Method: Normalize each parameter by assuming each parameter may have already been encoded, so attempt to decode, and then re-encode according to RFC 3986
Source: includes/legacy/api/v2/class-wc-api-authentication.php:296
Method: Verify that the timestamp and nonce provided with the request are valid. This prevents replay attacks where an attacker could attempt to re-send an intercepted request at a later time.
Source: includes/legacy/api/v2/class-wc-api-authentication.php:324
Method: Check that the API keys provided have the proper key-specific permissions to either read or write API resources
Source: includes/legacy/api/v2/class-wc-api-authentication.php:369
Method: Updated API Key last access datetime
Source: includes/legacy/api/v2/class-wc-api-authentication.php:397
Method: Get user by ID
Source: includes/legacy/api/v2/class-wc-api-authentication.php:196
Method: Check if the consumer secret provided for the given user is valid
Source: includes/legacy/api/v2/class-wc-api-authentication.php:214
Method: Verify that the consumer-provided request signature matches our generated signature, this ensures the consumer has a valid key/secret
Source: includes/legacy/api/v2/class-wc-api-authentication.php:226
Method: Setup class
Source: includes/legacy/api/v2/class-wc-api-authentication.php:23
Method: Authenticate the request. The authentication method varies based on whether the request was made over SSL or not.
Source: includes/legacy/api/v2/class-wc-api-authentication.php:36
Method: SSL-encrypted requests are not subject to sniffing or man-in-the-middle attacks, so the request can be authenticated by simply looking up the user associated with the given consumer key and confirming the consumer secret provided is valid
Source: includes/legacy/api/v2/class-wc-api-authentication.php:75