Class: Strelka::AuthProvider::Basic

Inherits:

Strelka::AuthProvider

• Object
• Strelka::AuthProvider
• Strelka::AuthProvider::Basic

Extended by:

Configurability, MethodUtilities

Includes:

Constants

Defined in:

lib/strelka/authprovider/basic.rb

Overview

HTTP Basic AuthProvider class – a base class for RFC2617 Basic HTTP Authentication providers for the Streka :auth plugin.

Configuration

The configuration for this provider is read from the ‘basicauth’ section of the config, and may contain the following keys:

[realm]

the HTTP Basic realm. Defaults to the app’s application ID

[users]

a Hash of username: SHA1+Base64’ed passwords

An example:

--
auth:
  provider: basic

basicauth:
  realm: Acme Admin Console
  users:
    mgranger: "9d5lIumnMJXmVT/34QrMuyj+p0E="
    jblack: "1pAnQNSVtpL1z88QwXV4sG8NMP8="
    kmurgen: "MZj9+VhZ8C9+aJhmwp+kWBL76Vs="

Caveats

This auth provider is intended as documentation and demonstration only; you should use a more cryptographically secure strategy for real-world applications.

Constant Summary

CONFIG_DEFAULTS =

Configurability API – configuration defaults

{
	realm: nil,
	users: {},
}

Instance Attribute Summary

Attributes inherited from Strelka::AuthProvider

#app

Class Method Summary

• .configure(config = nil) ⇒ Object

  Configurability API – configure the auth provider instance.

Instance Method Summary

• #authenticate(request) ⇒ Object

  Check the authentication present in request (if any) for validity, returning the authenticating user’s name if authentication succeeds.

• #realm ⇒ Object

  The authentication realm.

• #users ⇒ Object

  The Hash of users and their SHA1+Base64’ed passwords.

Methods included from MethodUtilities

attr_predicate, attr_predicate_accessor, singleton_attr_accessor, singleton_attr_reader, singleton_attr_writer, singleton_method_alias, singleton_predicate_accessor, singleton_predicate_reader

Methods inherited from Strelka::AuthProvider

#auth_succeeded, #authorize, #initialize

Methods included from Delegation

def_class_delegators, def_ivar_delegators, def_method_delegators

Methods included from Strelka::AbstractClass

extended, included, #inherited, #pure_virtual

Methods included from ResponseHelpers

finish_with

Constructor Details

This class inherits a constructor from Strelka::AuthProvider

Class Method Details

.configure(config = nil) ⇒ Object

Configurability API – configure the auth provider instance.

# File 'lib/strelka/authprovider/basic.rb', line 67

def self::configure( config=nil )
	if config && config[:realm]
		self.log.debug "Configuring Basic authprovider: %p" % [ config ]
		self.realm = config[:realm]
		self.users = config[:users]
	else
		self.log.warn "No 'basicauth' config section; using the (empty) defaults"
		self.realm = nil
		self.users = {}
	end
end

Instance Method Details

#authenticate(request) ⇒ Object

Check the authentication present in request (if any) for validity, returning the authenticating user’s name if authentication succeeds.

# File 'lib/strelka/authprovider/basic.rb', line 91

def authenticate( request )
	authheader = request.header.authorization or
		self.log_failure "No authorization header in the request."

	# Extract the credentials bit
	base64_userpass = authheader[ /^\s*Basic\s+(\S+)$/i, 1 ] or
		self.log_failure "Invalid Basic Authorization header (%p)" % [ authheader ]

	# Unpack the username and password
	credentials = base64_userpass.unpack( 'm' ).first
	self.log_failure "Malformed credentials %p" % [ credentials ] unless
		credentials.index(':')

	# Split the credentials, check for valid user
	username, password = credentials.split( ':', 2 )
	self.check_password( username, password )

	# Success!
	self.auth_succeeded( request, username )
	return username
end

#realm ⇒ Object

The authentication realm

# File 'lib/strelka/authprovider/basic.rb', line 63

singleton_attr_accessor :realm

#users ⇒ Object

The Hash of users and their SHA1+Base64’ed passwords

# File 'lib/strelka/authprovider/basic.rb', line 59

singleton_attr_accessor :users