Methods
Public Class
Public Instance
Classes and Modules
Attributes
| secret_key | [R] |
Public Class methods
new(secret_key)
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 714 def initialize(secret_key) 715 @secret_key = secret_key 716 end
Public Instance methods
generate_signature(string)
Uses HMAC-SHA-256 algorithm to generate a signature from the given string using the secret key.
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 755 def generate_signature(string) 756 OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, secret_key, string) 757 end
sign_url(url)
Returns a URL with the signature query parameter
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 719 def sign_url(url) 720 path, query = url.split("?") 721 722 params = Rack::Utils.parse_query(query.to_s) 723 params.merge!("signature" => generate_signature(url)) 724 725 query = Rack::Utils.build_query(params) 726 727 "#{path}?#{query}" 728 end
verify_signature(string, signature)
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 745 def verify_signature(string, signature) 746 if signature.nil? 747 fail InvalidSignature, "missing \"signature\" param" 748 elsif !Rack::Utils.secure_compare(signature, generate_signature(string)) 749 fail InvalidSignature, "provided signature does not match the calculated signature" 750 end 751 end
verify_url(url)
Calculcates the signature from the URL and checks whether it matches the value in the signature query parameter. Raises InvalidSignature if the signature parameter is missing or its value doesn’t match the calculated signature.
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 734 def verify_url(url) 735 path, query = url.split("?") 736 737 params = Rack::Utils.parse_query(query.to_s) 738 signature = params.delete("signature") 739 740 query = Rack::Utils.build_query(params) 741 742 verify_signature("#{path}?#{query}", signature) 743 end