Class: Aker::Cas::ProxyMode
- Inherits:
-
Modes::Base
- Object
- Warden::Strategies::Base
- Modes::Base
- Aker::Cas::ProxyMode
- Includes:
- Modes::Support::Rfc2617
- Defined in:
- lib/aker/cas/proxy_mode.rb
Overview
A non-interactive mode that provides CAS proxy authentication conformant to CAS 2.
This mode does not handle interactive CAS authentication; see Aker::Cas for that.
Class Method Summary (collapse)
-
+ (Symbol) key
A key that refers to this mode; used for configuration convenience.
Instance Method Summary (collapse)
-
- (Array<String>) credentials
The supplied proxy ticket and the service URL.
-
- (Symbol) kind
The type of credentials supplied by this mode.
-
- (String) scheme
Used to build a WWW-Authenticate header that will be returned to a client failing non-interactive authentication.
-
- (String) service_url
Builds the service URL for this application.
-
- (Boolean) valid?
Returns true if a proxy ticket is present, false otherwise.
Methods included from Modes::Support::Rfc2617
Methods inherited from Modes::Base
#authenticate!, #authority, #configuration, #interactive?, #store?
Methods included from Rack::EnvironmentHelper
#authority, #configuration, #interactive?
Class Method Details
+ (Symbol) key
A key that refers to this mode; used for configuration convenience.
23 24 25 |
# File 'lib/aker/cas/proxy_mode.rb', line 23 def self.key :cas_proxy end |
Instance Method Details
- (Array<String>) credentials
The supplied proxy ticket and the service URL.
The proxy ticket is received in the HTTP Authorization
header, per RFC2616. The scheme must be CasProxy. Example:
Authorization: CasProxy PT-1272928074r13CBB9ACA794867F3E
45 46 47 48 49 50 51 52 53 54 |
# File 'lib/aker/cas/proxy_mode.rb', line 45 def credentials key = 'HTTP_AUTHORIZATION' matches = env[key].match(/CasProxy\s+([SP]T-[0-9A-Za-z\-]+)/) if env.has_key?(key) if matches && matches[1] [matches[1], service_url] else [] end end |
- (Symbol) kind
The type of credentials supplied by this mode.
31 32 33 |
# File 'lib/aker/cas/proxy_mode.rb', line 31 def kind self.class.key end |
- (String) scheme
Used to build a WWW-Authenticate header that will be returned to a client failing non-interactive authentication.
67 68 69 |
# File 'lib/aker/cas/proxy_mode.rb', line 67 def scheme "CasProxy" end |
- (String) service_url
Builds the service URL for this application.
Colloquially, the service URL is the web server URL plus the application mount point. It does not include anything about the specific resource being requested. For instance, if you had the resource
which was part of the /lsdb application, the service URL
would be
A little more formally, the URL is url scheme +
hostname + script name. The port is also included if it is
not the default for the URL scheme.
The service URL never ends with a /, even if the application
is mounted at the root.
95 96 97 98 99 100 101 102 103 104 105 |
# File 'lib/aker/cas/proxy_mode.rb', line 95 def service_url url = "#{env['rack.url_scheme']}://" if env['HTTP_HOST'] url << env['HTTP_HOST'] # includes the port else url << env['SERVER_NAME'] default_port = { "http" => "80", "https" => "443" }[env['rack.url_scheme']] url << ":#{env["SERVER_PORT"]}" unless env["SERVER_PORT"].to_s == default_port end url << env["SCRIPT_NAME"] end |
- (Boolean) valid?
Returns true if a proxy ticket is present, false otherwise.
58 59 60 |
# File 'lib/aker/cas/proxy_mode.rb', line 58 def valid? !credentials.empty? end |
