Class: Identikey::Authentication

Inherits:

Base

Object
Base
Identikey::Authentication

show all

Defined in:: lib/identikey/authentication.rb

Constant Summary

Constants inherited from Base

Base::DEFAULTS

Class Method Summary collapse

.otp_validated_ok?(status, result) ⇒ Boolean

Given an authentication status and result message, returns true if that defines a successful OTP validation or not.
.valid_otp?(user, domain, otp, client = nil) ⇒ Boolean
.validate!(user, domain, otp, client = nil) ⇒ Object

Instance Method Summary collapse

#auth_user(user, domain, otp, client = nil) ⇒ Object

Methods inherited from Base

client, configure, default_user_agent_header, #endpoint, identikey_filter_proc_for, process_identikey_filters, #wsdl

Class Method Details

.otp_validated_ok?(status, result) ⇒ `Boolean`

Given an authentication status and result message, returns true if that defines a successful OTP validation or not.

For all cases, except where the OTP is “push”, Identikey returns a status that is != than ‘STAT_SUCCESS`. But when the OTP is “push”, then Identikey returns a `STAT_SUCCESS` with a “password is wrong” message in the `CREDFLD_STATUS_MESSAGE`.

This method checks for both cases.. Success means a ‘STAT_SUCCESS` and nothing in the `CREDFLD_STATUS_MESSAGE`.

Returns:

(Boolean)



54
55
56

# File 'lib/identikey/authentication.rb', line 54

def self.otp_validated_ok?(status, result)
  status == 'STAT_SUCCESS' && !result.key?('CREDFLD_STATUS_MESSAGE')
end

.valid_otp?(user, domain, otp, client = nil) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/identikey/authentication.rb', line 27

def self.valid_otp?(user, domain, otp, client = nil)
  status, result, _ = new.auth_user(user, domain, otp, client)
  return otp_validated_ok?(status, result)
end

.validate!(user, domain, otp, client = nil) ⇒ `Object`

# File 'lib/identikey/authentication.rb', line 32

def self.validate!(user, domain, otp, client = nil)
  status, result, error_stack = new.auth_user(user, domain, otp, client)

  if otp_validated_ok?(status, result)
    return true
  else
    error_message = result ? result['CREDFLD_STATUS_MESSAGE'] : 'no status returned'
    raise Identikey::OperationFailed.new("OTP Validation error (#{status}): #{error_message}", error_stack)
  end
end

Instance Method Details

#auth_user(user, domain, otp, client = nil) ⇒ `Object`

# File 'lib/identikey/authentication.rb', line 9

def auth_user(user, domain, otp, client = nil)
  client ||= 'Administration Program'

  resp = super(message: {
    credentialAttributeSet: {
      attributes: typed_attributes_list_from(
        CREDFLD_COMPONENT_TYPE: client,
        CREDFLD_USERID: user,
        CREDFLD_DOMAIN: domain,
        CREDFLD_PASSWORD_FORMAT: Unsigned(0),
        CREDFLD_PASSWORD: otp
      )
    }
  })

  parse_response resp, :auth_user_response
end