Methods
Public Class
Public Instance
Classes and Modules
Attributes
| secret_key | [R] |
Public Class methods
new(secret_key)
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 712 def initialize(secret_key) 713 @secret_key = secret_key 714 end
Public Instance methods
generate_signature(string)
Uses HMAC-SHA-256 algorithm to generate a signature from the given string using the secret key.
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 753 def generate_signature(string) 754 OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, secret_key, string) 755 end
sign_url(url)
Returns a URL with the signature query parameter
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 717 def sign_url(url) 718 path, query = url.split("?") 719 720 params = Rack::Utils.parse_query(query.to_s) 721 params.merge!("signature" => generate_signature(url)) 722 723 query = Rack::Utils.build_query(params) 724 725 "#{path}?#{query}" 726 end
verify_signature(string, signature)
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 743 def verify_signature(string, signature) 744 if signature.nil? 745 fail InvalidSignature, "missing \"signature\" param" 746 elsif !Rack::Utils.secure_compare(signature, generate_signature(string)) 747 fail InvalidSignature, "provided signature does not match the calculated signature" 748 end 749 end
verify_url(url)
Calculcates the signature from the URL and checks whether it matches the value in the signature query parameter. Raises InvalidSignature if the signature parameter is missing or its value doesn’t match the calculated signature.
[show source]
# File lib/shrine/plugins/derivation_endpoint.rb 732 def verify_url(url) 733 path, query = url.split("?") 734 735 params = Rack::Utils.parse_query(query.to_s) 736 signature = params.delete("signature") 737 738 query = Rack::Utils.build_query(params) 739 740 verify_signature("#{path}?#{query}", signature) 741 end