQUEST_METHOD].to_s.upcase
base_uri = env[REQUEST_PATH]
payload = payload_params(env)
query = reject_blank(env[REQUEST_QUERY])
params = reject_blank(oauth_params.merge(query.merge(payload))).
to_a.sort.map{ |(k, v)|
"#{escape(k.to_s)}=#{escape(v.to_s)}"}.join('&')
"#{method}&#{escape(base_uri)}&#{escape(params)}"
end
|
#call(env, &k) ⇒ Object
17
18
19
20
21
22
23
24
25
26
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 17
def call env, &k
start_time = Time.now
= {'Authorization' => (env)}.
merge(env[REQUEST_HEADERS])
event = Event::WithHeader.new(Time.now - start_time,
"Authorization: #{['Authorization']}")
app.call(log(env.merge(REQUEST_HEADERS => ), event), &k)
end
|
#nonce ⇒ Object
64
65
66
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 64
def nonce
[OpenSSL::Random.random_bytes(32)].pack('m').tr("+/=\n", '')
end
|
28
29
30
31
32
33
34
35
36
37
38
39
40
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 28
def env
= attach_signature(env,
'oauth_consumer_key' => consumer_key(env),
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_timestamp' => Time.now.to_i.to_s,
'oauth_nonce' => nonce,
'oauth_version' => '1.0',
'oauth_callback' => oauth_callback(env),
'oauth_verifier' => oauth_verifier(env),
'oauth_token' => oauth_token(env))
"OAuth #{.map{ |(k, v)| "#{k}=\"#{v}\"" }.join(', ')}"
end
|
#payload_params(env) ⇒ Object
according to OAuth 1.0a spec, only:
Content-Type: application/x-www-form-urlencoded
should take payload as a part of the base_string
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 71
def payload_params env
if env[REQUEST_HEADERS].kind_of?(Hash) &&
env[REQUEST_HEADERS]['Content-Type'] &&
env[REQUEST_HEADERS]['Content-Type'] !=
'application/x-www-form-urlencoded'
{}
elsif contain_binary?(env[REQUEST_PAYLOAD])
{}
else
reject_blank(env[REQUEST_PAYLOAD])
end
end
|
#reject_blank(params) ⇒ Object
93
94
95
96
97
98
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 93
def reject_blank params
params.reject{ |k, v| v.nil? || v == false ||
(v.respond_to?(:strip) &&
v.respond_to?(:empty) &&
v.strip.empty? == true) }
end
|
#signature(env, params) ⇒ Object
47
48
49
50
|
# File 'lib/rest-core/middleware/oauth1_header.rb', line 47
def signature env, params
[Hmac.sha1("#{consumer_secret(env)}&#{oauth_token_secret(env)}",
base_string(env, params))].pack('m').tr("\n", '')
end
|