Class: Rack::SimpleAuth::HMAC::Request

Inherits:
Request
  • Object
show all
Defined in:
lib/rack/simple_auth/hmac/request.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(env, config) ⇒ Request

Returns a new instance of Request


7
8
9
10
11
# File 'lib/rack/simple_auth/hmac/request.rb', line 7

def initialize(env, config)
  @env = env
  @config = config
  @allowed_messages = build_allowed_messages
end

Instance Attribute Details

#allowed_messagesObject (readonly)

Returns the value of attribute allowed_messages


5
6
7
# File 'lib/rack/simple_auth/hmac/request.rb', line 5

def allowed_messages
  @allowed_messages
end

#configObject (readonly)

Returns the value of attribute config


5
6
7
# File 'lib/rack/simple_auth/hmac/request.rb', line 5

def config
  @config
end

#envObject (readonly)

Returns the value of attribute env


5
6
7
# File 'lib/rack/simple_auth/hmac/request.rb', line 5

def env
  @env
end

Instance Method Details

#authorized?TrueClass, FalseClass (private)

Check if request is authorized

Returns:


87
88
89
# File 'lib/rack/simple_auth/hmac/request.rb', line 87

def authorized?
  signature.eql?(config.signature) && allowed_messages.include?(message)
end

#build_allowed_messagesArray (private)

Builds Array of allowed message hashs between tolerance via #message

Returns:

  • (Array)

33
34
35
36
37
38
39
40
41
42
43
# File 'lib/rack/simple_auth/hmac/request.rb', line 33

def build_allowed_messages
  messages = []

  # Timestamp with milliseconds as Fixnum
  date = (Time.now.to_f.freeze * 1000).to_i
  (-(config.tolerance)..0).step(1) do |i|
    messages << OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), config.secret, build_message(date, i))
  end

  messages
end

#build_message(date, delay = 0) ⇒ String (private)

Build Message for current Request and delay

Parameters:

  • date (Fixnum)
    current date in timestamp format
  • delay (Fixnum) (defaults to: 0)
    delay in timestamp format

Returns:

  • (String)

    message


52
53
54
55
56
# File 'lib/rack/simple_auth/hmac/request.rb', line 52

def build_message(date, delay = 0)
  date += delay

  { 'method' => request_method, 'date' => date, 'data' => data }.to_json
end

#dataString|Hash (private)

Get Request Data specified by config.request_config

Note: REFACTOR this shit..

Returns:

  • (String|Hash)

    data


64
65
66
67
68
# File 'lib/rack/simple_auth/hmac/request.rb', line 64

def data
  return send(config.request_config[request_method].to_sym) if valid_message_type?

  fail "Not a valid option #{config.request_config[request_method]} - Use either params or path"
end

#empty_header?TrueClass, FalseClass (private)

Check if HTTP_AUTHORIZATION Header is set

Returns:

  • (TrueClass)

    if header is set

  • (FalseClass)

    if header is not set


76
77
78
# File 'lib/rack/simple_auth/hmac/request.rb', line 76

def empty_header?
  env['HTTP_AUTHORIZATION'].nil?
end

#logObject (private)

Log to config.logpath Contains:

- allowed messages and received message
- time when request was made
- type of request
- requested path

Note: This is kinda slow under Rubinius

(Rack::SimpleAuth::Logger.log has IO action, i think there are some performance issues)

130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# File 'lib/rack/simple_auth/hmac/request.rb', line 130

def log
  msg =  "#{Time.new} - #{request_method} #{path} - 400 Unauthorized\n"
  msg << "HTTP_AUTHORIZATION: #{env['HTTP_AUTHORIZATION']}\n"
  msg << "Auth Message Config: #{config.request_config[request_method]}\n"

  if allowed_messages
    msg << "Allowed Encrypted Messages:\n"
    allowed_messages.each do |hash|
      msg << "#{hash}\n"
    end
  end

  msg << "Auth Signature: #{config.signature}"

  Rack::SimpleAuth::Logger.log(config.logpath, config.verbose, ENV['RACK_ENV'], msg)
end

#messageString (private)

Get encrypted request message

Returns:

  • (String)

    message of current request


105
106
107
# File 'lib/rack/simple_auth/hmac/request.rb', line 105

def message
  env['HTTP_AUTHORIZATION'].split(':').first
end

#signatureString (private)

Get request signature

Returns:

  • (String)

    signature of current request


96
97
98
# File 'lib/rack/simple_auth/hmac/request.rb', line 96

def signature
  env['HTTP_AUTHORIZATION'].split(':').last
end

#valid?TrueClass, FalseClass

Checks for valid HMAC Request

Returns:

  • (TrueClass)

    if request is authorized

  • (FalseClass)

    if request is not authorized or HTTP_AUTHORIZATION Header is not set


19
20
21
22
23
24
25
# File 'lib/rack/simple_auth/hmac/request.rb', line 19

def valid?
  # log

  return false if empty_header? || !authorized?

  true
end

#valid_message_type?TrueClass, FalseClass (private)

Check if message type for current request is valid

Returns:

  • (TrueClass)

    if message type for current request is path or params

  • (FalseClass)

    if message type is invalid


115
116
117
# File 'lib/rack/simple_auth/hmac/request.rb', line 115

def valid_message_type?
  config.request_config[request_method] == 'path' || config.request_config[request_method] == 'params'
end