Class: Conjur::Rack::Authenticator
- Inherits:
-
Object
- Object
- Conjur::Rack::Authenticator
- Defined in:
- lib/conjur/rack/authenticator.rb
Defined Under Namespace
Classes: AuthorizationError, Forbidden, SignatureError
Instance Attribute Summary collapse
-
#app ⇒ Object
readonly
Returns the value of attribute app.
-
#options ⇒ Object
readonly
Returns the value of attribute options.
Instance Method Summary collapse
- #call(rackenv) ⇒ Object
-
#env ⇒ Object
threadsafe accessors, values are established explicitly below.
-
#initialize(app, options = {}) ⇒ Authenticator
constructor
options
: :except-
a list of request path patterns for which to skip authentication.
Constructor Details
#initialize(app, options = {}) ⇒ Authenticator
options
:
- :except
-
a list of request path patterns for which to skip authentication.
- :optional
-
request path patterns for which authentication is optional.
50 51 52 53 |
# File 'lib/conjur/rack/authenticator.rb', line 50 def initialize app, = {} @app = app @options = end |
Instance Attribute Details
#app ⇒ Object (readonly)
Returns the value of attribute app.
45 46 47 |
# File 'lib/conjur/rack/authenticator.rb', line 45 def app @app end |
#options ⇒ Object (readonly)
Returns the value of attribute options.
45 46 47 |
# File 'lib/conjur/rack/authenticator.rb', line 45 def @options end |
Instance Method Details
#call(rackenv) ⇒ Object
65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 |
# File 'lib/conjur/rack/authenticator.rb', line 65 def call rackenv # never store request-specific variables as application attributes Thread.current[:rack_env] = rackenv if authenticate? begin identity = # [token, account] if identity conjur_rack[:token] = identity[0] conjur_rack[:account] = identity[1] conjur_rack[:identity] = identity conjur_rack[:privilege] = http_privilege conjur_rack[:remote_ip] = http_remote_ip conjur_rack[:audit_roles] = http_audit_roles conjur_rack[:audit_resources] = http_audit_resources end rescue Forbidden return error 403, $!. rescue SecurityError, RestClient::Exception return error 401, $!. end end begin @app.call rackenv ensure Thread.current[:rack_env] = nil Thread.current[:conjur_rack] = {} end end |
#env ⇒ Object
threadsafe accessors, values are established explicitly below
56 |
# File 'lib/conjur/rack/authenticator.rb', line 56 def env; Thread.current[:rack_env] ; end |