nucleus 0.2.0 → 0.3.1

data/lib/nucleus/core/adapter_extensions/auth/auth_client.rb

@@ -1,44 +1,44 @@
-module Nucleus
-  module Adapters
-    class AuthClient
-      attr_reader :verify_ssl
-
-      # Create a new instance of an {AuthClient}.
-      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
-      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
-      def initialize(check_certificates = true)
-        @verify_ssl = check_certificates
-      end
-
-      # Perform authentication with the given username and password at the desired endpoint.
-      # @param[String] username username to use for authentication
-      # @param[String] password password to the username, which is to be used for authentication
-      # @raise[Nucleus::Errors::EndpointAuthenticationError] if authentication failed
-      # @raise[Nucleus::Errors::UnknownAdapterCallError] if the generic AuthClient did expect the endpoint
-      # to behave differently, usually indicates implementation issues
-      # @return[Nucleus::Adapters::AuthClient] current AuthClient instance
-      def authenticate(username, password)
-        fail Errors::EndpointAuthenticationError, 'Authentication client does not support authentication'
-      end
-
-      # Get the authentication header for the current AuthClient instance that must be used to execute requests
-      # against the endpoint.<br>
-      # If the authentication is known to be expired, a refresh will be made first.
-      # @raise[Nucleus::Errors::EndpointAuthenticationError] if the refresh failed
-      # @return[Hash<String, String>] authentication header that enables requests against the endpoint
-      def auth_header
-        fail Errors::EndpointAuthenticationError,
-             'Authentication client does not support to create the authentication header'
-      end
-
-      # Refresh a rejected authentication and generate a new authentication header.<br>
-      # Should be called if the authentication is known to be expired, or when a request is rejected with an
-      # authentication header that used to be accepted.
-      # @raise [Nucleus::Errors::EndpointAuthenticationError] if token refresh failed or authentication never succeeded
-      # @return [Nucleus::Adapters::AuthClient] current AuthClient instance
-      def refresh
-        fail Errors::EndpointAuthenticationError, 'Authentication client does not support refresh'
-      end
-    end
-  end
-end
+module Nucleus
+  module Adapters
+    class AuthClient
+      attr_reader :verify_ssl
+
+      # Create a new instance of an {AuthClient}.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      def initialize(check_certificates = true)
+        @verify_ssl = check_certificates
+      end
+
+      # Perform authentication with the given username and password at the desired endpoint.
+      # @param[String] username username to use for authentication
+      # @param[String] password password to the username, which is to be used for authentication
+      # @raise[Nucleus::Errors::EndpointAuthenticationError] if authentication failed
+      # @raise[Nucleus::Errors::UnknownAdapterCallError] if the generic AuthClient did expect the endpoint
+      # to behave differently, usually indicates implementation issues
+      # @return[Nucleus::Adapters::AuthClient] current AuthClient instance
+      def authenticate(username, password)
+        raise Errors::EndpointAuthenticationError, 'Authentication client does not support authentication'
+      end
+
+      # Get the authentication header for the current AuthClient instance that must be used to execute requests
+      # against the endpoint.<br>
+      # If the authentication is known to be expired, a refresh will be made first.
+      # @raise[Nucleus::Errors::EndpointAuthenticationError] if the refresh failed
+      # @return[Hash<String, String>] authentication header that enables requests against the endpoint
+      def auth_header
+        raise Errors::EndpointAuthenticationError,
+              'Authentication client does not support to create the authentication header'
+      end
+
+      # Refresh a rejected authentication and generate a new authentication header.<br>
+      # Should be called if the authentication is known to be expired, or when a request is rejected with an
+      # authentication header that used to be accepted.
+      # @raise [Nucleus::Errors::EndpointAuthenticationError] if token refresh failed or authentication never succeeded
+      # @return [Nucleus::Adapters::AuthClient] current AuthClient instance
+      def refresh
+        raise Errors::EndpointAuthenticationError, 'Authentication client does not support refresh'
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/expiring_token_auth_client.rb

