ender672/config.ru

## config.ru
require './signed_request_uri'
require 'rack/file'

use Rack::SignedRequestUri, 'top secret'
run Rack::File.new('images')

## signed_request_uri.rb
require 'openssl'
require 'rack/utils'

module Rack
  class SignedRequestUri
    def initialize(app, secret, options = nil)
      @app = app
      @secret = secret
      options ||= {}
      @key = options['key'] || '_secret'
    end

    def call(env)
      qs = Utils.parse_query(env["QUERY_STRING"])
      signature = qs.delete(@key)
      qs = qs.sort

      unsigned_request = "#{env["REQUEST_PATH"]}?#{Utils.build_query(qs)}"

      if signature == self.class.generate_hmac(@secret, unsigned_request)
        @app.call(env)
      else
        [403, {"Content-Type" => "text/plain"}, ["Request signature did not match."]]
      end
    end

    def self.generate_hmac(data, secret)
      OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, secret, data)
    end
  end
end
	require './signed_request_uri'
	require 'rack/file'

	use Rack::SignedRequestUri, 'top secret'
	run Rack::File.new('images')
	require 'openssl'
	require 'rack/utils'

	module Rack
	class SignedRequestUri
	def initialize(app, secret, options = nil)
	@app = app
	@secret = secret
	options \|\|= {}
	@key = options['key'] \|\| '_secret'
	end

	def call(env)
	qs = Utils.parse_query(env["QUERY_STRING"])
	signature = qs.delete(@key)
	qs = qs.sort

	unsigned_request = "#{env["REQUEST_PATH"]}?#{Utils.build_query(qs)}"

	if signature == self.class.generate_hmac(@secret, unsigned_request)
	@app.call(env)
	else
	[403, {"Content-Type" => "text/plain"}, ["Request signature did not match."]]
	end
	end

	def self.generate_hmac(data, secret)
	OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, secret, data)
	end
	end
	end