Class: Backends::Opennebula::Authn::CloudAuth::ServerCipherAuth

Inherits:
Object
  • Object
show all
Defined in:
lib/backends/opennebula/authn/cloud_auth/server_cipher_auth.rb

Overview

Server authentication class. This method can be used by OpenNebula services to let access authenticated users by other means. It is based on OpenSSL symmetric ciphers

Constant Summary collapse

CIPHER =

Constants with paths to relevant files and defaults

'aes-256-cbc'

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(srv_user, srv_passwd) ⇒ ServerCipherAuth

Returns a new instance of ServerCipherAuth


33
34
35
36
37
38
39
40
41
42
43
44
# File 'lib/backends/opennebula/authn/cloud_auth/server_cipher_auth.rb', line 33

def initialize(srv_user, srv_passwd)
  @srv_user   = srv_user
  @srv_passwd = srv_passwd

  if !srv_passwd.blank?
      @key = ::Digest::SHA1.hexdigest(@srv_passwd)
  else
      @key = ''
  end

  @cipher = ::OpenSSL::Cipher::Cipher.new(CIPHER)
end

Class Method Details

.new_client(srv_user, srv_passwd) ⇒ Object

Creates a ServerCipher for client usage


47
48
49
# File 'lib/backends/opennebula/authn/cloud_auth/server_cipher_auth.rb', line 47

def self.new_client(srv_user, srv_passwd)
  new(srv_user, srv_passwd)
end

Instance Method Details

#login_token(expire, target_user = nil) ⇒ Object

Generates a login token in the form:

- server_user:target_user:time_expires

The token is then encrypted with the contents of one_auth


54
55
56
57
58
59
60
61
62
# File 'lib/backends/opennebula/authn/cloud_auth/server_cipher_auth.rb', line 54

def (expire, target_user = nil)
  target_user ||= @srv_user
  token_txt   =   "#{@srv_user}:#{target_user}:#{expire}"

  token   = encrypt(token_txt)
  token64 = ::Base64.encode64(token).strip.delete("\n")

  "#{@srv_user}:#{target_user}:#{token64}"
end

#passwordObject

Returns a valid password string to create a user using this auth driver


65
66
67
# File 'lib/backends/opennebula/authn/cloud_auth/server_cipher_auth.rb', line 65

def password
    @srv_passwd
end