class ADAL::UserCredential
A convenience class for username and password credentials.
Attributes
password[R]
username[R]
Public Class Methods
new( username, password, authority_host = Authority::WORLD_WIDE_AUTHORITY)
click to toggle source
Constructs a new UserCredential
.
@param String username @param String password @optional String authority_host
The host name of the authority to verify the user against.
# File lib/adal/user_credential.rb, line 63 def initialize( username, password, authority_host = Authority::WORLD_WIDE_AUTHORITY) @username = username @password = password @authority_host = authority_host @discovery_path = "/common/userrealm/#{URI.escape @username}" end
Public Instance Methods
account_type()
click to toggle source
Determines the account type based on a Home Realm Discovery request.
@return UserCredential::AccountType
# File lib/adal/user_credential.rb, line 75 def account_type realm_discovery_response['account_type'] end
request_params()
click to toggle source
The OAuth parameters that respresent this UserCredential
.
@return Hash
# File lib/adal/user_credential.rb, line 83 def request_params case account_type when AccountType::MANAGED managed_request_params when AccountType::FEDERATED federated_request_params else fail UnsupportedAccountTypeError, account_type end end
to_s()
click to toggle source
:nocov:
# File lib/adal/user_credential.rb, line 95 def to_s "UserCredential[Username: #{@username}, AccountType: #{account_type}]" end
Private Instance Methods
federated_request_params()
click to toggle source
@return Hash
# File lib/adal/user_credential.rb, line 119 def federated_request_params logger.verbose("Getting OAuth parameters for Federated #{@username}.") wstrust_response = wstrust_request.execute(@username, @password) { assertion: Base64.encode64(wstrust_response.token).strip, grant_type: wstrust_response.grant_type, scope: :openid } end
federation_metadata_url()
click to toggle source
@return URI
# File lib/adal/user_credential.rb, line 128 def federation_metadata_url URI.parse(realm_discovery_response['federation_metadata_url']) end
managed_request_params()
click to toggle source
@return Hash
# File lib/adal/user_credential.rb, line 133 def managed_request_params logger.verbose("Getting OAuth parameters for Managed #{@username}.") { username: @username, password: @password, grant_type: TokenRequest::GrantType::PASSWORD, scope: :openid } end
mex_response()
click to toggle source
@return MexResponse
# File lib/adal/user_credential.rb, line 142 def mex_response @mex_response ||= MexRequest.new(federation_metadata_url).execute end
realm_discovery_response()
click to toggle source
Memoized response from the discovery endpoint. Since a UserCredential
is read only, this should only ever need to be called once. @return Hash
# File lib/adal/user_credential.rb, line 105 def realm_discovery_response @realm_discovery_response ||= JSON.parse(Net::HTTP.get(realm_discovery_uri)) end
realm_discovery_uri()
click to toggle source
@return URI
# File lib/adal/user_credential.rb, line 111 def realm_discovery_uri URI::HTTPS.build( host: @authority_host, path: @discovery_path, query: URI.encode_www_form('api-version' => '1.0')) end
wstrust_request()
click to toggle source
@return WSTrustRequest
# File lib/adal/user_credential.rb, line 147 def wstrust_request @wstrust_request ||= WSTrustRequest.new(mex_response.wstrust_url, mex_response.action) end