Class: Rack::OAuth2::AssertionProfile

Inherits:
Auth::AbstractHandler
  • Object
show all
Defined in:
lib/rack/oauth2/assertion_profile.rb

Defined Under Namespace

Classes: Request

Instance Method Summary collapse

Constructor Details

#initialize(app, opts = {}) ⇒ AssertionProfile

Returns a new instance of AssertionProfile.

[View source]

11
12
13
14
 
# File 'lib/rack/oauth2/assertion_profile.rb', line 11

def initialize(app, opts = {})
  @app = app
  @opts = opts
end

Instance Method Details

#call(env) ⇒ Object

[View source]

16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/rack/oauth2/assertion_profile.rb', line 16

def call(env)
  request = Request.new(env)
  
  if (request.assertion_profile? && request.format == :saml)
    InformationCard::Config.audience_scope,  InformationCard::Config.audiences = :site, [@opts[:scope]]
    token = InformationCard::SamlToken.create(request.token)
    
    unless token.valid?
      return [400, {'Content-Type' => "application/x-www-form-urlencoded"}, "error=unauthorized_client"] 
    end 
    
    # conver the received claims into SWT
    swt = token_builder.build(token.claims)
    return [200, {'Content-Type' => "application/x-www-form-urlencoded"}, "access_token=#{CGI.escape(swt)}"]
  end
  
  return @app.call(env)
end

#token_builderObject

[View source]

35
36
37
 
# File 'lib/rack/oauth2/assertion_profile.rb', line 35

def token_builder
  @token_builder ||= SimpleWebToken::SimpleWebTokenBuilder.new(@opts)
end