class ETokenAuth
Constants
- AUTHN_PAIR_DELIMITERS
- TOKEN_REGEX
Public Class Methods
# File lib/e-core/instance/setup/auth.rb, line 153 def initialize controller_instance @controller_instance = controller_instance end
Public Instance Methods
Sets a WWW-Authenticate and halt to let the client know a token is required.
@param [String] realm - realm to use in the header
# File lib/e-core/instance/setup/auth.rb, line 176 def request_token_auth(realm) @controller_instance.response[EConstants::HEADER__AUTHENTICATE] = \ EUtils.encode_token_auth_credentials(realm: realm.delete('"')) @controller_instance.halt(EConstants::STATUS__PROTECTED, "HTTP Token: Access denied.\n") end
If token Authorization header is present, call the given proc with the present token and options.
@param [Proc] proc
Proc to call if a token is present. The Proc should take two arguments: validate_token_auth { |token, options| ... }
@return the return value of ‘proc` if a token is found @return `nil` if no token found
# File lib/e-core/instance/setup/auth.rb, line 167 def validate_token_auth &proc token, options = token_and_options token && token.size > 0 && proc.call(token, options) end
Private Instance Methods
Takes raw_params
and turns it into an array of parameters
# File lib/e-core/instance/setup/auth.rb, line 208 def params_array_from(raw_params) raw_params.map { |param| param.split %r/=(.+)?/ } end
This method takes an authorization body and splits up the key-value pairs by the standardized ‘:`, `;`, or `t` delimiters defined in `AUTHN_PAIR_DELIMITERS`.
# File lib/e-core/instance/setup/auth.rb, line 220 def raw_params(auth) auth.sub(TOKEN_REGEX, '').split(/"\s*#{AUTHN_PAIR_DELIMITERS}\s*/) end
This removes the ‘“` characters wrapping the value.
# File lib/e-core/instance/setup/auth.rb, line 213 def rewrite_param_values(array_params) array_params.each { |param| param.last.gsub! %r/^"|"$/, '' } end
Parses the token and options out of the token authorization header. If the header looks like this:
Authorization: Token token="abc", nonce="def"
Then the returned token is “abc”, and the options is {nonce: “def”}
@param [ERequest] request - ERequest
instance with the current env
@return an Array of [String, Hash] if a token is present @return nil if no token found
# File lib/e-core/instance/setup/auth.rb, line 192 def token_and_options return unless authorization_key = EConstants::ENV__AUTHORIZATION_KEYS.find do |key| @controller_instance.env.has_key?(key) end authorization_request = @controller_instance.env[authorization_key].to_s if authorization_request[TOKEN_REGEX] params = token_params_from(authorization_request) [params.shift.last, EUtils.indifferent_params(Hash[params])] end end
# File lib/e-core/instance/setup/auth.rb, line 203 def token_params_from(auth) rewrite_param_values params_array_from(raw_params(auth)) end