Module: SimpleOAuth::Header::ClassMethods Private

Included in:

SimpleOAuth::Header

Defined in:

lib/simple_oauth/header/class_methods.rb

Overview

This module is part of a private API. You should avoid using this module if possible, as it may be removed or be changed in the future.

Class methods for Header - parsing, defaults, and body hashing

Instance Method Summary

• #body_hash(body, algorithm = "SHA1") ⇒ String

  Computes the oauth_body_hash for a request body.

• #default_options(body = nil) ⇒ Hash

  Returns default OAuth options with generated nonce and timestamp.

• #parse(header) ⇒ Hash

  Parses an OAuth Authorization header string into a hash.

• #parse_form_body(body) ⇒ Hash

  Parses OAuth parameters from a form-encoded POST body.

Instance Method Details

#body_hash(body, algorithm = "SHA1") ⇒ String

Computes the oauth_body_hash for a request body

Examples:

SimpleOAuth::Header.body_hash('{"text": "Hello"}')
# => "aOjMoMwMP1RZ0hKa1HryYDlCKck="

Parameters:

• body (String) —

  the raw request body

• algorithm (String) (defaults to: "SHA1") —

  the hash algorithm to use (default: "SHA1")

Returns:

• (String) —

  Base64-encoded hash of the body

# File 'lib/simple_oauth/header/class_methods.rb', line 38

def body_hash(body, algorithm = "SHA1")
  encode_base64(OpenSSL::Digest.digest(algorithm, body || ""))
end

#default_options(body = nil) ⇒ Hash

Returns default OAuth options with generated nonce and timestamp

Examples:

SimpleOAuth::Header.default_options
# => {nonce: "abc123...", signature_method: "HMAC-SHA1", timestamp: "1234567890", version: "1.0"}

Parameters:

• body (String, nil) (defaults to: nil) —

  optional request body for computing oauth_body_hash

Returns:

• (Hash) —

  default options including nonce, signature_method, timestamp, and version

# File 'lib/simple_oauth/header/class_methods.rb', line 20

def default_options(body = nil)
  {
    nonce: generate_nonce,
    signature_method: DEFAULT_SIGNATURE_METHOD,
    timestamp: Integer(Time.now).to_s,
    version: OAUTH_VERSION
  }.tap { |opts| opts[:body_hash] = body_hash(body) if body }
end

#parse(header) ⇒ Hash

Parses an OAuth Authorization header string into a hash

Examples:

SimpleOAuth::Header.parse('OAuth oauth_consumer_key="key", oauth_signature="sig"')
# => {consumer_key: "key", signature: "sig"}

Parameters:

• header (String, #to_s) —

  the OAuth Authorization header string

Returns:

• (Hash) —

  parsed OAuth attributes with symbol keys (only valid OAuth keys)

Raises:

• (SimpleOAuth::ParseError) —

  if the header is malformed

# File 'lib/simple_oauth/header/class_methods.rb', line 51

def parse(header)
  Parser.new(header).parse(PARSE_KEYS)
end

#parse_form_body(body) ⇒ Hash

Parses OAuth parameters from a form-encoded POST body

OAuth 1.0 allows credentials to be transmitted in the request body for POST requests with Content-Type: application/x-www-form-urlencoded

Examples:

SimpleOAuth::Header.parse_form_body('oauth_consumer_key=key&oauth_signature=sig&status=hello')
# => {consumer_key: "key", signature: "sig"}

Parameters:

• body (String, #to_s) —

  the form-encoded request body

Returns:

• (Hash) —

  parsed OAuth attributes with symbol keys (only valid OAuth keys)

# File 'lib/simple_oauth/header/class_methods.rb', line 66

def parse_form_body(body)
  valid_keys = PARSE_KEYS.map(&:to_s)

  result = {} #: Hash[Symbol, String]
  CGI.parse(body.to_s).each do |key, values|
    next unless key.start_with?(OAUTH_PREFIX)

    parsed_key = key.delete_prefix(OAUTH_PREFIX)
    result[parsed_key.to_sym] = values.first || "" if valid_keys.include?(parsed_key)
  end
  result
end