Class: MAuth::Client
- Inherits:
-
Object
- Object
- MAuth::Client
- Includes:
- Authenticator, Signer
- Defined in:
- lib/mauth/client.rb,
lib/mauth/errors.rb,
lib/mauth/client/signer.rb,
lib/mauth/client/authenticator.rb,
lib/mauth/client/security_token_cacher.rb
Overview
does operations which require a private key and corresponding app uuid. this is primarily:
-
signing outgoing requests and responses
-
authenticating incoming requests and responses, which may require retrieving the appropriate public key from mAuth (which requires a request to mAuth which is signed using the private key)
this nominally operates on request and response objects, but really the only requirements are that the object responds to the methods of MAuth::Signable and/or MAuth::Signed (as appropriate)
Defined Under Namespace
Modules: Authenticator, Signer Classes: ConfigurationError
Constant Summary collapse
- MWS_TOKEN =
'MWS'
- MWSV2_TOKEN =
'MWSV2'
- AUTH_HEADER_DELIMITER =
';'
- RACK_ENV_APP_UUID_KEY =
'mauth.app_uuid'
- SIGNING_DIGEST =
OpenSSL::Digest.new('SHA512')
Constants included from Signer
Constants included from Authenticator
Authenticator::ALLOWED_DRIFT_SECONDS
Class Method Summary collapse
-
.default_config(options = {}) ⇒ Object
returns a configuration (to be passed to MAuth::Client.new) which is configured from information stored in standard places.
Instance Method Summary collapse
- #assert_private_key(err) ⇒ Object
- #cache_store ⇒ Object
- #client_app_uuid ⇒ Object
- #disable_fallback_to_v1_on_v2_failure? ⇒ Boolean
- #faraday_options ⇒ Object
-
#initialize(config = {}) ⇒ Client
constructor
new client with the given App UUID and public key.
- #logger ⇒ Object
- #mauth_api_version ⇒ Object
- #mauth_baseurl ⇒ Object
- #private_key ⇒ Object
- #ssl_certs_path ⇒ Object
- #v1_only_sign_requests? ⇒ Boolean
- #v2_only_authenticate? ⇒ Boolean
- #v2_only_sign_requests? ⇒ Boolean
Methods included from Signer
#signature_v1, #signature_v2, #signed, #signed_headers, #signed_headers_v1, #signed_headers_v2, #signed_v1, #signed_v2
Methods included from Authenticator
Constructor Details
#initialize(config = {}) ⇒ Client
new client with the given App UUID and public key. config may include the following (all config keys may be strings or symbols):
-
private_key - required for signing and for authentication. may be given as a string or a OpenSSL::PKey::RSA instance.
-
app_uuid - required in the same circumstances where a private_key is required
-
mauth_baseurl - required. needed to retrieve public keys.
-
mauth_api_version - required. only ‘v1’ exists / is supported as of this writing.
-
logger - a Logger to which any useful information will be written. if this is omitted and Rails.logger exists, that will be used.
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 |
# File 'lib/mauth/client.rb', line 71 def initialize(config = {}) # stringify symbol keys given_config = config.stringify_symbol_keys # build a configuration which discards any irrelevant parts of the given config (small memory usage matters here) @config = {} if given_config['private_key_file'] && !given_config['private_key'] given_config['private_key'] = File.read(given_config['private_key_file']) end @config['private_key'] = case given_config['private_key'] when nil nil when String PrivateKeyHelper.load(given_config['private_key']) when OpenSSL::PKey::RSA given_config['private_key'] else raise MAuth::Client::ConfigurationError, "unrecognized value given for 'private_key' - this may be a " \ "String, a OpenSSL::PKey::RSA, or omitted; instead got: #{given_config['private_key'].inspect}" end @config['app_uuid'] = given_config['app_uuid'] @config['mauth_baseurl'] = given_config['mauth_baseurl'] @config['mauth_api_version'] = given_config['mauth_api_version'] @config['logger'] = given_config['logger'] || begin if Object.const_defined?(:Rails) && Rails.logger Rails.logger else require 'logger' is_win = RUBY_PLATFORM =~ /mswin|windows|mingw32|cygwin/i null_device = is_win ? 'NUL' : '/dev/null' ::Logger.new(File.open(null_device, File::WRONLY)) end end request_config = { timeout: 10, open_timeout: 3 } request_config.merge!(symbolize_keys(given_config['faraday_options'])) if given_config['faraday_options'] @config['faraday_options'] = { request: request_config } || {} @config['ssl_certs_path'] = given_config['ssl_certs_path'] if given_config['ssl_certs_path'] @config['v2_only_authenticate'] = given_config['v2_only_authenticate'].to_s.casecmp('true').zero? @config['v2_only_sign_requests'] = given_config['v2_only_sign_requests'].to_s.casecmp('true').zero? @config['v1_only_sign_requests'] = given_config['v1_only_sign_requests'].to_s.casecmp('true').zero? if @config['v2_only_sign_requests'] && @config['v1_only_sign_requests'] raise MAuth::Client::ConfigurationError, 'v2_only_sign_requests and v1_only_sign_requests may not both be true' end @config['disable_fallback_to_v1_on_v2_failure'] = given_config['disable_fallback_to_v1_on_v2_failure'].to_s.casecmp('true').zero? @config['use_rails_cache'] = given_config['use_rails_cache'] end |
Class Method Details
.default_config(options = {}) ⇒ Object
returns a configuration (to be passed to MAuth::Client.new) which is configured from information stored in standard places. all of which is overridable by options in case some defaults do not apply.
