Class: MAuth::Client::LocalAuthenticator::SecurityTokenCacher
- Inherits:
-
Object
- Object
- MAuth::Client::LocalAuthenticator::SecurityTokenCacher
- Defined in:
- lib/mauth/client/security_token_cacher.rb
Instance Method Summary collapse
- #get(app_uuid) ⇒ Object
-
#initialize(mauth_client) ⇒ SecurityTokenCacher
constructor
A new instance of SecurityTokenCacher.
Constructor Details
#initialize(mauth_client) ⇒ SecurityTokenCacher
Returns a new instance of SecurityTokenCacher.
9 10 11 12 13 14 15 16 |
# File 'lib/mauth/client/security_token_cacher.rb', line 9 def initialize(mauth_client) @mauth_client = mauth_client # TODO: should this be UnableToSignError? @mauth_client.assert_private_key(UnableToAuthenticateError.new("Cannot fetch public keys from mAuth service without a private key!")) @cache = {} require 'thread' @cache_write_lock = Mutex.new end |
Instance Method Details
#get(app_uuid) ⇒ Object
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
# File 'lib/mauth/client/security_token_cacher.rb', line 18 def get(app_uuid) if !@cache[app_uuid] # url-encode the app_uuid to prevent trickery like escaping upward with ../../ in a malicious # app_uuid - probably not exploitable, but this is the right way to do it anyway. url_encoded_app_uuid = CGI.escape(app_uuid) begin response = signed_mauth_connection.get("/mauth/#{@mauth_client.mauth_api_version}/security_tokens/#{url_encoded_app_uuid}.json") rescue ::Faraday::ConnectionFailed, ::Faraday::TimeoutError => e msg = "mAuth service did not respond; received #{e.class}: #{e.message}" @mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}") raise UnableToAuthenticateError, msg end if response.status == 200 @cache_write_lock.synchronize do @cache[app_uuid] = security_token_from(response.body) end elsif response.status == 404 # signing with a key mAuth doesn't know about is considered inauthentic raise InauthenticError, "mAuth service responded with 404 looking up public key for #{app_uuid}" else @mauth_client.send(:mauth_service_response_error, response) end end @cache[app_uuid] end |