[CHEF-761] initialize with the request to access normalized headers

* Can now create the signature verification object w/ the request and
  then access values computed by the HTTPAuthenticationRequest object.
* created a #authenticate_reqest method that can be used when signature
  verification is initialized w/ the request
* #authenticate_user_request works as before

4 files changed, 37 insertions, 11 deletions

diff --git a/lib/mixlib/authentication/http_authentication_request.rb b/lib/mixlib/authentication/http_authentication_request.rb
index 68a2611..3522149 100644
--- a/lib/mixlib/authentication/http_authentication_request.rb
+++ b/lib/mixlib/authentication/http_authentication_request.rb
@@ -24,10 +24,11 @@ module Mixlib
 
       MANDATORY_HEADERS = [:x_ops_sign, :x_ops_userid, :x_ops_timestamp, :host, :x_ops_content_hash]
 
+      attr_reader :request
+
       def initialize(request)
         @request = request
         @request_signature = nil
-        assert_required_headers_present
       end
 
       def headers
@@ -70,9 +71,8 @@ module Mixlib
         @request_signature
       end
 
-      private
 
-      def assert_required_headers_present
+      def validate_headers!
         missing_headers = MANDATORY_HEADERS - headers.keys
         unless missing_headers.empty?
           missing_headers.map! { |h| h.to_s.upcase }
@@ -80,6 +80,7 @@ module Mixlib
         end
       end
 
+
     end
   end
 end
diff --git a/lib/mixlib/authentication/signatureverification.rb b/lib/mixlib/authentication/signatureverification.rb
index c6f68a3..0562e12 100644
--- a/lib/mixlib/authentication/signatureverification.rb
+++ b/lib/mixlib/authentication/signatureverification.rb
@@ -47,18 +47,25 @@ module Mixlib
 
       def_delegator :@auth_request, :content_hash
 
-      include Mixlib::Authentication::SignedHeaderAuth
+      def_delegator :@auth_request, :request
 
-      attr_reader :request
+      include Mixlib::Authentication::SignedHeaderAuth
 
       attr_reader :auth_request
 
-      def initialize
+      def initialize(request=nil)
+        @auth_request = HTTPAuthenticationRequest.new(request) if request
+
         @valid_signature, @valid_timestamp, @valid_content_hash = false, false, false
+
         @hashed_body = nil
-        @request, @auth_request = nil, nil
       end
 
+
+      def authenticate_user_request(request, user_lookup, time_skew=(15*60))
+        @auth_request = HTTPAuthenticationRequest.new(request)
+        authenticate_request(user_lookup, time_skew)
+      end
       # Takes the request, boils down the pieces we are interested in,
       # looks up the user, generates a signature, and compares to
       # the signature in the request
@@ -69,15 +76,15 @@ module Mixlib
       # X-Ops-Timestamp:
       # X-Ops-Content-Hash: 
       # X-Ops-Authorization-#{line_number}
-      def authenticate_user_request(request, user_lookup, time_skew=(15*60))
+      def authenticate_request(user_secret, time_skew=(15*60))
         Mixlib::Authentication::Log.debug "Initializing header auth : #{request.inspect}"
 
         @request           = request
-        @user_secret       = user_lookup
+        @user_secret       = user_secret
         @allowed_time_skew = time_skew # in seconds
 
         begin
-          @auth_request = HTTPAuthenticationRequest.new(request)
+          @auth_request.validate_headers!
           
           #BUGBUG Not doing anything with the signing description yet [cb]          
           parse_signing_description
diff --git a/spec/mixlib/authentication/http_authentication_request_spec.rb b/spec/mixlib/authentication/http_authentication_request_spec.rb
index bd5fe9c..563f8cc 100644
--- a/spec/mixlib/authentication/http_authentication_request_spec.rb
+++ b/spec/mixlib/authentication/http_authentication_request_spec.rb
@@ -82,7 +82,8 @@ describe Mixlib::Authentication::HTTPAuthenticationRequest do
   it "raises an error when not all required headers are given" do
     @merb_headers.delete("HTTP_X_OPS_SIGN")
     exception = Mixlib::Authentication::MissingAuthenticationHeader
-    lambda {Mixlib::Authentication::HTTPAuthenticationRequest.new(@request)}.should raise_error(exception)
+    auth_req = Mixlib::Authentication::HTTPAuthenticationRequest.new(@request)
+    lambda {auth_req.validate_headers!}.should raise_error(exception)
   end
 
   it "extracts the path from the request" do
diff --git a/spec/mixlib/authentication/mixlib_authentication_spec.rb b/spec/mixlib/authentication/mixlib_authentication_spec.rb
index 4a64580..94e8b3d 100644
--- a/spec/mixlib/authentication/mixlib_authentication_spec.rb
+++ b/spec/mixlib/authentication/mixlib_authentication_spec.rb
@@ -156,6 +156,23 @@ describe "Mixlib::Authentication::SignatureVerification" do
     res.should_not be_nil
   end
 
+  it "shouldn't authenticate if an Authorization header is missing" do
+    headers = MERB_HEADERS.clone
+    headers.delete("HTTP_X_OPS_SIGN")
+
+    mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, headers, BODY)
+    Time.stub!(:now).and_return(TIMESTAMP_OBJ)
+
+    auth_req = Mixlib::Authentication::SignatureVerification.new
+    lambda {auth_req.authenticate_user_request(mock_request, @user_private_key)}.should raise_error(Mixlib::Authentication::AuthenticationError)
+
+    auth_req.should_not be_a_valid_request
+    auth_req.should_not be_a_valid_timestamp
+    auth_req.should_not be_a_valid_signature
+    auth_req.should_not be_a_valid_content_hash
+  end
+
+
   it "shouldn't authenticate if Authorization header is wrong" do
     headers = MERB_HEADERS.clone
     headers["HTTP_X_OPS_CONTENT_HASH"] += "_"