Class: Ably::Auth

Inherits:
Object
  • Object
show all
Includes:
Modules::Conversions, Modules::HttpHelpers
Defined in:
lib/submodules/ably-ruby/lib/ably/auth.rb

Overview

Creates Ably Models::TokenRequest objects and obtains Ably Tokens from Ably to subsequently issue to less trusted clients.

Constant Summary collapse

TOKEN_DEFAULTS =

Default capability Hash object and TTL in seconds for issued tokens

{
  renew_token_buffer: 10 # buffer to allow a token to be reissued before the token is considered expired (Ably::Models::TokenDetails::TOKEN_EXPIRY_BUFFER)
}.freeze
API_KEY_REGEX =
/^[\w-]{2,}\.[\w-]{2,}:[\w-]{2,}$/
AUTH_OPTIONS_KEYS =

Supported AuthOption keys, see www.ably.com/docs/realtime/types#auth-options TODO: Review client_id usage embedded incorrectly within AuthOptions.

This is legacy code to configure a client with a client_id from the ClientOptions

TODO: Review inclusion of use_token_auth, ttl, token_params in auth options

%w(
  auth_callback
  auth_url
  auth_method
  auth_headers
  auth_params
  client_id
  key
  key_name
  key_secret
  query_time
  token
  token_details
  token_params
  ttl
  use_token_auth
)

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client, token_params, auth_options) ⇒ Auth

Creates an Auth object

Parameters:

  • client (Ably::Rest::Client)

    Rest::Client this Auth object uses

  • token_params (Hash)

    the token params used as a default for future token requests

  • auth_options (Hash)

    the authentication options used as a default future token requests

Options Hash (token_params):

  • :client_id (String)

    A client ID to associate with this token. The generated token may be used to authenticate as this client_id

  • :ttl (Integer)

    validity time in seconds for the requested Models::TokenDetails. Limits may apply, see https://www.ably.com/docs/general/authentication

  • :capability (Hash)

    canonicalised representation of the resource paths and associated operations

  • :timestamp (Time)

    the time of the request

  • :nonce (String)

    an unquoted, unescaped random string of at least 16 characters

Options Hash (auth_options):

  • :auth_url (String)

    a URL to be used to GET or POST a set of token request params, to obtain a signed token request

  • :auth_headers (Hash)

    a set of application-specific headers to be added to any request made to the auth_url

  • :auth_params (Hash)

    a set of application-specific query params to be added to any request made to the auth_url

  • :auth_method (Symbol) — default: :get

    HTTP method to use with auth_url, must be either :get or :post

  • :auth_callback (Proc)

    when provided, the Proc will be called with the token params hash as the first argument, whenever a new token is required. The Proc should return a token string, Models::TokenDetails or JSON equivalent, Models::TokenRequest or JSON equivalent

  • :key (String)

    API key comprising the key name and key secret in a single string

  • :client_id (String)

    client ID identifying this connection to other clients (will use client_id specified when library was instanced if provided)

  • :query_time (Boolean)

    when true will query the Ably system for the current time instead of using the local time

  • :token_params (Hash)

    convenience to pass in token_params within the auth_options argument, especially useful when setting default token_params in the client constructor



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 53

def initialize(client, token_params, auth_options)
  unless auth_options.kind_of?(Hash)
    raise ArgumentError, 'Expected auth_options to be a Hash'
  end

  unless token_params.kind_of?(Hash)
    raise ArgumentError, 'Expected token_params to be a Hash'
  end

  # Ensure instance variables are defined
  @client_id = nil
  @client_id_validated = nil

  ensure_valid_auth_attributes auth_options

  @client              = client
  @options             = auth_options.dup
  @token_params        = token_params.dup
  @token_option        = options[:token] || options[:token_details]

  if options[:key] && (options[:key_secret] || options[:key_name])
    raise ArgumentError, 'key and key_name or key_secret are mutually exclusive. Provider either a key or key_name & key_secret'
  end

  split_api_key_into_key_and_secret! options if options[:key]
  store_and_delete_basic_auth_key_from_options! options

  if using_basic_auth? && !api_key_present?
    raise ArgumentError, 'key is missing. Either an API key, token, or token auth method must be provided'
  end

  if options[:client_id] == '*'
    raise ArgumentError, 'A client cannot be configured with a wildcard client_id, only a token can have a wildcard client_id privilege'
  end

  if has_client_id? && !token_creatable_externally? && !token_option
    @client_id = ensure_utf_8(:client_id, client_id) if client_id
  end

