Class: PadlockAuth::Config::Builder

Inherits:

Utils::AbstractBuilder

• Object
• Utils::AbstractBuilder
• PadlockAuth::Config::Builder

Defined in:

lib/padlock_auth/config.rb

Overview

The configuration builder for ‘PadlockAuth::Config`.

See Also:

• Utils::AbstractBuilder

Instance Attribute Summary

Attributes inherited from Utils::AbstractBuilder

#config

Instance Method Summary

• #access_token_methods(*methods) ⇒ Object

  Change the way access token is authenticated from the request object.

• #action_cable_methods(*methods) ⇒ Object
• #default_scopes(*scopes) ⇒ Object

  Define default access token scopes for your endpoint.

• #raise_on_errors! ⇒ Object

  Calls to ‘padlock_authorize!` will raise an exception when authentication fails.

• #render_on_errors! ⇒ Object

  Calls to ‘padlock_authorize!` will render an error response when authentication fails.

• #secure_with(strategy) { ... } ⇒ PadlockAuth::AbstractStrategy

  Configure the strategy to use for authentication.

Methods inherited from Utils::AbstractBuilder

#build, #initialize

Constructor Details

This class inherits a constructor from PadlockAuth::Utils::AbstractBuilder

Instance Method Details

#access_token_methods(*methods) ⇒ Object

Change the way access token is authenticated from the request object.

By default it retrieves a Bearer token from the ‘HTTP_AUTHORIZATION` header, then falls back to the `:access_token` or `:bearer_token` params from the `params` object.

Available methods:

• ‘:from_bearer_authorization` - Extracts a Bearer token from the `HTTP_AUTHORIZATION` header

• ‘:from_access_token_param` - Extracts the token from the `:access_token` param

• ‘:from_bearer_param` - Extracts the token from the `:bearer_token` param

• ‘:from_basic_authorization` - Extracts Basic Auth credentials from the `HTTP_AUTHORIZATION` header

# File 'lib/padlock_auth/config.rb', line 93

def access_token_methods(*methods)
  config.instance_variable_set(:@access_token_methods, methods.flatten.compact)
end

#action_cable_methods(*methods) ⇒ Object

# File 'lib/padlock_auth/config.rb', line 97

def action_cable_methods(*methods)
  config.instance_variable_set(:@action_cable_methods, methods.flatten.compact)
end

#default_scopes(*scopes) ⇒ Object

Define default access token scopes for your endpoint.

Scopes are used to limit access to certain parts of your API. When a token is created, it is assigned a set of scopes that define what it can access.

Calls to ‘padlock_authorize!` will check that the token has the required scopes, if no scopes are provided, the default scopes will be used.

token scopes

# File 'lib/padlock_auth/config.rb', line 75

def default_scopes(*scopes)
  config.instance_variable_set(:@default_scopes, PadlockAuth::Config::Scopes.from_array(*scopes))
end

#raise_on_errors! ⇒ Object

Calls to ‘padlock_authorize!` will raise an exception when authentication fails.

# File 'lib/padlock_auth/config.rb', line 103

def raise_on_errors!
  handle_auth_errors(:raise)
end

#render_on_errors! ⇒ Object

Calls to ‘padlock_authorize!` will render an error response when authentication fails.

This is the default behavior.

# File 'lib/padlock_auth/config.rb', line 111

def render_on_errors!
  handle_auth_errors(:render)
end

#secure_with(strategy) { ... } ⇒ PadlockAuth::AbstractStrategy

Configure the strategy to use for authentication.

Strategies are responsible for building access tokens and authenticating them. PadlockAuth comes with a default strategy, ‘PadlockAuth::Token::Strategy`, which uses a shared secret key to build and authenticate access tokens.

A strategy can be provided as:

• an instance of ‘PadlockAuth::AbstractStrategy`, or one matching its interface,

• a class that responds to ‘.build` and returns an instance of `PadlockAuth::AbstractStrategy`, or

• a string or symbol representing a built-in strategy (e.g. ‘:token`)

The string or symbol strategy will be resolved to a class in the ‘PadlockAuth` namespace by appending `::Strategy` to the string and looking up the constant in the `PadlockAuth` namespace. For example, `:token` will resolve to `PadlockAuth::Token::Strategy`.

You can define your own strategy by subclassing ‘PadlockAuth::AbstractStrategy`, and passing an instance of your strategy to `secure_with`, or by using the naming convention and passing a string or symbol.

Yields:

• A block to configure the strategy (yielded by the strategy’s ‘build` method)

# File 'lib/padlock_auth/config.rb', line 50

def secure_with(strategy, &)
  strategy = case strategy
  when String, Symbol
    strategy_klass = "PadlockAuth::#{strategy.to_s.camelize}::Strategy".safe_constantize
    raise ArgumentError, "unknown strategy: #{strategy}" unless strategy_klass
    strategy_klass.build(&)
  when Class
    strategy.build(&)
  else
    strategy
  end
  config.instance_variable_set(:@strategy, strategy)
end