Class: RobustServerSocket::ClientToken

Inherits:
Object
  • Object
show all
Defined in:
lib/robust_server_socket/client_token.rb

Constant Summary collapse

TOKEN_REGEXP = 
/\A(.+)_(\d{10,})\z/.freeze
InvalidToken = 
Class.new(StandardError)
UnauthorizedClient = 
Class.new(StandardError)
UsedToken = 
Class.new(StandardError)
StaleToken = 
Class.new(StandardError)

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(secure_token) ⇒ ClientToken

Returns a new instance of ClientToken.



20
21
22
23
 
# File 'lib/robust_server_socket/client_token.rb', line 20

def initialize(secure_token)
  @secure_token = validate_secure_token_input(secure_token)
  @client = nil
end

Class Method Details

.validate!(secure_token) ⇒ Object 



14
15
16
17
18
 
# File 'lib/robust_server_socket/client_token.rb', line 14

def self.validate!(secure_token)
  new(secure_token).tap do |instance|
    instance.validate!
  end
end

Instance Method Details

#atomic_validate_and_log_tokenObject 



65
66
67
68
69
70
71
72
 
# File 'lib/robust_server_socket/client_token.rb', line 65

def atomic_validate_and_log_token
  SecureToken::Cacher.atomic_validate_and_log(
    decrypted_token,
    token_expiration_time + 300,
    timestamp,
    token_expiration_time
  )
end

#clientObject 



54
55
56
57
58
59
 
# File 'lib/robust_server_socket/client_token.rb', line 54

def client
  @client ||= begin
    target = client_name.strip
    allowed_clients.detect { |allowed| allowed.eql?(target) }
  end
end

#decrypted_tokenObject 



74
75
76
 
# File 'lib/robust_server_socket/client_token.rb', line 74

def decrypted_token
  @decrypted_token ||= SecureToken::Decrypt.call(@secure_token)
end

#token_not_expired?Boolean

Returns:

  • (Boolean) 


61
62
63
 
# File 'lib/robust_server_socket/client_token.rb', line 61

def token_not_expired?
  token_expiration_time > Time.now.utc.to_i - timestamp
end

#valid?Boolean

Returns:

  • (Boolean) 


45
46
47
48
49
50
51
52
 
# File 'lib/robust_server_socket/client_token.rb', line 45

def valid?
  !!(decrypted_token &&
    client &&
    RateLimiter.check(client) &&
    atomic_validate_and_log_token == 'ok')
rescue StandardError
  false
end

#validate!Object

Raises:



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/robust_server_socket/client_token.rb', line 25

def validate!
  raise InvalidToken unless decrypted_token
  raise UnauthorizedClient unless client

  RateLimiter.check!(client)

  result = atomic_validate_and_log_token

  case result
  when 'stale'
    raise StaleToken
  when 'used'
    raise UsedToken
  when 'ok'
    true
  else
    raise InvalidToken, "Unexpected validation result: #{result}"
  end
end