module MAuth::Client::RemoteRequestAuthenticator

Private Instance Methods

make_mauth_request(authentication_ticket) click to toggle source
# File lib/mauth/client/remote_authenticator.rb, line 42
def make_mauth_request(authentication_ticket)
  begin
    response = mauth_connection.post("/mauth/#{mauth_api_version}/authentication_tickets.json", 'authentication_ticket' => authentication_ticket)
  rescue ::Faraday::ConnectionFailed, ::Faraday::TimeoutError => e
    msg = "mAuth service did not respond; received #{e.class}: #{e.message}"
    logger.error("Unable to authenticate with MAuth. Exception #{msg}")
    raise UnableToAuthenticateError, msg
  end
  if (200..299).cover?(response.status)
    nil
  elsif response.status == 412 || response.status == 404
    # the mAuth service responds with 412 when the given request is not authentically signed.
    # older versions of the mAuth service respond with 404 when the given app_uuid
    # does not exist, which is also considered to not be authentically signed. newer
    # versions of the service respond 412 in all cases, so the 404 check may be removed
    # when the old version of the mAuth service is out of service.
    raise InauthenticError, "The mAuth service responded with #{response.status}: #{response.body}"
  else
    mauth_service_response_error(response)
  end
end
mauth_connection() click to toggle source
# File lib/mauth/client/remote_authenticator.rb, line 64
def mauth_connection
  require 'faraday'
  require 'faraday_middleware'
  @mauth_connection ||= ::Faraday.new(mauth_baseurl, faraday_options) do |builder|
    builder.use MAuth::Faraday::MAuthClientUserAgent
    builder.use FaradayMiddleware::EncodeJson
    builder.adapter ::Faraday.default_adapter
  end
end
signature_valid_v1!(object) click to toggle source

takes an incoming request object (no support for responses currently), and errors if the object is not authentic according to its signature

# File lib/mauth/client/remote_authenticator.rb, line 10
def signature_valid_v1!(object)
  raise ArgumentError, "Remote Authenticator can only authenticate requests; received #{object.inspect}" unless object.is_a?(MAuth::Request)
  authentication_ticket = {
    'verb' => object.attributes_for_signing[:verb],
    'app_uuid' => object.signature_app_uuid,
    'client_signature' => object.signature,
    'request_url' => object.attributes_for_signing[:request_url],
    'request_time' => object.x_mws_time,
    'b64encoded_body' => Base64.encode64(object.attributes_for_signing[:body] || '')
  }
  make_mauth_request(authentication_ticket)
end
signature_valid_v2!(object) click to toggle source
# File lib/mauth/client/remote_authenticator.rb, line 23
def signature_valid_v2!(object)
  unless object.is_a?(MAuth::Request)
    msg = "Remote Authenticator can only authenticate requests; received #{object.inspect}"
    raise ArgumentError, msg
  end

  authentication_ticket = {
    verb: object.attributes_for_signing[:verb],
    app_uuid: object.signature_app_uuid,
    client_signature: object.signature,
    request_url: object.attributes_for_signing[:request_url],
    request_time: object.mcc_time,
    b64encoded_body: Base64.encode64(object.attributes_for_signing[:body] || ''),
    query_string: object.attributes_for_signing[:query_string],
    token: object.signature_token
  }
  make_mauth_request(authentication_ticket)
end