@@ -1,53 +1,53 @@
-module Nucleus
-  module Adapters
-    class ExpiringTokenAuthClient < TokenAuthClient
-      # Create a new instance of an {ExpiringTokenAuthClient}. An expiring token knows when it starts to be invalid,
-      # saving requests to the endpoint that would fail anyways.
-      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
-      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
-      # @yield [verify_ssl, username, password] Auth credentials token parser block,
-      # must provide the API token and its expiration date, usually retrieved from an HTTP call to the endpoint.
-      # @yieldparam [Boolean] verify_ssl true if SSL certificates are to be validated,
-      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
-      # @yieldparam [String] username username to be used to retrieve the API token
-      # @yieldparam [String] password password to be used to retrieve the API token
-      # @yieldreturn [Array<String>] Array with 2 contents:
-      # [0] = API token to be used for authenticated API requests,
-      # nil if authentication failed, e.g. due to bad credentials
-      # [1] = Expiration time until the token is valid
-      def initialize(check_certificates = true, &token_expiration_parser)
-        @token_expiration_parser = token_expiration_parser
-        super(check_certificates)
-      end
-
-      # @see AuthClient#authenticate
-      def authenticate(username, password)
-        token, expiration_time = @token_expiration_parser.call(verify_ssl, username, password)
-        fail Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless token
-        # verification passed, credentials are valid
-        @api_token = token
-        @expires = expiration_time
-        self
-      end
-
-      # @see AuthClient#auth_header
-      def auth_header
-        fail Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @api_token
-        fail Errors::EndpointAuthenticationError, 'Cached authentication token expired' if expired?
-        { 'Authorization' => "Bearer #{api_token}" }
-      end
-
-      private
-
-      # Checks if the token is expired.
-      # @return [true, false] true if the token is expired, false if it is still valid
-      def expired?
-        @expires >= Time.now
-      end
-
-      def to_s
-        api_token
-      end
-    end
-  end
-end
+module Nucleus
+  module Adapters
+    class ExpiringTokenAuthClient < TokenAuthClient
+      # Create a new instance of an {ExpiringTokenAuthClient}. An expiring token knows when it starts to be invalid,
+      # saving requests to the endpoint that would fail anyways.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yield [verify_ssl, username, password] Auth credentials token parser block,
+      # must provide the API token and its expiration date, usually retrieved from an HTTP call to the endpoint.
+      # @yieldparam [Boolean] verify_ssl true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yieldparam [String] username username to be used to retrieve the API token
+      # @yieldparam [String] password password to be used to retrieve the API token
+      # @yieldreturn [Array<String>] Array with 2 contents:
+      # [0] = API token to be used for authenticated API requests,
+      # nil if authentication failed, e.g. due to bad credentials
+      # [1] = Expiration time until the token is valid
+      def initialize(check_certificates = true, &token_expiration_parser)
+        @token_expiration_parser = token_expiration_parser
+        super(check_certificates)
+      end
+
+      # @see AuthClient#authenticate
+      def authenticate(username, password)
+        token, expiration_time = @token_expiration_parser.call(verify_ssl, username, password)
+        raise Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless token
+        # verification passed, credentials are valid
+        @api_token = token
+        @expires = expiration_time
+        self
+      end
+
+      # @see AuthClient#auth_header
+      def auth_header
+        raise Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @api_token
+        raise Errors::EndpointAuthenticationError, 'Cached authentication token expired' if expired?
+        { 'Authorization' => "Bearer #{api_token}" }
+      end
+
+      private
+
+      # Checks if the token is expired.
+      # @return [true, false] true if the token is expired, false if it is still valid
+      def expired?
+        @expires >= Time.now
+      end
+
+      def to_s
+        api_token
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/http_basic_auth_client.rb

@@ -20,7 +20,7 @@ module Nucleus
       def authenticate(username, password)
         packed_credentials = ["#{username}:#{password}"].pack('m*').delete("\n")
         valid = @verification.call(verify_ssl, 'Authorization' => "Basic #{packed_credentials}")
-        fail Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless valid
+        raise Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless valid
         # verification passed, credentials are valid
         @packed_credentials = packed_credentials
         self
@@ -28,8 +28,8 @@ module Nucleus
 
       # @see AuthClient#auth_header
       def auth_header
-        fail Errors::EndpointAuthenticationError,
-             'Authentication client was not authenticated yet' unless @packed_credentials
+        raise Errors::EndpointAuthenticationError,
+              'Authentication client was not authenticated yet' unless @packed_credentials
         { 'Authorization' => "Basic #{@packed_credentials}" }
       end
     end

