Class: MAuth::Client

Inherits:
Object
  • Object
show all
Includes:
Authenticator, Signer
Defined in:
lib/mauth/client.rb,
lib/mauth/errors.rb,
lib/mauth/client/signer.rb,
lib/mauth/client/authenticator.rb,
lib/mauth/client/security_token_cacher.rb

Overview

does operations which require a private key and corresponding app uuid. this is primarily:

  • signing outgoing requests and responses

  • authenticating incoming requests and responses, which may require retrieving the appropriate public key from mAuth (which requires a request to mAuth which is signed using the private key)

this nominally operates on request and response objects, but really the only requirements are that the object responds to the methods of MAuth::Signable and/or MAuth::Signed (as appropriate)

Defined Under Namespace

Modules: Authenticator, Signer Classes: ConfigurationError

Constant Summary collapse

MWS_TOKEN = 
'MWS'
MWSV2_TOKEN = 
'MWSV2'
AUTH_HEADER_DELIMITER = 
';'
RACK_ENV_APP_UUID_KEY = 
'mauth.app_uuid'
SIGNING_DIGEST = 
OpenSSL::Digest.new('SHA512')

Constants included from Signer

Signer::UNABLE_TO_SIGN_ERR

Constants included from Authenticator

Authenticator::ALLOWED_DRIFT_SECONDS

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Signer

#signature_v1, #signature_v2, #signed, #signed_headers, #signed_headers_v1, #signed_headers_v2, #signed_v1, #signed_v2

Methods included from Authenticator

#authentic?, #authenticate!

Constructor Details

#initialize(config = {}) ⇒ Client

new client with the given App UUID and public key. config may include the following (all config keys may be strings or symbols):

  • private_key - required for signing and for authentication. may be given as a string or a OpenSSL::PKey::RSA instance.

  • app_uuid - required in the same circumstances where a private_key is required

  • mauth_baseurl - required. needed to retrieve public keys.

  • mauth_api_version - required. only ‘v1’ exists / is supported as of this writing.

  • logger - a Logger to which any useful information will be written. if this is omitted and Rails.logger exists, that will be used.



71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
 
# File 'lib/mauth/client.rb', line 71

def initialize(config = {})
  # stringify symbol keys
  given_config = config.stringify_symbol_keys
  # build a configuration which discards any irrelevant parts of the given config (small memory usage matters here)
  @config = {}
  if given_config['private_key_file'] && !given_config['private_key']
    given_config['private_key'] = File.read(given_config['private_key_file'])
  end
  @config['private_key'] =
    case given_config['private_key']
    when nil
      nil
    when String
      PrivateKeyHelper.load(given_config['private_key'])
    when OpenSSL::PKey::RSA
      given_config['private_key']
    else
      raise MAuth::Client::ConfigurationError,
        "unrecognized value given for 'private_key' - this may be a " \
        "String, a OpenSSL::PKey::RSA, or omitted; instead got: #{given_config['private_key'].inspect}"
    end
  @config['app_uuid'] = given_config['app_uuid']
  @config['mauth_baseurl'] = given_config['mauth_baseurl']
  @config['mauth_api_version'] = given_config['mauth_api_version']
  @config['logger'] = given_config['logger'] || begin
    if Object.const_defined?(:Rails) && Rails.logger
      Rails.logger
    else
      require 'logger'
      ::Logger.new(File.open(File::NULL, File::WRONLY))
    end
  end

  request_config = { timeout: 10, open_timeout: 3 }
  request_config.merge!(symbolize_keys(given_config['faraday_options'])) if given_config['faraday_options']
  @config['faraday_options'] = { request: request_config } || {}
  @config['ssl_certs_path'] = given_config['ssl_certs_path'] if given_config['ssl_certs_path']
  @config['v2_only_authenticate'] = given_config['v2_only_authenticate'].to_s.casecmp('true').zero?
  @config['v2_only_sign_requests'] = given_config['v2_only_sign_requests'].to_s.casecmp('true').zero?
  @config['v1_only_sign_requests'] = given_config['v1_only_sign_requests'].to_s.casecmp('true').zero?
  if @config['v2_only_sign_requests'] && @config['v1_only_sign_requests']
    raise MAuth::Client::ConfigurationError, 'v2_only_sign_requests and v1_only_sign_requests may not both be true'
  end

