[Brightbox] Refactors how tokens are requested

Extracting existing strategies out of Compute
2022-11-09 13:51:43 -05:00 · 2012-11-21 13:31:43 +00:00 · 2012-11-21 13:31:43 +00:00 · 62cddead5c
commit 62cddead5c
parent c14c6ad76f
3 changed files with 92 additions and 10 deletions
--- a/lib/fog/brightbox/compute.rb
+++ b/lib/fog/brightbox/compute.rb
@ -250,17 +250,11 @@ module Fog
      private

        def get_oauth_token
-          authentication_body_hash = if authenticating_as_user?
-            {
-              'client_id' => @credentials.client_id,
-              'grant_type' => 'password',
-              'username' => @credentials.username,
-              'password' => @credentials.password
-            }
+          if authenticating_as_user?
+            token_strategy = UserCredentialsStrategy.new(@credentials)
          else
-            {'client_id' => @credentials.client_id, 'grant_type' => 'none'}
+            token_strategy = ClientCredentialsStrategy.new(@credentials)
          end
-          @authentication_body = Fog::JSON.encode(authentication_body_hash)

          basic_header_to_encode = "#{@credentials.client_id}:#{@credentials.client_secret}"

@ -272,7 +266,7 @@ module Fog
              'Content-Type' => 'application/json'
            },
            :method   => 'POST',
-            :body     => @authentication_body
+            :body     => Fog::JSON.encode(token_strategy.authorization_body_data)
          })
          @oauth_token = Fog::JSON.decode(response.body)["access_token"]
          return @oauth_token
--- a/lib/fog/brightbox/oauth2.rb
+++ b/lib/fog/brightbox/oauth2.rb
@ -32,4 +32,50 @@ module Fog::Brightbox::OAuth2
      !!(@username && @password)
    end
  end
+
+  # This strategy class is the basis for OAuth2 grant types
+  #
+  # @abstract Need to implement {#authorization_body_data} to return a
+  #   Hash matching the expected parameter form for the OAuth request
+  #
+  # @todo Strategies should be able to validate if credentials are suitable
+  #   so just client credentials cannot be used with user strategies
+  #
+  class GrantTypeStrategy
+    def initialize(credentials)
+      @credentials = credentials
+    end
+
+    def authorization_body_data
+      raise "Not implemented"
+    end
+  end
+
+  # This implements client based authentication/authorization
+  # based on the existing trust relationship using the `none`
+  # grant type.
+  #
+  class ClientCredentialsStrategy < GrantTypeStrategy
+    def authorization_body_data
+      {
+        "grant_type" => "none",
+        "client_id"  => @credentials.client_id
+      }
+    end
+  end
+
+  # This passes user details through so the returned token
+  # carries the privileges of the user not account limited
+  # by the client
+  #
+  class UserCredentialsStrategy < GrantTypeStrategy
+    def authorization_body_data
+      {
+        "grant_type" => "password",
+        "client_id"  => @credentials.client_id,
+        "username"   => @credentials.username,
+        "password"   => @credentials.password
+      }
+    end
+  end
 end
--- a/tests/brightbox/oauth2_tests.rb
+++ b/tests/brightbox/oauth2_tests.rb
@ -17,4 +17,46 @@ Shindo.tests("Fog::Brightbox::OAuth2", ["brightbox"]) do
      tests("#user_details?").returns(true) { credentials.user_details? }
    end
  end
+
+  tests("GrantTypeStrategy") do
+    credentials = Fog::Brightbox::OAuth2::CredentialSet.new(@client_id, @client_secret)
+    strategy = Fog::Brightbox::OAuth2::GrantTypeStrategy.new(credentials)
+
+    tests("#respond_to? :authorization_body_data").returns(true) do
+      strategy.respond_to?(:authorization_body_data)
+    end
+  end
+
+  tests("ClientCredentialsStrategy") do
+    credentials = Fog::Brightbox::OAuth2::CredentialSet.new(@client_id, @client_secret)
+    strategy = Fog::Brightbox::OAuth2::ClientCredentialsStrategy.new(credentials)
+
+    tests("#respond_to? :authorization_body_data").returns(true) do
+      strategy.respond_to?(:authorization_body_data)
+    end
+
+    tests("#authorization_body_data") do
+      authorization_body_data = strategy.authorization_body_data
+      test("grant_type == none") { authorization_body_data["grant_type"] == "none" }
+      test("client_id == #{@client_id}") { authorization_body_data["client_id"] == @client_id }
+    end
+  end
+
+  tests("UserCredentialsStrategy") do
+    options = {:username => @username, :password => @password}
+    credentials = Fog::Brightbox::OAuth2::CredentialSet.new(@client_id, @client_secret, options)
+    strategy = Fog::Brightbox::OAuth2::UserCredentialsStrategy.new(credentials)
+
+    tests("#respond_to? :authorization_body_data").returns(true) do
+      strategy.respond_to?(:authorization_body_data)
+    end
+
+    tests("#authorization_body_data") do
+      authorization_body_data = strategy.authorization_body_data
+      test("grant_type == password") { authorization_body_data["grant_type"] == "password" }
+      test("client_id == #{@client_id}") { authorization_body_data["client_id"] == @client_id }
+      test("username == #{@username}") { authorization_body_data["username"] == @username }
+      test("password == #{@password}") { authorization_body_data["password"] == @password }
+    end
+  end
 end