projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'master' into 10604-crunch2-user-guide
[arvados.git]
/
services
/
api
/
app
/
models
/
blob.rb
diff --git
a/services/api/app/models/blob.rb
b/services/api/app/models/blob.rb
index 91007fcc8aad42792a5fbff014965475940393c5..00c2501865fa6098244b09487376f83514620e34 100644
(file)
--- a/
services/api/app/models/blob.rb
+++ b/
services/api/app/models/blob.rb
@@
-49,11
+49,12
@@
class Blob
end
timestamp_hex = timestamp.to_s(16)
# => "53163cb4"
end
timestamp_hex = timestamp.to_s(16)
# => "53163cb4"
+ blob_signature_ttl = Rails.configuration.blob_signature_ttl.to_s(16)
# Generate a signature.
signature =
generate_signature((opts[:key] or Rails.configuration.blob_signing_key),
# Generate a signature.
signature =
generate_signature((opts[:key] or Rails.configuration.blob_signing_key),
- blob_hash, opts[:api_token], timestamp_hex)
+ blob_hash, opts[:api_token], timestamp_hex
, blob_signature_ttl
)
blob_locator + '+A' + signature + '@' + timestamp_hex
end
blob_locator + '+A' + signature + '@' + timestamp_hex
end
@@
-63,9
+64,9
@@
class Blob
# Return value: true if the locator has a valid signature, false otherwise
# Arguments: signed_blob_locator, opts
#
# Return value: true if the locator has a valid signature, false otherwise
# Arguments: signed_blob_locator, opts
#
- def self.verify_signature
*args
+ def self.verify_signature
(*args)
begin
begin
- self.verify_signature!
*args
+ self.verify_signature!
(*args)
true
rescue Blob::InvalidSignatureError
false
true
rescue Blob::InvalidSignatureError
false
@@
-96,10
+97,11
@@
class Blob
if timestamp.to_i(16) < (opts[:now] or db_current_time.to_i)
raise Blob::InvalidSignatureError.new 'Signature expiry time has passed.'
end
if timestamp.to_i(16) < (opts[:now] or db_current_time.to_i)
raise Blob::InvalidSignatureError.new 'Signature expiry time has passed.'
end
+ blob_signature_ttl = Rails.configuration.blob_signature_ttl.to_s(16)
my_signature =
generate_signature((opts[:key] or Rails.configuration.blob_signing_key),
my_signature =
generate_signature((opts[:key] or Rails.configuration.blob_signing_key),
- blob_hash, opts[:api_token], timestamp)
+ blob_hash, opts[:api_token], timestamp
, blob_signature_ttl
)
if my_signature != given_signature
raise Blob::InvalidSignatureError.new 'Signature is invalid.'
if my_signature != given_signature
raise Blob::InvalidSignatureError.new 'Signature is invalid.'
@@
-108,11
+110,11
@@
class Blob
true
end
true
end
- def self.generate_signature key, blob_hash, api_token, timestamp
+ def self.generate_signature key, blob_hash, api_token, timestamp
, blob_signature_ttl
OpenSSL::HMAC.hexdigest('sha1', key,
[blob_hash,
api_token,
timestamp,
OpenSSL::HMAC.hexdigest('sha1', key,
[blob_hash,
api_token,
timestamp,
-
Rails.configuration.
blob_signature_ttl].join('@'))
+ blob_signature_ttl].join('@'))
end
end
end
end