Class: VeracodeApiSigning::HMACAuth

Inherits:
Object
  • Object
show all
Includes:
Formatters, Regions, Utils, Validation
Defined in:
lib/veracode_api_signing/hmac_auth.rb

Constant Summary collapse

DEFAULT_AUTH_SCHEME = 
"VERACODE-HMAC-SHA-256"

Constants included from Regions

Regions::REGIONS

Instance Method Summary collapse

Methods included from Regions

#get_region_for_api_credential, #remove_prefix_from_api_credential

Methods included from Formatters

#format_signing_data, #format_veracode_hmac_header

Methods included from Utils

#generate_nonce, #get_current_timestamp, #get_host_from_url, #get_path_and_params_from_url, #get_scheme_from_url, #parsed_url

Methods included from Validation

#valid_hex?, #validate_api_key_id, #validate_api_key_secret, #validate_scheme

Instance Method Details

#generate_veracode_hmac_header(host, path, method, api_key_id, api_key_secret, auth_scheme = DEFAULT_AUTH_SCHEME) ⇒ String

Returns The value of Veracode compliant HMAC header.

Parameters:

  • host (String)

    The host of the request(“api.veracode.com”)

  • path (String)

    The path of the request(“/v1/results”)

  • method (String)

    The method of the request(“GET”, “POST”)

  • api_key_id (String)

    The user’s API key

  • api_key_secret (String)

    The user’s API secret key

  • auth_scheme (String) (defaults to: DEFAULT_AUTH_SCHEME)

    What authentication algorithm will be used to create the signature of the request

Returns:

  • (String)

    The value of Veracode compliant HMAC header



26
27
28
29
30
31
32
 
# File 'lib/veracode_api_signing/hmac_auth.rb', line 26

def generate_veracode_hmac_header(host, path, method, api_key_id, api_key_secret, auth_scheme = DEFAULT_AUTH_SCHEME)
  signing_data = format_signing_data(api_key_id, host, path, method)
  timestamp = get_current_timestamp
  nonce = generate_nonce
  signature = create_signature(auth_scheme, api_key_secret, signing_data, timestamp, nonce)
  format_veracode_hmac_header(auth_scheme, api_key_id, timestamp, nonce, signature)
end