Module: ElsToken::ClassMethods

Defined in:

lib/els_token.rb

Instance Method Summary

• #authenticate(username, password, options = {}) ⇒ Object

  authenticates against ELS and returns the user token.

• #els_config(options = {}) ⇒ Object

  els_config expects a hash with environmental parameters including the els gateway and expected cookie name (when used in a Rack environment) An optional fake identity can be supplied which will override any active authentication.

• #els_cookie_name(cookie_name = nil) ⇒ Object
• #els_faker(faker = {}) ⇒ Object
• #els_options ⇒ Object
• #els_uri(uri = nil) ⇒ Object
• #get_identity(token, options = {}) ⇒ Object

  When used inside a rack environment will attempt to retrieve the user token from the session cookie and return a full identity.

• #get_raw_token_identity(token, options = {}) ⇒ Object

  get_token_identity wraps the ELS identity response in a nice, friendly, object.

• #get_token_identity(token, options = {}) ⇒ Object

  obtain a friendly ElsIdentity object by passing in a token.

• #is_token_valid?(token, options = {}) ⇒ Boolean

  passes a token to els to see if it is still valid.

Instance Method Details

#authenticate(username, password, options = {}) ⇒ Object

authenticates against ELS and returns the user token

# File 'lib/els_token.rb', line 73

def authenticate(username,password,options={})
  begin
    response = els_http_request("/authenticate",
      {"uri"=>"realm=aolcorporate","username"=>"#{username}","password"=>"#{password}"},
      options)
    if response.code.eql? "200"
      # return the token
      response.body.chomp.sub(/token\.id=/,"")
    else
      raise response.error! 
    end
  rescue Net::HTTPExceptions => e1
    raise e1, "token retrieval failed for #{username}"
  rescue Exception => e
    # Do not expect these. Wrapping the exception so
    # as to not reveal the passed in password
    puts e.backtrace
    raise e, "unable to fetch token for #{username}"
  end
end

#els_config(options = {}) ⇒ Object

els_config expects a hash with environmental parameters including the els gateway and expected cookie name (when used in a Rack environment) An optional fake identity can be supplied which will override any active authentication. This can be especially useful during automated testing. The fake ID can take any of the ElsIdentity properties

A typical setup would initialize a options hash to include the following

faker:
  name: neilcuk
  employee_number: 09095
  roles:
    - App Admins
    - Domain Users
uri: https://els-admin.corp.aol.com:443/opensso/identity
cookie: iPlanetDirectoryPro
cert: /path/to/certs

Do not include the faker object in your production configuration :)

only the uri option is required if you are not worried about cookies and do not plan on using them. If you want to include a certificate for interacting with the ELS server then you can specify a file or directory to find the cert. By default Certificate validiation is off!

# File 'lib/els_token.rb', line 47

def els_config(options = {})
  unless options["uri"]
    raise "I need a uri to authenticate against" unless options["faker"]
  end
  els_options.merge!(options)
end

#els_cookie_name(cookie_name = nil) ⇒ Object

# File 'lib/els_token.rb', line 59

def els_cookie_name(cookie_name = nil)
  return els_options["cookie"] unless cookie_name
  els_options["cookie_name"] = uri
end

#els_faker(faker = {}) ⇒ Object

# File 'lib/els_token.rb', line 64

def els_faker(faker = {})
  els_options["faker"] = faker
end

#els_options ⇒ Object

# File 'lib/els_token.rb', line 68

def els_options
  @els_options
end

#els_uri(uri = nil) ⇒ Object

# File 'lib/els_token.rb', line 54

def els_uri(uri = nil)
  return els_options["uri"] unless uri
  els_options["uri"] = uri
end

#get_identity(token, options = {}) ⇒ Object

When used inside a rack environment will attempt to retrieve the user token from the session cookie and return a full identity. This is pretty much a convenience method that chains is_cookie_token_valid? then get_token_identity

# File 'lib/els_token.rb', line 129

def get_identity(token, options ={})
  options = els_options.dup.merge(options)
  return fake_id(options) if options.has_key?('faker')
  begin
    if is_token_valid?(token, options)
      get_token_identity(token, options)
    else
      raise "token is invalid"
    end
  rescue Exception => e
    raise e
  end
end

#get_raw_token_identity(token, options = {}) ⇒ Object

get_token_identity wraps the ELS identity response in a nice, friendly, object. If you don’t like that object or need the raw data, then use this.

# File 'lib/els_token.rb', line 114

def get_raw_token_identity(token,options={})
  response = els_http_request("/attributes",{"subjectid"=>"#{token}"},options)
  if response.code.eql? "200"
    response.body
  else
    response.error!
  end
end

#get_token_identity(token, options = {}) ⇒ Object

obtain a friendly ElsIdentity object by passing in a token

# File 'lib/els_token.rb', line 107

def get_token_identity(token,options={})
  ElsIdentity.new(get_raw_token_identity(token,options))
end

#is_token_valid?(token, options = {}) ⇒ Boolean

passes a token to els to see if it is still valid

Returns:

• (Boolean)

# File 'lib/els_token.rb', line 95

def is_token_valid?(token, options={})
  response = els_http_request("/isTokenValid",{"tokenid"=>"#{token}"},options)
  if (response.code.eql? "200") && (response.body.chomp.eql? "boolean=true")
    true
  else
    false
  end
end