Class: IAuthU::Authenticator::Chained

Inherits:

Object
Base
IAuthU::Authenticator::Chained

Defined in:: lib/iauthu/authenticator/chained.rb

Overview

The Chained Authenticator allows multiple authentication objects to

be combined. The order in which authenticators are added is the order
in which they are executed. The identity hash that each authenticator
returns is combined with the one returned by the previous authenticator.

  local_auth = IAuthU::Authenticator::Chained.build {
    #Use builtin htaccess authenticator
    use IAuthU::Authenticator::FileBased.new('/etc/itunesu/user.auth'), :required => true

    #Call a custom authenticator
    use CustomLDAPAuth.new

    #Add default user credential to all identities
    use lambda {|user,pass| {:credentials => [:user]}} 
  }

Defined Under Namespace

Classes: Builder

Class Method Summary collapse

.build(&block) ⇒ Object

Allows easy construction of chained authenticators.

Instance Method Summary collapse

#<<(authenticator) ⇒ Object

Append an authenticator to the authentication chain.
#add(authenticator, opts = {}) ⇒ Object

Append an authenticator to the authentication chain.
#call(username, password) ⇒ Object

Invoke the authentication chain.
#initialize(*args) ⇒ Chained constructor

Creates a new Chained authentication object.

Methods inherited from Base

#required, #required=, #sufficient, #sufficient=

Constructor Details

#initialize(*args) ⇒ `Chained`

Creates a new Chained authentication object. A list of authenticators can be passed. This will create an authentication chain compoased of the passed authenticators.



38
39
40

# File 'lib/iauthu/authenticator/chained.rb', line 38

def initialize(*args)
  @chain = args || []
end

Class Method Details

.build(&block) ⇒ `Object`

Allows easy construction of chained authenticators. The format for

specifying the authentication chain is:
  use someAuthenticator [, {:required => true|false, :sufficient => true|false}]

# File 'lib/iauthu/authenticator/chained.rb', line 29

def self.build(&block)
  chained = Builder.new
  chained.instance_eval(&block)
  chained.auth
end

Instance Method Details

#<<(authenticator) ⇒ `Object`

Append an authenticator to the authentication chain.



43
44
45

# File 'lib/iauthu/authenticator/chained.rb', line 43

def <<(authenticator)
  add authenticator
end

#add(authenticator, opts = {}) ⇒ `Object`

Append an authenticator to the authentication chain. Optionally specifiy if the authenticator is required or sufficient for the chain. required and sufficient both default to false.

chain.add MyAuth.new  # MyAuth is not required and not sufficient
chain.add MyAuth.new, :required => true, :sufficient => false

# File 'lib/iauthu/authenticator/chained.rb', line 52

def add(authenticator, opts={})
  authenticator.required = !!opts["required"] if opts["required"] && authenticator.respond_to?('required=')
  authenticator.sufficient = !!opts["sufficient"] if opts ["sufficient"] && authenticator.respond_to?('sufficient=')
  @chain << authenticator
end

#call(username, password) ⇒ `Object`

Invoke the authentication chain

# File 'lib/iauthu/authenticator/chained.rb', line 59

def call(username,password)
  auths = @chain.clone
  identity = {}
  until auths.empty?
    auth = auths.shift
    new_ident = auth.call(username,password)
    if new_ident.nil? && auth.respond_to?(:required) && auth.required
      #Authentication failed for a required authenticator
      return nil
    end
    identity = merge_identities(identity, new_ident)
    if identity && auth.respond_to?(:sufficient) && auth.sufficient
      #This authenticator is sufficient; do not continue down auth chain.
      break
    end
  end
  return nil if identity.empty?
  identity
end