  @config['disable_fallback_to_v1_on_v2_failure'] =
    given_config['disable_fallback_to_v1_on_v2_failure'].to_s.casecmp('true').zero?
  @config['use_rails_cache'] = given_config['use_rails_cache']
end

Class Method Details

.default_config(options = {}) ⇒ Object

returns a configuration (to be passed to MAuth::Client.new) which is configured from information stored in standard places. all of which is overridable by options in case some defaults do not apply.

options (may be symbols or strings) - any or all may be omitted where your usage conforms to the defaults.

  • mauth_config - MAuth configuration. defaults to load this from environment variables. if this is specified, no environment variable is loaded, and the given config is passed through with any other defaults applied. at the moment, the only other default is to set the logger.

  • logger - by default checks ::Rails.logger



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/mauth/client.rb', line 44

def self.default_config(options = {})
  options = options.stringify_symbol_keys

  # find mauth config
  mauth_config = options['mauth_config'] || ConfigEnv.load

  unless mauth_config.key?('logger')
    # the logger. Rails.logger if it exists, otherwise, no logger
    mauth_config['logger'] = options['logger'] || begin
      if Object.const_defined?(:Rails) && ::Rails.respond_to?(:logger)
        Rails.logger
      end
    end
  end

  mauth_config
end

Instance Method Details

#assert_private_key(err) ⇒ Object 



164
165
166
 
# File 'lib/mauth/client.rb', line 164

def assert_private_key(err)
  raise err unless private_key
end

#cache_storeObject 



168
169
170
 
# File 'lib/mauth/client.rb', line 168

def cache_store
  Rails.cache if @config['use_rails_cache'] && Object.const_defined?(:Rails) && ::Rails.respond_to?(:cache)
end

#client_app_uuidObject 



124
125
126
 
# File 'lib/mauth/client.rb', line 124

def client_app_uuid
  @config['app_uuid']
end

#disable_fallback_to_v1_on_v2_failure?Boolean

Returns:

  • (Boolean) 


156
157
158
 
# File 'lib/mauth/client.rb', line 156

def disable_fallback_to_v1_on_v2_failure?
  @config['disable_fallback_to_v1_on_v2_failure']
end

#faraday_optionsObject 



140
141
142
 
# File 'lib/mauth/client.rb', line 140

def faraday_options
  @config['faraday_options']
end

#loggerObject 



120
121
122
 
# File 'lib/mauth/client.rb', line 120

def logger
  @config['logger']
end

#mauth_api_versionObject 



132
133
134
 
# File 'lib/mauth/client.rb', line 132

def mauth_api_version
  @config['mauth_api_version'] || raise(MAuth::Client::ConfigurationError, 'no configured mauth_api_version!')
end

#mauth_baseurlObject 



128
129
130
 
# File 'lib/mauth/client.rb', line 128

def mauth_baseurl
  @config['mauth_baseurl'] || raise(MAuth::Client::ConfigurationError, 'no configured mauth_baseurl!')
end

#private_keyObject 



136
137
138
 
# File 'lib/mauth/client.rb', line 136

def private_key
  @config['private_key']
end

#ssl_certs_pathObject 



144
145
146
 
# File 'lib/mauth/client.rb', line 144

def ssl_certs_path
  @config['ssl_certs_path']
end

#v1_only_sign_requests?Boolean

Returns:

  • (Boolean) 


160
161
162
 
# File 'lib/mauth/client.rb', line 160

def v1_only_sign_requests?
  @config['v1_only_sign_requests']
end

#v2_only_authenticate?Boolean

Returns:

  • (Boolean) 


152
153
154
 
# File 'lib/mauth/client.rb', line 152

def v2_only_authenticate?
  @config['v2_only_authenticate']
end

#v2_only_sign_requests?Boolean

Returns:

  • (Boolean) 


148
149
150
 
# File 'lib/mauth/client.rb', line 148

def v2_only_sign_requests?
  @config['v2_only_sign_requests']
end