class RoadForest::Authorization::GrantsHolder

Caches the obfuscated tokens used to identify permission grants

Constants

PERCENT_ENCODINGS

Attributes

conceal[RW]

Public Class Methods

new(salt, hash_function) click to toggle source
# File lib/roadforest/authorization/grants-holder.rb, line 6
def initialize(salt, hash_function)
  digester = OpenSSL::HMAC.new(salt, hash_function)
  @conceal = true
  @grants_cache = Hash.new do |h, k| #XXX potential resource exhaustion here - only accumulate auth'd results
    if conceal
      digester.reset
      digester << token_for(k)
      h[k] = digester.hexdigest
    else
      token_for(k)
    end
  end
end

Public Instance Methods

[](key)
Alias for: get
build_grants() { |builder| ... } click to toggle source
# File lib/roadforest/authorization/grants-holder.rb, line 51
def build_grants
  builder = GrantBuilder.new(self)
  yield builder
  return builder.list
end
get(key) click to toggle source
# File lib/roadforest/authorization/grants-holder.rb, line 46
def get(key)
  @grants_cache[key]
end
Also aliased as: []
group(list, sep, replace) click to toggle source
# File lib/roadforest/authorization/grants-holder.rb, line 32
def group(list, sep, replace)
  list.map{|part| part.to_s.gsub(sep, replace)}.join(sep)
end
percent_encode(string) click to toggle source
# File lib/roadforest/authorization/grants-holder.rb, line 40
def percent_encode(string)
  string.gsub(%r|[\[\]:/?#@!$&'()*+;=]|) do |match|
    PERCENT_ENCODINGS[match]
  end
end
token_for(grant) click to toggle source

For use in URIs, per RFC3986: Cannot use: “:/?#[]@!$&‘()*+;=” Percent encoding uses % Can use: “.,$^*_-|<>~`” Grants are of the form [:name, [:key, value]*]

# File lib/roadforest/authorization/grants-holder.rb, line 26
def token_for(grant)
  name, attrs = *grant
  attrs = (attrs || []).map{|pair| group(pair, "_", "~")}
  percent_encode(group([name] + attrs, ".", "-"))
end