oauth2 1.4.10 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -10,15 +10,22 @@ module OAuth2
10
10
  #
11
11
  # Sample usage:
12
12
  # client = OAuth2::Client.new(client_id, client_secret,
13
- # :site => 'http://localhost:8080')
13
+ # :site => 'http://localhost:8080',
14
+ # :auth_scheme => :request_body)
14
15
  #
15
- # params = {:hmac_secret => "some secret",
16
- # # or :private_key => "private key string",
17
- # :iss => "http://localhost:3001",
18
- # :prn => "me@here.com",
19
- # :exp => Time.now.utc.to_i + 3600}
16
+ # claim_set = {
17
+ # :iss => "http://localhost:3001",
18
+ # :aud => "http://localhost:8080/oauth2/token"
19
+ # :sub => "me@example.com",
20
+ # :exp => Time.now.utc.to_i + 3600,
21
+ # }
20
22
  #
21
- # access = client.assertion.get_token(params)
23
+ # encoding = {
24
+ # :algorithm => 'HS256',
25
+ # :key => 'secret_key',
26
+ # }
27
+ #
28
+ # access = client.assertion.get_token(claim_set, encoding)
22
29
  # access.token # actual access_token string
23
30
  # access.get("/api/stuff") # making api calls with access token in header
24
31
  #
@@ -32,45 +39,63 @@ module OAuth2
32
39
 
33
40
  # Retrieve an access token given the specified client.
34
41
  #
35
- # @param [Hash] params assertion params
36
- # pass either :hmac_secret or :private_key, but not both.
42
+ # @param [Hash] claims the hash representation of the claims that should be encoded as a JWT (JSON Web Token)
43
+ #
44
+ # For reading on JWT and claim keys:
45
+ # @see https://github.com/jwt/ruby-jwt
46
+ # @see https://datatracker.ietf.org/doc/html/rfc7519#section-4.1
47
+ # @see https://datatracker.ietf.org/doc/html/rfc7523#section-3
48
+ # @see https://www.iana.org/assignments/jwt/jwt.xhtml
49
+ #
50
+ # There are many possible claim keys, and applications may ask for their own custom keys.
51
+ # Some typically required ones:
52
+ # :iss (issuer)
53
+ # :aud (audience)
54
+ # :sub (subject) -- formerly :prn https://datatracker.ietf.org/doc/html/draft-ietf-oauth-json-web-token-06#appendix-F
55
+ # :exp, (expiration time) -- in seconds, e.g. Time.now.utc.to_i + 3600
56
+ #
57
+ # Note that this method does *not* validate presence of those four claim keys indicated as required by RFC 7523.
58
+ # There are endpoints that may not conform with this RFC, and this gem should still work for those use cases.
59
+ #
60
+ # @param [Hash] encoding_opts a hash containing instructions on how the JWT should be encoded
61
+ # @option algorithm [String] the algorithm with which you would like the JWT to be encoded
62
+ # @option key [Object] the key with which you would like to encode the JWT
37
63
  #
38
- # params :hmac_secret, secret string.
39
- # params :private_key, private key string.
