123456789_123456789_123456789_123456789_123456789_

Class: Mongo::Auth::SaslConversationBase Private

Do not use. This class is for internal use only.
Relationships & Source Files
Extension / Inclusion / Inheritance Descendants
Subclasses:
Mongo::Auth::ScramConversationBase, Mongo::Auth::Aws::Conversation, Mongo::Auth::Gssapi::Conversation, Mongo::Auth::Scram256::Conversation, Mongo::Auth::Scram::Conversation
Super Chains via Extension / Inclusion / Inheritance
Class Chain:
self, ConversationBase
Instance Chain:
self, ConversationBase
Inherits: Mongo::Auth::ConversationBase
Defined in: lib/mongo/auth/sasl_conversation_base.rb

Overview

Defines common behavior around SASL conversations between the client and the server.

Since:

  • 2.0.0

Constant Summary

Class Method Summary

ConversationBase - Inherited

.new

Create the new conversation.

Instance Attribute Summary

ConversationBase - Inherited

#connection, #user

Instance Method Summary

ConversationBase - Inherited

#build_message,
#speculative_auth_document

Returns the hash to provide to the server in the handshake as value of the speculativeAuthenticate key.
#validate_external_auth_source

Instance Method Details

#auth_mechanism_nameString (private)

Gets the auth mechanism name for the conversation class.

Example return: SCRAM-SHA-1.

Returns:

Since:

  • 2.0.0

[ GitHub ] 

  


# File 'lib/mongo/auth/sasl_conversation_base.rb', line 51



def auth_mechanism_name
  # self.class.name is e.g. Mongo::Auth::Scram256::Mechanism.
  # We need Mongo::Auth::Scram::MECHANISM.
  # Pull out the Scram256 part, get that class off of Auth,
  # then get the value of MECHANISM constant in Scram256.
  # With ActiveSupport, this method would be:
  # self.class.module_parent.const_get(:MECHANISM)
  parts = self.class.name.split('::')
  parts.pop
  Auth.const_get(parts.last).const_get(:MECHANISM)
end


  








  

    #client_first_document   (private)
  



  

    
  





  
Since:


    
  
  • 
    
    

    2.0.0
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/auth/sasl_conversation_base.rb', line 67



def client_first_document
  payload = client_first_payload
  if Lint.enabled?
    unless payload.is_a?(String)
      raise Error::LintError, "Payload must be a string but is a #{payload.class}: #{payload}"
    end
  end
  doc = CLIENT_FIRST_MESSAGE.merge(
    mechanism: auth_mechanism_name,
    payload: BSON::Binary.new(payload),
  )
  if options = client_first_message_options
    # Short SCRAM conversation,
    # https://jira.mongodb.org/browse/DRIVERS-707
    doc[:options] = options
  end
  doc
end


  








  

    #client_first_message_options   (private)
  



  

    
  





  
Since:


    
  
  • 
    
    

    2.0.0
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/auth/sasl_conversation_base.rb', line 63



def client_first_message_options
  nil
end


  








  

    #start(connection)  ⇒ Protocol::Message 
  



  

    

Start the SASL conversation. This returns the first message that needs to be sent to the server.


  





  
Parameters:



Returns:



Since:


    
  
  • 
    
    

    2.0.0
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/auth/sasl_conversation_base.rb', line 39



def start(connection)
  selector = client_first_document
  build_message(connection, user.auth_source, selector)
end


  








  

    #validate_server_nonce!   (private)
  



  

    

Helper method to validate that server nonce starts with the client nonce.



Note that this class does not define the client_nonce or server_nonce attributes - derived classes must do so.


  





  
Since:


    
  
  • 
    
    

    2.0.0
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/auth/sasl_conversation_base.rb', line 91



def validate_server_nonce!
  if client_nonce.nil? || client_nonce.empty?
    raise ArgumentError, 'Cannot validate server nonce when client nonce is nil or empty'
  end

  unless server_nonce.start_with?(client_nonce)
    raise Error::InvalidNonce.new(client_nonce, server_nonce)
  end
end