  # If a token details object or token string is provided in the initializer
  # then the client can be authorized immediately using this token
  if token_option
    token_details = convert_to_token_details(token_option)
    if token_details
      begin
        token_details = authorize_with_token(token_details)
        logger.debug { "Auth: new token passed in to the initializer: #{token_details}" }
      rescue StandardError => e
        logger.error { "Auth: Implicit authorization using the provided token failed: #{e}" }
      end
    end
  end

  @options.freeze
  @token_params.freeze
end

Instance Attribute Details

#current_token_detailsObject (readonly)

Returns the value of attribute current_token_details.



43
44
45
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 43

def current_token_details
  @current_token_details
end

#optionsObject (readonly) Also known as: auth_options

Returns the value of attribute options.



43
44
45
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 43

def options
  @options
end

#token_paramsObject (readonly)

Returns the value of attribute token_params.



43
44
45
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 43

def token_params
  @token_params
end

Instance Method Details

#auth_headerString

Auth header string used in HTTP requests to Ably Will reauthorize implicitly if required and capable

Returns:

  • (String)

    HTTP authentication value used in HTTP_AUTHORIZATION header



405
406
407
408
409
410
411
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 405

def auth_header
  if using_token_auth?
    token_auth_header
  else
    basic_auth_header
  end
end

#auth_paramsHash

Auth params used in URI endpoint for Realtime connections Will reauthorize implicitly if required and capable

Returns:

  • (Hash)

    Auth params for a new Realtime connection



435
436
437
438
439
440
441
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 435

def auth_params
  if using_token_auth?
    token_auth_params
  else
    basic_auth_params
  end
end

#authentication_security_requirements_met?Boolean

Returns false when attempting to send an API Key over a non-secure connection Token auth must be used for non-secure connections

Returns:

  • (Boolean)


459
460
461
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 459

def authentication_security_requirements_met?
  client.use_tls? || using_token_auth?
end

#authorise(*args, &block) ⇒ Object

Deprecated.

Use #authorize instead



190
191
192
193
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 190

def authorise(*args, &block)
  logger.warn { "Auth#authorise is deprecated and will be removed in 1.0. Please use Auth#authorize instead" }
  authorize(*args, &block)
end

#authorize(token_params = nil, auth_options = nil) ⇒ Models::TokenRequest

Instructs the library to get a new token immediately. When using the realtime client, it upgrades the current realtime connection to use the new token, or if not connected, initiates a connection to Ably, once the new token has been obtained. Also stores any ‘token_params` and `auth_options` passed in as the new defaults, to be used for all subsequent implicit or explicit token requests. Any `token_params` and `auth_options` objects passed in entirely replace, as opposed to being merged with, the current client library saved values.

Examples:

# will issue a simple token request using basic auth
client = Ably::Rest::Client.new(key: 'key.id:secret')
token_details = client.auth.authorize

# will use token request from block to authorize if not already authorized
token_details = client.auth.authorize {}, auth_callback: lambda do |token_parmas|
  # create token_request object
  token_request
end

Parameters:

  • token_params (Hash, nil) (defaults to: nil)

    the token params used for future token requests. When nil, previously configured token params are used

  • auth_options (Hash, nil) (defaults to: nil)

    the authentication options used for future token requests. When nil, previously configure authentication options are used

Options Hash (token_params):

  • :client_id (String)

    A client ID to associate with this token. The generated token may be used to authenticate as this client_id

  • :ttl (Integer)

    validity time in seconds for the requested Models::TokenDetails. Limits may apply, see https://www.ably.com/docs/general/authentication

