From 42823a575ab55d0e06e549362786df031cb1030c Mon Sep 17 00:00:00 2001 From: Danilo Grieco Date: Fri, 19 Apr 2024 16:44:26 +0200 Subject: [PATCH] Cleanup of authentication strategies --- lib/sharepoint/client.rb | 51 +++++++++++++++++++++++----------------- 1 file changed, 30 insertions(+), 21 deletions(-) diff --git a/lib/sharepoint/client.rb b/lib/sharepoint/client.rb index cd9cf7e..55df969 100644 --- a/lib/sharepoint/client.rb +++ b/lib/sharepoint/client.rb @@ -12,7 +12,7 @@ module Sharepoint class Client FILENAME_INVALID_CHARS = '~"#%&*:<>?/\{|}' - attr_accessor :token + attr_accessor :token def authenticating(&block) get_token @@ -372,7 +372,7 @@ def upload(filename, content, path, site_path=nil) path = path[1..-1] if path[0].eql?('/') url = uri_escape "#{url}GetFolderByServerRelativeUrl('#{path}')/Files/Add(url='#{sanitized_filename}',overwrite=true)" easy = ethon_easy_json_requester - easy.headers = with_authentication_header({ 'accept' => 'application/json;odata=verbose', + easy.headers = with_bearer_authentication_header({ 'accept' => 'application/json;odata=verbose', 'X-RequestDigest' => xrequest_digest(site_path) }) easy.http_request(url, :post, { body: content }) easy.perform @@ -401,7 +401,7 @@ def update_metadata(filename, metadata, path, site_path=nil) prepared_metadata = prepare_metadata(metadata, __metadata['type']) easy = ethon_easy_json_requester - easy.headers = with_authentication_header({ 'accept' => 'application/json;odata=verbose', + easy.headers = with_bearer_authentication_header({ 'accept' => 'application/json;odata=verbose', 'content-type' => 'application/json;odata=verbose', 'X-RequestDigest' => xrequest_digest(site_path), 'X-Http-Method' => 'PATCH', @@ -496,11 +496,21 @@ def process_url(url, fields) end end - def with_authentication_header(h) - h.merge(auth_header) + def token_auth? + config.authentication == 'token' end - def auth_header + def ntlm_auth? + config.authentication == 'ntlm' + end + + def with_bearer_authentication_header(h) + return h if ntlm_auth? + + h.merge(bearer_auth_header) + end + + def bearer_auth_header {"Authorization" => bearer_auth } end @@ -530,7 +540,7 @@ def computed_web_api_url(site) def ethon_easy_json_requester easy = ethon_easy_requester - easy.headers = with_authentication_header({ 'accept'=> 'application/json;odata=verbose'}) + easy.headers = with_bearer_authentication_header({ 'accept'=> 'application/json;odata=verbose'}) easy end @@ -539,16 +549,15 @@ def ethon_easy_options end def ethon_easy_requester - case config.authentication - when "token" - easy = Ethon::Easy.new({ followlocation: 1, maxredirs: 5 }.merge(ethon_easy_options)) - easy.headers = auth_header - easy - when "ntlm" - easy = Ethon::Easy.new({ httpauth: :ntlm, followlocation: 1, maxredirs: 5 }.merge(ethon_easy_options)) - easy.username = config.username - easy.password = config.password - easy + if token_auth? + easy = Ethon::Easy.new({ followlocation: 1, maxredirs: 5 }.merge(ethon_easy_options)) + easy.headers = with_bearer_authentication_header({}) + easy + elsif ntlm_auth? + easy = Ethon::Easy.new({ httpauth: :ntlm, followlocation: 1, maxredirs: 5 }.merge(ethon_easy_options)) + easy.username = config.username + easy.password = config.password + easy end end @@ -623,11 +632,11 @@ def validate_token_config def validate_ntlm_config valid_config_options( %i(username password) ) end - + def valid_config_options(options = []) options.map do |opt| c = config.send(opt) - + next if c.present? && string_not_blank?(c) opt end.compact @@ -648,7 +657,7 @@ def validate_config! raise Errors::InvalidNTLMConfigError.new(invalid_ntlm_opts) unless invalid_ntlm_opts.empty? end - + raise Errors::UriConfigurationError.new unless valid_uri?(config.uri) raise Errors::EthonOptionsConfigurationError.new unless ethon_easy_options.is_a?(Hash) end @@ -818,7 +827,7 @@ def update_object_metadata(metadata, new_metadata, site_path = '') prepared_metadata = prepare_metadata(new_metadata, metadata['type']) easy = ethon_easy_json_requester - easy.headers = with_authentication_header({ 'accept' => 'application/json;odata=verbose', + easy.headers = with_bearer_authentication_header({ 'accept' => 'application/json;odata=verbose', 'content-type' => 'application/json;odata=verbose', 'X-RequestDigest' => xrequest_digest(site_path), 'X-Http-Method' => 'PATCH',