forked from instructure/canvas-lms
-
Notifications
You must be signed in to change notification settings - Fork 0
/
asset_signature.rb
37 lines (32 loc) · 1.15 KB
/
asset_signature.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
#
# Copyright (C) 2012 - present Instructure, Inc.
#
# This file is part of Canvas.
#
# Canvas is free software: you can redistribute it and/or modify it under
# the terms of the GNU Affero General Public License as published by the Free
# Software Foundation, version 3 of the License.
#
# Canvas is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
module AssetSignature
DELIMITER = '-'
def self.generate(asset)
"#{asset.id}#{DELIMITER}#{generate_hmac(asset.class, asset.id)}"
end
def self.find_by_signature(klass, signature)
id, hmac = signature.split(DELIMITER, 2)
return nil unless Canvas::Security.verify_hmac_sha1(hmac, "#{klass}#{id}", truncate: 8)
klass.where(id: id.to_i).first
end
private
def self.generate_hmac(klass, id)
data = "#{klass}#{id}"
Canvas::Security.hmac_sha1(data)[0,8]
end
end