  • :capability (Hash)

    canonicalised representation of the resource paths and associated operations

  • :timestamp (Time)

    the time of the request

  • :nonce (String)

    an unquoted, unescaped random string of at least 16 characters

Options Hash (auth_options):

  • :auth_url (String)

    a URL to be used to GET or POST a set of token request params, to obtain a signed token request

  • :auth_headers (Hash)

    a set of application-specific headers to be added to any request made to the auth_url

  • :auth_params (Hash)

    a set of application-specific query params to be added to any request made to the auth_url

  • :auth_method (Symbol) — default: :get

    HTTP method to use with auth_url, must be either :get or :post

  • :auth_callback (Proc)

    when provided, the Proc will be called with the token params hash as the first argument, whenever a new token is required. The Proc should return a token string, Models::TokenDetails or JSON equivalent, Models::TokenRequest or JSON equivalent

  • :key (String)

    API key comprising the key name and key secret in a single string

  • :client_id (String)

    client ID identifying this connection to other clients (will use client_id specified when library was instanced if provided)

  • :query_time (Boolean)

    when true will query the Ably system for the current time instead of using the local time

  • :token_params (Hash)

    convenience to pass in token_params within the auth_options argument, especially useful when setting default token_params in the client constructor

Returns:



135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 135

def authorize(token_params = nil, auth_options = nil)
  if auth_options.nil?
    auth_options = options # Use default options

    if options.has_key?(:query_time)
      @options = options.dup
      # Query the server time only happens once
      # the options remain in auth_options though so they are passed to request_token
      @options.delete(:query_time)
      @options.freeze
    end
  else
    ensure_valid_auth_attributes auth_options

    auth_options = auth_options.dup

    if auth_options[:token_params]
      token_params = auth_options.delete(:token_params).merge(token_params || {})
    end

    # If basic credentials are provided then overwrite existing options
    # otherwise we need to retain the existing credentials in the auth options
    split_api_key_into_key_and_secret! auth_options if auth_options[:key]
    if auth_options[:key_name] && auth_options[:key_secret]
      store_and_delete_basic_auth_key_from_options! auth_options
    end

    @options = auth_options.dup

    # Query the server time only happens once
    # the options remain in auth_options though so they are passed to request_token
    @options.delete(:query_time)

    @options.freeze
  end

  # Unless provided, defaults are used
  unless token_params.nil?
    @token_params = token_params.dup
    # Timestamp is only valid for this request
    @token_params.delete(:timestamp)
    @token_params.freeze
  end

  authorize_with_token(request_token(token_params || @token_params, auth_options)).tap do |new_token_details|
    logger.debug { "Auth: new token following authorisation: #{new_token_details}" }

    # If authorize the realtime library required auth, then yield the token in a block
    if block_given?
      yield new_token_details
    end
  end
end

#can_assume_client_id?(assumed_client_id) ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

True if assumed_client_id is compatible with the client’s configured or Ably assigned client_id

Returns:

  • (Boolean)


477
478
479
480
481
482
483
484
485
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 477

def can_assume_client_id?(assumed_client_id)
  if client_id_validated?
    client_id == '*' || (client_id == assumed_client_id)
  elsif !options[:client_id] || options[:client_id] == '*'
    true # client ID is unknown
  else
    options[:client_id] == assumed_client_id
  end
end

#client_idObject



385
386
387
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 385

def client_id
  @client_id || options[:client_id]
end

#client_id_for_requestObject

ClientId that needs to be included with every rest/realtime request spec - RSA7e

Returns:

  • string



427
428
429
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 427

def client_id_for_request
  options[:client_id]
end

#client_id_validated?Boolean

When a client has authenticated with Ably and the client is either anonymous (cannot assume a client_id) or has an assigned client_id (implicit in all operations), then this client has a validated client_id, even if that client_id is nil (anonymous)

Once validated by Ably, the client library will enforce the use of the client_id identity provided by Ably, rejecting messages with an invalid client_id immediately