64
+ # These two options are passed directly to `JWT.encode`. For supported encoding arguments:
65
+ # @see https://github.com/jwt/ruby-jwt#algorithms-and-usage
66
+ # @see https://datatracker.ietf.org/doc/html/rfc7518#section-3.1
40
67
  #
41
- # params :iss, issuer
42
- # params :aud, audience, optional
43
- # params :prn, principal, current user
44
- # params :exp, expired at, in seconds, like Time.now.utc.to_i + 3600
68
+ # The object type of `:key` may depend on the value of `:algorithm`. Sample arguments:
69
+ # get_token(claim_set, {:algorithm => 'HS256', :key => 'secret_key'})
70
+ # get_token(claim_set, {:algorithm => 'RS256', :key => OpenSSL::PKCS12.new(File.read('my_key.p12'), 'not_secret')})
45
71
  #
46
- # @param [Hash] opts options
47
- def get_token(params = {}, opts = {})
48
- hash = build_request(params)
49
- @client.get_token(hash, opts.merge('refresh_token' => nil))
72
+ # @param [Hash] request_opts options that will be used to assemble the request
73
+ # @option request_opts [String] :scope the url parameter `scope` that may be required by some endpoints
74
+ # @see https://datatracker.ietf.org/doc/html/rfc7521#section-4.1
75
+ #
76
+ # @param [Hash] response_opts this will be merged with the token response to create the AccessToken object
77
+ # @see the access_token_opts argument to Client#get_token
78
+
79
+ def get_token(claims, encoding_opts, request_opts = {}, response_opts = {})
80
+ assertion = build_assertion(claims, encoding_opts)
81
+ params = build_request(assertion, request_opts)
82
+
83
+ @client.get_token(params, response_opts.merge('refresh_token' => nil))
50
84
  end
51
85
 
52
- def build_request(params)
53
- assertion = build_assertion(params)
86
+ private
87
+
88
+ def build_request(assertion, request_opts = {})
54
89
  {
55
- :grant_type => 'assertion',
56
- :assertion_type => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
57
- :assertion => assertion,
58
- :scope => params[:scope],
59
- }
90
+ grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
91
+ assertion: assertion,
92
+ }.merge(request_opts)
60
93
  end
61
94
 
62
- def build_assertion(params)
63
- claims = {
64
- :iss => params[:iss],
65
- :aud => params[:aud],
66
- :prn => params[:prn],
67
- :exp => params[:exp],
68
- }
69
- if params[:hmac_secret]
70
- JWT.encode(claims, params[:hmac_secret], 'HS256')
71
- elsif params[:private_key]
72
- JWT.encode(claims, params[:private_key], 'RS256')
73
- end
95
+ def build_assertion(claims, encoding_opts)
96
+ raise ArgumentError.new(message: 'Please provide an encoding_opts hash with :algorithm and :key') if !encoding_opts.is_a?(Hash) || (%i[algorithm key] - encoding_opts.keys).any?
97
+
98
+ JWT.encode(claims, encoding_opts[:key], encoding_opts[:algorithm])
74
99
  end
75
100
  end
76
101
  end
@@ -17,6 +17,7 @@ module OAuth2
17
17
  #
18
18
  # @param [Hash] params additional query parameters for the URL
19
19
  def authorize_url(params = {})
20
+ assert_valid_params(params)
20
21
  @client.authorize_url(authorize_params.merge(params))
21
22
  end
22
23
 
@@ -28,8 +29,18 @@ module OAuth2
28
29
  # @note that you must also provide a :redirect_uri with most OAuth 2.0 providers
29
30
  def get_token(code, params = {}, opts = {})
30
31
  params = {'grant_type' => 'authorization_code', 'code' => code}.merge(@client.redirection_params).merge(params)
32
+ params_dup = params.dup
33
+ params.each_key do |key|
34
+ params_dup[key.to_s] = params_dup.delete(key) if key.is_a?(Symbol)
35
+ end
31
36
 
32
- @client.get_token(params, opts)
37
+ @client.get_token(params_dup, opts)
38
+ end
39
+
40
+ private
41
+
42
+ def assert_valid_params(params)
43
+ raise(ArgumentError, 'client_secret is not allowed in authorize URL query params') if params.key?(:client_secret) || params.key?('client_secret')
33
44
  end
34
45
  end
35
46
  end
@@ -17,6 +17,7 @@ module OAuth2
17
17
  #
18
18
  # @param [Hash] params additional query parameters for the URL
19
19
  def authorize_url(params = {})
20
+ assert_valid_params(params)
20
21
  @client.authorize_url(authorize_params.merge(params))
21
22
  end
22
23
 
@@ -26,6 +27,12 @@ module OAuth2
26
27
  def get_token(*)
27
28
  raise(NotImplementedError, 'The token is accessed differently in this strategy')
28
29
  end
30
+
31
+ private
32
+
33
+ def assert_valid_params(params)
34
+ raise(ArgumentError, 'client_secret is not allowed in authorize URL query params') if params.key?(:client_secret) || params.key?('client_secret')
35
+ end
29
36
  end
30
37
  end
31
38
  end
@@ -2,64 +2,6 @@
2
2
 
3
3
  module OAuth2
4
4
  module Version
5
- VERSION = to_s
6
-
7
- module_function
8
-
9
- # The major version
10
- #
11
- # @return [Integer]
12
- def major
13
- 1
14
- end
15
-
16
- # The minor version
17
- #
18
- # @return [Integer]
19
- def minor
20
- 4
21
- end
22
-
23
- # The patch version
24
- #
25
- # @return [Integer]
26
- def patch
27
- 10
28
- end
29
-
30
- # The pre-release version, if any
31
- #
32
- # @return [String, NilClass]
33
- def pre
34
- nil
35
- end
36
-
37
- # The version number as a hash
38
- #
39
- # @return [Hash]
40
- def to_h
41
- {
42
- :major => major,
43
- :minor => minor,
44
- :patch => patch,
45
- :pre => pre,
46
- }
47
- end
48
-
49
- # The version number as an array
50
- #
51
- # @return [Array]
52
- def to_a
53
- [major, minor, patch, pre].compact
54
- end
55
-
56
- # The version number as a string
57
- #
58
- # @return [String]
59
- def to_s
60
- v = [major, minor, patch].compact.join('.')
