Class: JunglePath::Authentication::AuthProvider::Default

Inherits:

Object

• Object
• JunglePath::Authentication::AuthProvider::Default

Defined in:

lib/jungle_path/authentication/auth_provider/default.rb

Instance Method Summary

• #authenticate(request, data_provider, no_cache = false) ⇒ Object
• #authenticate_identity(data_provider, identity, assume_identity = false, no_cache = false) ⇒ Object
• #authorize_identity(data_provider, identity, no_cache) ⇒ Object
• #basic_authentication(data_provider, remote_user, remote_password, no_cache = false) ⇒ Object
• #parse_identities(remote_user, remote_password) ⇒ Object
• #user_name_is_key?(user_name, password) ⇒ Boolean

Instance Method Details

#authenticate(request, data_provider, no_cache = false) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 5

def authenticate request, data_provider, no_cache=false
  puts "JunglePath::Authentication::AuthProvider::Default.authenticate"
  remote_user = request.env['REMOTE_USER']
  remote_password = request.env['REMOTE_PASSWORD']
  puts "remote_user: #{remote_user}."
  puts "remote_password: #{remote_password}."
  identity = basic_authentication(data_provider, remote_user, remote_password, no_cache)
  identity = basic_authentication(data_provider, remote_user, remote_password, true) unless identity and identity.valid?
  identity
end

#authenticate_identity(data_provider, identity, assume_identity = false, no_cache = false) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 60

def authenticate_identity data_provider, identity, assume_identity=false, no_cache=false
  idn = nil
  if identity
    idn = identity.dup
    if user_name_is_key? identity.user_name, identity.remote_password
      idn.user = data_provider.get_user_by_key(identity.user_name, assume_identity, no_cache, identity.remote_password)
      idn.key = identity.user_name
    else
      idn.user = data_provider.get_user(identity.user_name, identity.remote_password, assume_identity, no_cache)
      idn.key = nil
    end
    idn.valid = (idn.user and idn.user.is_valid)
    if idn.valid
      idn.alternative_user_keys = data_provider.get_alternative_user_keys(idn.user.id, no_cache) if data_provider.respond_to?('get_alternative_user_keys')
    end
  end
  idn
end

#authorize_identity(data_provider, identity, no_cache) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 79

def authorize_identity data_provider, identity, no_cache
  idn = nil
  if identity
    idn = identity.dup
    if idn.valid?
      idn.role = data_provider.get_role(idn, no_cache)
      idn.authorization_filter = data_provider.get_authorization_filter(idn, no_cache)
      idn.query_filters = data_provider.get_query_filters(idn, no_cache)
      idn.table_filters = data_provider.get_table_filters(idn, no_cache) if data_provider.respond_to?('get_table_filters')
    else
      idn.role = nil
      idn.authorization_filter = nil
      idn.query_filters = nil
      idn.table_filters = nil
    end
  end
  idn
end

#basic_authentication(data_provider, remote_user, remote_password, no_cache = false) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 16

def basic_authentication data_provider, remote_user, remote_password, no_cache=false
  identity, assume_identity = parse_identities(remote_user, remote_password)

  puts "identity: #{identity}"
  puts "assume_identity: #{assume_identity}"

  #valid = false

  identity = authenticate_identity(data_provider, identity, false, no_cache)
  puts "authenticated identity: #{identity}."
  identity = authorize_identity(data_provider, identity, no_cache)
  puts "authorized identity: #{identity}."

  if identity and identity.valid? and assume_identity
    if identity.authorization_filter.has_permission?(:assume_user_identity) and !identity.authorization_filter.has_restriction?(:assume_user_identity)
      assume_identity = authenticate_identity(data_provider, assume_identity, true, no_cache)
      puts "authenticated assume_identity: #{assume_identity}."
      assume_identity = authorize_identity(data_provider, assume_identity, no_cache)
      assume_identity.valid = false unless assume_identity.authorization_filter.has_permission?(:assumable_user_identity) and !assume_identity.authorization_filter.has_restriction?(:assumable_user_identity)
      puts "authorized assume_identity: #{assume_identity}."
    end
    return assume_identity
  end
  identity
end

#parse_identities(remote_user, remote_password) ⇒ Object

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 42

def parse_identities remote_user, remote_password
  identity = JunglePath::Authentication::Identity.new
  identity.remote_user = remote_user
  identity.remote_password = remote_password
  assume_identity = nil
  if remote_user and remote_user.include?("|")
    parts = remote_user.split('|')
    identity.user_name = parts[1]
    assume_identity = JunglePath::Authentication::Identity.new
    assume_identity.user_name = parts[0]
    assume_identity.remote_user = remote_user
    assume_identity.remote_password = nil
  else
    identity.user_name = remote_user
  end
  return identity, assume_identity
end

#user_name_is_key?(user_name, password) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/jungle_path/authentication/auth_provider/default.rb', line 98

def user_name_is_key? user_name, password
  #puts "user_name: #{user_name}, password: #{password}. password == nil: #{password == nil}."
  user_name and user_name.start_with?("sk_") and !user_name.include?("@") and (password == nil or password.strip.length == 0)
end