Returns:

  • (Boolean)


397
398
399
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 397

def client_id_validated?
  !!@client_id_validated
end

#configure_client_id(new_client_id) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Configures the client ID for this client Typically this occurs following an Auth or receiving a Models::ProtocolMessage with a client_id in the Models::ConnectionDetails



491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 491

def configure_client_id(new_client_id)
  if has_client_id?
    # If new client ID from Ably is a wildcard, but preconfigured clientId is set, then keep the existing clientId
    if new_client_id == "*"
      @client_id_validated = true
      return
    end
    # If client_id is defined and not a wildcard, prevent it changing, this is not supported
    if new_client_id != client_id
      raise Ably::Exceptions::IncompatibleClientId.new("Client ID is immutable once configured for a client. Client ID cannot be changed to '#{new_client_id}'")
    end
  end
  @client_id_validated = true
  @client_id = new_client_id
end

#create_token_request(token_params = {}, auth_options = {}) ⇒ Models::TokenRequest

Creates and signs an Models::TokenRequest based on the specified (or if none specified, the client library stored) ‘token_params` and `auth_options`. Note this can only be used when the API key value is available locally. Otherwise, the Models::TokenRequest must be obtained from the key owner. Use this to generate an Models::TokenRequest in order to implement an Ably Token request callback for use by other clients. Both `token_params` and `auth_options` are optional. When omitted or null, the default token parameters and authentication options for the client library are used, as specified in the `client_options` when the client library was instantiated, or later updated with an explicit authorize request. Values passed in are used instead of, rather than being merged with, the default values. To understand why an Models::TokenRequest may be issued to clients in favor of a token, see Token Authentication explained.

Examples:

client.auth.create_token_request({ ttl: 3600 }, { id: 'asd.asd' })
#<Ably::Models::TokenRequest:0x007fd5d919df78
#  @hash={
#   :id=>"asds.adsa",
#   :clientId=>nil,
#   :ttl=>3600000,
#   :timestamp=>1428973674000,
#   :capability=>"{\"*\":[\"*\"]}",
#   :nonce=>"95e543b88299f6bae83df9b12fbd1ecd",
#   :mac=>"881oZHeFo6oMim7....uE56a8gUxHw="
#  }
#>>

Parameters:

  • token_params (Hash) (defaults to: {})

    the token params used in the token request

  • auth_options (Hash) (defaults to: {})

    the authentication options for the token request

Options Hash (token_params):

  • :client_id (String)

    A client ID to associate with this token. The generated token may be used to authenticate as this client_id

  • :ttl (Integer)

    validity time in seconds for the requested Models::TokenDetails. Limits may apply, see https://www.ably.com/docs/general/authentication

  • :capability (Hash)

    canonicalised representation of the resource paths and associated operations

  • :timestamp (Time)

    the time of the request

  • :nonce (String)

    an unquoted, unescaped random string of at least 16 characters

Options Hash (auth_options):

  • :key (String)

    API key comprising the key name and key secret in a single string

  • :client_id (String)

    client ID identifying this connection to other clients (will use client_id specified when library was instanced if provided)

  • :query_time (Boolean)

    when true will query the Ably system for the current time instead of using the local time

  • :token_params (Hash)

    convenience to pass in token_params within the auth_options argument, especially useful when setting default token_params in the client constructor

Returns:

Raises:



309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 309

def create_token_request(token_params = {}, auth_options = {})
  ensure_valid_auth_attributes auth_options

  auth_options = auth_options.dup
  token_params = (auth_options[:token_params] || {}).merge(token_params)

  split_api_key_into_key_and_secret! auth_options if auth_options[:key]
  request_key_name   = auth_options.delete(:key_name) || key_name
  request_key_secret = auth_options.delete(:key_secret) || key_secret

  raise Ably::Exceptions::TokenRequestFailed, 'Key Name and Key Secret are required to generate a new token request' unless request_key_name && request_key_secret

