ExFTP.Auth.BearerAuth (ExFTP v1.2.0)

View Source

When authenticator is ExFTP.Auth.BearerAuth, this authenticator will call out to an HTTP endpoint that implements Bearer Tokens with the user's supplied credentials.

โš™๏ธ Configuration

Keys

Example

  %{
    # ... ,
    authenticator: ExFTP.Auth.BearerAuth,
    authenticator_config: %{
      login_url: "https://httpbin.dev/bearer",
      login_method: :post,
      authenticated_url: "https://httpbin.dev/bearer",
      authenticated_method: :post,
      authenticated_ttl_ms: 1000 * 60 * 60
    }
  }

๐Ÿ‘€ See Also

๐Ÿ“– Resources

Summary

Functions

authenticated?(authenticator_state)

Determines whether this session is still considered authenticated

login(provided_token, authenticator_state)

Requests a login using a Bearer Token

valid_user?(username)

Always returns true.

Functions

authenticated?(authenticator_state)

@spec authenticated?(authenticator_state :: ExFTP.Authenticator.authenticator_state()) ::
  boolean()

Determines whether this session is still considered authenticated

๐Ÿท๏ธ Params

๐Ÿง‘โ€๐Ÿณ Workflow

  • Reads the authenticator_config.
  • If the config has authenticated_url,
    • Calls it with a bearer token provided by the user in the headers
    • If the response is HTTP 200, success. Otherwise, no longer authenticated.
  • If the config does not have authenticated_url,
    • investigate the authenticator_state for authenticated: true

โคต๏ธ Returns

โœ… On Success

  `true` or `false`

๐Ÿ’ป Examples

iex> alias ExFTP.Auth.BearerAuth
iex> Application.put_env(:ex_ftp, :authenticator, ExFTP.Auth.BearerAuth)
iex> Application.put_env(:ex_ftp, :authenticator_config, %{
iex>  login_url: "https://httpbin.dev/bearer",
iex>  authenticated_url: "https://httpbin.dev/bearer",
iex>  authenticated_method: :get,
iex> })
iex> BearerAuth.authenticated?(%{bearer_token: "my.bearer.token"})
true

๐Ÿ‘€ See Also

login(provided_token, authenticator_state)

@spec login(
  provided_token :: ExFTP.Authenticator.password(),
  authenticator_state :: ExFTP.Authenticator.authenticator_state()
) :: {:ok, ExFTP.Authenticator.authenticator_state()} | {:error, term()}

Requests a login using a Bearer Token

๐Ÿท๏ธ Params

๐Ÿง‘โ€๐Ÿณ Workflow

  • Reads the authenticator_config.
  • Receives a bearer token from the client (as a password)
  • Calls the login_url with the proper bearer token headers
  • If the response is HTTP 200, success. Otherwise, bad login.

โคต๏ธ Returns

โœ… On Success

  {:ok, authenticator_state}

โŒ On Failure

  {:error, bad_login}

๐Ÿ’ป Examples

iex> alias ExFTP.Auth.BearerAuth
iex> Application.put_env(:ex_ftp, :authenticator, ExFTP.Auth.BearerAuth)
iex> Application.put_env(:ex_ftp, :authenticator_config, %{
iex>  login_url: "https://httpbin.dev/bearer",
iex>  login_method: :post
iex> })
iex> {:ok, _} = BearerAuth.login("my.bearer.token" , %{})

๐Ÿ‘€ See Also

valid_user?(username)

@spec valid_user?(username :: ExFTP.Authenticator.username()) :: boolean()

Always returns true.

No performance benefit

This method is normally used to short-circuit bad login requests. The performance gain in that short-circuit is negligible for this authenticator, so it's not used.