Class: Neo4j::Server::CypherAuthentication
- Inherits:
-
Object
- Object
- Neo4j::Server::CypherAuthentication
- Defined in:
- lib/neo4j-server/cypher_authentication.rb
Overview
Neo4j 2.2 has an authentication layer. This class provides methods for interacting with it.
Defined Under Namespace
Classes: InvalidPasswordError, MissingCredentialsError, PasswordChangeRequiredError
Instance Attribute Summary collapse
-
#connection ⇒ Object
readonly
Returns the value of attribute connection.
-
#params ⇒ Object
readonly
Returns the value of attribute params.
-
#token ⇒ Object
readonly
Returns the value of attribute token.
-
#url ⇒ Object
readonly
Returns the value of attribute url.
Instance Method Summary collapse
-
#add_auth_headers(token) ⇒ Object
Stores an authentication token in the properly-formatted header.
-
#authenticate ⇒ String
Uses the given username and password to obtain a token, then adds the token to the connection’s parameters.
-
#basic_auth(username, password) ⇒ Object
Set the username and password used to communicate with the server.
-
#change_password(old_password, new_password) ⇒ Hash
POSTs to the password change endpoint of the API.
-
#initialize(url_string, session_connection = new_connection, params_hash = {}) ⇒ CypherAuthentication
constructor
same object used by the server for data, or a new one created specifically for auth tasks.
-
#invalidate_token(current_password) ⇒ Object
Invalidates tokens as described at neo4j.com/docs/snapshot/rest-api-security.html#rest-api-invalidating-the-authorization-token.
-
#obtain_token ⇒ String
Requests a token from the authentication endpoint using the given username and password.
-
#reauthenticate(password) ⇒ Object
Invalidates the existing token, which will invalidate all conncetions using this token, applies for a new token, adds this into the connection headers.
Constructor Details
#initialize(url_string, session_connection = new_connection, params_hash = {}) ⇒ CypherAuthentication
same object used by the server for data, or a new one created specifically for auth tasks.
14 15 16 17 18 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 14 def initialize(url_string, session_connection = new_connection, params_hash = {}) @url = url_string @connection = session_connection @params = params_hash end |
Instance Attribute Details
#connection ⇒ Object (readonly)
Returns the value of attribute connection.
8 9 10 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 8 def connection @connection end |
#params ⇒ Object (readonly)
Returns the value of attribute params.
8 9 10 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 8 def params @params end |
#token ⇒ Object (readonly)
Returns the value of attribute token.
8 9 10 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 8 def token @token end |
#url ⇒ Object (readonly)
Returns the value of attribute url.
8 9 10 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 8 def url @url end |
Instance Method Details
#add_auth_headers(token) ⇒ Object
Stores an authentication token in the properly-formatted header.
76 77 78 79 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 76 def add_auth_headers(token) @token = token connection.headers['Authorization'] = "Basic realm=\"Neo4j\" #{token_hash(token)}" end |
#authenticate ⇒ String
Uses the given username and password to obtain a token, then adds the token to the connection’s parameters.
37 38 39 40 41 42 43 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 37 def authenticate auth_response = connection.get("#{url}/authentication") return nil if auth_response.body.empty? auth_body = JSON.parse(auth_response.body) token = auth_body['errors'][0]['code'] == 'Neo.ClientError.Security.AuthorizationFailed' ? obtain_token : nil add_auth_headers(token) unless token.nil? end |
#basic_auth(username, password) ⇒ Object
Set the username and password used to communicate with the server.
21 22 23 24 25 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 21 def basic_auth(username, password) params[:basic_auth] ||= {} params[:basic_auth][:username] = username params[:basic_auth][:password] = password end |
#change_password(old_password, new_password) ⇒ Hash
POSTs to the password change endpoint of the API. Does not invalidate tokens.
31 32 33 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 31 def change_password(old_password, new_password) connection.post("#{url}/user/neo4j/password", { 'password' => old_password, 'new_password' => new_password }).body end |
#invalidate_token(current_password) ⇒ Object
Invalidates tokens as described at neo4j.com/docs/snapshot/rest-api-security.html#rest-api-invalidating-the-authorization-token
70 71 72 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 70 def invalidate_token(current_password) connection.post("#{url}/user/neo4j/authorization_token", { 'password' => current_password }).body end |
#obtain_token ⇒ String
Requests a token from the authentication endpoint using the given username and password.
55 56 57 58 59 60 61 62 63 64 65 66 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 55 def obtain_token begin user = params[:basic_auth][:username] pass = params[:basic_auth][:password] rescue NoMethodError raise MissingCredentialsError, 'Neo4j authentication is enabled, username/password are required but missing' end auth_response = connection.post("#{url}/authentication", { 'username' => user, 'password' => pass }) raise PasswordChangeRequiredError, "Server requires a password change, please visit #{url}" if auth_response.body['password_change_required'] raise InvalidPasswordError, "Neo4j server responded with: #{auth_response.body['errors'][0]['message']}" if auth_response.status.to_i == 422 auth_response.body['authorization_token'] end |
#reauthenticate(password) ⇒ Object
Invalidates the existing token, which will invalidate all conncetions using this token, applies for a new token, adds this into the connection headers.
48 49 50 51 |
# File 'lib/neo4j-server/cypher_authentication.rb', line 48 def reauthenticate(password) invalidate_token(password) add_auth_headers(obtain_token) end |