Class: Insight::ParamsSignature

Inherits:

Object

Object
Insight::ParamsSignature

show all

Extended by:

ERB::Util

Defined in:

lib/insight/params_signature.rb

Instance Attribute Summary (collapse)

- (Object) request readonly

Returns the value of attribute request.

Class Method Summary (collapse)

+ (Object) sign(request, hash)

Instance Method Summary (collapse)

- (ParamsSignature) initialize(request) constructor

A new instance of ParamsSignature.
- (Object) secret_key
- (Boolean) secret_key_blank?
- (Object) signature(params)
- (Object) signature_base(params)
- (Object) validate!

Constructor Details

- (`ParamsSignature`) initialize(request)

A new instance of ParamsSignature



23
24
25

# File 'lib/insight/params_signature.rb', line 23

def initialize(request)
  @request = request
end

Instance Attribute Details

- (`Object`) request (readonly)

Returns the value of attribute request



21
22
23

# File 'lib/insight/params_signature.rb', line 21

def request
  @request
end

Class Method Details

+ (`Object`) sign(request, hash)

# File 'lib/insight/params_signature.rb', line 8

def self.sign(request, hash)
  parts = []

  hash.keys.sort.each do |key|
    parts << "#{key}=#{u(hash[key])}"
  end

  signature = new(request).signature(hash)
  parts << "hash=#{u(signature)}"

  parts.join("&amp;")
end

Instance Method Details

- (`Object`) secret_key



27
28
29

# File 'lib/insight/params_signature.rb', line 27

def secret_key
  @request.env['insight.secret_key']
end

- (`Boolean`) secret_key_blank?

Returns:

(Boolean)



31
32
33

# File 'lib/insight/params_signature.rb', line 31

def secret_key_blank?
  secret_key.nil? || secret_key == ""
end

- (`Object`) signature(params)



43
44
45

# File 'lib/insight/params_signature.rb', line 43

def signature(params)
  Digest::SHA1.hexdigest(signature_base(params))
end

- (`Object`) signature_base(params)

# File 'lib/insight/params_signature.rb', line 47

def signature_base(params)
  signature = []
  signature << secret_key

  params.keys.sort.each do |key|
    next if key == "hash"
    signature << params[key].to_s
  end

  signature.join(":")
end

- (`Object`) validate!

# File 'lib/insight/params_signature.rb', line 35

def validate!
  if secret_key_blank?
    raise SecurityError.new("Missing secret key")
  elsif request.params["hash"] != signature(request.params)
    raise SecurityError.new("Invalid query hash.")
  end
end

Class: Insight::ParamsSignature

Instance Attribute Summary (collapse)

Class Method Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (ParamsSignature) initialize(request)

Instance Attribute Details

- (Object) request (readonly)

Class Method Details

+ (Object) sign(request, hash)

Instance Method Details

- (Object) secret_key

- (Boolean) secret_key_blank?

- (Object) signature(params)

- (Object) signature_base(params)

- (Object) validate!

- (`ParamsSignature`) initialize(request)

- (`Object`) request (readonly)

+ (`Object`) sign(request, hash)

- (`Object`) secret_key

- (`Boolean`) secret_key_blank?

- (`Object`) signature(params)

- (`Object`) signature_base(params)

- (`Object`) validate!