Module: Mongo::Auth

Extended by:
Auth
Included in:
Auth
Defined in:
lib/mongo/auth.rb,
lib/mongo/auth/cr.rb,
lib/mongo/auth/aws.rb,
lib/mongo/auth/base.rb,
lib/mongo/auth/ldap.rb,
lib/mongo/auth/user.rb,
lib/mongo/auth/x509.rb,
lib/mongo/auth/roles.rb,
lib/mongo/auth/scram.rb,
lib/mongo/auth/gssapi.rb,
lib/mongo/auth/scram256.rb,
lib/mongo/auth/user/view.rb,
lib/mongo/auth/stringprep.rb,
lib/mongo/auth/aws/request.rb,
lib/mongo/auth/aws/credentials.rb,
lib/mongo/auth/cr/conversation.rb,
lib/mongo/auth/aws/conversation.rb,
lib/mongo/auth/credential_cache.rb,
lib/mongo/auth/conversation_base.rb,
lib/mongo/auth/ldap/conversation.rb,
lib/mongo/auth/stringprep/tables.rb,
lib/mongo/auth/x509/conversation.rb,
lib/mongo/auth/scram/conversation.rb,
lib/mongo/auth/gssapi/conversation.rb,
lib/mongo/auth/aws/credentials_cache.rb,
lib/mongo/auth/scram256/conversation.rb,
lib/mongo/auth/sasl_conversation_base.rb,
lib/mongo/auth/scram_conversation_base.rb,
lib/mongo/auth/stringprep/profiles/sasl.rb,
lib/mongo/auth/aws/credentials_retriever.rb

Overview

This namespace contains all authentication related behavior.

Since:

  • 2.0.0

Defined Under Namespace

Modules: CredentialCache, Roles, StringPrep Classes: Aws, Base, CR, ConversationBase, Gssapi, InvalidConfiguration, InvalidMechanism, LDAP, SaslConversationBase, Scram, Scram256, ScramConversationBase, Unauthorized, User, X509

Constant Summary collapse

EXTERNAL =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

The external database name.

Since:

  • 2.0.0

'$external'.freeze
GET_NONCE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Constant for the nonce command.

Since:

  • 2.0.0

{ getnonce: 1 }.freeze
NONCE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Constant for the nonce field.

Since:

  • 2.0.0

'nonce'.freeze
SOURCES =
Note:

This map is not frozen because when mongo_kerberos is loaded, it mutates this map by adding the Kerberos authenticator.

Map the symbols parsed from the URI connection string to strategies.

Since:

  • 2.0.0

{
  aws: Aws,
  gssapi: Gssapi,
  mongodb_cr: CR,
  mongodb_x509: X509,
  plain: LDAP,
  scram: Scram,
  scram256: Scram256,
}

Instance Method Summary collapse

Instance Method Details

#get(user, connection, **opts) ⇒ Auth::Aws | Auth::CR | Auth::Gssapi | Auth::LDAP | Auth::Scram | Auth::Scram256 | Auth::X509

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Get an authenticator for the provided user to authenticate over the provided connection.

Parameters:

  • user (Auth::User)

    The user to authenticate.

  • connection (Mongo::Connection)

    The connection to authenticate over.

  • opts (Hash)

    a customizable set of options

Options Hash (**opts):

  • speculative_auth_client_nonce (String | nil)

    The client nonce used in speculative auth on the specified connection that produced the specified speculative auth result.

  • speculative_auth_result (BSON::Document | nil)

    The value of speculativeAuthenticate field of hello response of the handshake on the specified connection.

Returns:

Raises:

Since:

  • 2.0.0



97
98
99
100
101
# File 'lib/mongo/auth.rb', line 97

def get(user, connection, **opts)
  mechanism = user.mechanism
  raise InvalidMechanism.new(mechanism) if !SOURCES.has_key?(mechanism)
  SOURCES[mechanism].new(user, connection, **opts)
end