Methods
Public Class
Public Instance
Classes and Modules
Attributes
| secret_key | [R] |
Public Class methods
new(secret_key)
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 709 def initialize(secret_key) 710 @secret_key = secret_key 711 end
Public Instance methods
generate_signature(string)
Uses HMAC-SHA-256 algorithm to generate a signature from the given string using the secret key.
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 750 def generate_signature(string) 751 OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, secret_key, string) 752 end
sign_url(url)
Returns a URL with the signature query parameter
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 714 def sign_url(url) 715 path, query = url.split("?") 716 717 params = Rack::Utils.parse_query(query.to_s) 718 params.merge!("signature" => generate_signature(url)) 719 720 query = Rack::Utils.build_query(params) 721 722 "#{path}?#{query}" 723 end
verify_signature(string, signature)
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 740 def verify_signature(string, signature) 741 if signature.nil? 742 fail InvalidSignature, "missing \"signature\" param" 743 elsif !Rack::Utils.secure_compare(signature, generate_signature(string)) 744 fail InvalidSignature, "provided signature does not match the calculated signature" 745 end 746 end
verify_url(url)
Calculcates the signature from the URL and checks whether it matches the value in the signature query parameter. Raises InvalidSignature if the signature parameter is missing or its value doesn’t match the calculated signature.
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 729 def verify_url(url) 730 path, query = url.split("?") 731 732 params = Rack::Utils.parse_query(query.to_s) 733 signature = params.delete("signature") 734 735 query = Rack::Utils.build_query(params) 736 737 verify_signature("#{path}?#{query}", signature) 738 end