Class: ForestAdminAgent::Routes::Security::Authentication

Inherits:
AbstractRoute
  • Object
show all
Includes:
Builder, Http::Exceptions
Defined in:
lib/forest_admin_agent/routes/security/authentication.rb

Instance Method Summary collapse

Methods inherited from AbstractRoute

#add_route, #build, #initialize, #routes

Constructor Details

This class inherits a constructor from ForestAdminAgent::Routes::AbstractRoute

Instance Method Details

#authObject 



74
75
76
 
# File 'lib/forest_admin_agent/routes/security/authentication.rb', line 74

def auth
  ForestAdminAgent::Auth::AuthManager.new
end

#handle_authentication(args = {}) ⇒ Object 



30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/forest_admin_agent/routes/security/authentication.rb', line 30

def handle_authentication(args = {})
  if args.dig(:headers, 'action_dispatch.remote_ip')
    Facades::Whitelist.check_ip(args[:headers]['action_dispatch.remote_ip'].to_s)
  end
  rendering_id = get_and_check_rendering_id args[:params]

  {
    content: {
      authorizationUrl: auth.start(rendering_id)
    }
  }
end

#handle_authentication_callback(args = {}) ⇒ Object 



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/forest_admin_agent/routes/security/authentication.rb', line 43

def handle_authentication_callback(args = {})
  if args[:params].key?(:error)
    raise AuthenticationOpenIdClient, args[:params][:error_description] || args[:params][:error]
  end

  if args.dig(:headers, 'action_dispatch.remote_ip')
    Facades::Whitelist.check_ip(args[:headers]['action_dispatch.remote_ip'].to_s)
  end
  token = auth.verify_code_and_generate_token(args[:params])
  token_data = JWT.decode(
    token,
    Facades::Container.cache(:auth_secret),
    true,
    { algorithm: 'HS256' }
  )[0]

  {
    content: {
      token: token,
      tokenData: token_data
    }
  }
end

#handle_authentication_logout(_args = {}) ⇒ Object 



67
68
69
70
71
72
 
# File 'lib/forest_admin_agent/routes/security/authentication.rb', line 67

def handle_authentication_logout(_args = {})
  {
    content: nil,
    status: 204
  }
end

#setup_routesObject 



10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/forest_admin_agent/routes/security/authentication.rb', line 10

def setup_routes
  add_route(
    'forest_authentication',
    'POST',
    '/authentication', ->(args) { handle_authentication(args) }
  )
  add_route(
    'forest_authentication-callback',
    'GET',
    '/authentication/callback', ->(args) { handle_authentication_callback(args) }
  )
  add_route(
    'forest_logout',
    'POST',
    '/authentication/logout', ->(args) { handle_authentication_logout(args) }
  )

  self
end