Class: Net::IMAP::SASL::OAuthBearerAuthenticator

Relationships & Source Files
Super Chains via Extension / Inclusion / Inheritance
Class Chain: self, `OAuthAuthenticator`
Instance Chain: self, `OAuthAuthenticator`, `GS2Header`
Inherits:	Net::IMAP::SASL::OAuthAuthenticator Object Net::IMAP::SASL::OAuthAuthenticator Net::IMAP::SASL::OAuthBearerAuthenticator
Defined in:	lib/net/imap/sasl/oauthbearer_authenticator.rb

Overview

Authenticator for the “OAUTHBEARER” ::Net::IMAP::SASL mechanism, specified in RFC7628. Authenticates using OAuth 2.0 bearer tokens, as described in RFC6750. Use via Net::IMAP#authenticate.

RFC6750 requires Transport Layer Security (TLS) to secure the protocol interaction between the client and the resource server. TLS MUST be used for OAUTHBEARER to protect the bearer token.

Constant Summary

Class Method Summary

.new(oauth2_token, **options) ⇒ authenticator constructor

Creates an Authenticator for the “OAUTHBEARER” ::Net::IMAP::SASL mechanism.

`OAuthAuthenticator` - Inherited

.new	Creates an RFC7628 OAuth authenticator.

Instance Attribute Summary

#initial_response? ⇒ Boolean readonly

OAUTHBEARER sends an initial client response.
#oauth2_token (also: #secret) readonly

An OAuth 2.0 bearer token.
#secret readonly

Alias for #oauth2_token.

`OAuthAuthenticator` - Inherited

#authzid	Authorization identity: an identity to act as or on behalf of.
#done?	Returns true when the initial client response was sent.
#host	Hostname to which the client connected.
#last_server_response	Stores the most recent server “challenge”.
#mthd	HTTP method.
#path	HTTP path data.
#port	Service port to which the client connected.
#post	HTTP post data.
#qs	The query string.
#query	Alias for OAuthAuthenticator#qs.
#username	Alias for OAuthAuthenticator#authzid.

Instance Method Summary

#authorization

Value of the HTTP Authorization header.

`OAuthAuthenticator` - Inherited

#authorization	Value of the HTTP Authorization header.
#initial_client_response	The RFC7628 §3.1 formatted response.
#process	Returns initial_client_response the first time, then “`^A`”.

`GS2Header` - Included

#gs2_authzid	The RFC5801 §4 `gs2-authzid` header, when `#authzid` is not empty.
#gs2_cb_flag	The RFC5801 §4 `gs2-cb-flag`:
#gs2_header	The RFC5801 §4 `gs2-header`, which prefixes the `#initial_client_response`.
#gs2_saslname_encode	Encodes `str` to match RFC5801_SASLNAME.

Constructor Details

.new(oauth2_token, options) ⇒ authenticator .new(authzid, oauth2_token, options) ⇒ authenticator .new(oauth2_token:, **options) ⇒ authenticator

Creates an Authenticator for the “OAUTHBEARER” ::Net::IMAP::SASL mechanism.

Called by Net::IMAP#authenticate and similar methods on other clients.

Parameters

#oauth2_token — An OAuth2 bearer token

All other keyword parameters are passed to super (see OAuthAuthenticator). The most common ones are:

optional #authzid ― Authorization identity to act as or on behalf of.

optional #username — An alias for #authzid.

Note that, unlike some other authenticators, username sets the authorization identity and not the authentication identity. The authentication identity is established for the client by #oauth2_token.
optional Net::IMAP#host — Hostname to which the client connected.
optional Net::IMAP#port — Service port to which the client connected.

Although only oauth2_token is required by this mechanism, it is worth noting that application protocols are allowed to require #authzid (or other parameters, such as Net::IMAP#host or Net::IMAP#port) as are specific server implementations.

[ GitHub ]

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 177


def initialize(arg1 = nil, arg2 = nil,
               oauth2_token: nil, secret: nil,
               **args, &blk)
  username, oauth2_token_arg = arg2.nil? ? [nil, arg1] : [arg1, arg2]
  super(username: username, **args, &blk)
  @oauth2_token = oauth2_token || secret || oauth2_token_arg or
    raise ArgumentError, "missing oauth2_token"
end

Instance Attribute Details

#initial_response? ⇒ `Boolean` (readonly)

OAUTHBEARER sends an initial client response.

[ GitHub ]

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 190


def initial_response?; true end

#oauth2_token (readonly) Also known as: #secret

An OAuth 2.0 bearer token. See RFC-6750

[ GitHub ]

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 141


attr_reader :oauth2_token

#secret (readonly)

Alias for #oauth2_token.

[ GitHub ]

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 142


alias secret oauth2_token

Instance Method Details

#authorization

Value of the HTTP Authorization header

[ GitHub ]

# File 'lib/net/imap/sasl/oauthbearer_authenticator.rb', line 193


def authorization; "Bearer #{oauth2_token}" end

Class: Net::IMAP::SASL::OAuthBearerAuthenticator

Overview

Constant Summary

GS2Header - Included

Class Method Summary

OAuthAuthenticator - Inherited

Instance Attribute Summary

OAuthAuthenticator - Inherited

Instance Method Summary

OAuthAuthenticator - Inherited

GS2Header - Included

Constructor Details

.new(oauth2_token, **options) ⇒ authenticator .new(authzid, oauth2_token, **options) ⇒ authenticator .new(oauth2_token:, **options) ⇒ authenticator

Parameters

Instance Attribute Details

#initial_response? ⇒ Boolean (readonly)

#oauth2_token (readonly) Also known as: #secret

#secret (readonly)

Instance Method Details

#authorization

`GS2Header` - Included

`OAuthAuthenticator` - Inherited

`OAuthAuthenticator` - Inherited

`OAuthAuthenticator` - Inherited

`GS2Header` - Included

.new(oauth2_token, options) ⇒ authenticator .new(authzid, oauth2_token, options) ⇒ authenticator .new(oauth2_token:, **options) ⇒ authenticator

#initial_response? ⇒ `Boolean` (readonly)