Class: TokenService::TokenService

Inherits:

BasicService

• Object
• Handsoap::Service
• BasicService
• TokenService::TokenService

Defined in:

lib/token_service/token_service.rb

Overview

TokenService client to perform authentication against the security token service. Authentication is performed in two steps:

1. Call login to gather an intermediate token

2. Call getTokens to gather one or more security token(s).

3. Call any service method passing the security token(s) along the soap header.

The security token service is an implementation of the OASIS WSS specification. See also: www.oasis-open.org/committees/wss/.

Be aware that all security information is provided in the soap header not in the soap body. This is why a wss enabled service does not provide a separate method parameter to pass the security tokens. As mentioned before security is passed in the soap header, instead.

Constant Summary

@@TOKEN_SERVICE_ENDPOINT =

{
        :uri => 'https://sts.idm.telekom.com/TokenService',
        :version => 1
}

@@PERFORM_LOCAL_TOKEN_CHECKS =

This is disabled per default because client time and server time need to be in sync to use this function. Otherwise local token verification might fail even on valid tokens. This would imply an unnecessary call to the token service.

false

Instance Method Summary

• #get_security_token ⇒ Object

  Check whether there is a security token.

• #login ⇒ Object

  Call the the security token service to gather an intermediate token.

Methods inherited from BasicService

#initialize

Constructor Details

This class inherits a constructor from BasicService

Instance Method Details

#get_security_token ⇒ Object

Check whether there is a security token. Authenticate if not. Reauthenticates if the security token has expired.

Returns

Security token as plain text/xml.

# File 'lib/token_service/token_service.rb', line 66

def get_security_token

  # Reauthenticates if the security token has expired.
  if @security_token.nil? then
    authenticate
  end

  # Look at the validity dates of the token and locally check whether the token is still valid.
  if @@PERFORM_LOCAL_TOKEN_CHECKS && SecurityTokenValidator.token_invalid?(@security_token) then
    authenticate
  end

  return @security_token
end

#login ⇒ Object

Call the the security token service to gather an intermediate token.

# File 'lib/token_service/token_service.rb', line 47

def login
  response = invoke("login") do |message|
    doc = message.document

    # Build the login header
    build_login_header(doc)
  end

  intermediate_token = get_token_data_from_response(response)

  return intermediate_token
end