Class: HTTPI::Auth::SSL
- Inherits:
-
Object
- Object
- HTTPI::Auth::SSL
- Defined in:
- lib/httpi/auth/ssl.rb
Overview
HTTPI::Auth::SSL
Provides SSL client authentication.
Constant Summary collapse
- VERIFY_MODES =
[:none, :peer, :fail_if_no_peer_cert, :client_once]
Instance Attribute Summary collapse
-
#ca_cert ⇒ Object
Returns an
OpenSSL::X509::Certificate
for theca_cert_file
. -
#ca_cert_file ⇒ Object
Accessor for the cacert file to validate SSL certificates.
-
#cert ⇒ Object
Returns an
OpenSSL::X509::Certificate
for thecert_file
. -
#cert_file ⇒ Object
Accessor for the cert file to validate SSL connections.
-
#cert_key ⇒ Object
Returns an
OpenSSL::PKey::RSA
for thecert_key_file
. -
#cert_key_file ⇒ Object
Accessor for the cert key file to validate SSL certificates.
-
#cert_key_password ⇒ Object
Accessor for the cert key password to validate SSL certificates.
Instance Method Summary collapse
-
#openssl_verify_mode ⇒ Object
Returns the SSL verify mode as a
OpenSSL::SSL::VERIFY_*
constant. -
#present? ⇒ Boolean
Returns whether SSL configuration is present.
-
#verify_mode ⇒ Object
Returns the SSL verify mode.
-
#verify_mode=(mode) ⇒ Object
Sets the SSL verify mode.
Instance Attribute Details
#ca_cert ⇒ Object
Returns an OpenSSL::X509::Certificate
for the ca_cert_file
.
52 53 54 |
# File 'lib/httpi/auth/ssl.rb', line 52 def ca_cert @ca_cert ||= OpenSSL::X509::Certificate.new File.read(ca_cert_file) end |
#ca_cert_file ⇒ Object
Accessor for the cacert file to validate SSL certificates.
30 31 32 |
# File 'lib/httpi/auth/ssl.rb', line 30 def ca_cert_file @ca_cert_file end |
#cert ⇒ Object
Returns an OpenSSL::X509::Certificate
for the cert_file
.
44 45 46 |
# File 'lib/httpi/auth/ssl.rb', line 44 def cert @cert ||= OpenSSL::X509::Certificate.new File.read(cert_file) if cert_file end |
#cert_file ⇒ Object
Accessor for the cert file to validate SSL connections.
27 28 29 |
# File 'lib/httpi/auth/ssl.rb', line 27 def cert_file @cert_file end |
#cert_key ⇒ Object
Returns an OpenSSL::PKey::RSA
for the cert_key_file
.
60 61 62 |
# File 'lib/httpi/auth/ssl.rb', line 60 def cert_key @cert_key ||= OpenSSL::PKey::RSA.new(File.read(cert_key_file), cert_key_password) if cert_key_file end |
#cert_key_file ⇒ Object
Accessor for the cert key file to validate SSL certificates.
21 22 23 |
# File 'lib/httpi/auth/ssl.rb', line 21 def cert_key_file @cert_key_file end |
#cert_key_password ⇒ Object
Accessor for the cert key password to validate SSL certificates.
24 25 26 |
# File 'lib/httpi/auth/ssl.rb', line 24 def cert_key_password @cert_key_password end |
Instance Method Details
#openssl_verify_mode ⇒ Object
Returns the SSL verify mode as a OpenSSL::SSL::VERIFY_*
constant.
68 69 70 71 72 73 74 75 |
# File 'lib/httpi/auth/ssl.rb', line 68 def openssl_verify_mode case verify_mode when :none then OpenSSL::SSL::VERIFY_NONE when :peer then OpenSSL::SSL::VERIFY_PEER when :fail_if_no_peer_cert then OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT when :client_once then OpenSSL::SSL::VERIFY_CLIENT_ONCE end end |
#present? ⇒ Boolean
Returns whether SSL configuration is present.
14 15 16 17 18 |
# File 'lib/httpi/auth/ssl.rb', line 14 def present? (verify_mode == :none) || (cert && cert_key) rescue TypeError, Errno::ENOENT false end |
#verify_mode ⇒ Object
Returns the SSL verify mode. Defaults to :peer
.
33 34 35 |
# File 'lib/httpi/auth/ssl.rb', line 33 def verify_mode @verify_mode ||= :peer end |
#verify_mode=(mode) ⇒ Object
Sets the SSL verify mode. Expects one of HTTPI::Auth::SSL::VERIFY_MODES
.
38 39 40 41 |
# File 'lib/httpi/auth/ssl.rb', line 38 def verify_mode=(mode) raise ArgumentError, "Invalid SSL verify mode: #{mode}" unless VERIFY_MODES.include? mode @verify_mode = mode end |