Class: JunglePath::Authentication::AuthProvider::Default

Inherits:

Object

• Object
• JunglePath::Authentication::AuthProvider::Default

Defined in:

lib/jungle_path/authentication/auth_provider/default.rb

Instance Method Summary

• #authenticate(request, data_provider, no_cache = false) ⇒ Object
• #authenticate_identity(data_provider, identity, assume_identity = false, no_cache = false) ⇒ Object
• #authorize_identity(data_provider, identity, no_cache) ⇒ Object
• #basic_authentication(data_provider, remote_user, remote_password, no_cache = false) ⇒ Object
• #parse_identities(remote_user, remote_password) ⇒ Object
• #user_name_is_key?(user_name, password) ⇒ Boolean

Instance Method Details

#authenticate(request, data_provider, no_cache = false) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 5

def authenticate request, data_provider, no_cache=false
	puts "JunglePath::Authentication::AuthProvider::Default.authenticate"
	remote_user = request.env['REMOTE_USER']
	remote_password = request.env['REMOTE_PASSWORD']
	puts "remote_user: #{remote_user}."
	puts "remote_password: #{remote_password}."
	identity = basic_authentication(data_provider, remote_user, remote_password, no_cache)
	identity = basic_authentication(data_provider, remote_user, remote_password, true) unless identity and identity.valid?
	identity
end

#authenticate_identity(data_provider, identity, assume_identity = false, no_cache = false) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 60

def authenticate_identity data_provider, identity, assume_identity=false, no_cache=false
	idn = nil
	if identity
		idn = identity.dup
		if user_name_is_key? identity.user_name, identity.remote_password
			idn.user = data_provider.get_user_by_key(identity.user_name, assume_identity, no_cache, identity.remote_password)
			idn.key = identity.user_name
		else
			idn.user = data_provider.get_user(identity.user_name, identity.remote_password, assume_identity, no_cache)
			idn.key = nil
		end
		idn.valid = (idn.user and idn.user.is_valid)
		if idn.valid
			idn.alternative_user_keys = data_provider.get_alternative_user_keys(idn.user.id, no_cache) if data_provider.respond_to?('get_alternative_user_keys')
		end
	end
	idn
end

#authorize_identity(data_provider, identity, no_cache) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 79

def authorize_identity data_provider, identity, no_cache
	idn = nil
	if identity
		idn = identity.dup
		if idn.valid?
			idn.role = data_provider.get_role(idn, no_cache)
			idn.authorization_filter = data_provider.get_authorization_filter(idn, no_cache)
			idn.query_filters = data_provider.get_query_filters(idn, no_cache)
			idn.table_filters = data_provider.get_table_filters(idn, no_cache) if data_provider.respond_to?('get_table_filters')
		else
			idn.role = nil
			idn.authorization_filter = nil
			idn.query_filters = nil
			idn.table_filters = nil
		end
	end
	idn
end

#basic_authentication(data_provider, remote_user, remote_password, no_cache = false) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 16

def basic_authentication data_provider, remote_user, remote_password, no_cache=false
	identity, assume_identity = parse_identities(remote_user, remote_password)

	puts "identity: #{identity}"
	puts "assume_identity: #{assume_identity}"

	#valid = false

	identity = authenticate_identity(data_provider, identity, false, no_cache)
	puts "authenticated identity: #{identity}."
	identity = authorize_identity(data_provider, identity, no_cache)
	puts "authorized identity: #{identity}."

	if identity and identity.valid? and assume_identity
		if identity.authorization_filter.has_permission?(:assume_user_identity) and !identity.authorization_filter.has_restriction?(:assume_user_identity)
			assume_identity = authenticate_identity(data_provider, assume_identity, true, no_cache)
			puts "authenticated assume_identity: #{assume_identity}."
			assume_identity = authorize_identity(data_provider, assume_identity, no_cache)
			assume_identity.valid = false unless assume_identity.authorization_filter.has_permission?(:assumable_user_identity) and !assume_identity.authorization_filter.has_restriction?(:assumable_user_identity)
			puts "authorized assume_identity: #{assume_identity}."
		end
		return assume_identity
	end
	identity
end

#parse_identities(remote_user, remote_password) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 42

def parse_identities remote_user, remote_password
	identity = JunglePath::Authentication::Identity.new
	identity.remote_user = remote_user
	identity.remote_password = remote_password
	assume_identity = nil
	if remote_user and remote_user.include?("|")
		parts = remote_user.split('|')
		identity.user_name = parts[1]
		assume_identity = JunglePath::Authentication::Identity.new
		assume_identity.user_name = parts[0]
		assume_identity.remote_user = remote_user
		assume_identity.remote_password = nil
	else
		identity.user_name = remote_user
	end
	return identity, assume_identity
end

#user_name_is_key?(user_name, password) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 98

def user_name_is_key? user_name, password
	#puts "user_name: #{user_name}, password: #{password}. password == nil: #{password == nil}."
	user_name and user_name.start_with?("sk_") and !user_name.include?("@") and (password == nil or password.strip.length == 0)
end