Module: MAuth::Client::AuthenticatorBase
- Included in:
- MAuth::Client
- Defined in:
- lib/mauth/client/authenticator_base.rb
Constant Summary collapse
- ALLOWED_DRIFT_SECONDS =
300
Instance Method Summary collapse
-
#authentic?(object) ⇒ Boolean
takes an incoming request or response object, and returns whether the object is authentic according to its signature.
-
#authenticate!(object) ⇒ Object
raises InauthenticError unless the given object is authentic.
Instance Method Details
#authentic?(object) ⇒ Boolean
takes an incoming request or response object, and returns whether the object is authentic according to its signature.
10 11 12 13 14 15 16 17 18 |
# File 'lib/mauth/client/authenticator_base.rb', line 10 def authentic?(object) log_authentication_request(object) begin authenticate!(object) true rescue InauthenticError, MAuthNotPresent, MissingV2Error false end end |
#authenticate!(object) ⇒ Object
raises InauthenticError unless the given object is authentic. Will only authenticate with v2 if the environment variable V2_ONLY_AUTHENTICATE is set. Otherwise will fall back to v1 when v2 authentication fails
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/mauth/client/authenticator_base.rb', line 23 def authenticate!(object) if object.protocol_version == 2 begin authenticate_v2!(object) rescue InauthenticError => e raise e if v2_only_authenticate? raise e if disable_fallback_to_v1_on_v2_failure? object.fall_back_to_mws_signature_info raise e unless object.signature log_authentication_request(object) authenticate_v1!(object) logger.warn("Completed successful authentication attempt after fallback to v1") end elsif object.protocol_version == 1 if v2_only_authenticate? # If v2 is required but not present and v1 is present we raise MissingV2Error msg = 'This service requires mAuth v2 mcc-authentication header but only v1 x-mws-authentication is present' logger.error(msg) raise MissingV2Error, msg end authenticate_v1!(object) else sub_str = v2_only_authenticate? ? '' : 'X-MWS-Authentication header is blank, ' msg = "Authentication Failed. No mAuth signature present; #{sub_str}MCC-Authentication header is blank." logger.warn("mAuth signature not present on #{object.class}. Exception: #{msg}") raise MAuthNotPresent, msg end end |