Module: Spider::ControllerMixins::HTTPMixin
- Included in:
- StaticContent
- Defined in:
- lib/spiderfw/controller/mixins/http_mixin.rb
Defined Under Namespace
Modules: ClassMethods Classes: HTTPStatus
Class Method Summary collapse
Instance Method Summary collapse
- #base_url ⇒ Object
- #before(action = '', *arguments) ⇒ Object
- #challenge_basic_auth ⇒ Object
- #challenge_digest_auth(realm = nil) ⇒ Object
- #check_basic_auth(authenticator) ⇒ Object
- #check_digest_auth(authenticator) ⇒ Object
- #content_type(ct) ⇒ Object
- #digest_instance_key ⇒ Object
- #http_auth_realm ⇒ Object
- #http_auth_realm=(val) ⇒ Object
- #prepare_scene(scene) ⇒ Object
- #redirect(url, code = Spider::HTTP::SEE_OTHER) ⇒ Object
-
#request_full_url ⇒ Object
Returns the request_url with query params, if any.
-
#request_path ⇒ Object
Returns the http path needed to call the current controller & action.
-
#request_url ⇒ Object
Returns the request_path prefixed with http:// and the current host.
- #try_rescue(exc) ⇒ Object
Class Method Details
.included(klass) ⇒ Object
11 12 13 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 11 def self.included(klass) klass.extend(ClassMethods) end |
.output_charset(val) ⇒ Object
57 58 59 60 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 57 def self.output_charset(val) @output_charset = val if val @output_charset || Spider.conf.get('http.charset') end |
.reverse_proxy_mapping(url) ⇒ Object
25 26 27 28 29 30 31 32 33 34 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 25 def self.reverse_proxy_mapping(url) return '' unless url if (maps = Spider.conf.get('http.proxy_mapping')) maps.each do |proxy, spider| spider ||= '' return proxy + url[spider.length..-1] if (spider == "" || url[0..spider.length-1] == spider) end end return url end |
Instance Method Details
#base_url ⇒ Object
92 93 94 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 92 def base_url() HTTPMixin.reverse_proxy_mapping("") end |
#before(action = '', *arguments) ⇒ Object
76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 76 def before(action='', *arguments) return super if self.is_a?(Spider::Widget) # FIXME: the Spider::Widget check # is needed because with _wt the widget executes without action # Redirect to url + slash if controller is called without action dest = HTTPMixin.reverse_proxy_mapping(@request.env['PATH_INFO']) if (action == '' && dest[-1].chr != '/' && !self.is_a?(Spider::Widget)) dest = dest += '/' if (@request.env['QUERY_STRING'] && !@request.env['QUERY_STRING'].empty?) dest += '?'+@request.env['QUERY_STRING'] end redirect(dest) end super end |
#challenge_basic_auth ⇒ Object
121 122 123 124 125 126 127 128 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 121 def challenge_basic_auth() realm ||= http_auth_realm realm ||= 'Secure Area' @response.headers["WWW-Authenticate"] = "Basic realm=\"#{realm}\"" @response.status = Spider::HTTP::UNAUTHORIZED render('errors/unauthorized') if self.is_a?(Visual) done end |
#challenge_digest_auth(realm = nil) ⇒ Object
138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 138 def challenge_digest_auth(realm=nil) realm ||= http_auth_realm realm ||= 'Secure Area' # nonce now = "%012d" % @request.request_time pk = Digest::MD5.hexdigest("#{now}:#{digest_instance_key}")[0,32] nonce = [now + ":" + pk].pack("m*").chop # it has 60 length of chars. opaque = [UUIDTools::UUID.random_create.to_s].pack("m*").chop header = "Digest realm=\"#{realm}\", qop=\"auth\", nonce=\"#{nonce}\", opaque=\"#{opaque}\"" @response.headers['WWW-Authenticate'] = header @response.status = Spider::HTTP::UNAUTHORIZED done end |
#check_basic_auth(authenticator) ⇒ Object
130 131 132 133 134 135 136 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 130 def check_basic_auth(authenticator) if (@request.env['HTTP_AUTHORIZATION'] =~ /Basic (.+)/) pair = Base64.decode64($1) user, pass = pair.split(':') return authenticator.authenticate(:login, {:username => user, :password => pass}) end end |
#check_digest_auth(authenticator) ⇒ Object
