Class: KerberosAuthenticator::Krb5::Principal

Inherits:
Object
  • Object
show all
Defined in:
lib/kerberos_authenticator/krb5/principal.rb

Overview

A Kerberos principal identifying a user, service or machine.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(pointer) ⇒ Principal

Initialize a new Principal with a pointer to a pointer to a krb5_principal structure.

Parameters:

  • pointer (FFI::Pointer)


34
35
36
37
38
# File 'lib/kerberos_authenticator/krb5/principal.rb', line 34

def initialize(pointer)
  @ptr = FFI::AutoPointer.new pointer.get_pointer(0), self.class.method(:release)

  self
end

Instance Attribute Details

#ptrFFI::Pointer (readonly)

Returns the pointer to the wrapped krb5_principal struct.

Returns:

  • (FFI::Pointer)

    the pointer to the wrapped krb5_principal struct



# File 'lib/kerberos_authenticator/krb5/principal.rb', line 13

Class Method Details

.new_with_name(name) ⇒ Principal

Convert a string representation of a principal name into a new Principal.

Parameters:

  • name (String)

    a string representation of a principal name

Returns:

Raises:

  • (ArgumentError)

See Also:



23
24
25
26
27
28
29
# File 'lib/kerberos_authenticator/krb5/principal.rb', line 23

def self.new_with_name(name)
  raise ArgumentError, 'name cannot be empty' if name.empty?

  pointer = FFI::MemoryPointer.new :pointer
  Krb5.parse_name(Context.context.ptr, name, pointer)
  new(pointer)
end

.release(pointer) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Frees a Principal



74
75
76
# File 'lib/kerberos_authenticator/krb5/principal.rb', line 74

def self.release(pointer)
  Krb5.free_principal(Context.context.ptr, pointer)
end

Instance Method Details

#change_password(oldpw, new_pw) ⇒ TrueClass

A convenience function to allow a Principal to change a password by authenticating themselves.

Returns:

  • (TrueClass)

    always returns true if no error was raised

Raises:

  • (Error)

    if the attempt to change the password fails



66
67
68
69
# File 'lib/kerberos_authenticator/krb5/principal.rb', line 66

def change_password(oldpw, new_pw)
  changepw_creds = self.initial_creds_with_password(oldpw, 'kadmin/changepw')
  changepw_creds.set_password(new_pw, self)
end

#initial_creds_with_password(password, service = nil) ⇒ Creds

Calls Creds.initial_creds_for_principal_with_a_password(self, password, service)

Parameters:

  • password (String)
  • service (String) (defaults to: nil)

Returns:

See Also:



45
46
47
# File 'lib/kerberos_authenticator/krb5/principal.rb', line 45

def initial_creds_with_password(password, service = nil)
  Creds.initial_creds_for_principal_with_a_password(self, password, service)
end

#nameString

Returns a string representation of the principal’s name.

Returns:

  • (String)

    a string representation of the principal’s name

See Also:



51
52
53
54
55
56
57
58
59
60
61
# File 'lib/kerberos_authenticator/krb5/principal.rb', line 51

def name
  out_ptr = FFI::MemoryPointer.new(:pointer, 1)
  Krb5.unparse_name(Context.context.ptr, ptr, out_ptr)

  str_ptr = out_ptr.read_pointer
  copy = String.new(str_ptr.read_string).force_encoding('UTF-8')

  Krb5.free_unparsed_name(Context.context.ptr, str_ptr)

  copy
end