class AlexaRuby::Validator

Validator is responsible for Amazon request validation:

- SignatureCertChainUrl validation
- Amazon Alexa request signature validation

Constants

TIMESTAMP_TOLERANCE

Public Class Methods

new(cert_chain_url, signature, request, timestamp_diff = nil) click to toggle source

Setup new validator

@param cert_chain_url [String] SSL certificates chain URI @param signature [String] HTTP request signature @param request [Object] json request @param timestamp_diff [Integer] valid distance in seconds between

current time and the request timestamp
# File lib/alexa_ruby/request/base_request/validator.rb, line 17
def initialize(cert_chain_url, signature, request, timestamp_diff = nil)
  @chain_url = cert_chain_url
  @signature = signature
  @request = request
  @timestamp_diff = timestamp_diff || TIMESTAMP_TOLERANCE
end

Public Instance Methods

valid_request?() click to toggle source

Check if it is a valid Amazon request

@return [Boolean]

# File lib/alexa_ruby/request/base_request/validator.rb, line 27
def valid_request?
  unless timestamp_tolerant?
    raise ArgumentError,
          'Outdated request: request timestamp is more than ' \
          "#{@timestamp_diff} seconds later than current time"
  end
  valid_uri? && valid_certificates?
end

Private Instance Methods

timestamp_tolerant?() click to toggle source

Check if request is timestamp tolerant

@return [Boolean]

# File lib/alexa_ruby/request/base_request/validator.rb, line 41
def timestamp_tolerant?
  request_ts = @request[:request][:timestamp]
  Time.parse(request_ts) >= (Time.now - @timestamp_diff)
end
valid_certificates?() click to toggle source

Check if it is a valid certificates chain and request signature

@return [Boolean]

# File lib/alexa_ruby/request/base_request/validator.rb, line 56
def valid_certificates?
  Certificates.new(@chain_url, @signature, Oj.to_json(@request)).valid?
end
valid_uri?() click to toggle source

Check if it is a valid Amazon URI

@return [Boolean]

# File lib/alexa_ruby/request/base_request/validator.rb, line 49
def valid_uri?
  URI.new(@chain_url).valid?
end