Module: SignIn::Authentication

Extended by:

ActiveSupport::Concern

Included in:

AuthenticationAndSSOConcerns, Instrumentation, ApplicationController

Defined in:

app/controllers/concerns/sign_in/authentication.rb

Constant Summary

BEARER_PATTERN =

/^Bearer /

Instance Method Summary

• #authenticate ⇒ Object protected
• #authenticate_service_account ⇒ Object protected
• #load_user(skip_expiration_check: false) ⇒ Object protected

Instance Method Details

#authenticate ⇒ Object (protected)

# File 'app/controllers/concerns/sign_in/authentication.rb', line 17

def authenticate
  @access_token = authenticate_access_token
  @current_user = load_user_object
  validate_request_ip
  @current_user.present?
rescue Errors::AccessTokenExpiredError => e
  render json: { errors: e }, status: :forbidden
rescue Errors::StandardError => e
  handle_authenticate_error(e)
end

#authenticate_service_account ⇒ Object (protected)

# File 'app/controllers/concerns/sign_in/authentication.rb', line 39

def authenticate_service_account
  @service_account_access_token = authenticate_service_account_access_token
  validate_requested_scope
  @service_account_access_token.present?
rescue Errors::AccessTokenExpiredError => e
  render json: { errors: e }, status: :forbidden
rescue Errors::StandardError => e
  handle_authenticate_error(e)
end

#load_user(skip_expiration_check: false) ⇒ Object (protected)

# File 'app/controllers/concerns/sign_in/authentication.rb', line 28

def load_user(skip_expiration_check: false)
  @access_token = authenticate_access_token
  @current_user = load_user_object
  validate_request_ip
  @current_user.present?
rescue Errors::AccessTokenExpiredError => e
  render json: { errors: e }, status: :forbidden unless skip_expiration_check
rescue Errors::StandardError
  nil
end