  ensure_current_time_is_based_on_server_time if auth_options[:query_time]
  timestamp = token_params.delete(:timestamp) || current_time
  timestamp = Time.at(timestamp) if timestamp.kind_of?(Integer)



  token_request = {
    keyName:    request_key_name,
    timestamp:  (timestamp.to_f * 1000).round,
    nonce:      token_params[:nonce] || SecureRandom.hex.force_encoding('UTF-8')
  }

  token_client_id = token_params[:client_id] || auth_options[:client_id] || client_id
  token_request[:clientId] = token_client_id if token_client_id

  if token_params[:ttl]
    token_ttl = [
      token_params[:ttl],
      Ably::Models::TokenDetails::TOKEN_EXPIRY_BUFFER + TOKEN_DEFAULTS.fetch(:renew_token_buffer) # never issue a token that will be immediately considered expired due to the buffer
    ].max
    token_request[:ttl] = (token_ttl * 1000).to_i
  end

  token_request[:capability] = token_params[:capability] if token_params[:capability]
  if token_request[:capability].is_a?(Hash)
    lexicographic_ordered_capabilities = Hash[
      token_request[:capability].sort_by { |key, value| key }.map do |key, value|
        [key, value.sort]
      end
    ]
    token_request[:capability] = JSON.dump(lexicographic_ordered_capabilities)
  end

  token_request[:mac] = sign_params(token_request, request_key_secret)

  # Undocumented feature to request a persisted token
  token_request[:persisted] = token_params[:persisted] if token_params[:persisted]

  Models::TokenRequest.new(token_request)
end

#extra_auth_headersHash

Extra headers that may be used during authentication

Returns:

  • (Hash)

    headers



416
417
418
419
420
421
422
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 416

def extra_auth_headers
  if client_id_for_request
    { 'X-Ably-ClientId' => Base64.urlsafe_encode64(client_id_for_request) }
  else
    {}
  end
end

#has_client_id?Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

True when a client_id other than a wildcard is configured for Auth

Returns:

  • (Boolean)


510
511
512
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 510

def has_client_id?
  client_id && (client_id != '*')
end

#keyObject



362
363
364
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 362

def key
  "#{key_name}:#{key_secret}" if api_key_present?
end

#key_nameObject



366
367
368
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 366

def key_name
  @key_name
end

#key_secretObject



370
371
372
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 370

def key_secret
  @key_secret
end

#request_token(token_params = {}, auth_options = {}) ⇒ Ably::Models::TokenDetails

Calls the requestToken REST API endpoint to obtain an Ably Token according to the specified ‘token_params` and `auth_options`. Both `token_params` and `auth_options` are optional. When omitted or null, the default token parameters and authentication options for the client library are used, as specified in the `client_options` when the client library was instantiated, or later updated with an explicit authorize request. Values passed in are used instead of, rather than being merged with, the default values. To understand why an Ably Models::TokenRequest may be issued to clients in favor of a token, see Token Authentication explained.

Examples:

# simple token request using basic auth
client = Ably::Rest::Client.new(key: 'key.id:secret')
token_details = client.auth.request_token

# token request with token params
client.auth.request_token ttl: 1.hour

# token request using auth block
token_details = client.auth.request_token {}, auth_callback: lambda do |token_params|
  # create token_request object
  token_request
end

Parameters:

  • auth_options (Hash) (defaults to: {})

    (see #create_token_request)

  • token_params (Hash) (defaults to: {})

    (see #create_token_request)

Options Hash (token_params):

  • :client_id (String)

    A client ID to associate with this token. The generated token may be used to authenticate as this client_id

  • :ttl (Integer)

    validity time in seconds for the requested Models::TokenDetails. Limits may apply, see https://www.ably.com/docs/general/authentication

  • :capability (Hash)

    canonicalised representation of the resource paths and associated operations

  • :timestamp (Time)

    the time of the request

  • :nonce (String)

    an unquoted, unescaped random string of at least 16 characters

Options Hash (auth_options):

  • :auth_url (String)

    a URL to be used to GET or POST a set of token request params, to obtain a signed token request

