Contents

require 'rack'

module SoarAuthenticationToken
  class RackMiddleware
    def initialize(app, configuration, auditing = nil)
      @app = app
      @configuration = configuration
      @auditing = auditing
    end

    def call(env)
      session, params, token, flow_id = get_request_information(env)
      token_valid, token_meta, message = validate_and_resolve_token(token,flow_id)
      if token_valid
        session['user'] = token_meta['authenticated_identifier']
        session['auth_token_meta'] = token_meta
        return @app.call env
      end
      audit_token_rejection("Token rejected due to #{message}",flow_id)
      rejection
    end

    private

    def get_request_information(env)
      request = Rack::Request.new env
      [ request.session,
        request.params,
        request.env['HTTP_AUTHORIZATION'],
        request.params['flow_identifier'] ]
    end

    def validate_and_resolve_token(authentication_token,flow_identifier)
      token_validator = SoarAuthenticationToken::TokenValidator.new(@configuration)
      token_validator.validate(authentication_token: authentication_token,flow_identifier: flow_identifier)
    end

    def audit_token_rejection(message, flow_id)
      @auditing.warn(message,flow_id) if @auditing
    end

    def rejection
      [401, { 'Content-Type' => 'application/json'}, ["401 - Not authenticated"]]
    end
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
soar_authentication_token-5.0.3	lib/soar_authentication_token/rack_middleware.rb