appoxy_api 0.0.1 → 0.0.2

data/lib/api/api_controller.rb

@@ -9,11 +9,24 @@ module Appoxy
 #                rescue_from Api::ApiError, :with => :send_error
         # before_filter :verify_signature(params)
 
-        # Your Controller must define a sig_should method which will return the signature to compare against.
+        # Your Controller must define a secret_key_for_signature method which will return the secret key to use to generate signature.
 
         module ApiController
 
-            def verify_signature(params, operation)
+            def verify_signature
+
+                if request.put?
+                    # We'll extract params from body instead here
+                    # todo: maybe check for json format first in case this is a file or something?
+                    body = request.body.read
+                    puts 'body=' + body.inspect
+                    params2 = ActiveSupport::JSON.decode(body)
+                    puts 'params2=' + params2.inspect
+                    params.merge! params2
+                end
+
+                operation = "#{controller_name}/#{action_name}"
+                puts "XXX " + operation
 
 #            puts 'params in base=' + params.inspect
 
@@ -22,15 +35,15 @@ module Appoxy
                 timestamp = params["timestamp"]
                 sig = params["sig"]
 
-                raise Api::SigError, "No access_key" if access_key.nil?
-                raise Api::SigError, "No sigv" if sigv.nil?
-                raise Api::SigError, "No timestamp" if timestamp.nil?
-                raise Api::SigError, "No sig" if sig.nil?
+                raise Appoxy::Api::ApiError, "No access_key" if access_key.nil?
+                raise Appoxy::Api::ApiError, "No sigv" if sigv.nil?
+                raise Appoxy::Api::ApiError, "No timestamp" if timestamp.nil?
+                raise Appoxy::Api::ApiError, "No sig" if sig.nil?
 
-                # todo: verify sig!  Use SimpleWorker::HttpEnabled signature methods
-                sig2 = Appoxy::Api::Signatures.generate_signature(operation, timestamp, @project.secret_key)
+                sig2 = Appoxy::Api::Signatures.generate_signature(operation, timestamp, secret_key_for_signature(access_key))
+                raise Appoxy::Api::ApiError, "Invalid signature!" unless sig == sig2
 
-                raise Api::ApiError, "Invalid signature!" unless sig_should == sig2
+                puts 'Verified OK'
 
             end
 
@@ -41,11 +54,11 @@ module Appoxy
 
             def send_ok(msg={})
                 response_as_string = '' # in case we want to add debugging or something
-                respond_to do |format|
-                    #                format.json { render :json=>msg }
-                    response_as_string = render_to_string :json => msg
-                    render :json => response_as_string
-                end
+#                respond_to do |format|
+                #                format.json { render :json=>msg }
+                response_as_string = render_to_string :json => msg
+                render :json => response_as_string
+#                end
                 true
             end
 

data/lib/api/client.rb

@@ -5,12 +5,12 @@ module Appoxy
         #  host: endpoint url for service
         class Client
 
-            attr_accessor :access_key, :secret_key
+            attr_accessor :host, :access_key, :secret_key
 
             def initialize(host, access_key, secret_key, options={})
+                @host = host
                 @access_key = access_key
                 @secret_key = secret_key
-
             end
 
             def get(method, params={}, options={})
@@ -36,6 +36,6 @@ module Appoxy
 
 
         end
-        
+
     end
 end

data/lib/api/client_helper.rb

@@ -76,6 +76,7 @@ module Appoxy
                         raise ClientError.new(res.class.name, ActiveSupport::JSON.decode(res.body))
                     else
                         #res.error
+                        puts 'ERROR BODY=' + res.body
                         raise ServiceError.new(res.class.name, res.body)
                 end
                 return ret

data/lib/api/signatures.rb

@@ -8,11 +8,7 @@ module Appoxy
             end
 
             def self.generate_signature(operation, timestamp, secret_key)
-#                if USE_EMBEDDED_HMAC
-#                    my_sha_hmac = HMAC::SHA1.digest(secret_key, operation + timestamp)
-#                else
                 my_sha_hmac = Digest::HMAC.digest(operation + timestamp, secret_key, Digest::SHA1)
-#                end
                 my_b64_hmac_digest = Base64.encode64(my_sha_hmac).strip
                 return my_b64_hmac_digest
             end

data/lib/appoxy_api.rb

@@ -1,5 +1,10 @@
-
+require 'active_support'
+require 'digest/hmac'
+require 'net/http'
+require 'base64'
+  
 require File.join(File.dirname(__FILE__), "api", "api_controller")
 require File.join(File.dirname(__FILE__), "api", "client_helper")
 require File.join(File.dirname(__FILE__), "api", "signatures")
+require File.join(File.dirname(__FILE__), "api", "client")
 

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 0
-  - 1
-  version: 0.0.1
+  - 2
+  version: 0.0.2
 platform: ruby
 authors: 
 - Travis Reeder