  • :auth_headers (Hash)

    a set of application-specific headers to be added to any request made to the auth_url

  • :auth_params (Hash)

    a set of application-specific query params to be added to any request made to the auth_url

  • :auth_method (Symbol) — default: :get

    HTTP method to use with auth_url, must be either :get or :post

  • :auth_callback (Proc)

    when provided, the Proc will be called with the token params hash as the first argument, whenever a new token is required. The Proc should return a token string, Models::TokenDetails or JSON equivalent, Models::TokenRequest or JSON equivalent

  • :key (String)

    API key comprising the key name and key secret in a single string

  • :client_id (String)

    client ID identifying this connection to other clients (will use client_id specified when library was instanced if provided)

  • :query_time (Boolean)

    when true will query the Ably system for the current time instead of using the local time

  • :token_params (Hash)

    convenience to pass in token_params within the auth_options argument, especially useful when setting default token_params in the client constructor

Returns:



229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 229

def request_token(token_params = {}, auth_options = {})
  ensure_valid_auth_attributes auth_options

  # Token param precedence (lowest to highest):
  #   Auth default => client_id => auth_options[:token_params] arg => token_params arg
  token_params = self.token_params.merge(
    (client_id ? { client_id: client_id } : {}).
      merge(auth_options[:token_params] || {}).
      merge(token_params)
  )

  auth_options = self.options.merge(auth_options)

  token_request = if auth_callback = auth_options.delete(:auth_callback)
    begin
      Timeout::timeout(client.auth_request_timeout) do
        auth_callback.call(token_params)
      end
    rescue StandardError => err
      raise Ably::Exceptions::AuthenticationFailed.new("auth_callback failed: #{err.message}", nil, nil, err, fallback_status: 500, fallback_code: Ably::Exceptions::Codes::CONNECTION_NOT_ESTABLISHED_NO_TRANSPORT_HANDLE)
    end
  elsif auth_url = auth_options.delete(:auth_url)
    begin
      Timeout::timeout(client.auth_request_timeout) do
        token_request_from_auth_url(auth_url, auth_options, token_params)
      end
    rescue StandardError => err
      raise Ably::Exceptions::AuthenticationFailed.new("auth_url failed: #{err.message}", nil, nil, err, fallback_status: 500, fallback_code: Ably::Exceptions::Codes::CONNECTION_NOT_ESTABLISHED_NO_TRANSPORT_HANDLE)
    end
  else
    create_token_request(token_params, auth_options)
  end

  convert_to_token_details(token_request).tap do |token_details|
    return token_details if token_details
  end

  send_token_request(token_request)
end

#token_client_id_allowed?(token_client_id) ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

True if token provided client_id is compatible with the client’s configured client_id, when applicable

Returns:

  • (Boolean)


467
468
469
470
471
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 467

def token_client_id_allowed?(token_client_id)
  return true if client_id.nil? # no explicit client_id specified for this client
  return true if client_id == '*' || token_client_id == '*' # wildcard supported always
  token_client_id == client_id
end

#token_renewable?Boolean

True if prerequisites for creating a new token request are present

One of the following criterion must be met:

  • Valid API key and token option not provided as token options cannot be determined

  • Authentication callback for new token requests

  • Authentication URL for new token requests

Returns:

  • (Boolean)


451
452
453
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 451

def token_renewable?
  token_creatable_externally? || (api_key_present? && !token_option)
end

#using_basic_auth?Boolean

True when Basic Auth is being used to authenticate with Ably

Returns:

  • (Boolean)


375
376
377
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 375

def using_basic_auth?
  !using_token_auth?
end

#using_token_auth?Boolean

True when Token Auth is being used to authenticate with Ably

Returns:

  • (Boolean)


380
381
382
383
# File 'lib/submodules/ably-ruby/lib/ably/auth.rb', line 380

def using_token_auth?
  return options[:use_token_auth] if options.has_key?(:use_token_auth)
  !!(token_option || current_token_details || token_creatable_externally?)
end