Class: Tilia::Dav::Auth::Plugin
- Inherits:
-
ServerPlugin
- Object
- ServerPlugin
- Tilia::Dav::Auth::Plugin
- Defined in:
- lib/tilia/dav/auth/plugin.rb
Overview
This plugin provides Authentication for a WebDAV server.
It works by providing a AuthBackend class. Several examples of these classes can be found in the Backend directory.
It’s possible to provide more than one backend to this plugin. If more than one backend was provided, each backend will attempt to authenticate. Only if all backends fail, we throw a 401.
Instance Attribute Summary collapse
-
#current_principal ⇒ Object
readonly
Returns the currently logged-in principal.
Instance Method Summary collapse
-
#add_backend(auth_backend) ⇒ Object
Adds an authentication backend to the plugin.
-
#before_method(request, response) ⇒ Object
This method is called before any HTTP method and forces users to be authenticated.
-
#current_user ⇒ Object
deprecated
Deprecated.
Will be removed in a future version!
-
#initialize(auth_backend = nil) ⇒ Plugin
constructor
Creates the authentication plugin.
-
#plugin_info ⇒ Object
Returns a bunch of meta-data about the plugin.
-
#plugin_name ⇒ Object
Returns a plugin name.
-
#setup(server) ⇒ Object
Initializes the plugin.
Methods inherited from ServerPlugin
#features, #http_methods, #supported_report_set
Constructor Details
#initialize(auth_backend = nil) ⇒ Plugin
Creates the authentication plugin
25 26 27 28 |
# File 'lib/tilia/dav/auth/plugin.rb', line 25 def initialize(auth_backend = nil) @backends = [] add_backend(auth_backend) if auth_backend end |
Instance Attribute Details
#current_principal ⇒ Object (readonly)
Returns the currently logged-in principal.
This will return a string such as:
principals/username principals/users/username
This method will return null if nobody is logged in.
66 67 68 |
# File 'lib/tilia/dav/auth/plugin.rb', line 66 def current_principal @current_principal end |
Instance Method Details
#add_backend(auth_backend) ⇒ Object
Adds an authentication backend to the plugin.
34 35 36 |
# File 'lib/tilia/dav/auth/plugin.rb', line 34 def add_backend(auth_backend) @backends << auth_backend end |
#before_method(request, response) ⇒ Object
This method is called before any HTTP method and forces users to be authenticated
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 |
# File 'lib/tilia/dav/auth/plugin.rb', line 88 def before_method(request, response) if @current_principal # We already have authentication information. This means that the # event has already fired earlier, and is now likely fired for a # sub-request. # # We don't want to authenticate users twice, so we simply don't do # anything here. See Issue #700 for additional reasoning. # # This is not a perfect solution, but will be fixed once the # "currently authenticated principal" is information that's not # not associated with the plugin, but rather per-request. # # See issue #580 for more information about that. return nil end if @backends.empty? fail Dav::Exception, 'No authentication backends were configured on this server.' end reasons = [] @backends.each do |backend| result = backend.check(request, response) if !result.is_a?(Array) || result.size != 2 || !(result[0].is_a?(TrueClass) || result[0].is_a?(FalseClass)) || !result[1].is_a?(String) fail Dav::Exception, 'The authentication backend did not return a correct value from the check method.' end if result[0] @current_principal = result[1] # Exit early return nil end reasons << result[1] end # If we got here, it means that no authentication backend was # successful in authenticating the user. @current_principal = nil @backends.each do |backend| backend.challenge(request, response) end fail Exception::NotAuthenticated, reasons.join(', ') end |
#current_user ⇒ Object
Will be removed in a future version!
Returns the current username.
This method is deprecated and is only kept for backwards compatibility purposes. Please switch to current_principal.
75 76 77 78 79 80 81 |
# File 'lib/tilia/dav/auth/plugin.rb', line 75 def current_user # We just do a 'basename' on the principal to give back a sane value # here. user_name = Http::UrlUtil.split_path(current_principal)[1] user_name end |
#plugin_info ⇒ Object
Returns a bunch of meta-data about the plugin.
Providing this information is optional, and is mainly displayed by the Browser plugin.
The description key in the returned array may contain html and will not be sanitized.
147 148 149 150 151 152 153 |
# File 'lib/tilia/dav/auth/plugin.rb', line 147 def plugin_info { 'name' => plugin_name, 'description' => 'Generic authentication plugin', 'link' => 'http://sabre.io/dav/authentication/' } end |
#plugin_name ⇒ Object
Returns a plugin name.
Using this name other plugins will be able to access other plugins using DAVServer::getPlugin
52 53 54 |
# File 'lib/tilia/dav/auth/plugin.rb', line 52 def plugin_name 'auth' end |
#setup(server) ⇒ Object
Initializes the plugin. This function is automatically called by the server
42 43 44 |
# File 'lib/tilia/dav/auth/plugin.rb', line 42 def setup(server) server.on('beforeMethod', method(:before_method), 10) end |