Class: IpcAuthpipe::Handler::Auth

Inherits:
Base
  • Object
show all
Defined in:
lib/ipcauthpipe/handler/auth.rb

Overview

AUTH command handler performs actual authentication of user’s data. It gets authentication type and parameters from the input stream and responds with FAIL on failure or user data on success

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Base

#process

Class Method Details

.process(request) ⇒ Object

Main point of entry - accepts additional command’s parameters (in case of AUTH - number of data bytes following the command) and proceeds with processing the command



12
13
14
15
16
 
# File 'lib/ipcauthpipe/handler/auth.rb', line 12

def self.process(request)
  Log.debug "Processing request [#{request}] in AUTH handler"
  auth = Auth.new
  auth.validate auth.getdata(request.to_i)
end

Instance Method Details

#auth_method(splits) ⇒ Object

Analyzes splitted AUTH payload and converts splits into hash of :method, :username and :password for LOGIN authentication and :method, :challenge and :response for CRAM-style authentications



34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/ipcauthpipe/handler/auth.rb', line 34

def auth_method(splits)
  result = { :method => splits[1].strip.downcase }
  result.merge!(
    result[:method] == 'login' ?
      { :username => splits[2].strip.split(/\@/)[0], :password => splits[3].strip } :
      { :challenge => splits[2].strip, :response => splits[3].strip }
  )
  
  Log.debug "Converted splits into [#{result.inspect}]"
  result
end

#getdata(count) ⇒ Object

Reads the given number of bytes from the input stream and splits them up into a hash of parameters ready for further processing

Raises:

  • (ArgumentError) 


20
21
22
23
24
25
26
27
28
29
 
# File 'lib/ipcauthpipe/handler/auth.rb', line 20

def getdata(count)
  Log.debug "Reading [#{count}] bytes from input stream"
  payload = Reader::getbytes(count)
  Log.debug "AUTH payload is #{payload}"
  splits = payload.strip.split(/\s+/m)
  raise ArgumentError, 'Invalid AUTH payload' unless splits.size == 4

  Log.debug "Analyzing splits [#{splits.inspect}]"
  auth_method(splits)
end

#validate(authdata) ⇒ Object

Accepts analyzed AUTH payload hash and delegated processing onto the specific authentication method’s handler. In case of not implemented auth method raises NotImplementedError



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/ipcauthpipe/handler/auth.rb', line 49

def validate(authdata)
  Log.debug "Validating #{authdata.inspect}"
  begin
    # convert auth type name to a handler's symbol
    method_sym = ( 'validate_with_'+authdata[:method].gsub( /[- ]/, '_' ) ).to_sym
    # and raise an error if it's not implemented
    raise NotImplementedError, "Authentication type #{authdata[:method]} is not supported" unless
      self.respond_to?(method_sym)
    # or delegate processing to the handler if it's here
    Log.debug "Delegating validation to #{method_sym.to_s}"
    self.send(method_sym, authdata)

  rescue NotImplementedError
    # requested authentication type is not supported
    Log.error "Unsupported authentication type requested with #{authdata.inspect}"
    "FAIL\n"
  rescue AuthenticationFailed
    Log.info "Authentication failed for #{authdata.inspect}"
    "FAIL\n"
  end
end

#validate_with_login(authdata) ⇒ Object

LOGIN type authentication handler



72
73
74
75
76
77
 
# File 'lib/ipcauthpipe/handler/auth.rb', line 72

def (authdata)
  Log.debug "Authenticating through type LOGIN with #{authdata.inspect}"
  member = Member.find_by_name_and_password(authdata[:username], authdata[:password])
  member.create_homedir # make sure that homedir is created
  member.to_authpipe # and return the details
end