class OAuth2::MACToken

Attributes

algorithm[R]
secret[R]

Public Class Methods

from_access_token(token, secret, options = {}) click to toggle source

Generates a MACToken from an AccessToken and secret

@param [AccessToken] token the OAuth2::Token instance @option [String] secret the secret key value @param [Hash] opts the options to create the Access Token with @see MACToken#initialize

# File lib/oauth2/mac_token.rb, line 14
def self.from_access_token(token, secret, options = {})
  new(token.client, token.token, secret, token.params.merge(:refresh_token => token.refresh_token, :expires_in => token.expires_in, :expires_at => token.expires_at).merge(options))
end
new(client, token, secret, opts = {}) click to toggle source

Initalize a MACToken

@param [Client] client the OAuth2::Client instance @param [String] token the Access Token value @option [String] secret the secret key value @param [Hash] opts the options to create the Access Token with @option opts [String] :refresh_token (nil) the refresh_token value @option opts [FixNum, String] :expires_in (nil) the number of seconds in which the AccessToken will expire @option opts [FixNum, String] :expires_at (nil) the epoch time in seconds in which AccessToken will expire @option opts [FixNum, String] :algorithm (hmac-sha-256) the algorithm to use for the HMAC digest (one of 'hmac-sha-256', 'hmac-sha-1')

Calls superclass method OAuth2::AccessToken.new
# File lib/oauth2/mac_token.rb, line 30
def initialize(client, token, secret, opts = {})
  @secret = secret
  self.algorithm = opts.delete(:algorithm) || 'hmac-sha-256'

  super(client, token, opts)
end

Public Instance Methods

algorithm=(alg) click to toggle source

Set the HMAC algorithm

@param [String] alg the algorithm to use (one of 'hmac-sha-1', 'hmac-sha-256')

# File lib/oauth2/mac_token.rb, line 97
def algorithm=(alg)
  @algorithm = begin
    case alg.to_s
    when 'hmac-sha-1'
      OpenSSL::Digest::SHA1.new
    when 'hmac-sha-256'
      OpenSSL::Digest::SHA256.new
    else
      raise(ArgumentError, 'Unsupported algorithm')
    end
  end
end
header(verb, url) click to toggle source

Generate the MAC header

@param [Symbol] verb the HTTP request method @param [String] url the HTTP URL path of the request

# File lib/oauth2/mac_token.rb, line 61
def header(verb, url)
  timestamp = Time.now.utc.to_i
  nonce = Digest::MD5.hexdigest([timestamp, SecureRandom.hex].join(':'))

  uri = URI.parse(url)

  raise(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP)

  mac = signature(timestamp, nonce, verb, uri)

  "MAC id=\"#{token}\", ts=\"#{timestamp}\", nonce=\"#{nonce}\", mac=\"#{mac}\""
end
headers() click to toggle source

Get the headers hash (always an empty hash)

# File lib/oauth2/mac_token.rb, line 53
def headers
  {}
end
request(verb, path, opts = {}, &block) click to toggle source

Make a request with the MAC Token

@param [Symbol] verb the HTTP request method @param [String] path the HTTP URL path of the request @param [Hash] opts the options to make the request with @see OAuth2::Client#request

# File lib/oauth2/mac_token.rb, line 43
def request(verb, path, opts = {}, &block)
  url = client.connection.build_url(path, opts[:params]).to_s

  opts[:headers] ||= {}
  opts[:headers]['Authorization'] = header(verb, url)

  @client.request(verb, path, opts, &block)
end
signature(timestamp, nonce, verb, uri) click to toggle source

Generate the Base64-encoded HMAC digest signature

@param [Fixnum] timestamp the timestamp of the request in seconds since epoch @param [String] nonce the MAC header nonce @param [Symbol] verb the HTTP request method @param [String] url the HTTP URL path of the request

# File lib/oauth2/mac_token.rb, line 80
def signature(timestamp, nonce, verb, uri)
  signature = [
    timestamp,
    nonce,
    verb.to_s.upcase,
    uri.request_uri,
    uri.host,
    uri.port,
    '', nil
  ].join("\n")

  strict_encode64(OpenSSL::HMAC.digest(@algorithm, secret, signature))
end

Private Instance Methods

strict_encode64(str) click to toggle source

Base64.strict_encode64 is not available on Ruby 1.8.7

# File lib/oauth2/mac_token.rb, line 118
def strict_encode64(str)
  Base64.encode64(str).delete("\n")
end
token=(_) click to toggle source

No-op since we need the verb and path and the MAC always goes in a header

# File lib/oauth2/mac_token.rb, line 114
def token=(_)
end