Class: RoadForest::Authorization::GrantsHolder

Inherits:

Object

• Object
• RoadForest::Authorization::GrantsHolder

Defined in:

lib/roadforest/authorization/grants-holder.rb

Overview

Caches the obfuscated tokens used to identify permission grants

Constant Summary

PERCENT_ENCODINGS =

Hash.new do |h,k|
  h[k] = k.force_encoding("US-ASCII").getbyte(0).to_s(16)
end

Instance Attribute Summary

• #conceal ⇒ Object

  Returns the value of attribute conceal.

Instance Method Summary

• #build_grants {|builder| ... } ⇒ Object
• #get(key) ⇒ Object (also: #[])
• #group(list, sep, replace) ⇒ Object
• #initialize(salt, hash_function) ⇒ GrantsHolder constructor

  A new instance of GrantsHolder.

• #percent_encode(string) ⇒ Object
• #token_for(grant) ⇒ Object

  For use in URIs, per RFC3986: Cannot use: “:/?#[]@!$&‘()*+;=” Percent encoding uses % Can use: “.,$^*_-|<>~`” Grants are of the form [:name, [:key, value]*].

Constructor Details

#initialize(salt, hash_function) ⇒ GrantsHolder

Returns a new instance of GrantsHolder.

# File 'lib/roadforest/authorization/grants-holder.rb', line 6

def initialize(salt, hash_function)
  digester = OpenSSL::HMAC.new(salt, hash_function)
  @conceal = true
  @grants_cache = Hash.new do |h, k| #XXX potential resource exhaustion here - only accumulate auth'd results
    if conceal
      digester.reset
      digester << token_for(k)
      h[k] = digester.hexdigest
    else
      token_for(k)
    end
  end
end

Instance Attribute Details

#conceal ⇒ Object

Returns the value of attribute conceal.

# File 'lib/roadforest/authorization/grants-holder.rb', line 19

def conceal
  @conceal
end

Instance Method Details

#build_grants {|builder| ... } ⇒ Object

Yields:

• (builder)

# File 'lib/roadforest/authorization/grants-holder.rb', line 51

def build_grants
  builder = GrantBuilder.new(self)
  yield builder
  return builder.list
end

#get(key) ⇒ Object Also known as: []

# File 'lib/roadforest/authorization/grants-holder.rb', line 46

def get(key)
  @grants_cache[key]
end

#group(list, sep, replace) ⇒ Object

# File 'lib/roadforest/authorization/grants-holder.rb', line 32

def group(list, sep, replace)
  list.map{|part| part.to_s.gsub(sep, replace)}.join(sep)
end

#percent_encode(string) ⇒ Object

# File 'lib/roadforest/authorization/grants-holder.rb', line 40

def percent_encode(string)
  string.gsub(%r|[\[\]:/?#@!$&'()*+;=]|) do |match|
    PERCENT_ENCODINGS[match]
  end
end

#token_for(grant) ⇒ Object

For use in URIs, per RFC3986: Cannot use: “:/?#[]@!$&‘()*+;=” Percent encoding uses % Can use: “.,$^*_-|<>~`” Grants are of the form [:name, [:key, value]*]

# File 'lib/roadforest/authorization/grants-holder.rb', line 26

def token_for(grant)
  name, attrs = *grant
  attrs = (attrs || []).map{|pair| group(pair, "_", "~")}
  percent_encode(group([name] + attrs, ".", "-"))
end