Module: MAuth::Client::AuthenticatorBase

Included in:: MAuth::Client

Defined in:: lib/mauth/client/authenticator_base.rb

Constant Summary collapse

ALLOWED_DRIFT_SECONDS =

Instance Method Summary collapse

#authentic?(object) ⇒ Boolean

takes an incoming request or response object, and returns whether the object is authentic according to its signature.
#authenticate!(object) ⇒ Object

raises InauthenticError unless the given object is authentic.

Instance Method Details

#authentic?(object) ⇒ `Boolean`

takes an incoming request or response object, and returns whether the object is authentic according to its signature.

Returns:

(Boolean)

# File 'lib/mauth/client/authenticator_base.rb', line 10

def authentic?(object)
  log_authentication_request(object)
  begin
    authenticate!(object)
    true
  rescue InauthenticError, MAuthNotPresent, MissingV2Error
    false
  end
end

#authenticate!(object) ⇒ `Object`

raises InauthenticError unless the given object is authentic. Will only authenticate with v2 if the environment variable V2_ONLY_AUTHENTICATE is set. Otherwise will authenticate with only the highest protocol version present

# File 'lib/mauth/client/authenticator_base.rb', line 23

def authenticate!(object)
  if object.protocol_version == 2
    authenticate_v2!(object)
  elsif object.protocol_version == 1
    if v2_only_authenticate?
      # If v2 is required but not present and v1 is present we raise MissingV2Error
      msg = 'This service requires mAuth v2 mcc-authentication header but only v1 x-mws-authentication is present'
      logger.error(msg)
      raise MissingV2Error, msg
    end

    authenticate_v1!(object)
  else
    sub_str = v2_only_authenticate? ? '' : 'X-MWS-Authentication header is blank, '
    msg = "Authentication Failed. No mAuth signature present; #{sub_str}MCC-Authentication header is blank."
    logger.warn("mAuth signature not present on #{object.class}. Exception: #{msg}")
    raise MAuthNotPresent, msg
  end
end