A Ruby on Rails engine, simply generates, parse and verify signatures for Oauth v2 HTTP MAC authentication for 'SHA1' and 'SHA256' algorithms. Please visit https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01 for spec specifications.
Add this line to your application's Gemfile:
gem 'oauth2_hmac_rails'And then execute:
$ bundle
$ bundle exec rake oauth2_hmac_rails:install:migrations
Include engine helper to your controller(line1) and call authorization helper method(line2)
class FoosController < ApplicationController
include ::Oauth2HmacRails::Concerns::Helper # line1 / now current_client helper is accessible
before_action :authorize! # line2
# if you need to overwrite default authorization header define the method below
# def client_authorization_header_key
# 'Oauth2_Hmac_Rails' # desired header, default: 'Authorization'
# end
# sample action
def custom
render json: { message: "Authorization success for client #{current_client.id}." }, status: :ok
end
endError messages can be customizable by I18n files.
en:
oauth2_hmac_rails:
missing_hmac_key: "MISSING_HMAC_KEY: %{details}"
client_not_found: "CLIENT_NOT_FOUND: %{client_id}"
invalid_signature: "INVALID_SIGNATURE: %{mac} for client id %{client_id}"
request_timeout_for_client_signature: "REQUEST_TIMEOUT_FOR_CLIENT_SIGNATURE: #{mac} for client id #{client_id}"
unauthorized: "UNAUTHORIZED"
replay_attack: "REPLAY_ATTACK"
- Fork it ( https://github.com/mustafaturan/oauth2_hmac_rails/fork )
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create a new Pull Request