Class: AtlasRb::Authentication

Inherits:

Object

• Object
• AtlasRb::Authentication

Extended by:

FaradayHelper

Defined in:

lib/atlas_rb/authentication.rb

Overview

User-facing identity lookups against the Atlas API.

Unlike the resource classes, Authentication threads a real NUID into FaradayHelper#connection's second positional argument. On the relay-signing path that NUID is signed into the assertion sub; Atlas resolves the acting user and their group memberships from the proven sub.

No login round-trip happens here today; auth is assumed to be already provisioned out-of-band (a configured signing key, or ATLAS_JWT). The commented-out code in this file reflects an older flow where a /token endpoint exchanged an NUID for a session token.

Constant Summary

Constants included from FaradayHelper

FaradayHelper::ASSERTION_AUDIENCE, FaradayHelper::ASSERTION_ISSUER, FaradayHelper::ASSERTION_TTL

Class Method Summary

• .groups(nuid) ⇒ Array<Hash>

  Fetch only the group memberships for an NUID.

• .login(nuid) ⇒ Hash

  Look up the Atlas user record for an NUID.

Methods included from FaradayHelper

connection, multipart, system_connection

Class Method Details

.groups(nuid) ⇒ Array<Hash>

Fetch only the group memberships for an NUID.

Convenience wrapper around the same GET /user call as login; useful when authorization checks only need group names.

Examples:

AtlasRb::Authentication.groups("001234567")
# => [{ "id" => 7, "name" => "Library Staff" }, ...]

Parameters:

• nuid (String) —

  the user's Northeastern University ID.

Returns:

• (Array<Hash>) —

  the "groups" array from the user record.

Raises:

• (JSON::ParserError) —

  if the response body is not valid JSON.

# File 'lib/atlas_rb/authentication.rb', line 47

def self.groups(nuid)
  # user_details = login(nuid)
  # token = user_details[:token] ...
  # TODO - need to update atlas login to give back name, id, and token upon logging in
  # result = JSON.parse(connection({ token: token }).post('/users/2/groups')&.body)["user"]["groups"]
  AtlasRb::Mash.new(JSON.parse(connection({}, nuid).get('/user')&.body))["groups"]
end

.login(nuid) ⇒ Hash

Look up the Atlas user record for an NUID.

Examples:

AtlasRb::Authentication.login("001234567")
# => { "id" => 42, "name" => "Jane Doe", "groups" => [...] }

Parameters:

• nuid (String) —

  the user's Northeastern University ID.

Returns:

• (Hash) —

  the user record returned by GET /user, including at minimum "id", "name", and "groups".

Raises:

• (JSON::ParserError) —

  if the response body is not valid JSON (typically caused by an auth failure returning HTML).

# File 'lib/atlas_rb/authentication.rb', line 29

def self.login(nuid)
  # JSON.parse(connection({ nuid: nuid }).post('/token')&.body)["token"]
  # need hash - id, name, token => ...
  AtlasRb::Mash.new(JSON.parse(connection({}, nuid).get('/user')&.body))
end