class SoarAuthenticationToken::RackMiddleware
Public Class Methods
new(app, configuration, service_identifier, auditing = nil)
click to toggle source
# File lib/soar_authentication_token/rack_middleware.rb, line 6 def initialize(app, configuration, service_identifier, auditing = nil) @app = app @configuration = configuration @service_identifier = service_identifier @auditing = auditing end
Public Instance Methods
call(env)
click to toggle source
# File lib/soar_authentication_token/rack_middleware.rb, line 13 def call(env) session, params, token, flow_id, request_information, = get_request_information(env) token_valid, token_meta, message = validate_and_resolve_token(token, request_information, flow_id) if token_valid session['user'] = token_meta['authenticated_identifier'] session['auth_token_meta'] = token_meta return @app.call env end audit_token_rejection("Token rejected due to #{message}",flow_id) rejection end
Private Instance Methods
audit_token_rejection(message, flow_id)
click to toggle source
# File lib/soar_authentication_token/rack_middleware.rb, line 55 def audit_token_rejection(message, flow_id) @auditing.warn(message,flow_id) if @auditing end
get_request_information(env)
click to toggle source
# File lib/soar_authentication_token/rack_middleware.rb, line 27 def get_request_information(env) request = Rack::Request.new env auth_token = SoarAuthenticationToken::TokenProvider.new(@configuration).fetch(request) [ request.session, request.params, auth_token, request.params['flow_identifier'], { 'source_address' => request.ip, 'user_agent' => request.user_agent, 'service' => @service_identifier, 'resource' => request.path, 'method' => request.request_method, 'base_url' => request.base_url, 'version' => SoarAuthenticationToken::VERSION } ] end
rejection()
click to toggle source
# File lib/soar_authentication_token/rack_middleware.rb, line 59 def rejection [ 401, { 'Content-Type' => 'application/json'}, [ { 'status' => 'fail', 'data' => { 'notifications' => ['Not authenticated'] } }.to_json ] ] end
validate_and_resolve_token(authentication_token, request_information, flow_identifier)
click to toggle source
# File lib/soar_authentication_token/rack_middleware.rb, line 46 def validate_and_resolve_token(authentication_token, request_information, flow_identifier) return false, nil, 'No token provided or retrievable from request' unless authentication_token token_validator = SoarAuthenticationToken::TokenValidator.new(@configuration) token_validator.validate(authentication_token: authentication_token, request_information: request_information, flow_identifier: flow_identifier) end