diff options
-rw-r--r-- | lib/mixlib/authentication/signatureverification.rb | 12 | ||||
-rw-r--r-- | lib/mixlib/authentication/signedheaderauth.rb | 12 |
2 files changed, 14 insertions, 10 deletions
diff --git a/lib/mixlib/authentication/signatureverification.rb b/lib/mixlib/authentication/signatureverification.rb index ca65c21..c9f4076 100644 --- a/lib/mixlib/authentication/signatureverification.rb +++ b/lib/mixlib/authentication/signatureverification.rb @@ -32,19 +32,23 @@ module Mixlib @signing_description = headers[:x_ops_sign].chomp @user_id = headers[:x_ops_userid].chomp @timestamp = headers[:x_ops_timestamp].chomp - @request_signature = headers[:authorization].chomp.gsub!(/\n\t/,"\n") + @request_signature = headers[:authorization].chomp.gsub(/\n\t/,"\n") @host = headers[:host].chomp @content_hash = headers[:x_ops_content_hash].chomp @user_secret = user_lookup - - file_param = request.params["file"] + # Any file that's included in the request is hashed if it's there. Otherwise, + # we hash the body. Look for files by looking for objects that respond to + # the read call. + file_param = request.params.values.find { |value| value.respond_to?(:read) } @hashed_body = if file_param Mixlib::Authentication::Log.debug "Digesting file_param: '#{file_param.inspect}'" if file_param.respond_to?(:has_key?) tempfile = file_param[:tempfile] digester.hash_file(tempfile) + elsif file_param.respond_to?(:read) + digester.hash_file(file_param) else digester.hash_body(file_param) end @@ -54,7 +58,7 @@ module Mixlib digester.hash_body(body) end - Mixlib::Authentication::Log.debug "Authenticating user : #{user_id}, User secret is: #{@user_secret}, Request signature is :\n#{@request_signature}, Hashed Body is #{@hashed_body}" + Mixlib::Authentication::Log.debug "Authenticating user : #{user_id}, User secret is : #{@user_secret}, Request signature is :\n#{@request_signature}, Auth HTTP header is :\n#{headers[:authorization]}, Hashed Body is : #{@hashed_body}" #BUGBUG Not doing anything with the signing description yet [cb] parse_signing_description diff --git a/lib/mixlib/authentication/signedheaderauth.rb b/lib/mixlib/authentication/signedheaderauth.rb index 00f6da9..84607f9 100644 --- a/lib/mixlib/authentication/signedheaderauth.rb +++ b/lib/mixlib/authentication/signedheaderauth.rb @@ -21,11 +21,11 @@ module Mixlib end end - # Build the canonicalized request based on the method, other headers, etc. + # Build the canonicalized request based on the method, other headers, etc. # compute the signature from the request, using the looked-up user secret # ====Parameters - # private_key<String>:: user's RSA private key. - def sign(private_key) + # private_key<OpenSSL::PKey::RSA>:: user's RSA private key. + def sign(private_key) digester = Mixlib::Authentication::Digester.new @hashed_body = if self.file digester.hash_file(self.file) @@ -33,8 +33,8 @@ module Mixlib digester.hash_body(self.body) end - signature = Base64.encode64(private_key.private_encrypt(canonicalize_request)).chomp.gsub!(/\n/,"\n\t") - header_hash = { + signature = Base64.encode64(private_key.private_encrypt(canonicalize_request)).chomp.gsub!(/\n/,"\n\t") + header_hash = { "X-Ops-Sign" => SIGNING_DESCRIPTION, "X-Ops-Userid" => user_id, "X-Ops-Timestamp" => canonical_time, @@ -44,7 +44,7 @@ module Mixlib Mixlib::Authentication::Log.debug "Header hash: #{header_hash.inspect}" header_hash - end + end # Build the canonicalized time based on utc & iso8601 # |