class Strelka::AuthProvider

This is the abstract base class for authentication and/or authorization providers for the :auth plugin.

To define your own authentication provider, you'll need to inherit this class (either directly or via a subclass), name it Strelka::AuthProvider::{Something}, save it in a file named strelka/authprovider/{something}.rb, and override the required methods.

Which methods you'll need to provide implementations for depends on whether your provider provides authentication, authorization, or both.

Authentication Providers

Authentication providers should override either one or both of the following methods, depending on whether they will provide authentication, authorization, or both:

Attributes

app[R]

The Strelka::App that the AuthProvider belongs to.

Public Class Methods

new( app ) click to toggle source

Create a new AuthProvider for the given app.

# File lib/strelka/authprovider.rb, line 52
def initialize( app )
        @app = app
end

Public Instance Methods

auth_succeeded( request, credentials ) click to toggle source

Callback for auth success; the auth provider should use this to add cookies, headers, or whatever to the request or response when the client becomes authenticated. This is a no-op by default.

# File lib/strelka/authprovider.rb, line 77
def auth_succeeded( request, credentials )
        self.log.info "Authentication for %p succeeded." % [ credentials ]
        # No-op by default
end
authenticate( request ) click to toggle source

You should override this method if you want to authenticate the request. It should return a credentials object if authentication is successful, or a false value if it fails.

# File lib/strelka/authprovider.rb, line 68
def authenticate( request )
        self.log.debug "No authentication provided, returning anonymous credentials."
        return 'anonymous'
end
authorize( credentials, request, perms ) click to toggle source

You should override this method if you want to provide authorization in your provider. The credentials will be the same object as the one returned by authenticate, the request is the current Strelka::HTTPRequest, and perms is the Array of Symbols the represents the permissions that apply to the request as specified by the application's require_perms_for and no_perms_for declarations, as an Array of Symbols.

The default behavior is to throw an 403 FORBIDDEN response if any perms were required.

# File lib/strelka/authprovider.rb, line 92
def authorize( credentials, request, perms )
        return true if perms.empty?
        self.require_authorization
end

Protected Instance Methods

require_authentication( challenge ) click to toggle source

Throw a 401 (Unauthorized) response with the specified challenge as the www-Authenticate header.

# File lib/strelka/authprovider.rb, line 104
def require_authentication( challenge )
        finish_with( HTTP::AUTH_REQUIRED, "Requires authentication.", www_authenticate: challenge )
end
require_authorization( message="You are not authorized to access this resource." ) click to toggle source

Throw a 403 (Forbidden) response with the specified message.

# File lib/strelka/authprovider.rb, line 110
def require_authorization( message="You are not authorized to access this resource." )
        finish_with( HTTP::FORBIDDEN, message )
end