class Mongo::Auth::Gssapi::Conversation

Defines behaviour around a single Kerberos conversation between the client and the server.

@api private

Constants

CONTINUE_MESSAGE

The base client continue message.

START_MESSAGE

The base client first message.

Attributes

authenticator[R]

@return [ Authenticator ] authenticator The native SASL authenticator.

id[R]

Get the id of the conversation.

@return [ Integer ] The conversation id.

Public Class Methods

new(user, connection, **opts) click to toggle source

Create the new conversation.

@example Create the new conversation.

Conversation.new(user, 'test.example.com')

@param [ Auth::User ] user The user to converse about. @param [ Mongo::Connection ] connection The connection to

authenticate over.

@since 2.0.0

Calls superclass method
# File lib/mongo/auth/gssapi/conversation.rb, line 44
def initialize(user, connection, **opts)
  super
  host = connection.address.host
  unless defined?(Mongo::GssapiNative)
    require 'mongo_kerberos'
  end
  @authenticator = Mongo::GssapiNative::Authenticator.new(
    user.name,
    host,
    user.auth_mech_properties[:service_name] || 'mongodb',
    user.auth_mech_properties[:canonicalize_host_name] || false,
  )
end

Public Instance Methods

client_first_document() click to toggle source
# File lib/mongo/auth/gssapi/conversation.rb, line 66
def client_first_document
  start_token = authenticator.initialize_challenge
  START_MESSAGE.merge(mechanism: Gssapi::MECHANISM, payload: start_token)
end
continue(reply_document, connection) click to toggle source

Continue the conversation.

@param [ BSON::Document ] reply_document The reply document of the

previous message.

@return [ Protocol::Message ] The next query to execute.

# File lib/mongo/auth/gssapi/conversation.rb, line 77
def continue(reply_document, connection)
  @id = reply_document['conversationId']
  payload = reply_document['payload']

  continue_token = authenticator.evaluate_challenge(payload)
  selector = CONTINUE_MESSAGE.merge(payload: continue_token, conversationId: id)
  build_message(connection, '$external', selector)
end
finalize(connection) click to toggle source

@return [ Protocol::Message ] The next query to execute.

# File lib/mongo/auth/gssapi/conversation.rb, line 93
def finalize(connection)
  selector = CONTINUE_MESSAGE.merge(payload: @continue_token, conversationId: id)
  build_message(connection, '$external', selector)
end
process_continue_response(reply_document) click to toggle source
# File lib/mongo/auth/gssapi/conversation.rb, line 86
def process_continue_response(reply_document)
  payload = reply_document['payload']

  @continue_token = authenticator.evaluate_challenge(payload)
end