Class: Net::IMAP::SASL::OAuthBearerAuthenticator

Inherits:

OAuthAuthenticator

• Object
• OAuthAuthenticator
• Net::IMAP::SASL::OAuthBearerAuthenticator

Defined in:

lib/net/imap/sasl/oauthbearer_authenticator.rb

Overview

Authenticator for the “OAUTHBEARER” SASL mechanism, specified in RFC7628. Authenticates using OAuth 2.0 bearer tokens, as described in RFC6750. Use via Net::IMAP#authenticate.

RFC6750 requires Transport Layer Security (TLS) to secure the protocol interaction between the client and the resource server. TLS MUST be used for OAUTHBEARER to protect the bearer token.

Constant Summary

Constants included from GS2Header

GS2Header::NO_NULL_CHARS, GS2Header::RFC5801_SASLNAME

Instance Attribute Summary

• #oauth2_token ⇒ Object readonly

  An OAuth2 bearer token, generally the access token.

Attributes inherited from OAuthAuthenticator

#authzid, #host, #last_server_response, #mthd, #path, #port, #post, #qs

Instance Method Summary

• #authorization ⇒ Object

  Value of the HTTP Authorization header.

• #initial_response? ⇒ Boolean

  :call-seq: initial_response? -> true.

• #initialize(oauth2_token_arg = nil, oauth2_token: nil, **args, &blk) ⇒ OAuthBearerAuthenticator constructor

  :call-seq: new(oauth2_token, **options) -> authenticator new(oauth2_token:, **options) -> authenticator.

Methods inherited from OAuthAuthenticator

#done?, #initial_client_response, #process

Methods included from GS2Header

#gs2_authzid, #gs2_cb_flag, #gs2_header, gs2_saslname_encode

Constructor Details

#initialize(oauth2_token_arg = nil, oauth2_token: nil, **args, &blk) ⇒ OAuthBearerAuthenticator

:call-seq:

new(oauth2_token,  **options) -> authenticator
new(oauth2_token:, **options) -> authenticator

Creates an Authenticator for the “OAUTHBEARER” SASL mechanism.

Called by Net::IMAP#authenticate and similar methods on other clients.

Options

Only oauth2_token is required by the mechanism, however protocols and servers may add requirements for #authzid, #host, #port, or any other parameter.

• #oauth2_token — An OAuth2 bearer token or access token. Required. May be provided as either regular or keyword argument.

• #authzid ― Identity to act as or on behalf of.

• #host — Hostname to which the client connected.

• #port — Service port to which the client connected.

• See OAuthAuthenticator documentation for less common parameters.

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 143

def initialize(oauth2_token_arg = nil, oauth2_token: nil, **args, &blk)
  super(**args, &blk) # handles authzid, host, port, etc
  oauth2_token && oauth2_token_arg and
    raise ArgumentError, "conflicting values for oauth2_token"
  @oauth2_token = oauth2_token || oauth2_token_arg or
    raise ArgumentError, "missing oauth2_token"
end

Instance Attribute Details

#oauth2_token ⇒ Object (readonly)

An OAuth2 bearer token, generally the access token.

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 120

def oauth2_token
  @oauth2_token
end

Instance Method Details

#authorization ⇒ Object

Value of the HTTP Authorization header

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 158

def authorization; "Bearer #{oauth2_token}" end

#initial_response? ⇒ Boolean

:call-seq:

initial_response? -> true

OAUTHBEARER sends an initial client response.

Returns:

• (Boolean)

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 155

def initial_response?; true end