Sha256: 64753e06213fee80bfdb49efd8b7c3e563d7b53a172d71b27e66402b1e599918

Contents?: true

Size: 1.27 KB

Versions: 7

Compression:

Stored size: 1.27 KB

Contents

require "digest"

module Rack::Insight

  class ParamsSignature
    extend ERB::Util

    def self.sign(request, hash)
      #puts "ParamsSignature#sign called!: #{caller.first}"
      parts = []

      hash.keys.sort.each do |key|
        parts << "#{key}=#{u(hash[key])}"
      end

      hancock = new(request).signature(hash)
      parts << "hash=#{u(hancock)}"

      parts.join("&amp;")
    end

    attr_reader :request

    def initialize(request)
      @request = request
    end

    def secret_key
      @request.env['rack-insight.secret_key']
    end

    def secret_key_blank?
      secret_key.nil? || secret_key == ""
    end

    def validate!
      if secret_key_blank?
        raise SecurityError.new("Missing secret key")
      elsif request.params["hash"] != signature(request.params)
        #puts "request params hash: #{request.params}\nsignature: #{signature(request.params)}"
        raise SecurityError.new("Invalid query hash.")
      end
    end

    def signature(params)
      Digest::SHA1.hexdigest(signature_base(params))
    end

    def signature_base(params)
      hancock = []
      hancock << secret_key

      params.keys.sort.each do |key|
        next if key == "hash"
        hancock << params[key].to_s
      end

      hancock.join(":")
    end

  end

end

Version data entries

7 entries across 7 versions & 1 rubygems

Version Path
rack-insight-0.6.4 lib/rack/insight/params_signature.rb
rack-insight-0.6.3 lib/rack/insight/params_signature.rb
rack-insight-0.6.2 lib/rack/insight/params_signature.rb
rack-insight-0.5.30 lib/rack/insight/params_signature.rb
rack-insight-0.5.29 lib/rack/insight/params_signature.rb
rack-insight-0.5.28 lib/rack/insight/params_signature.rb
rack-insight-0.5.27 lib/rack/insight/params_signature.rb