Module: RedhatAccess::Authentication::ClientAuthentication

Included in:

RedhatAccess::Api::TelemetryApiController

Defined in:

app/services/redhat_access/authentication/client_authentication.rb

Instance Method Summary

• #authenticate_client ⇒ Object
• #cert_from_request ⇒ Object
• #cert_present? ⇒ Boolean
• #deny_access ⇒ Object
• #set_client_user ⇒ Object

Instance Method Details

#authenticate_client ⇒ Object

# File 'app/services/redhat_access/authentication/client_authentication.rb', line 12

def authenticate_client
  set_client_user
  require_login unless User.current
  User.current.present?
end

#cert_from_request ⇒ Object

# File 'app/services/redhat_access/authentication/client_authentication.rb', line 38

def cert_from_request
    request.env['HTTP_X_RHSM_SSL_CLIENT_CERT'] ||
    request.env['SSL_CLIENT_CERT'] ||
    request.env['HTTP_SSL_CLIENT_CERT'] ||
    ENV['HTTP_X_RHSM_SSL_CLIENT_CERT'] ||
    ENV['SSL_CLIENT_CERT'] ||
    ENV['HTTP_SSL_CLIENT_CERT']
end

#cert_present? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/services/redhat_access/authentication/client_authentication.rb', line 33

def cert_present?
  ssl_client_cert = cert_from_request
  !ssl_client_cert.nil? && !ssl_client_cert.empty? && ssl_client_cert != "(null)"
end

#deny_access ⇒ Object

# File 'app/services/redhat_access/authentication/client_authentication.rb', line 18

def deny_access
  render json: { :message => "Permission Denied." }, :status => 403
end

#set_client_user ⇒ Object

# File 'app/services/redhat_access/authentication/client_authentication.rb', line 22

def set_client_user
  if cert_present?
    client_cert = RedhatAccess::Authentication::Cert.new(cert_from_request)
    uuid = client_cert.uuid
    Rails.logger.debug("Client cert UUID is : #{uuid}")
    User.current =  CertUser.new(:login => uuid)
  else
    Rails.logger.debug("Client cert not present in request")
  end
end