61
- v += "-#{pre}" if pre
62
- v
63
- end
5
+ VERSION = '2.0.0'.freeze
64
6
  end
65
7
  end
data/lib/oauth2.rb CHANGED
@@ -1,6 +1,17 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ # includes modules from stdlib
4
+ require 'cgi'
5
+ require 'time'
6
+
7
+ # third party gems
8
+ require 'rash'
9
+ require 'version_gem'
10
+
11
+ # includes gem files
12
+ require 'oauth2/version'
3
13
  require 'oauth2/error'
14
+ require 'oauth2/snaky_hash'
4
15
  require 'oauth2/authenticator'
5
16
  require 'oauth2/client'
6
17
  require 'oauth2/strategy/base'
@@ -10,5 +21,12 @@ require 'oauth2/strategy/password'
10
21
  require 'oauth2/strategy/client_credentials'
11
22
  require 'oauth2/strategy/assertion'
12
23
  require 'oauth2/access_token'
13
- require 'oauth2/mac_token'
14
24
  require 'oauth2/response'
25
+
26
+ # The namespace of this library
27
+ module OAuth2
28
+ end
29
+
30
+ OAuth2::Version.class_eval do
31
+ extend VersionGem::Basic
32
+ end
metadata CHANGED
@@ -1,16 +1,16 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.10
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Peter Boling
8
- - Erik Michaels-Ober
9
8
  - Michael Bleigh
9
+ - Erik Michaels-Ober
10
10
  autorequire:
11
11
  bindir: exe
12
12
  cert_chain: []
13
- date: 2022-07-01 00:00:00.000000000 Z
13
+ date: 2022-06-21 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: faraday
@@ -53,123 +53,157 @@ dependencies:
53
53
  - !ruby/object:Gem::Version
54
54
  version: '3.0'
55
55
  - !ruby/object:Gem::Dependency
56
- name: multi_json
56
+ name: multi_xml
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '1.3'
61
+ version: '0.5'
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '1.3'
68
+ version: '0.5'
69
69
  - !ruby/object:Gem::Dependency
70
- name: multi_xml
70
+ name: rack
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - "~>"
73
+ - - ">="
74
74
  - !ruby/object:Gem::Version
75
- version: '0.5'
75
+ version: '1.2'
76
+ - - "<"
77
+ - !ruby/object:Gem::Version
78
+ version: '3'
76
79
  type: :runtime
77
80
  prerelease: false
78
81
  version_requirements: !ruby/object:Gem::Requirement
79
82
  requirements:
80
- - - "~>"
83
+ - - ">="
81
84
  - !ruby/object:Gem::Version
82
- version: '0.5'
85
+ version: '1.2'
86
+ - - "<"
87
+ - !ruby/object:Gem::Version
88
+ version: '3'
83
89
  - !ruby/object:Gem::Dependency
84
- name: rack
90
+ name: rash_alt
85
91
  requirement: !ruby/object:Gem::Requirement
86
92
  requirements:
87
93
  - - ">="
88
94
  - !ruby/object:Gem::Version
89
- version: '1.2'
95
+ version: '0.4'
90
96
  - - "<"
91
97
  - !ruby/object:Gem::Version
92
- version: '3'
98
+ version: '1'
93
99
  type: :runtime
94
100
  prerelease: false
95
101
  version_requirements: !ruby/object:Gem::Requirement
96
102
  requirements:
97
103
  - - ">="
98
104
  - !ruby/object:Gem::Version
99
- version: '1.2'
105
+ version: '0.4'
100
106
  - - "<"
101
107
  - !ruby/object:Gem::Version
102
- version: '3'
108
+ version: '1'
103
109
  - !ruby/object:Gem::Dependency
104
- name: addressable
110
+ name: version_gem
105
111
  requirement: !ruby/object:Gem::Requirement
106
112
  requirements:
107
113
  - - "~>"
108
114
  - !ruby/object:Gem::Version
109
- version: '2.3'
110
- type: :development
115
+ version: '1.0'
116
+ type: :runtime
111
117
  prerelease: false
112
118
  version_requirements: !ruby/object:Gem::Requirement
113
119
  requirements:
114
120