data/lib/nucleus/core/adapter_extensions/auth/o_auth2_auth_client.rb

@@ -1,95 +1,95 @@
-module Nucleus
-  module Adapters
-    class OAuth2AuthClient < AuthClient
-      include Nucleus::Logging
-
-      # Create a new instance of an {OAuth2AuthClient}, which uses the standardized OAuth2 authentication method.
-      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
-      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
-      # @param [String] auth_url URL to the OAuth2 endpoint
-      def initialize(auth_url, check_certificates = true)
-        @auth_url = auth_url
-        super(check_certificates)
-      end
-
-      def authenticate(username, password)
-        return self if @access_token
-        response = post(query: { grant_type: 'password', username: username, password: password })
-        body = body(response)
-        extract(body)
-        # refresh token is not included in later updates
-        @refresh_token = body[:refresh_token]
-        self
-      end
-
-      def auth_header
-        fail Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @access_token
-        if expired?
-          log.debug('OAuth2 access_token is expired, trigger refresh before returning auth_header')
-          # token is expired, renew first
-          refresh
-        end
-        # then return the authorization header
-        header
-      end
-
-      def refresh
-        if @refresh_token.nil?
-          fail Errors::EndpointAuthenticationError, "Can't refresh token before initial authentication"
-        end
-        log.debug("Attempt to refresh the access_token with our refresh_token: '#{@refresh_token}'")
-        response = post(query: { grant_type: 'refresh_token', refresh_token: @refresh_token })
-        extract(body(response))
-        self
-      end
-
-      private
-
-      def post(params)
-        middleware = Excon.defaults[:middlewares].dup
-        middleware << Excon::Middleware::Decompress
-        middleware << Excon::Middleware::RedirectFollower
-        # explicitly allow redirects, otherwise they would cause an error
-        # TODO: Basic Y2Y6 could be cloud-foundry specific
-        request_params = { expects: [200, 301, 302, 303, 307, 308], middlewares: middleware.uniq,
-                           headers: { 'Authorization' => 'Basic Y2Y6',
-                                      'Content-Type' => 'application/x-www-form-urlencoded',
-                                      'Accept' => 'application/json' } }.merge(params)
-        # execute the post request and return the response
-        Excon.new(@auth_url, ssl_verify_peer: verify_ssl).post(request_params)
-      rescue Excon::Errors::HTTPStatusError => e
-        log.debug "OAuth2 authentication failed: #{e}"
-        case e.response.status
-        when 403
-          log.error("OAuth2 for '#{@auth_url}' failed with status 403 (access denied), indicating an adapter issue")
-          raise Errors::UnknownAdapterCallError, 'Access to resource denied, probably the adapter must be updated'
-        when 400, 401
-          raise Errors::EndpointAuthenticationError, body(e.response)[:error_description]
-        end
-        # re-raise all unhandled exception, indicating adapter issues
-        raise Errors::UnknownAdapterCallError, 'OAuth2 call failed unexpectedly, probably the adapter must be updated'
-      end
-
-      def header
-        { 'Authorization' => "#{@token_type} #{@access_token}" }
-      end
-
-      def expired?
-        return true if @expiration.nil?
-        Time.now >= @expiration
-      end
-
-      def body(response)
-        Oj.load(response.body, symbol_keys: true)
-      end
-
-      def extract(body)
-        @access_token = body[:access_token]
-        # number of seconds until expiration, deduct processing buffer
-        seconds_left = body[:expires_in] - 30
-        @expiration = Time.now + seconds_left
-        @token_type = body[:token_type]
-      end
-    end
-  end
-end
+module Nucleus
+  module Adapters
+    class OAuth2AuthClient < AuthClient
+      include Nucleus::Logging
+
+      # Create a new instance of an {OAuth2AuthClient}, which uses the standardized OAuth2 authentication method.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @param [String] auth_url URL to the OAuth2 endpoint
+      def initialize(auth_url, check_certificates = true)
+        @auth_url = auth_url
+        super(check_certificates)
+      end
+
+      def authenticate(username, password)
+        return self if @access_token
+        response = post(query: { grant_type: 'password', username: username, password: password })
+        body = body(response)
+        extract(body)
+        # refresh token is not included in later updates
+        @refresh_token = body[:refresh_token]
+        self
+      end
+
+      def auth_header
+        raise Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @access_token
+        if expired?
+          log.debug('OAuth2 access_token is expired, trigger refresh before returning auth_header')
+          # token is expired, renew first
+          refresh
+        end
+        # then return the authorization header
+        header
+      end
+
+      def refresh
+        if @refresh_token.nil?
+          raise Errors::EndpointAuthenticationError, "Can't refresh token before initial authentication"
+        end
+        log.debug("Attempt to refresh the access_token with our refresh_token: '#{@refresh_token}'")
+        response = post(query: { grant_type: 'refresh_token', refresh_token: @refresh_token })
+        extract(body(response))
+        self
+      end
+
+      private
+
+      def post(params)
+        middleware = Excon.defaults[:middlewares].dup
+        middleware << Excon::Middleware::Decompress
+        middleware << Excon::Middleware::RedirectFollower
+        # explicitly allow redirects, otherwise they would cause an error
+        # TODO: Basic Y2Y6 could be cloud-foundry specific
+        request_params = { expects: [200, 301, 302, 303, 307, 308], middlewares: middleware.uniq,
+                           headers: { 'Authorization' => 'Basic Y2Y6',
+                                      'Content-Type' => 'application/x-www-form-urlencoded',
+                                      'Accept' => 'application/json' } }.merge(params)
+        # execute the post request and return the response
+        Excon.new(@auth_url, ssl_verify_peer: verify_ssl).post(request_params)
+      rescue Excon::Errors::HTTPStatusError => e
+        log.debug "OAuth2 authentication failed: #{e}"
+        case e.response.status
+        when 403
+          log.error("OAuth2 for '#{@auth_url}' failed with status 403 (access denied), indicating an adapter issue")
+          raise Errors::UnknownAdapterCallError, 'Access to resource denied, probably the adapter must be updated'
+        when 400, 401
+          raise Errors::EndpointAuthenticationError, body(e.response)[:error_description]
+        end
+        # re-raise all unhandled exception, indicating adapter issues
+        raise Errors::UnknownAdapterCallError, 'OAuth2 call failed unexpectedly, probably the adapter must be updated'
+      end
+
+      def header
+        { 'Authorization' => "#{@token_type} #{@access_token}" }
+      end
+
+      def expired?
+        return true if @expiration.nil?
+        Time.now >= @expiration
+      end
+
+      def body(response)
+        Oj.load(response.body, symbol_keys: true)
+      end
+
+      def extract(body)
+        @access_token = body[:access_token]
+        # number of seconds until expiration, deduct processing buffer
+        seconds_left = body[:expires_in] - 30
+        @expiration = Time.now + seconds_left
+        @token_type = body[:token_type]
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/token_auth_client.rb

