Class: StrongKeyLite

Inherits:

Object

• Object
• StrongKeyLite

Includes:

API

Defined in:

lib/skles.rb,
lib/skles_api.rb

Overview

Client for the StrongKey Lite Encryption System (SKLES) SOAP-based API. An instance of this API interfaces with your StrongKey Lite box to encrypt and decrypt credit card numbers into the vault.

Since many StrongKey Lite setups use different logins to perform different tasks (e.g., a more secure login/password is used to decrypt credit cards than to encrypt them), this class supports storing multiple sets of credentials, choosing them depending on the operation being performed.

Examples:

Single-user SKLES interface for the test domain

skles = StrongKeyLite.new("https://demo.strongauth.com:8181",               # the URL to the demo StrongKey Lite service
                          1,                                                # your domain ID
                          login: 'mylogin', password: 'mypassword'          # your API user login and password for the demo box
                          http: { verify_mode: OpenSSL::SSL::VERIFY_NONE }, # the demo service has an invalid cert, so we override cert verification

Multi-user SKLES interface for a production domain

skles = StrongKeyLite.new("https://strongauth.company.com:8181", 15)
skles.add_user 'encrypt_only', 'thepassword', :encrypt, :batch_encrypt
skles.add_user 'decrypt', 'anotherpassword', :decrypt, :batch_decrypt

Defined Under Namespace

Modules: API Classes: HTTPError, ResponseError, SOAPError

Instance Attribute Summary

• #domain_id ⇒ Object

  The domain ID of the StrongKey service.

Class Method Summary

• .http_adapter=(adapter) ⇒ Object

  Sets the HTTPI adapter to use for Savon.

Instance Method Summary

• #actions ⇒ Array<Symbol>

  A list of actions that the API can perform.

• #add_user(login, password, *actions_for_user) ⇒ Object

  Adds a user by login and password.

• #call(meth, options = {}) ⇒ Hash

  Makes an API call and returns the result as a hash.

• #initialize(service_url, domain_id, options = {}) {|http| ... } ⇒ StrongKeyLite constructor

  Creates a new client interface.

• #set_user_for_actions(login, action, ...) ⇒ Object (also: #set_user_for_action)

  Tells the client to use this user for a list of actions.

Methods included from API

#decrypt, #delete, #encrypt, #ping, #search

Constructor Details

#initialize(service_url, domain_id, options = {}) {|http| ... } ⇒ StrongKeyLite

Creates a new client interface.

Examples:

Setting a custom timeout

StrongKeyLite.new(url, domain) { |http| http.read_timeout = 60 }

Parameters:

• service_url (String) —

  The protocol, host, and port for your StrongKey Lite service; e.g., “demo.strongauth.com:8181”

• domain_id (Fixnum) —

  The domain ID.

• options (Hash) (defaults to: {}) —

  Additional options.

Options Hash (options):

• :login (String) —

  You can provide the login of a user who will be used for all actions.

• :password (String) —

  The password for this user.

Yields:

• (http) —

  HTTP configuration block.

Yield Parameters:

• http (HTTPI::Request) —

  The HTTP request object, for configuring. See the HTTPI gem documentation for more information.

# File 'lib/skles.rb', line 52

def initialize(service_url, domain_id, options={})
  @client = Savon::Client.new do |wsdl, http, wsse|
    wsdl.document = "#{service_url}/strongkeyliteWAR/EncryptionService?wsdl"
    yield http if block_given?
  end
  options[:http].each { |key, val| @client.request.http.send :"#{key}=", val } if options[:http].kind_of?(Hash)

  self.domain_id = domain_id

  @users = {}
  @users_for_action = {}

  add_user(options[:login], options[:password], :all) if options[:login] and options[:password]
end

Instance Attribute Details

#domain_id ⇒ Object

The domain ID of the StrongKey service.

# File 'lib/skles.rb', line 34

def domain_id
  @domain_id
end

Class Method Details

.http_adapter=(adapter) ⇒ Object

Sets the HTTPI adapter to use for Savon. By default it’s @:net_http@.

Parameters:

• adapter (Symbol) —

  The HTTPI adapter to use.

# File 'lib/skles.rb', line 143

def self.http_adapter=(adapter)
  Savon.http_adapter = adapter
end

Instance Method Details

#actions ⇒ Array<Symbol>

Returns A list of actions that the API can perform.

Returns:

• (Array<Symbol>) —

  A list of actions that the API can perform.

# File 'lib/skles.rb', line 111

def actions
  @actions ||= @client.wsdl.soap_actions
end

#add_user(login, password) ⇒ Object #add_user(login, password, action, ...) ⇒ Object #add_user(login, password, : all) ⇒ Object

Adds a user by login and password. These users are used to perform API actions.

Overloads:

• #add_user(login, password) ⇒ Object

  Adds a user. You can tell the client to use this user for certain actions by calling #set_user_for_actions.
• #add_user(login, password, action, ...) ⇒ Object

  Adds a user and tells the client to use this user for the given list of actions.

  Parameters:

  • action (Symbol) —

    An API action (such as @:ping@) that this user should be used to perform. Replaces the previous user assigned to this action.

  Raises:

  • (ArgumentError) —

    If an unknown action is provided.

• #add_user(login, password, : all) ⇒ Object

  Adds a user and tells the client to use this user for all API actions.

Parameters:

• login (String) —

  The user’s login.

• password (String) —

  The user’s password.

# File 'lib/skles.rb', line 85

def add_user(login, password, *actions_for_user)
  @users[login] = password
  if actions_for_user == [ :all ] then
    actions.each { |action| set_user_for_action(login, action) }
  else
    actions_for_user.each { |action| set_user_for_action(login, action) }
  end
end

#call(meth, options = {}) ⇒ Hash

Makes an API call and returns the result as a hash. This method is the basis of all the more high-level API methods.

Parameters:

• meth (Symbol) —

  The API method.

• options (Hash) (defaults to: {}) —

  The arguments for the API method. The @:did@, @:login@, and @:password@ arguments are set for you automatically.

Returns:

• (Hash) —

  The response fields.

Raises:

• (SOAPError) —

  If a SOAP fault occurs.

• (HTTPError) —

  If an HTTP error occurs.

# File 'lib/skles.rb', line 125

def call(meth, options={})
  raise ArgumentError, "Unknown action #{meth.inspect}" unless actions.include?(meth)

  login = @users_for_action[meth]
  raise "No user has been assigned to action #{meth.inspect}" unless login
  password = @users[login]
  
  response = @client.request(:wsdl, meth) { |soap| soap.body = { did: domain_id, username: login, password: password }.merge(options) }
  raise SOAPError.new(response.soap_fault, response) if response.soap_fault?
  raise HTTPError.new(response.http_error, response) if response.http_error?

  return response.to_hash
end

#set_user_for_actions(login, action, ...) ⇒ Object Also known as: set_user_for_action

Tells the client to use this user for a list of actions. Calls made via the API of one of these actions will use this user. Replaces the previous user assigned to these actions.

Parameters:

• login (String) —

  The user’s login.

• the (Symbol) —

  API action (such as @:ping@).

Raises:

• (ArgumentError) —

  If an unknown action is provided.

# File 'lib/skles.rb', line 102

def set_user_for_actions(login, *actions_for_user)
  actions.flatten!
  raise ArgumentError, "Unknown action(s): #{(actions_for_user - actions).join(',' )}" unless (actions_for_user - actions).empty?
  actions_for_user.each { |action| @users_for_action[action] = login }
end