  - - "~>"
115
121
  - !ruby/object:Gem::Version
116
- version: '2.3'
122
+ version: '1.0'
123
+ - !ruby/object:Gem::Dependency
124
+ name: addressable
125
+ requirement: !ruby/object:Gem::Requirement
126
+ requirements:
127
+ - - ">="
128
+ - !ruby/object:Gem::Version
129
+ version: '2'
130
+ type: :development
131
+ prerelease: false
132
+ version_requirements: !ruby/object:Gem::Requirement
133
+ requirements:
134
+ - - ">="
135
+ - !ruby/object:Gem::Version
136
+ version: '2'
137
+ - !ruby/object:Gem::Dependency
138
+ name: backports
139
+ requirement: !ruby/object:Gem::Requirement
140
+ requirements:
141
+ - - ">="
142
+ - !ruby/object:Gem::Version
143
+ version: '3'
144
+ type: :development
145
+ prerelease: false
146
+ version_requirements: !ruby/object:Gem::Requirement
147
+ requirements:
148
+ - - ">="
149
+ - !ruby/object:Gem::Version
150
+ version: '3'
117
151
  - !ruby/object:Gem::Dependency
118
152
  name: bundler
119
153
  requirement: !ruby/object:Gem::Requirement
120
154
  requirements:
121
155
  - - ">="
122
156
  - !ruby/object:Gem::Version
123
- version: '1.16'
157
+ version: '2'
124
158
  type: :development
125
159
  prerelease: false
126
160
  version_requirements: !ruby/object:Gem::Requirement
127
161
  requirements:
128
162
  - - ">="
129
163
  - !ruby/object:Gem::Version
130
- version: '1.16'
164
+ version: '2'
131
165
  - !ruby/object:Gem::Dependency
132
166
  name: rake
133
167
  requirement: !ruby/object:Gem::Requirement
134
168
  requirements:
135
169
  - - ">="
136
170
  - !ruby/object:Gem::Version
137
- version: '12.3'
171
+ version: '12'
138
172
  type: :development
139
173
  prerelease: false
140
174
  version_requirements: !ruby/object:Gem::Requirement
141
175
  requirements:
142
176
  - - ">="
143
177
  - !ruby/object:Gem::Version
144
- version: '12.3'
178
+ version: '12'
145
179
  - !ruby/object:Gem::Dependency
146
180
  name: rexml
147
181
  requirement: !ruby/object:Gem::Requirement
148
182
  requirements:
149
- - - "~>"
183
+ - - ">="
150
184
  - !ruby/object:Gem::Version
151
- version: '3.2'
185
+ version: '3'
152
186
  type: :development
153
187
  prerelease: false
154
188
  version_requirements: !ruby/object:Gem::Requirement
155
189
  requirements:
156
- - - "~>"
190
+ - - ">="
157
191
  - !ruby/object:Gem::Version
158
- version: '3.2'
192
+ version: '3'
159
193
  - !ruby/object:Gem::Dependency
160
194
  name: rspec
161
195
  requirement: !ruby/object:Gem::Requirement
162
196
  requirements:
163
- - - "~>"
197
+ - - ">="
164
198
  - !ruby/object:Gem::Version
165
- version: '3.0'
199
+ version: '3'
166
200
  type: :development
167
201
  prerelease: false
168
202
  version_requirements: !ruby/object:Gem::Requirement
169
203
  requirements:
170
- - - "~>"
204
+ - - ">="
171
205
  - !ruby/object:Gem::Version
172
- version: '3.0'
206
+ version: '3'
173
207
  - !ruby/object:Gem::Dependency
174
208
  name: rspec-block_is_expected
175
209
  requirement: !ruby/object:Gem::Requirement
@@ -216,22 +250,16 @@ dependencies:
216
250
  name: rubocop-lts
217
251
  requirement: !ruby/object:Gem::Requirement
218
252
  requirements:
219
- - - ">="
220
- - !ruby/object:Gem::Version
221
- version: 2.0.3
222
253
  - - "~>"
223
254
  - !ruby/object:Gem::Version
224
- version: '2.0'
255
+ version: '8.0'
225
256
  type: :development
226
257
  prerelease: false
227
258
  version_requirements: !ruby/object:Gem::Requirement
