class Shaf::Authenticator::Base

Public Class Methods

challenges_for(realm) click to toggle source
# File lib/shaf/authenticator/base.rb, line 67
def challenges_for(realm)
  challenges.select do |challenge|
    challenge.realm? realm
  end
end
inherited(child) click to toggle source
# File lib/shaf/authenticator/base.rb, line 32
def inherited(child)
  Authenticator.register(child)
end
param(name, required: true, default: nil, values: nil) click to toggle source
# File lib/shaf/authenticator/base.rb, line 52
def param(name, required: true, default: nil, values: nil)
  params[name.to_sym] = Parameter.new(
    name,
    required: required,
    default: default,
    values: values
  )
end
params() click to toggle source
# File lib/shaf/authenticator/base.rb, line 88
def params
  @params ||= superclass.respond_to?(:params) ? superclass.params.dup : {}
end
restricted(**parameters, &block) click to toggle source
# File lib/shaf/authenticator/base.rb, line 61
def restricted(**parameters, &block)
  validate! parameters
  add_defaults! parameters
  challenges << Challenge.new(scheme, **parameters, &block)
end
scheme(scheme = nil) click to toggle source
# File lib/shaf/authenticator/base.rb, line 36
def scheme(scheme = nil)
  if scheme
    @scheme = scheme.to_s
  elsif @scheme
    @scheme
  else
    raise Error, "#{self} must specify a scheme!"
  end
end
scheme?(str) click to toggle source
# File lib/shaf/authenticator/base.rb, line 46
def scheme?(str)
  return false unless scheme

  str.to_s.downcase == scheme.downcase
end
user(request, realm: nil) click to toggle source
# File lib/shaf/authenticator/base.rb, line 73
def user(request, realm: nil)
  auth = authorization(request)
  cred = credentials(auth, request) || {}
  raise WrongCredentialsReturnTypeError.new(self, cred.class) unless cred.kind_of? Hash

  return if cred.compact.empty?

  challenges_for(realm).each do |challenge|
    user = challenge.test(**cred)
    return user if user
  end

  nil
end

Protected Class Methods

credentials(authorization, request) click to toggle source

Subclasses should implement this method. The return value should be and array that will get passed as block arguments to the block passed to restricted

# File lib/shaf/authenticator/base.rb, line 96
def credentials(authorization, request); end

Private Class Methods

add_defaults!(parameters) click to toggle source
# File lib/shaf/authenticator/base.rb, line 141
def add_defaults!(parameters)
  params.each do |key, param|
    next unless param.default
    parameters[key] ||= param.default
  end
end
authorization(request) click to toggle source
# File lib/shaf/authenticator/base.rb, line 152
def authorization(request)
  return unless request.authorization

  request.authorization.sub(/^#{scheme} /i, '')
end
challenges() click to toggle source
# File lib/shaf/authenticator/base.rb, line 100
def challenges
  @challenges ||= []
end
logger() click to toggle source
# File lib/shaf/authenticator/base.rb, line 137
def logger
  Shaf.logger
end
required_params() click to toggle source
# File lib/shaf/authenticator/base.rb, line 148
def required_params
  params.values.select(&:required?)
end
validate!(parameters) click to toggle source
# File lib/shaf/authenticator/base.rb, line 104
def validate!(parameters)
  validate_required(parameters)
  validate_params(parameters)
end
validate_params(parameters) click to toggle source
# File lib/shaf/authenticator/base.rb, line 121
def validate_params(parameters)
  errors = []

  parameters.each do |key, value|
    if params.key? key
      errors << [key, value] unless params[key].valid? value
    else
      logger.warn "Unsupported authenticator parameter " \
                  "for #{self}: #{key} = \"#{value}\""
      parameters.delete(key)
    end
  end

  raise InvalidParameterError.new(self, *errors) unless errors.empty?
end
validate_required(parameters) click to toggle source
# File lib/shaf/authenticator/base.rb, line 109
def validate_required(parameters)
  errors = []

  required_params.each do |param|
    next if parameters.key? param.name
    next if param.default
    errors << param.name
  end

  raise MissingParametersError.new(self, *errors) unless errors.empty?
end