class Mongo::Auth::SaslConversationBase
Defines common behavior around SASL conversations between the client and the server.
@api private
Constants
- CLIENT_CONTINUE_MESSAGE
The base client continue message.
- CLIENT_FIRST_MESSAGE
The base client first message.
Public Instance Methods
start(connection)
click to toggle source
Start the SASL conversation. This returns the first message that needs to be sent to the server.
@param [ Server::Connection ] connection The connection being authenticated.
@return [ Protocol::Message ] The first SASL conversation message.
# File lib/mongo/auth/sasl_conversation_base.rb, line 38 def start(connection) selector = client_first_document build_message(connection, user.auth_source, selector) end
Private Instance Methods
auth_mechanism_name()
click to toggle source
Gets the auth mechanism name for the conversation class.
Example return: SCRAM-SHA-1.
@return [ String ] Auth mechanism name.
# File lib/mongo/auth/sasl_conversation_base.rb, line 50 def auth_mechanism_name # self.class.name is e.g. Mongo::Auth::Scram256::Mechanism. # We need Mongo::Auth::Scram::MECHANISM. # Pull out the Scram256 part, get that class off of Auth, # then get the value of MECHANISM constant in Scram256. # With ActiveSupport, this method would be: # self.class.module_parent.const_get(:MECHANISM) parts = self.class.name.split('::') parts.pop Auth.const_get(parts.last).const_get(:MECHANISM) end
client_first_document()
click to toggle source
# File lib/mongo/auth/sasl_conversation_base.rb, line 66 def client_first_document payload = client_first_payload if Lint.enabled? unless payload.is_a?(String) raise Error::LintError, "Payload must be a string but is a #{payload.class}: #{payload}" end end doc = CLIENT_FIRST_MESSAGE.merge( mechanism: auth_mechanism_name, payload: BSON::Binary.new(payload), ) if options = client_first_message_options # Short SCRAM conversation, # https://jira.mongodb.org/browse/DRIVERS-707 doc[:options] = options end doc end
client_first_message_options()
click to toggle source
# File lib/mongo/auth/sasl_conversation_base.rb, line 62 def client_first_message_options nil end
validate_server_nonce!()
click to toggle source
Helper method to validate that server nonce starts with the client nonce.
Note that this class does not define the client_nonce or server_nonce attributes - derived classes must do so.
# File lib/mongo/auth/sasl_conversation_base.rb, line 90 def validate_server_nonce! if client_nonce.nil? || client_nonce.empty? raise ArgumentError, 'Cannot validate server nonce when client nonce is nil or empty' end unless server_nonce.start_with?(client_nonce) raise Error::InvalidNonce.new(client_nonce, server_nonce) end end