options (may be symbols or strings) - any or all may be omitted where your usage conforms to the defaults.
-
mauth_config - MAuth configuration. defaults to load this from environment variables. if this is specified, no environment variable is loaded, and the given config is passed through with any other defaults applied. at the moment, the only other default is to set the logger.
-
logger - by default checks ::Rails.logger
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'lib/mauth/client.rb', line 44 def self.default_config( = {}) = .stringify_symbol_keys # find mauth config mauth_config = ['mauth_config'] || ConfigEnv.load unless mauth_config.key?('logger') # the logger. Rails.logger if it exists, otherwise, no logger mauth_config['logger'] = ['logger'] || begin if Object.const_defined?(:Rails) && ::Rails.respond_to?(:logger) Rails.logger end end end mauth_config end |
Instance Method Details
#assert_private_key(err) ⇒ Object
166 167 168 |
# File 'lib/mauth/client.rb', line 166 def assert_private_key(err) raise err unless private_key end |
#cache_store ⇒ Object
170 171 172 |
# File 'lib/mauth/client.rb', line 170 def cache_store Rails.cache if @config['use_rails_cache'] && Object.const_defined?(:Rails) && ::Rails.respond_to?(:cache) end |
#client_app_uuid ⇒ Object
126 127 128 |
# File 'lib/mauth/client.rb', line 126 def client_app_uuid @config['app_uuid'] end |
#disable_fallback_to_v1_on_v2_failure? ⇒ Boolean
158 159 160 |
# File 'lib/mauth/client.rb', line 158 def disable_fallback_to_v1_on_v2_failure? @config['disable_fallback_to_v1_on_v2_failure'] end |
#faraday_options ⇒ Object
142 143 144 |
# File 'lib/mauth/client.rb', line 142 def @config['faraday_options'] end |
#logger ⇒ Object
122 123 124 |
# File 'lib/mauth/client.rb', line 122 def logger @config['logger'] end |
#mauth_api_version ⇒ Object
134 135 136 |
# File 'lib/mauth/client.rb', line 134 def mauth_api_version @config['mauth_api_version'] || raise(MAuth::Client::ConfigurationError, 'no configured mauth_api_version!') end |
#mauth_baseurl ⇒ Object
130 131 132 |
# File 'lib/mauth/client.rb', line 130 def mauth_baseurl @config['mauth_baseurl'] || raise(MAuth::Client::ConfigurationError, 'no configured mauth_baseurl!') end |
#private_key ⇒ Object
138 139 140 |
# File 'lib/mauth/client.rb', line 138 def private_key @config['private_key'] end |
#ssl_certs_path ⇒ Object
146 147 148 |
# File 'lib/mauth/client.rb', line 146 def ssl_certs_path @config['ssl_certs_path'] end |
#v1_only_sign_requests? ⇒ Boolean
162 163 164 |
# File 'lib/mauth/client.rb', line 162 def v1_only_sign_requests? @config['v1_only_sign_requests'] end |
#v2_only_authenticate? ⇒ Boolean
154 155 156 |
# File 'lib/mauth/client.rb', line 154 def v2_only_authenticate? @config['v2_only_authenticate'] end |
#v2_only_sign_requests? ⇒ Boolean
150 151 152 |
# File 'lib/mauth/client.rb', line 150 def v2_only_sign_requests? @config['v2_only_sign_requests'] end |