module IMS::LTI::RequestValidator
A mixin for OAuth request validation
Attributes
oauth_signature_validator[R]
Public Instance Methods
request_oauth_nonce()
click to toggle source
convenience method for getting the oauth nonce from the request
# File lib/ims/lti/request_validator.rb, line 46 def request_oauth_nonce @oauth_signature_validator && @oauth_signature_validator.request.oauth_nonce end
request_oauth_timestamp()
click to toggle source
convenience method for getting the oauth timestamp from the request
# File lib/ims/lti/request_validator.rb, line 51 def request_oauth_timestamp @oauth_signature_validator && @oauth_signature_validator.request.oauth_timestamp end
valid_request!(request)
click to toggle source
Check whether the OAuth-signed request is valid and throw error if not
@return [Bool] Whether the request was valid
# File lib/ims/lti/request_validator.rb, line 41 def valid_request!(request) valid_request?(request, false) end
valid_request?(request, handle_error=true)
click to toggle source
Validates and OAuth request using the OAuth Gem - github.com/oauth/oauth-ruby
To validate the OAuth signatures you need to require the appropriate request proxy for your application. For example:
# For a sinatra app: require 'oauth/request_proxy/rack_request' # For a rails app: require 'oauth/request_proxy/action_controller_request'
@return [Bool] Whether the request was valid
# File lib/ims/lti/request_validator.rb, line 18 def valid_request?(request, handle_error=true) begin @oauth_signature_validator = OAuth::Signature.build(request, :consumer_secret => @consumer_secret) @oauth_signature_validator.verify() or raise OAuth::Unauthorized.new(request) true rescue OAuth::Signature::UnknownSignatureMethod if handle_error false else raise $! end rescue OAuth::Unauthorized if handle_error false else raise OAuth::Unauthorized.new(request) end end end