Class: RazorRisk::Cassini::Applications::RouteVerbAdaptors::Login::AuthOnlyLogin

Inherits:
RESTFramework::VerbHandler
  • Object
show all
Includes:
Pantheios, Utils, RazorRisk::Cassini::Authorisation::HeaderHelpers, RazorRisk::Cassini::Authorisation::SecurityModelHelpers, HeaderFunctions, Util::ConversionUtil, RazorRisk::Core::Diagnostics::Logger, Razor::Connectivity::EntityConnectors::Exceptions, Razor::Connectivity::Razor3::EntityConnectors
Defined in:
lib/razor_risk/cassini/applications/route_verb_adaptors/login/auth_only_login.rb

Overview

Handler for Authorisation Only Login.

Constant Summary collapse

HTTP_ACCEPTS =

Supported Content Types.

%w{
    application/xml
    application/json
    text/xml
}
HTTP_VERB =

Supported HTTP Verb .

:post
QUERY_PARAMETERS =

Supported query parameters.

%w{}
ROUTE_VARIABLES =

Supported route variables.

%w{}

Instance Method Summary collapse

Methods included from Utils

#call_system_status, #close_session, #open_session

Instance Method Details

#handle(env, params, request, response) ⇒ Object

Handles an authorisation only login request.

Parameters:

  • env (::Hash)

    The Rack request environment (@see Rack::Request#env).

  • params (::Hash)

    Validated query parameters (@see ValidateQueryParametersHelper#validate_query_parameters)

  • request (::Sinatra::Request)

    The request to be handled.

  • response (::Sinatra::Response)

    The response object that will be used for the HTTP response.



89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
 
# File 'lib/razor_risk/cassini/applications/route_verb_adaptors/login/auth_only_login.rb', line 89

def handle env, params, request, response

    trace(
        ParamNames[ :env, :params, :request, :response ],
        env, params, request, response
    )

    auth_scheme = settings.authentication_scheme
    auth        = env[HTTP_AUTHORIZATION]

    unless auth
        halt 401, make_WWW_auth_header(auth_scheme), 'Missing or invalid authenticate header'
    end

    username, _ = credentials_from_AuthorisationOnly auth

    unless username
        halt 401, make_WWW_auth_header(auth_scheme), 'Missing or invalid authenticate header'
    end

    # All we do here is issue a Razor Request for system-status -
    # since it's arbitrary, really - and verify that it worked

    options = {
        auth_test_mode:  settings.auth_test_mode,
        auth_scheme:     auth_scheme,
        razor_requester: settings.razor_requester,
        message_map:     settings.message_map,
    }

    cr  = razor_requester_credentials_options(
        auth_scheme,
        [ username, nil, nil ],
        **options
    )
    call_system_status(cr, **options)

    status 200

    if request.accept? 'text/plain'

        content_type 'text/plain'
        ''
    elsif request.accept?('text/xml')

        content_type 'text/xml'
        %Q{<?xml version="1.0"?><response result="success"/>}
    elsif request.accept?('application/xml')

        content_type 'application/xml'
        %Q{<?xml version="1.0"?><response result="success"/>}
    elsif request.accept? 'application/json'

        content_type 'application/json'
        '{}'
    else

        log :violation, 'Invalid accept type'
        halt 500, {}, 'Oops! Something went wrong!'
    end
end