Class: Tilia::Dav::Auth::Plugin

Inherits:

ServerPlugin

• Object
• ServerPlugin
• Tilia::Dav::Auth::Plugin

Defined in:

lib/tilia/dav/auth/plugin.rb

Overview

This plugin provides Authentication for a WebDAV server.

It works by providing a AuthBackend class. Several examples of these classes can be found in the Backend directory.

It’s possible to provide more than one backend to this plugin. If more than one backend was provided, each backend will attempt to authenticate. Only if all backends fail, we throw a 401.

Instance Attribute Summary

• #current_principal ⇒ Object readonly

  Returns the currently logged-in principal.

Instance Method Summary

• #add_backend(auth_backend) ⇒ Object

  Adds an authentication backend to the plugin.

• #before_method(request, response) ⇒ Object

  This method is called before any HTTP method and forces users to be authenticated.

• #current_user ⇒ Object deprecated Deprecated.

  Will be removed in a future version!

• #initialize(auth_backend = nil) ⇒ Plugin constructor

  Creates the authentication plugin.

• #plugin_info ⇒ Object

  Returns a bunch of meta-data about the plugin.

• #plugin_name ⇒ Object

  Returns a plugin name.

• #setup(server) ⇒ Object

  Initializes the plugin.

Methods inherited from ServerPlugin

#features, #http_methods, #supported_report_set

Constructor Details

#initialize(auth_backend = nil) ⇒ Plugin

Creates the authentication plugin

Parameters:

• Backend\BackendInterface —

  auth_backend

# File 'lib/tilia/dav/auth/plugin.rb', line 25

def initialize(auth_backend = nil)
  @backends = []
  add_backend(auth_backend) if auth_backend
end

Instance Attribute Details

#current_principal ⇒ Object (readonly)

Returns the currently logged-in principal.

This will return a string such as:

principals/username principals/users/username

This method will return null if nobody is logged in.

Returns:

• string|null

# File 'lib/tilia/dav/auth/plugin.rb', line 66

def current_principal
  @current_principal
end

Instance Method Details

#add_backend(auth_backend) ⇒ Object

Adds an authentication backend to the plugin.

Parameters:

• Backend\BackendInterface —

  auth_backend

Returns:

• void

# File 'lib/tilia/dav/auth/plugin.rb', line 34

def add_backend(auth_backend)
  @backends << auth_backend
end

#before_method(request, response) ⇒ Object

This method is called before any HTTP method and forces users to be authenticated

Parameters:

• RequestInterface —

  request

• ResponseInterface —

  response

Returns:

• bool

# File 'lib/tilia/dav/auth/plugin.rb', line 88

def before_method(request, response)
  if @current_principal
    # We already have authentication information. This means that the
    # event has already fired earlier, and is now likely fired for a
    # sub-request.
    #
    # We don't want to authenticate users twice, so we simply don't do
    # anything here. See Issue #700 for additional reasoning.
    #
    # This is not a perfect solution, but will be fixed once the
    # "currently authenticated principal" is information that's not
    # not associated with the plugin, but rather per-request.
    #
    # See issue #580 for more information about that.
    return nil
  end

  if @backends.empty?
    fail Dav::Exception, 'No authentication backends were configured on this server.'
  end

  reasons = []
  @backends.each do |backend|
    result = backend.check(request, response)

    if !result.is_a?(Array) ||
       result.size != 2 ||
       !(result[0].is_a?(TrueClass) || result[0].is_a?(FalseClass)) ||
       !result[1].is_a?(String)
      fail Dav::Exception, 'The authentication backend did not return a correct value from the check method.'
    end

    if result[0]
      @current_principal = result[1]
      # Exit early
      return nil
    end
    reasons << result[1]
  end

  # If we got here, it means that no authentication backend was
  # successful in authenticating the user.
  @current_principal = nil

  @backends.each do |backend|
    backend.challenge(request, response)
  end
  fail Exception::NotAuthenticated, reasons.join(', ')
end

#current_user ⇒ Object

Deprecated.

Will be removed in a future version!

Returns the current username.

This method is deprecated and is only kept for backwards compatibility purposes. Please switch to current_principal.

Returns:

• string|null

# File 'lib/tilia/dav/auth/plugin.rb', line 75

def current_user
  # We just do a 'basename' on the principal to give back a sane value
  # here.
  user_name = Http::UrlUtil.split_path(current_principal)[1]

  user_name
end

#plugin_info ⇒ Object

Returns a bunch of meta-data about the plugin.

Providing this information is optional, and is mainly displayed by the Browser plugin.

The description key in the returned array may contain html and will not be sanitized.

Returns:

• array

# File 'lib/tilia/dav/auth/plugin.rb', line 147

def plugin_info
  {
    'name'        => plugin_name,
    'description' => 'Generic authentication plugin',
    'link'        => 'http://sabre.io/dav/authentication/'
  }
end

#plugin_name ⇒ Object

Returns a plugin name.

Using this name other plugins will be able to access other plugins using DAVServer::getPlugin

Returns:

• string

# File 'lib/tilia/dav/auth/plugin.rb', line 52

def plugin_name
  'auth'
end

#setup(server) ⇒ Object

Initializes the plugin. This function is automatically called by the server

Parameters:

• Server —

  server

Returns:

• void

# File 'lib/tilia/dav/auth/plugin.rb', line 42

def setup(server)
  server.on('beforeMethod', method(:before_method), 10)
end