Class: Faraday::HttpSignature::Middleware
- Inherits:
-
Middleware
- Object
- Middleware
- Faraday::HttpSignature::Middleware
- Defined in:
- lib/faraday/http_signature/middleware.rb
Overview
Faraday middleware for HTTP message signing and verification (RFC 9421).
When registered via request, signs outgoing requests (default). When registered via response, verifies incoming response signatures. When registered via use, signs requests by default; pass verify_response: true to also verify responses.
Verification result metadata
After response verification, the middleware stores results in env[:http_signature_verified] (true or false) and env[:http_signature] (the Linzer::Signature on success). These are accessible via response.env[:http_signature_verified].
Defined Under Namespace
Classes: Options, Request, Response
Constant Summary collapse
- DEFAULT_OPTIONS =
Default options for the base middleware class (used by
useandrequestregistrations). Signs requests, does not verify responses, strict mode enabled. { sign_request: true, verify_response: false, strict: true }.freeze
Instance Method Summary collapse
-
#initialize(app, options = nil) ⇒ Middleware
constructor
Creates a new middleware instance.
-
#on_complete(env) ⇒ Faraday::Env?
Verifies the response signature when Options#verify_response? is
true. -
#on_request(env) ⇒ Faraday::Env?
Signs the outgoing request when Options#sign_request? is
true.
Constructor Details
#initialize(app, options = nil) ⇒ Middleware
Creates a new middleware instance.
Merges class-level DEFAULT_OPTIONS with the user-provided options so that subclasses (Request, Response) can override defaults.
182 183 184 185 186 187 |
# File 'lib/faraday/http_signature/middleware.rb', line 182 def initialize(app, = nil) super(app) defaults = self.class::DEFAULT_OPTIONS merged = defaults.merge(Hash()) @options = Options.from(merged) end |
Instance Method Details
#on_complete(env) ⇒ Faraday::Env?
Verifies the response signature when Faraday::HttpSignature::Middleware::Options#verify_response? is true.
On success, sets env[:http_signature_verified] to true and env[:http_signature] to the verified Linzer::Signature.
On failure in strict mode (default), raises VerifyError. In lenient mode (+strict: false+), sets env[:http_signature_verified] to false and allows the response to continue through the middleware stack.
234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 |
# File 'lib/faraday/http_signature/middleware.rb', line 234 def on_complete(env) env[:http_signature_verified] = false return unless .verify_response? key = resolve_verify_key response = ::Faraday::Response.new(env) = Linzer::Message.new(response) signature = Linzer::Signature.build(response.headers) Linzer.verify(key, , signature) env[:http_signature_verified] = true env[:http_signature] = signature env rescue Linzer::Error => e raise VerifyError.new(e, response: response) if .strict? end |
#on_request(env) ⇒ Faraday::Env?
Signs the outgoing request when Faraday::HttpSignature::Middleware::Options#sign_request? is true.
Resolves the signing key, builds a Linzer::Message from the Faraday environment, generates a signature over the configured components, and merges the signature and signature-input headers into the request.
200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 |
# File 'lib/faraday/http_signature/middleware.rb', line 200 def on_request(env) return unless .sign_request? key = resolve_signing_key request = Linzer::Faraday::Utils.create_request(env) Linzer.sign! request, key: key, components: .components, params: .params, profile: .profile signature_headers = request.headers.slice("signature", "signature-input") env.request_headers.merge!(signature_headers) env rescue Linzer::Error => e raise SigningError, e if .strict? end |