2
# Author:: Daniel DeLeo (<dan@opscode.com>)
3
# Copyright:: Copyright (c) 2010 Opscode, Inc.
4
# License:: Apache License, Version 2.0
6
# Licensed under the Apache License, Version 2.0 (the "License");
7
# you may not use this file except in compliance with the License.
8
# You may obtain a copy of the License at
10
# http://www.apache.org/licenses/LICENSE-2.0
12
# Unless required by applicable law or agreed to in writing, software
13
# distributed under the License is distributed on an "AS IS" BASIS,
14
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
# See the License for the specific language governing permissions and
16
# limitations under the License.
19
require 'mixlib/authentication'
23
class HTTPAuthenticationRequest
25
MANDATORY_HEADERS = [:x_ops_sign, :x_ops_userid, :x_ops_timestamp, :host, :x_ops_content_hash]
29
def initialize(request)
31
@request_signature = nil
36
@headers ||= @request.env.inject({ }) { |memo, kv| memo[$2.gsub(/\-/,"_").downcase.to_sym] = kv[1] if kv[0] =~ /^(HTTP_)(.*)/; memo }
47
def signing_description
48
headers[:x_ops_sign].chomp
52
headers[:x_ops_userid].chomp
56
headers[:x_ops_timestamp].chomp
64
headers[:x_ops_content_hash].chomp
68
unless @request_signature
69
@request_signature = headers.find_all { |h| h[0].to_s =~ /^x_ops_authorization_/ }.sort { |x,y| x.to_s <=> y.to_s}.map { |i| i[1] }.join("\n")
70
Mixlib::Authentication::Log.debug "Reconstituted (user-supplied) request signature: #{@request_signature}"
77
missing_headers = MANDATORY_HEADERS - headers.keys
78
unless missing_headers.empty?
79
missing_headers.map! { |h| h.to_s.upcase }
80
raise MissingAuthenticationHeader, "missing required authentication header(s) '#{missing_headers.join("', '")}'"