154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 154 def check_digest_auth(authenticator) # TODO: implement opaque, auth-int if (@request.env['HTTP_AUTHORIZATION'] =~ /Digest (.+)/) parts = $1.split(',') params = {} parts.each do |p| k, v = p.strip.split('=') v = v.sub(/^"+/, '').sub(/"+$/, '') params[k.downcase] = v end ['username', 'realm', 'nonce', 'uri', 'cnonce', 'qop', 'nc', 'response', 'opaque'].each{ |k| return unless params[k] } user = params['username'] user = $1 if params['username'] =~ /.+\\(.+)/ # FIXME: Temp fix for windows sending DOMAIN/User pub_time, pk = params['nonce'].unpack("m*")[0].split(":", 2) return unless pub_time && pk return unless Digest::MD5.hexdigest("#{pub_time}:#{digest_instance_key}")[0,32] == pk diff_time = @request.request_time.to_i - pub_time.to_i return if diff_time < 0 return if diff_time > Spider.conf.get('http.nonce_life') user = authenticator.load(:username => user, :realm => params['realm']) return unless user ha1 = user.ha1 return unless ha1 ha2 = Digest::MD5.hexdigest("#{@request.env['REQUEST_METHOD']}:#{params['uri']}") if (params['qop'] == "auth" || params['qop'] == "auth-int") param2 = ['nonce', 'nc', 'cnonce', 'qop'].map{|key| params[key] }.join(':') response = Digest::MD5.hexdigest([ha1, param2, ha2].join(':')) else response = Digest::MD5.hexdigest([ha1, params['nonce'], ha2].join(':')) end # FIXME: temporaneamente disabilitato controllo perché con il login DOMINIO/Utente non corrisponde #return unless response == params['response'] return user end end |
#content_type(ct) ⇒ Object
62 63 64 65 66 67 68 69 70 71 72 73 74 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 62 def content_type(ct) if ct.is_a?(Symbol) ct = { :text => 'text/plain', :json => 'application/json', :js => 'application/x-javascript', :javascript => 'application/x-javascript', :html => 'text/html', :xml => 'text/xml' }[ct] end @response.headers["Content-Type"] = "#{ct};charset=utf-8" end |
#digest_instance_key ⇒ Object
190 191 192 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 190 def digest_instance_key Digest::MD5.hexdigest("#{Mac.addr}:plaw15x857m4p671") end |
#http_auth_realm ⇒ Object
200 201 202 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 200 def http_auth_realm @http_auth_realm || self.class.http_auth_realm end |
#http_auth_realm=(val) ⇒ Object
196 197 198 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 196 def http_auth_realm=(val) @http_auth_realm = val end |
#prepare_scene(scene) ⇒ Object
96 97 98 99 100 101 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 96 def prepare_scene(scene) scene = super scene.base_url = base_url scene.controller[:request_url] = request_url return scene end |
#redirect(url, code = Spider::HTTP::SEE_OTHER) ⇒ Object
15 16 17 18 19 20 21 22 23 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 15 def redirect(url, code=Spider::HTTP::SEE_OTHER) debug "REDIRECTING TO #{url}" @request.session.persist if @request.session # It might be too late afterwards @response.status = code @response.headers["Location"] = url @response.headers.delete("Content-Type") @response.headers.delete("Set-Cookie") done end |
#request_full_url ⇒ Object
Returns the request_url with query params, if any
49 50 51 52 53 54 55 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 49 def request_full_url url = request_url if (@request.env['QUERY_STRING'] && !@request.env['QUERY_STRING'].empty?) url += '?'+@request.env['QUERY_STRING'] end return url end |
#request_path ⇒ Object
Returns the http path needed to call the current controller & action. Reverses any proxy mappings to the Controller#request_path.
38 39 40 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 38 def request_path HTTPMixin.reverse_proxy_mapping(super) end |
#request_url ⇒ Object
Returns the request_path prefixed with http:// and the current host.
43 44 45 46 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 43 def request_url return request_path unless @request.env['HTTP_HOST'] 'http://'+@request.env['HTTP_HOST']+request_path end |
#try_rescue(exc) ⇒ Object
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
# File 'lib/spiderfw/controller/mixins/http_mixin.rb', line 103 def try_rescue(exc) self.done = true if (exc.is_a?(Spider::Controller::NotFound)) @response.status = Spider::HTTP::NOT_FOUND elsif (exc.is_a?(Spider::Controller::BadRequest)) @response.status = Spider::HTTP::BAD_REQUEST elsif (exc.is_a?(Spider::Controller::Forbidden)) @response.status = Spider::HTTP::FORBIDDEN elsif (exc.is_a?(HTTPStatus)) @response.status = exc.code Spider::Logger.debug("Sending HTTP status #{exc.code}") return else @response.status = Spider::HTTP::INTERNAL_SERVER_ERROR end super end |