class CFoundry::UAAClient

Attributes

client_id[RW]
client_secret[RW]
target[RW]
token[RW]
trace[RW]

Public Class Methods

new(target, client_id = "cf", options = {}) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 8
def initialize(target, client_id = "cf", options = {})
  @target = target
  @client_id = client_id
  @client_secret = options[:client_secret]
  @uaa_info_client = uaa_info_client_for(target)
end

Public Instance Methods

add_user(email, password, options = {}) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 62
def add_user(email, password, options = {})
  wrap_uaa_errors do
    scim.add(
      :user,
      {:userName => email,
        :emails => [{:value => email}],
        :password => password,
        :name => {:givenName => options[:givenName] || email,
                  :familyName => options[:familyName] || email}
      }
    )
  end
end
authorize(credentials) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 21
def authorize(credentials)
  wrap_uaa_errors do
    authenticate_with_password_grant(credentials) ||
      authenticate_with_implicit_grant(credentials)
  end
end
change_password(guid, new, old) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 40
def change_password(guid, new, old)
  wrap_uaa_errors do
    scim.change_password(guid, new, old)
  end
end
delete_user(guid) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 76
def delete_user(guid)
  wrap_uaa_errors do
    scim.delete(:user, guid)
  end
end
password_score(password) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 46
def password_score(password)
  wrap_uaa_errors do
    response = uaa_info_client_for(uaa_url).password_strength(password)

    required_score = response[:requiredScore] || 0
    case (response[:score] || 0)
      when 10 then
        :strong
      when required_score..9 then
        :good
      else
        :weak
    end
  end
end
prompts() click to toggle source
# File lib/cfoundry/uaaclient.rb, line 15
def prompts
  wrap_uaa_errors do
    @uaa_info_client.server[:prompts]
  end
end
try_to_refresh_token!() click to toggle source
# File lib/cfoundry/uaaclient.rb, line 82
def try_to_refresh_token!
  wrap_uaa_errors do
    begin
      token_info = token_issuer.refresh_token_grant(token.refresh_token)
      self.token = AuthToken.from_uaa_token_info(token_info)
    rescue CF::UAA::TargetError
      self.token
    end
  end
end
user(guid) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 28
def user(guid)
  wrap_uaa_errors do
    scim.get(:user, guid)
  end
end
users() click to toggle source
# File lib/cfoundry/uaaclient.rb, line 34
def users
  wrap_uaa_errors do
    scim.query(:user)
  end
end

Private Instance Methods

authenticate_with_implicit_grant(credentials) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 130
def authenticate_with_implicit_grant(credentials)
  begin
    token_issuer.implicit_grant_with_creds(credentials)
  rescue CF::UAA::BadResponse => e
    status_code = e.message[/\d+/] || 400
    raise CFoundry::Denied.new("Authorization failed", status_code)
  end
end
authenticate_with_password_grant(credentials) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 116
def authenticate_with_password_grant(credentials)
  begin
    # Currently owner_password_grant method does not allow
    # non-password based authenticate; so we have cheat a little bit.
    token_issuer.send(:request_token,
      {:grant_type => "password", :scope => nil}.merge(credentials))
  rescue CF::UAA::BadResponse => e
    status_code = e.message[/\d+/] || 400
    raise CFoundry::Denied.new("Authorization failed", status_code)
  rescue CF::UAA::TargetError
    false
  end
end
scim() click to toggle source
# File lib/cfoundry/uaaclient.rb, line 105
def scim
  auth_header = token && token.auth_header
  scim = CF::UAA::Scim.new(uaa_url, auth_header, :symbolize_keys => true)
  scim.logger.level = @trace ? Logger::Severity::TRACE : 1
  scim
end
token_issuer() click to toggle source
# File lib/cfoundry/uaaclient.rb, line 99
def token_issuer
  @token_issuer ||= CF::UAA::TokenIssuer.new(target, client_id, client_secret, :symbolize_keys => true)
  @token_issuer.logger.level = @trace ? Logger::Severity::TRACE : 1
  @token_issuer
end
uaa_info_client_for(url) click to toggle source
# File lib/cfoundry/uaaclient.rb, line 95
def uaa_info_client_for(url)
  CF::UAA::Info.new(url, :symbolize_keys => true)
end
uaa_url() click to toggle source
# File lib/cfoundry/uaaclient.rb, line 112
def uaa_url
  @uaa_url ||= @uaa_info_client.discover_uaa
end
wrap_uaa_errors() { || ... } click to toggle source
# File lib/cfoundry/uaaclient.rb, line 139
def wrap_uaa_errors
  yield
rescue CF::UAA::BadResponse
  raise CFoundry::BadResponse
rescue CF::UAA::NotFound
  raise CFoundry::NotFound
rescue CF::UAA::InvalidToken
  raise CFoundry::Denied
rescue CF::UAA::TargetError => e
  raise CFoundry::UAAError.new(e.info[:error_description], e.info[:error])
end