228
259
  requirements:
229
- - - ">="
230
- - !ruby/object:Gem::Version
231
- version: 2.0.3
232
260
  - - "~>"
233
261
  - !ruby/object:Gem::Version
234
- version: '2.0'
262
+ version: '8.0'
235
263
  - !ruby/object:Gem::Dependency
236
264
  name: silent_stream
237
265
  requirement: !ruby/object:Gem::Requirement
@@ -265,8 +293,8 @@ files:
265
293
  - lib/oauth2/authenticator.rb
266
294
  - lib/oauth2/client.rb
267
295
  - lib/oauth2/error.rb
268
- - lib/oauth2/mac_token.rb
269
296
  - lib/oauth2/response.rb
297
+ - lib/oauth2/snaky_hash.rb
270
298
  - lib/oauth2/strategy/assertion.rb
271
299
  - lib/oauth2/strategy/auth_code.rb
272
300
  - lib/oauth2/strategy/base.rb
@@ -278,27 +306,14 @@ homepage: https://github.com/oauth-xx/oauth2
278
306
  licenses:
279
307
  - MIT
280
308
  metadata:
309
+ homepage_uri: https://github.com/oauth-xx/oauth2
310
+ source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.0
311
+ changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.0/CHANGELOG.md
281
312
  bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
282
- changelog_uri: https://github.com/oauth-xx/oauth2/blob/v1.4.10/CHANGELOG.md
283
- documentation_uri: https://www.rubydoc.info/gems/oauth2/1.4.10
284
- source_code_uri: https://github.com/oauth-xx/oauth2/tree/v1.4.10
313
+ documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.0
285
314
  wiki_uri: https://github.com/oauth-xx/oauth2/wiki
286
- funding_uri: https://github.com/sponsors/pboling
287
315
  rubygems_mfa_required: 'true'
288
- post_install_message: |2+
289
-
290
- You have installed oauth2 version 1.4.10, which is EOL.
291
- No further support is anticipated for the 1.4.x series.
292
-
293
- OAuth2 version 2 is released.
294
- There are BREAKING changes, but most will not encounter them, and upgrading should be easy!
295
-
296
- Please see:
297
- • https://github.com/oauth-xx/oauth2#what-is-new-for-v20
298
- • https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md
299
-
300
- Please upgrade, report issues, and support the project! Thanks, |7eter l-|. l3oling
301
-
316
+ post_install_message:
302
317
  rdoc_options: []
303
318
  require_paths:
304
319
  - lib
@@ -306,7 +321,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
306
321
  requirements:
307
322
  - - ">="
308
323
  - !ruby/object:Gem::Version
309
- version: 1.9.0
324
+ version: 2.2.0
310
325
  required_rubygems_version: !ruby/object:Gem::Requirement
311
326
  requirements:
312
327
  - - ">="
@@ -1,130 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'base64'
4
- require 'digest'
5
- require 'openssl'
6
- require 'securerandom'
7
-
8
- module OAuth2
9
- class MACToken < AccessToken
10
- # Generates a MACToken from an AccessToken and secret
11
- #
12
- # @param [AccessToken] token the OAuth2::Token instance
13
- # @option [String] secret the secret key value
14
- # @param [Hash] opts the options to create the Access Token with
15
- # @see MACToken#initialize
16
- def self.from_access_token(token, secret, options = {})
17
- new(token.client, token.token, secret, token.params.merge(:refresh_token => token.refresh_token, :expires_in => token.expires_in, :expires_at => token.expires_at).merge(options))
18
- end
19
-
20
- attr_reader :secret, :algorithm
21
-
22
- # Initalize a MACToken
23
- #
24
- # @param [Client] client the OAuth2::Client instance
25
- # @param [String] token the Access Token value
