Module: WhisplerSignature
- Defined in:
- lib/whispler-signature.rb
Constant Summary collapse
- HEADER =
"X-W-Signature"
Class Method Summary collapse
-
.calculate(api_key, verb, path, headers, body) ⇒ Object
calculate outgoing signature; returns as a hash.
-
.validate?(api_key, req) ⇒ Boolean
validates incoming signature.
Class Method Details
.calculate(api_key, verb, path, headers, body) ⇒ Object
calculate outgoing signature; returns as a hash
{ “X-W-Signature”, “ajhgdkhjgd:kjhgsjkhsgjhksgs” }
9 10 11 12 13 14 15 16 |
# File 'lib/whispler-signature.rb', line 9 def self.calculate(api_key, verb, path, headers, body) api_key = api_key.api_key if api_key.respond_to?(:api_key) return {} unless api_key salt = salt! signature = calc_signature verb, path, body, api_key, salt { HEADER => "#{salt}:#{signature}" } end |
.validate?(api_key, req) ⇒ Boolean
validates incoming signature
-
true: valid request signature
-
false: no request signature
Raises an exception (ArgumentError) is the signature exists, but is invalid.
26 27 28 29 30 31 32 33 34 35 36 37 38 |
# File 'lib/whispler-signature.rb', line 26 def self.validate?(api_key, req) api_key = api_key.api_key if api_key.respond_to?(:api_key) return false unless api_key && signature = req.headers[HEADER] raise ArgumentError, "Invalid signature format" unless signature =~ /^(.+):([^:]+)$/ salt, checksum = $1, $2 sig = calc_signature req.method, req.env["REQUEST_URI"], req.raw_post, api_key, salt raise ArgumentError, "Invalid signature" unless checksum == sig true end |