Module: Mongo::Auth

Extended by:

Auth

Included in:

Auth

Defined in:

lib/mongo/auth.rb,
lib/mongo/auth/cr.rb,
lib/mongo/auth/aws.rb,
lib/mongo/auth/base.rb,
lib/mongo/auth/ldap.rb,
lib/mongo/auth/user.rb,
lib/mongo/auth/x509.rb,
lib/mongo/auth/roles.rb,
lib/mongo/auth/scram.rb,
lib/mongo/auth/gssapi.rb,
lib/mongo/auth/scram256.rb,
lib/mongo/auth/user/view.rb,
lib/mongo/auth/stringprep.rb,
lib/mongo/auth/aws/request.rb,
lib/mongo/auth/aws/credentials.rb,
lib/mongo/auth/cr/conversation.rb,
lib/mongo/auth/aws/conversation.rb,
lib/mongo/auth/credential_cache.rb,
lib/mongo/auth/conversation_base.rb,
lib/mongo/auth/ldap/conversation.rb,
lib/mongo/auth/stringprep/tables.rb,
lib/mongo/auth/x509/conversation.rb,
lib/mongo/auth/scram/conversation.rb,
lib/mongo/auth/gssapi/conversation.rb,
lib/mongo/auth/aws/credentials_cache.rb,
lib/mongo/auth/scram256/conversation.rb,
lib/mongo/auth/sasl_conversation_base.rb,
lib/mongo/auth/scram_conversation_base.rb,
lib/mongo/auth/stringprep/profiles/sasl.rb,
lib/mongo/auth/aws/credentials_retriever.rb

Overview

This namespace contains all authentication related behavior.

Since:

• 2.0.0

Defined Under Namespace

Modules: CredentialCache, Roles, StringPrep Classes: Aws, Base, CR, ConversationBase, Gssapi, InvalidConfiguration, InvalidMechanism, LDAP, SaslConversationBase, Scram, Scram256, ScramConversationBase, Unauthorized, User, X509

Constant Summary

EXTERNAL =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

The external database name.

Since:

• 2.0.0

'$external'.freeze

GET_NONCE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Constant for the nonce command.

Since:

• 2.0.0

{ getnonce: 1 }.freeze

NONCE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Constant for the nonce field.

Since:

• 2.0.0

'nonce'.freeze

SOURCES =

Note:

This map is not frozen because when mongo_kerberos is loaded, it mutates this map by adding the Kerberos authenticator.

Map the symbols parsed from the URI connection string to strategies.

Since:

• 2.0.0

{
  aws: Aws,
  gssapi: Gssapi,
  mongodb_cr: CR,
  mongodb_x509: X509,
  plain: LDAP,
  scram: Scram,
  scram256: Scram256,
}

Instance Method Summary

• #get(user, connection, **opts) ⇒ Auth::Aws | Auth::CR | Auth::Gssapi | Auth::LDAP | Auth::Scram | Auth::Scram256 | Auth::X509 private

  Get an authenticator for the provided user to authenticate over the provided connection.

Instance Method Details

#get(user, connection, **opts) ⇒ Auth::Aws | Auth::CR | Auth::Gssapi | Auth::LDAP | Auth::Scram | Auth::Scram256 | Auth::X509

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Get an authenticator for the provided user to authenticate over the provided connection.

Parameters:

• user (Auth::User) —

  The user to authenticate.

• connection (Mongo::Connection) —

  The connection to authenticate over.

• opts (Hash) —

  a customizable set of options

Options Hash (**opts):

• speculative_auth_client_nonce (String | nil) —

  The client nonce used in speculative auth on the specified connection that produced the specified speculative auth result.

• speculative_auth_result (BSON::Document | nil) —

  The value of speculativeAuthenticate field of hello response of the handshake on the specified connection.

Returns:

• (Auth::Aws | Auth::CR | Auth::Gssapi | Auth::LDAP | Auth::Scram | Auth::Scram256 | Auth::X509) —

  The authenticator.

Raises:

• (InvalidMechanism)

Since:

• 2.0.0

# File 'lib/mongo/auth.rb', line 97

def get(user, connection, **opts)
  mechanism = user.mechanism
  raise InvalidMechanism.new(mechanism) if !SOURCES.has_key?(mechanism)
  SOURCES[mechanism].new(user, connection, **opts)
end