module Nurego::Auth

Attributes

client_id[RW]
client_secret[RW]
header_token[RW]
logger[RW]
provider_site[RW]

Public Class Methods

change_password(user_id, password, current_password) click to toggle source
# File lib/nurego/auth.rb, line 25
def change_password(user_id, password, current_password)
  uaa_user_account.change_password(user_id, password, current_password)
rescue CF::UAA::NotFound, CF::UAA::TargetError => e
  raise UserNotFoundError.new('User not found') # TODO better error message
rescue CF::UAA::AuthError, CF::UAA::BadResponse => e
  raise AuthenticationError.new('OAuth authentication failed ' +
                                    'Make sure you set "Nurego.client_id = <client_id>". ' +
                                    'Please also make sure you set "Nurego.client_secret = <client secret>". ' +
                                    'See https://www.nurego.com/api for details, or email support@nurego.com ' +
                                    'if you have any questions.') if e.message == "status 401" || e.is_a?(CF::UAA::AuthError)
  raise NuregoError "fetch_access_info #{e.inspect}"
end
login(username, password) click to toggle source
# File lib/nurego/auth.rb, line 17
def login(username, password)
  @header_token = fetch_header_token(username, password)
end
logout() click to toggle source
# File lib/nurego/auth.rb, line 21
def logout
  @header_token = nil
end
set_header_token(token) click to toggle source
# File lib/nurego/auth.rb, line 38
def set_header_token(token)
  @header_token = token
end

Private Class Methods

admin_access_token() click to toggle source
# File lib/nurego/auth.rb, line 90
def admin_access_token
  @admin_access_token ||= fetch_admin_access_token
end
build_token_issuer() click to toggle source
# File lib/nurego/auth.rb, line 100
def build_token_issuer
  CF::UAA::TokenIssuer.new(@provider_site, @client_id, @client_secret, {symbolize_keys: true}).tap do |issuer|
    issuer.logger = @logger
  end
end
build_uaa_user_account() click to toggle source
# File lib/nurego/auth.rb, line 94
def build_uaa_user_account
  CF::UAA::Scim.new(@provider_site, admin_access_token).tap do |uaa_user_account|
    uaa_user_account.logger = @logger
  end
end
fetch_access_info(username, password) click to toggle source
# File lib/nurego/auth.rb, line 43
def fetch_access_info(username, password)
  token = token_issuer.owner_password_grant(username, password)
  info = token.info
  {
      :access_token => info[:access_token],
      :refresh_token => info[:refresh_token],
      :token_type => info[:token_type],
      :expires_at => Time.now.to_i + info[:expires_in],
      :header_token => info[:token_type] + " " + info[:access_token]
  }
rescue CF::UAA::BadResponse, CF::UAA::TargetError => e
  raise AuthenticationError.new('OAuth authentication failed ' +
                                    'Make sure you set "Nurego.client_id = <client_id>". ' +
                                    'Please also make sure you set "Nurego.client_secret = <client secret>". ' +
                                    'See https://www.nurego.com/api for details, or email support@nurego.com ' +
                                    'if you have any questions.') if e.message == "status 401" || e.is_a?(CF::UAA::TargetError)
  raise NuregoError "fetch_access_info #{e.inspect}"
end
fetch_access_token(username, password) click to toggle source
# File lib/nurego/auth.rb, line 77
def fetch_access_token(username, password)
  fetch_access_info(username, password)[:access_token]
end
fetch_admin_access_token() click to toggle source
# File lib/nurego/auth.rb, line 62
def fetch_admin_access_token
  token = token_issuer.client_credentials_grant
  info = token.info

  info[:token_type] + " " + info[:access_token]
rescue CF::UAA::BadResponse => e
  #TODO check error message here
  raise AuthenticationError.new('OAuth authentication failed ' +
                                    'Make sure you set "Nurego.client_id = <client_id>". ' +
                                    'Please also make sure you set "Nurego.client_secret = <client secret>". ' +
                                    'See https://www.nurego.com/api for details, or email support@nurego.com ' +
                                    'if you have any questions.') if e.message == "status 401"
  raise NuregoError "fetch_access_info #{e.inspect}"
end
fetch_header_token(username, password) click to toggle source
# File lib/nurego/auth.rb, line 81
def fetch_header_token(username, password)
  access_info = fetch_access_info(username, password)

  {
      token: access_info[:header_token],
      expires_at: access_info[:expires_at]
  }
end
token_issuer() click to toggle source
# File lib/nurego/auth.rb, line 106
def token_issuer
  @token_issuer ||= build_token_issuer
end
uaa_user_account() click to toggle source
# File lib/nurego/auth.rb, line 110
def uaa_user_account
  @uaa_user_account ||= build_uaa_user_account
end