Roda::RodaPlugins::

Auth module

Extended With

Loggability

Zero-opinion Authentication plugin for Roda

Refs: - roda.jeremyevans.net/rdoc/files/README_rdoc.html#label-Plugins - www.rfc-editor.org/rfc/rfc9110.html

Constants

AUTHORIZATION_CREDENTIALS: Pattern for matching an Authorization HTTP header auth-scheme [ 1*SP ( token68 / [ auth-param *( OWS “,” OWS auth-param ) ] ) ]
AUTH_PARAM: Pattern for matching auth-param header parts auth-param = token BWS “=” BWS ( token / quoted-string )
DEFAULT_OPTIONS: Defaults for global authentication
OPTIONS_KEY: The key of the app options auth config is stored in
OWS
QDTEXT: qdtext = HTAB / SP / %x21 / %x23-5B / %x5D-7E / obs-text
QUOTED_PAIR: quoted-pair = “" ( HTAB / SP / VCHAR / obs-text )
QUOTED_STRING: quoted-string = DQUOTE *( qdtext / quoted-pair ) DQUOTE
TOKEN: Pattern for matching token character sequences
TOKEN68: Pattern for matching token68 character sequences 1( ALPHA / DIGIT / “-” / “.” / “_” / “~” / “+” / “/” ) “=”
WS: Pattern for matching whitespace of various kinds

Public Class Methods

configure( app, **options, &config_block )

Declare global authentication defaults

    # File lib/roda/plugins/auth.rb
 94 def self::configure( app, **options, &config_block )
 95     options = DEFAULT_OPTIONS.merge( app.opts[:auth] || {}, options )
 96     app.opts[ OPTIONS_KEY ] = options
 97 
 98     app.instance_eval( &config_block ) if config_block
 99 
100     app.opts[ OPTIONS_KEY ].freeze
101 end

load_dependencies( app )

Roda Plugin API – preload plugins this one depends on.

   # File lib/roda/plugins/auth.rb
87 def self::load_dependencies( app )
88     app.plugin( :halt )
89     app.plugin( :request_headers )
90 end

make_authenticate_header( **options )

Return content for the WWW-Authenticate header given the authentication config options.

    # File lib/roda/plugins/auth.rb
372 def self::make_authenticate_header( **options )
373     self.log.info "Making a WWW-Authenticate header for auth options: %p" % [ options ]
374     available_schemes = options[:schemes] or return nil
375     return nil if available_schemes.empty?
376 
377     # challenge   = auth-scheme [ 1*SP ( token68 / #auth-param ) ]
378     challenges = available_schemes.map do |scheme, handler|
379         case handler
380         when Hash
381             %Q{%s realm="%s"%s} % [
382                 scheme.to_s.capitalize,
383                 options[:realm],
384                 handler.map {|key, val| %{ %s="%s"} % [ key, val ] }.join( ',' )
385             ]
386         when Module
387             handler.respond_to?( :authenticate_header ) ?
388                 handler.authenticate_header( **options ) :
389                 nil
390         else
391             nil
392         end
393     end.compact
394 
395     return nil if challenges.empty?
396     return challenges.join( ', ' )
397 end