26
- # @option [String] secret the secret key value
27
- # @param [Hash] opts the options to create the Access Token with
28
- # @option opts [String] :refresh_token (nil) the refresh_token value
29
- # @option opts [FixNum, String] :expires_in (nil) the number of seconds in which the AccessToken will expire
30
- # @option opts [FixNum, String] :expires_at (nil) the epoch time in seconds in which AccessToken will expire
31
- # @option opts [FixNum, String] :algorithm (hmac-sha-256) the algorithm to use for the HMAC digest (one of 'hmac-sha-256', 'hmac-sha-1')
32
- def initialize(client, token, secret, opts = {})
33
- @secret = secret
34
- self.algorithm = opts.delete(:algorithm) || 'hmac-sha-256'
35
-
36
- super(client, token, opts)
37
- end
38
-
39
- # Make a request with the MAC Token
40
- #
41
- # @param [Symbol] verb the HTTP request method
42
- # @param [String] path the HTTP URL path of the request
43
- # @param [Hash] opts the options to make the request with
44
- # @see Client#request
45
- def request(verb, path, opts = {}, &block)
46
- url = client.connection.build_url(path, opts[:params]).to_s
47
-
48
- opts[:headers] ||= {}
49
- opts[:headers]['Authorization'] = header(verb, url)
50
-
51
- @client.request(verb, path, opts, &block)
52
- end
53
-
54
- # Get the headers hash (always an empty hash)
55
- def headers
56
- {}
57
- end
58
-
59
- # Generate the MAC header
60
- #
61
- # @param [Symbol] verb the HTTP request method
62
- # @param [String] url the HTTP URL path of the request
63
- def header(verb, url)
64
- timestamp = Time.now.utc.to_i
65
- nonce = Digest::SHA256.hexdigest([timestamp, SecureRandom.hex].join(':'))
66
-
67
- uri = URI.parse(url)
68
-
69
- raise(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP)
70
-
71
- mac = signature(timestamp, nonce, verb, uri)
72
-
73
- "MAC id=\"#{token}\", ts=\"#{timestamp}\", nonce=\"#{nonce}\", mac=\"#{mac}\""
74
- end
75
-
76
- # Generate the Base64-encoded HMAC digest signature
77
- #
78
- # @param [Fixnum] timestamp the timestamp of the request in seconds since epoch
79
- # @param [String] nonce the MAC header nonce
80
- # @param [Symbol] verb the HTTP request method
81
- # @param [String] url the HTTP URL path of the request
82
- def signature(timestamp, nonce, verb, uri)
83
- signature = [
84
- timestamp,
85
- nonce,
86
- verb.to_s.upcase,
87
- uri.request_uri,
88
- uri.host,
89
- uri.port,
90
- '', nil
91
- ].join("\n")
92
-
93
- strict_encode64(OpenSSL::HMAC.digest(@algorithm, secret, signature))
94
- end
95
-
96
- # Set the HMAC algorithm
97
- #
98
- # @param [String] alg the algorithm to use (one of 'hmac-sha-1', 'hmac-sha-256')
99
- def algorithm=(alg)
100
- @algorithm = case alg.to_s
101
- when 'hmac-sha-1'
102
- begin
103
- OpenSSL::Digest('SHA1').new
104
- rescue StandardError
105
- OpenSSL::Digest.new('SHA1')
106
- end
107
- when 'hmac-sha-256'
108
- begin
109
- OpenSSL::Digest('SHA256').new
110
- rescue StandardError
111
- OpenSSL::Digest.new('SHA256')
112
- end
113
- else
114
- raise(ArgumentError, 'Unsupported algorithm')
115
- end
116
- end
117
-
118
- private
119
-
120
- # No-op since we need the verb and path
121
- # and the MAC always goes in a header
122
- def token=(_noop)
123
- end
124
-
125
- # Base64.strict_encode64 is not available on Ruby 1.8.7
126
- def strict_encode64(str)
127
- Base64.encode64(str).delete("\n")
128
- end
129
- end
130
- end