Class: LcpRuby::Metadata::AuthValidator

Inherits:

Object

Object
LcpRuby::Metadata::AuthValidator

show all

Defined in:: lib/lcp_ruby/metadata/auth_validator.rb

Overview

Cross-cutting validation for auth.yml beyond the JSON Schema layer. Raises LcpRuby::Authentication::ConfigurationError on the first blocking violation. Warnings (mutable external_id, etc.) are logged via Rails.logger.

Constant Summary collapse

MUTABLE_EXTERNAL_ID_CLAIMS =

%w[email preferred_username upn].freeze

Instance Attribute Summary collapse

#errors ⇒ Object readonly

Returns the value of attribute errors.
#warnings ⇒ Object readonly

Returns the value of attribute warnings.

Instance Method Summary collapse

#initialize(raw:, providers:) ⇒ AuthValidator constructor

A new instance of AuthValidator.
#run ⇒ Object

Runs every check and populates @errors / @warnings without raising.
#validate! ⇒ Object

Runs every check and raises ConfigurationError if any blocking violation was found.

Constructor Details

#initialize(raw:, providers:) ⇒ `AuthValidator`

Returns a new instance of AuthValidator.

# File 'lib/lcp_ruby/metadata/auth_validator.rb', line 15

def initialize(raw:, providers:)
  @raw       = raw
  @providers = providers
  @errors    = []
  @warnings  = []
end

Instance Attribute Details

#errors ⇒ `Object` (readonly)

Returns the value of attribute errors.



13
14
15

# File 'lib/lcp_ruby/metadata/auth_validator.rb', line 13

def errors
  @errors
end

#warnings ⇒ `Object` (readonly)

Returns the value of attribute warnings.



13
14
15

# File 'lib/lcp_ruby/metadata/auth_validator.rb', line 13

def warnings
  @warnings
end

Instance Method Details

#run ⇒ `Object`

Runs every check and populates @errors / @warnings without raising. Used by ‘ConfigurationValidator#validate_auth_yml` so the validate rake task can surface auth.yml problems in its report alongside model/presenter/permission errors, instead of relying on a boot crash. Idempotent: safe to call repeatedly on the same instance.

# File 'lib/lcp_ruby/metadata/auth_validator.rb', line 35

def run
  return self if @ran
  run_schema_validation
  validate_provider_uniqueness
  validate_default_provider_reference
  validate_each_provider
  emit_warnings
  @ran = true
  self
end

#validate! ⇒ `Object`

Runs every check and raises ConfigurationError if any blocking violation was found. Used by ‘ProviderRegistry.load!` at boot, where a broken auth.yml should stop the world.

# File 'lib/lcp_ruby/metadata/auth_validator.rb', line 25

def validate!
  run
  raise_if_errors
end