class ApiAuth::Headers

Builds the canonical string given a request object.

Public Class Methods

new(request) click to toggle source
# File lib/api_auth/headers.rb, line 8
def initialize(request)
  @original_request = request
  @request = initialize_request_driver(request)
  true
end

Public Instance Methods

authorization_header() click to toggle source

Returns the authorization header from the request’s headers

# File lib/api_auth/headers.rb, line 51
def authorization_header
  @request.authorization_header
end
calculate_md5() click to toggle source
# File lib/api_auth/headers.rb, line 59
def calculate_md5
  @request.populate_content_md5 if @request.content_md5.empty?
end
canonical_string() click to toggle source

Returns the canonical string computed from the request’s headers

# File lib/api_auth/headers.rb, line 42
def canonical_string
  [ @request.content_type,
    @request.content_md5,
    @request.request_uri.gsub(/https?:\/\/[^(,|\?|\/)]*/,''), # remove host
    @request.timestamp
  ].join(",")
end
md5_mismatch?() click to toggle source
# File lib/api_auth/headers.rb, line 63
def md5_mismatch?
  if @request.content_md5.empty?
    false
  else
    @request.md5_mismatch?
  end
end
set_date() click to toggle source
# File lib/api_auth/headers.rb, line 55
def set_date
  @request.set_date if @request.timestamp.empty?
end
sign_header(header) click to toggle source

Sets the request’s authorization header with the passed in value. The header should be the ApiAuth HMAC signature.

This will return the original request object with the signed Authorization header already in place.

# File lib/api_auth/headers.rb, line 76
def sign_header(header)
  @request.set_auth_header header
end
timestamp() click to toggle source

Returns the request timestamp

# File lib/api_auth/headers.rb, line 37
def timestamp
   @request.timestamp
end

Private Instance Methods

initialize_request_driver(request) click to toggle source
# File lib/api_auth/headers.rb, line 14
def initialize_request_driver(request)
  clazz = request.class.to_s
  if RequestDrivers.drivers.include?(clazz) then
    return RequestDrivers.drivers[clazz].new(request)

  elsif clazz == "ActionController::TestRequest" then
    # special handling for rails 3 vs 4
    if defined?(ActionDispatch) then
      return ActionDispatchRequest.new(request)
    else
      return ActionControllerRequest.new(request)
    end

  elsif Module.const_defined?(:Rack) && Rack.const_defined?(:Request) && request.kind_of?(Rack::Request) then
    # this goes last because TestRequest is also a subclass of Rack::Request
    return RackRequest.new(request)
  end

  raise UnknownHTTPRequest, "#{clazz} is not yet supported."
end