Module: SimpleOAuth::Signature

Defined in:

lib/simple_oauth/signature.rb

Overview

Signature computation methods for OAuth 1.0

This module provides a registry of signature methods that can be extended with custom implementations. Built-in methods include HMAC-SHA1, HMAC-SHA256, RSA-SHA1, RSA-SHA256, and PLAINTEXT.

Examples:

Register a custom signature method

SimpleOAuth::Signature.register("HMAC-SHA512") do |secret, signature_base|
  SimpleOAuth::Signature.encode_base64(
    OpenSSL::HMAC.digest("SHA512", secret, signature_base)
  )
end

Check if a signature method is registered

SimpleOAuth::Signature.registered?("HMAC-SHA1") # => true
SimpleOAuth::Signature.registered?("CUSTOM")    # => false

Class Method Summary

• .encode_base64(data) ⇒ String

  Encodes binary data as Base64 without newlines.

• .methods ⇒ Array<String>

  Returns list of registered signature method names.

• .register(name, rsa: false) {|secret, signature_base| ... } ⇒ void

  Registers a custom signature method.

• .registered?(name) ⇒ Boolean

  Checks if a signature method is registered.

• .reset! ⇒ void

  Resets the registry to only built-in methods (useful for testing).

• .rsa?(name) ⇒ Boolean

  Checks if a signature method uses RSA (raw key instead of escaped secret).

• .sign(name, secret, signature_base) ⇒ String

  Computes a signature using the specified method.

• .unregister(name) ⇒ void

  Unregisters a signature method (useful for testing).

Class Method Details

.encode_base64(data) ⇒ String

Encodes binary data as Base64 without newlines

Examples:

SimpleOAuth::Signature.encode_base64("\x01\x02\x03")
# => "AQID"

Parameters:

• data (String) —

  binary data to encode

Returns:

• (String) —

  Base64-encoded string without newlines

# File 'lib/simple_oauth/signature.rb', line 129

def encode_base64(data)
  Base64.strict_encode64(data)
end

.methods ⇒ Array<String>

Returns list of registered signature method names

Examples:

SimpleOAuth::Signature.methods # => ["hmac_sha1", "hmac_sha256", "rsa_sha1", "plaintext"]

Returns:

• (Array<String>) —

  registered method names

# File 'lib/simple_oauth/signature.rb', line 64

def methods
  @registry.keys
end

.register(name, rsa: false) {|secret, signature_base| ... } ⇒ void

This method returns an undefined value.

Registers a custom signature method

Examples:

SimpleOAuth::Signature.register("HMAC-SHA512") do |secret, base|
  SimpleOAuth::Signature.encode_base64(
    OpenSSL::HMAC.digest("SHA512", secret, base)
  )
end

Parameters:

• name (String) —

  the signature method name (e.g., "HMAC-SHA512")

• rsa (Boolean) (defaults to: false) —

  whether this method uses RSA (raw consumer_secret as key)

Yields:

• (secret, signature_base) —

  block that computes the signature

Yield Parameters:

• secret (String) —

  the signing secret (or PEM key for RSA methods)

• signature_base (String) —

  the signature base string

Yield Returns:

• (String) —

  the computed signature

# File 'lib/simple_oauth/signature.rb', line 43

def register(name, rsa: false, &block)
  @registry[normalize_name(name)] = {implementation: block, rsa: rsa}
end

.registered?(name) ⇒ Boolean

Checks if a signature method is registered

Examples:

SimpleOAuth::Signature.registered?("HMAC-SHA1") # => true

Parameters:

• name (String) —

  the signature method name

Returns:

• (Boolean) —

  true if the method is registered

# File 'lib/simple_oauth/signature.rb', line 54

def registered?(name)
  @registry.key?(normalize_name(name))
end

.reset! ⇒ void

This method returns an undefined value.

Resets the registry to only built-in methods (useful for testing)

Examples:

SimpleOAuth::Signature.reset!

# File 'lib/simple_oauth/signature.rb', line 116

def reset!
  @registry.clear
  register_builtin_methods
end

.rsa?(name) ⇒ Boolean

Checks if a signature method uses RSA (raw key instead of escaped secret)

Examples:

SimpleOAuth::Signature.rsa?("RSA-SHA1")  # => true
SimpleOAuth::Signature.rsa?("HMAC-SHA1") # => false

Parameters:

• name (String) —

  the signature method name

Returns:

• (Boolean) —

  true if the method uses RSA

# File 'lib/simple_oauth/signature.rb', line 76

def rsa?(name)
  @registry.dig(normalize_name(name), :rsa) || false
end

.sign(name, secret, signature_base) ⇒ String

Computes a signature using the specified method

Examples:

SimpleOAuth::Signature.sign("HMAC-SHA1", "secret&token", "GET&url&params")

Parameters:

• name (String) —

  the signature method name

• secret (String) —

  the signing secret

• signature_base (String) —

  the signature base string

Returns:

• (String) —

  the computed signature

Raises:

• (ArgumentError) —

  if the signature method is not registered

# File 'lib/simple_oauth/signature.rb', line 90

def sign(name, secret, signature_base)
  normalized = normalize_name(name)
  entry = @registry.fetch(normalized) do
    raise ArgumentError, "Unknown signature method: #{name}. " \
                         "Registered methods: #{@registry.keys.join(", ")}"
  end
  entry.fetch(:implementation).call(secret, signature_base)
end

.unregister(name) ⇒ void

This method returns an undefined value.

Unregisters a signature method (useful for testing)

Examples:

SimpleOAuth::Signature.unregister("HMAC-SHA512")

Parameters:

• name (String) —

  the signature method name to remove

# File 'lib/simple_oauth/signature.rb', line 106

def unregister(name)
  @registry.delete(normalize_name(name))
end