Contents

require 'rack'

module SoarAuthenticationToken
  class RackMiddleware
    def initialize(app, configuration)
      @app = app
      @configuration = configuration
    end

    def call(env)
      request = Rack::Request.new env
      session, params = request.session, request.params
      valid, authenticated_identifier = validate_and_resolve_token(request.env['HTTP_AUTHORIZATION'],params['flow_identifier'])
      if valid
        session['user'] = authenticated_identifier
        @app.call env
      else
        [401, {"Content-Type" => "text/html"}, ["401 - Not authenticated"]]
      end
    end

    private

    def validate_and_resolve_token(authentication_token,flow_identifier)
      token_validator = SoarAuthenticationToken::TokenValidator.new(@configuration)
      token_validator.validate(authentication_token: authentication_token,flow_identifier: flow_identifier)
    end
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
soar_authentication_token-0.1.0	lib/soar_authentication_token/rack_middleware.rb