Changeset 1750
- Timestamp:
- 08/20/08 11:39:14 (3 months ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
hive/trunk/data_webapp/lib/worker_bee_authorization.rb
r1748 r1750 5 5 6 6 class << self 7 # Configuration is loaded when this module is included in another (ActionController) 8 def included(base) 9 bee_config = YAML.load(ERB.new(IO.read("#{RAILS_ROOT}/config/worker_bee.yml")).result) 10 @@configuration = bee_config["bee"].symbolize_keys 11 end 12 7 13 def configuration=(config) 8 14 @@configuration = config … … 12 18 @@configuration 13 19 end 20 14 21 end 15 22 … … 18 25 # Check the request is properly signed 19 26 def verify_signed_request 20 render :json => ["Not Allowed"], :status => 403 unless @@configuration["activate"] 21 22 unless valid_signed_request? 27 unless @@configuration[:activate] && valid_signed_request? 23 28 render :json => ["Unauthorized"], :status => 401 24 29 end … … 27 32 # Verify the incoming request 28 33 def valid_signed_request? 29 auth_headers = request.headers["A uthorization"]34 auth_headers = request.headers["AUTHORIZATION"] 30 35 method = request.method.to_s.upcase 31 date = request.headers["D ate"]36 date = request.headers["DATE"] 32 37 path = request.path 33 contentType = request. headers["Content-Type"]38 contentType = request.content_type 34 39 35 40 pieces = auth_headers.split(":") … … 37 42 inKey = pieces[1] 38 43 inSignature = pieces[2] 39 outSignature = sign_request(@@configuration[ "secret_key"].strip,method,path,date,contentType)44 outSignature = sign_request(@@configuration[:secret_key].strip,method,path,date,contentType) 40 45 41 (inKey.strip == @@configuration[ "access_key"].strip) && (inSignature.strip == outSignature.strip)46 (inKey.strip == @@configuration[:access_key].strip) && (inSignature.strip == outSignature.strip) 42 47 else 43 48 false … … 48 53 def sign_request(sk,method,path,date,content_type) 49 54 data = [method,path,date,content_type].join("\n") 55 #puts "Controller signing: #{data}\n" 50 56 digest = OpenSSL::Digest::Digest.new('sha1') 51 57 Base64.encode64(OpenSSL::HMAC.digest(digest, sk, data.to_s))
