Contents

require 'openssl'

module Plasticine
  class Authentication

    def initialize(request_url, params={})
      @request_url = request_url
      @params = params
    end

    def expired?
      @params[:timestamp] and Time.parse(@params[:timestamp]) + 12.hours < Time.now
    end

    def valid_token?
      @params[:token] == tokenize
    end

    def tokenize
      OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, token_key, filtered_url)
    end


  private

    def compacted_params
      ps = @params.respond_to?(:to_unsafe_h) ? @params.to_unsafe_h : @params
      ps.map{ |k,v| "#{k}#{v}" if not reserved_params.include?(k.to_s) }.join
    end

    def filtered_url
      url = @request_url.split('?').first.rpartition('/').first + compacted_params
      url.chars.sort.join.gsub('/', '')
    end

    def reserved_params
      ['action', 'class', 'controller', 'format', 'from', 'nature', 'step', 'to', 'token', 'tools', 'update_every', 'version']
    end

    def token_key
      Rails.application.config.secret_key_base
    end
  end
end

Version data entries

10 entries across 10 versions & 1 rubygems

Version	Path
plasticine-1.2.8	lib/plasticine/authentication.rb
plasticine-1.2.7	lib/plasticine/authentication.rb
plasticine-1.2.6	lib/plasticine/authentication.rb
plasticine-1.2.5	lib/plasticine/authentication.rb
plasticine-1.2.4	lib/plasticine/authentication.rb
plasticine-1.2.3	lib/plasticine/authentication.rb
plasticine-1.2.2	lib/plasticine/authentication.rb
plasticine-1.2.1	lib/plasticine/authentication.rb
plasticine-1.2.0	lib/plasticine/authentication.rb
plasticine-1.1.1	lib/plasticine/authentication.rb