Class: HammerCLIForeman::Api::Oauth::AuthenticationCodeGrant

Inherits:

ApipieBindings::Authenticators::TokenAuth

• Object
• ApipieBindings::Authenticators::TokenAuth
• HammerCLIForeman::Api::Oauth::AuthenticationCodeGrant

Defined in:

lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb

Instance Attribute Summary

• #oidc_authorization_endpoint ⇒ Object

  Returns the value of attribute oidc_authorization_endpoint.

• #oidc_client_id ⇒ Object

  Returns the value of attribute oidc_client_id.

• #oidc_redirect_uri ⇒ Object

  Returns the value of attribute oidc_redirect_uri.

• #oidc_token_endpoint ⇒ Object

  Returns the value of attribute oidc_token_endpoint.

• #token ⇒ Object

  Returns the value of attribute token.

Instance Method Summary

• #authenticate(request, token) ⇒ Object
• #error(ex) ⇒ Object
• #initialize(oidc_token_endpoint, oidc_authorization_endpoint, oidc_client_id, oidc_redirect_uri) ⇒ AuthenticationCodeGrant constructor

  A new instance of AuthenticationCodeGrant.

• #set_token(input_oidc_token_endpoint, input_oidc_authorization_endpoint, input_oidc_client_id, input_oidc_redirect_uri) ⇒ Object
• #set_token_interactively ⇒ Object
• #user ⇒ Object

Constructor Details

#initialize(oidc_token_endpoint, oidc_authorization_endpoint, oidc_client_id, oidc_redirect_uri) ⇒ AuthenticationCodeGrant

Returns a new instance of AuthenticationCodeGrant.

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 11

def initialize(oidc_token_endpoint, oidc_authorization_endpoint, oidc_client_id, oidc_redirect_uri)
  @oidc_token_endpoint = oidc_token_endpoint
  @oidc_authorization_endpoint = oidc_authorization_endpoint
  @oidc_client_id = oidc_client_id
  @oidc_redirect_uri = oidc_redirect_uri
  super(nil)
end

Instance Attribute Details

#oidc_authorization_endpoint ⇒ Object

Returns the value of attribute oidc_authorization_endpoint.

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 8

def oidc_authorization_endpoint
  @oidc_authorization_endpoint
end

#oidc_client_id ⇒ Object

Returns the value of attribute oidc_client_id.

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 8

def oidc_client_id
  @oidc_client_id
end

#oidc_redirect_uri ⇒ Object

Returns the value of attribute oidc_redirect_uri.

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 8

def oidc_redirect_uri
  @oidc_redirect_uri
end

#oidc_token_endpoint ⇒ Object

Returns the value of attribute oidc_token_endpoint.

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 8

def oidc_token_endpoint
  @oidc_token_endpoint
end

#token ⇒ Object

Returns the value of attribute token.

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 8

def token
  @token
end

Instance Method Details

#authenticate(request, token) ⇒ Object

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 19

def authenticate(request, token)
  if HammerCLI.interactive?
    set_token_interactively
  else
    set_token(oidc_token_endpoint, oidc_authorization_endpoint, oidc_client_id, oidc_redirect_uri)
  end
  super
end

#error(ex) ⇒ Object

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 53

def error(ex)
  if ex.is_a?(RestClient::InternalServerError)
    @oidc_token_endpoint = @oidc_authorization_endpoint = @oidc_client_id = @oidc_client_id = nil
    original_message = _("Invalid oidc-client-id or oidc-token-endpoint or oidc-authorization-endpoint.\n")
    begin
      message = JSON.parse(ex.response.body)['error']['message']
    rescue
    end
    UnauthorizedError.new(original_message << message)
  end
end

#set_token(input_oidc_token_endpoint, input_oidc_authorization_endpoint, input_oidc_client_id, input_oidc_redirect_uri) ⇒ Object

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 32

def set_token(input_oidc_token_endpoint, input_oidc_authorization_endpoint, input_oidc_client_id, input_oidc_redirect_uri)
  @oidc_token_endpoint = input_oidc_token_endpoint if input_oidc_token_endpoint
  @oidc_authorization_endpoint = input_oidc_authorization_endpoint if input_oidc_authorization_endpoint
  @oidc_client_id = input_oidc_client_id if input_oidc_client_id
  @oidc_redirect_uri = input_oidc_redirect_uri if input_oidc_redirect_uri

  if @oidc_client_id.to_s.empty? || @oidc_authorization_endpoint.to_s.empty? || @oidc_redirect_uri.to_s.empty? || @oidc_token_endpoint.to_s.empty?
    @token = nil
  else
    @code ||= get_code
    @token = HammerCLIForeman::OpenidConnect.new(
      @oidc_token_endpoint, @oidc_client_id).get_token_via_2fa(@code, @oidc_redirect_uri)
  end
end

#set_token_interactively ⇒ Object

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 28

def set_token_interactively
  @token ||= set_token(get_oidc_token_endpoint, get_oidc_authorization_endpoint, get_oidc_client_id, get_oidc_redirect_uri)
end

#user ⇒ Object

# File 'lib/hammer_cli_foreman/api/oauth/authentication_code_grant.rb', line 47

def user
  return nil unless @token
  payload = JWT.decode(@token, nil, false)
  payload.first["preferred_username"]
end