@@ -1,36 +1,36 @@
-module Nucleus
-  module Adapters
-    class TokenAuthClient < AuthClient
-      attr_reader :api_token
-
-      # Create a new instance of an {TokenAuthClient}.
-      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
-      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
-      # @yield [verify_ssl, username, password] Auth credentials token parser block,
-      # must provide the API token, usually retrieved from an HTTP call to the endpoint.
-      # @yieldparam [Boolean] verify_ssl true if SSL certificates are to be validated,
-      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
-      # @yieldparam [String] username username to be used to retrieve the API token
-      # @yieldparam [String] password password to be used to retrieve the API token
-      # @yieldreturn [String] API token to be used for authenticated API requests,
-      # nil if authentication failed, e.g. due to bad credentials
-      def initialize(check_certificates = true, &token_parser)
-        @token_parser = token_parser
-        super(check_certificates)
-      end
-
-      def authenticate(username, password)
-        token = @token_parser.call(verify_ssl, username, password)
-        fail Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless token
-        # verification passed, credentials are valid
-        @api_token = token
-        self
-      end
-
-      def auth_header
-        fail Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @api_token
-        { 'Authorization' => "Bearer #{api_token}" }
-      end
-    end
-  end
-end
+module Nucleus
+  module Adapters
+    class TokenAuthClient < AuthClient
+      attr_reader :api_token
+
+      # Create a new instance of an {TokenAuthClient}.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yield [verify_ssl, username, password] Auth credentials token parser block,
+      # must provide the API token, usually retrieved from an HTTP call to the endpoint.
+      # @yieldparam [Boolean] verify_ssl true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yieldparam [String] username username to be used to retrieve the API token
+      # @yieldparam [String] password password to be used to retrieve the API token
+      # @yieldreturn [String] API token to be used for authenticated API requests,
+      # nil if authentication failed, e.g. due to bad credentials
+      def initialize(check_certificates = true, &token_parser)
+        @token_parser = token_parser
+        super(check_certificates)
+      end
+
+      def authenticate(username, password)
+        token = @token_parser.call(verify_ssl, username, password)
+        raise Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless token
+        # verification passed, credentials are valid
+        @api_token = token
+        self
+      end
+
+      def auth_header
+        raise Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @api_token
+        { 'Authorization' => "Bearer #{api_token}" }
+      end
+    end
+  end
+end