class SSO::Client::Warden::Hooks::AfterFetch
This is a helpful `Warden::Manager.after_fetch` hook for Alpha and Beta. Whenever Carol is fetched out of the session, we also verify her passport.
Usage:
SSO::Client::Warden::Hooks::AfterFetch.activate scope: :vip
Attributes
options[R]
passport[R]
warden[R]
Public Class Methods
activate(warden_options)
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 21 def self.activate(warden_options) ::Warden::Manager.after_fetch(warden_options) do |passport, warden, options| ::SSO::Client::Warden::Hooks::AfterFetch.new(passport: passport, warden: warden, options: options).call end end
new(passport:, warden:, options:)
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 27 def initialize(passport:, warden:, options:) @passport, @warden, @options = passport, warden, options end
Public Instance Methods
call()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 31 def call return unless passport.is_a?(::SSO::Client::Passport) verify rescue ::Timeout::Error error { 'SSO Server timed out. Continuing with last known authentication/authorization...' } meter :timeout, timeout_ms: verifier.human_readable_timeout_in_ms Operations.failure :server_request_timed_out rescue => exception ::SSO.config.exception_handler.call exception Operations.failure :client_exception_caught end
Private Instance Methods
agent()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 139 def agent request.user_agent end
device_id()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 143 def device_id params['device_id'] end
ip()
click to toggle source
TODO: Use ActionDispatch remote IP or you might get the Load Balancer's IP instead :(
# File lib/sso/client/warden/hooks/after_fetch.rb, line 135 def ip request.ip end
meter(key, data = {})
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 125 def meter(key, data = {}) metrics = {} metrics[:key] = "client.warden.hooks.after_fetch.#{key}" metrics[:tags] = { scope: warden_scope } data[:passport_id] = passport.id metrics[:data] = data track metrics end
passport_invalid!()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 94 def passport_invalid! info { 'Your Passport is not valid any more.' } warden.logout warden_scope meter :invalid Operations.failure :invalid end
passport_valid!()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 87 def passport_valid! debug { 'Valid passport, no changes' } passport.verified! meter :valid Operations.success :valid end
passport_valid_and_modified!(modified_passport)
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 77 def passport_valid_and_modified!(modified_passport) debug { 'Valid passport, but state changed' } passport.verified! passport.modified! passport.user = modified_passport.user passport.state = modified_passport.state meter :valid_and_modified Operations.success :valid_and_modified end
server_response_missing_success_flag!()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 107 def server_response_missing_success_flag! error { 'SSO Server response did not include the expected success flag.' } meter :server_response_missing_success_flag Operations.failure :server_response_missing_success_flag end
server_response_not_parseable!()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 119 def server_response_not_parseable! error { 'SSO Server response could not be parsed at all.' } meter :server_response_not_parseable Operations.failure :server_response_not_parseable end
server_unreachable!()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 101 def server_unreachable! error { "SSO Server responded with an unexpected HTTP status code (#{verification_code.inspect} instead of 200). #{verification_object.inspect}" } meter :server_unreachable Operations.failure :server_unreachable end
unexpected_server_response_status!()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 113 def unexpected_server_response_status! error { "SSO Server response did not include a known passport status code. #{verification_code.inspect}" } meter :unexpected_server_response_status Operations.failure :unexpected_server_response_status end
verification()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 51 def verification @verification ||= verifier.call end
verification_code()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 55 def verification_code verification.code end
verification_object()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 59 def verification_object verification.object end
verifier()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 47 def verifier ::SSO::Client::PassportVerifier.new passport_id: passport.id, passport_state: passport.state, passport_secret: passport.secret, user_ip: ip, user_agent: agent, device_id: device_id end
verify()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 63 def verify debug { "Validating Passport #{passport.id.inspect} of logged in #{passport.user.class} in scope #{warden_scope.inspect}" } case verification_code when :server_unreachable then server_unreachable! when :server_response_not_parseable then server_response_not_parseable! when :server_response_missing_success_flag then server_response_missing_success_flag! when :passport_valid then passport_valid! when :passport_valid_and_modified then passport_valid_and_modified!(verification.object) when :passport_invalid then passport_invalid! else unexpected_server_response_status! end end
warden_scope()
click to toggle source
# File lib/sso/client/warden/hooks/after_fetch.rb, line 147 def warden_scope options[:scope] end