Class Mixlib::Authentication::SignatureVerification
In: lib/mixlib/authentication/signatureverification.rb
Parent: Object

Methods

Included Modules

Mixlib::Authentication::SignedHeaderAuth

Attributes

auth_request  [R] 

Public Class methods

Public Instance methods

Takes the request, boils down the pieces we are interested in, looks up the user, generates a signature, and compares to the signature in the request

Headers

X-Ops-Sign: algorithm=sha256;version=1.0; X-Ops-UserId: <user_id> X-Ops-Timestamp: X-Ops-Content-Hash: X-Ops-Authorization-#{line_number}

The authorization header is a Base64-encoded version of an RSA signature. The client sent it on multiple header lines, starting at index 1 - X-Ops-Authorization-1, X-Ops-Authorization-2, etc. Pull them out and concatenate.

[Validate]