Module: MAuth::Client::AuthenticatorBase

Included in:: MAuth::Client

Defined in:: lib/mauth/client/authenticator_base.rb

Constant Summary collapse

ALLOWED_DRIFT_SECONDS =

Instance Method Summary collapse

#authentic?(object) ⇒ Boolean

takes an incoming request or response object, and returns whether the object is authentic according to its signature.
#authenticate!(object) ⇒ Object

raises InauthenticError unless the given object is authentic.

Instance Method Details

#authentic?(object) ⇒ `Boolean`

takes an incoming request or response object, and returns whether the object is authentic according to its signature.

Returns:

(Boolean)

# File 'lib/mauth/client/authenticator_base.rb', line 12

def authentic?(object)
  log_authentication_request(object)
  begin
    authenticate!(object)
    true
  rescue InauthenticError, MAuthNotPresent, MissingV2Error
    false
  end
end

#authenticate!(object) ⇒ `Object`

raises InauthenticError unless the given object is authentic. Will only authenticate with v2 if the environment variable V2_ONLY_AUTHENTICATE is set. Otherwise will fall back to v1 when v2 authentication fails

# File 'lib/mauth/client/authenticator_base.rb', line 25

def authenticate!(object)
  case object.protocol_version
  when 2
    begin
      authenticate_v2!(object)
    rescue InauthenticError => e
      raise e if v2_only_authenticate?
      raise e if disable_fallback_to_v1_on_v2_failure?

      object.fall_back_to_mws_signature_info
      raise e unless object.signature

      log_authentication_request(object)
      authenticate_v1!(object)
      logger.warn('Completed successful authentication attempt after fallback to v1')
    end
  when 1
    if v2_only_authenticate?
      # If v2 is required but not present and v1 is present we raise MissingV2Error
      msg = 'This service requires mAuth v2 mcc-authentication header but only v1 x-mws-authentication is present'
      logger.error(msg)
      raise MissingV2Error, msg
    end

    authenticate_v1!(object)
  else
    sub_str = v2_only_authenticate? ? '' : 'X-MWS-Authentication header is blank, '
    msg = "Authentication Failed. No mAuth signature present; #{sub_str}MCC-Authentication header is blank."
    logger.warn("mAuth signature not present on #{object.class}. Exception: #{msg}")
    raise MAuthNotPresent, msg
  end
end