class ADAL::Authority
An authentication and token server with the ability to self validate.
Constants
- AUTHORIZE_PATH
- COMMON_TENANT
- DISCOVERY_TEMPLATE
- TENANT_DISCOVERY_ENDPOINT_KEY
- TOKEN_PATH
- WELL_KNOWN_AUTHORITY_HOSTS
- WORLD_WIDE_AUTHORITY
Attributes
host[R]
tenant[R]
Public Class Methods
new(host = WORLD_WIDE_AUTHORITY, tenant = COMMON_TENANT, validate_authority = false)
click to toggle source
Creates a new Authority
.
@param [String] host
The host name of the authority server.
@param [String] tenant
The name of the tenant for the Authority to access.
@option [Boolean] validate_authority (false)
The setting that controls whether the Authority instance will check that it matches a set of know authorities or can dynamically retrieve an identifying response.
# File lib/adal/authority.rb, line 63 def initialize(host = WORLD_WIDE_AUTHORITY, tenant = COMMON_TENANT, validate_authority = false) @host = host @tenant = tenant @validated = !validate_authority end
Public Instance Methods
token_endpoint()
click to toggle source
URI that can be used to acquire tokens.
@return [URI]
# File lib/adal/authority.rb, line 94 def token_endpoint URI::HTTPS.build(host: @host, path: '/' + @tenant + TOKEN_PATH) end
validate()
click to toggle source
Checks if the authority matches a set list of known authorities or if it can be resolved by the discovery endpoint.
@return [Boolean]
True if the Authority was successfully validated.
# File lib/adal/authority.rb, line 104 def validate @validated = validated_statically? unless validated? @validated = validated_dynamically? unless validated? @validated end
validated?()
click to toggle source
@return [Boolean]
# File lib/adal/authority.rb, line 111 def validated? @validated end
Private Instance Methods
discovery_uri(host = WORLD_WIDE_AUTHORITY)
click to toggle source
Creates an instance discovery endpoint url for authority that this object represents.
@return [URI]
# File lib/adal/authority.rb, line 122 def discovery_uri(host = WORLD_WIDE_AUTHORITY) URI(DISCOVERY_TEMPLATE.expand(host: host, endpoint: authorize_endpoint)) end
parse_dynamic_validation(response)
click to toggle source
@param Hash @return Boolean
# File lib/adal/authority.rb, line 155 def parse_dynamic_validation(response) unless response.key? TENANT_DISCOVERY_ENDPOINT_KEY logger.error('Received unexpected response from instance discovery ' \ "endpoint: #{response}. Unable to validate dynamically.") return false end logger.verbose('Authority validated via dynamic instance discovery.') response[TENANT_DISCOVERY_ENDPOINT_KEY] end
validated_dynamically?()
click to toggle source
Performs instance discovery via a network call to well known authorities.
@return [String]
The tenant discovery endpoint, if found. Otherwise nil.
# File lib/adal/authority.rb, line 131 def validated_dynamically? logger.verbose("Attempting instance discovery at: #{discovery_uri}.") http_response = Net::HTTP.get(discovery_uri) if http_response.nil? logger.error('Dynamic validation received no response from endpoint.') return false end parse_dynamic_validation(JSON.parse(http_response)) end
validated_statically?()
click to toggle source
@return [Boolean]
# File lib/adal/authority.rb, line 142 def validated_statically? logger.verbose('Performing static instance discovery.') found_it = WELL_KNOWN_AUTHORITY_HOSTS.include? @host if found_it logger.verbose('Authority validated via static instance discovery.') end found_it end