Class: Devise::Strategies::WindAuthenticatable

Inherits:
Authenticatable
  • Object
show all
Includes:
Warden::Mixins::Urls
Defined in:
lib/devise_wind/strategy.rb

Constant Summary collapse

HTTP_METHODS =

:stopdoc:

%w(GET HEAD PUT POST DELETE OPTIONS)
RESPONSE = 
"rack.wind.response"
AUTHENTICATE_HEADER = 
"WWW-Authenticate"
AUTHENTICATE_REGEXP = 
/^Wind/
URL_FIELD_SELECTOR = 
lambda { |field| field.to_s =~ %r{^https?://} }

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.build_header(params = {}) ⇒ Object

Helper method for building the “WWW-Authenticate” header value.

Rack::Wind.build_header(:server => "http://josh.openid.com/")
  #=> Wind server="https://wind.columbia.edu/"



20
21
22
23
24
25
26
27
28
 
# File 'lib/devise_wind/strategy.rb', line 20

def self.build_header(params = {})
  'Wind ' + params.map { |key, value|
    if value.is_a?(Array)
      "#{key}=\"#{value.join(',')}\""
    else
      "#{key}=\"#{value}\""
    end
  }.join(', ')
end

.parse_header(str) ⇒ Object

Helper method for parsing “WWW-Authenticate” header values into a hash.

Rack::Wind.parse_header("Wind identifier='http://josh.openid.com/'")
  #=> {:identifier => "http://josh.openid.com/"}



35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/devise_wind/strategy.rb', line 35

def self.parse_header(str)
  params = {}
  if str =~ AUTHENTICATE_REGEXP
    str = str.gsub(/#{AUTHENTICATE_REGEXP}\s+/, '')
    str.split(', ').each { |pair|
      key, *value = pair.split('=')
      value = value.join('=')
      value.gsub!(/^\"/, '').gsub!(/\"$/, "")
      value = value.split(',')
      params[key] = value.length > 1 ? value : value.first
    }
  end
  params
end

Instance Method Details

#authenticate!Object 



67
68
69
70
71
72
73
74
75
 
# File 'lib/devise_wind/strategy.rb', line 67

def authenticate!
  Rails.logger.debug("Authenticating with WIND for mapping #{mapping.to}")

  if wind_response
    handle_response!
  else # redirect to WIND login with a 30x status
    redirect! wind_redirect_url
  end
end

#handle_response!Object 



81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
# File 'lib/devise_wind/strategy.rb', line 81

def handle_response!
  ticket_id = params['ticketid']
  validate_path = "/validate?ticketid=#{ticket_id}"
  wind_validate = Net::HTTP.new("wind.columbia.edu",443)
  wind_validate.use_ssl = true
  wind_validate.verify_mode = OpenSSL::SSL::VERIFY_NONE
  wind_validate.start
  wind_resp = wind_validate.get(validate_path)
  wind_validate.finish
  #puts wind_resp.body
  authdoc = Nokogiri::XML(wind_resp.body)
  ns = {'wind'=>'http://www.columbia.edu/acis/rad/authmethods/wind'}
  _user = authdoc.xpath('//wind:authenticationSuccess/wind:user', ns)
  wind_data = nil
  if _user.length > 0
    wind_data = {}
    wind_data[:uni] =  _user[0].content
    wind_data[:affils] = authdoc.xpath('//wind:authenticationSuccess/wind:affiliations/wind:affil',ns).collect {|x| x.content}
    Rails.logger.debug wind_data.inspect
    _resource = mapping.to.(wind_data[:uni])
    _resource.affiliations= wind_data[:affils]
    _resource.save!
    success! _resource
  #else
  #  fail!
  end
end

#valid?Boolean

valid? indicates the applicability of this strategy to the authn request

Returns:

  • (Boolean) 


51
52
53
 
# File 'lib/devise_wind/strategy.rb', line 51

def valid?
  valid_mapping? # apply to any request for a wind user
end

#valid_mapping?Boolean

Returns:

  • (Boolean) 


55
56
57
 
# File 'lib/devise_wind/strategy.rb', line 55

def valid_mapping?
  mapping.to.respond_to?(:find_by_wind_login_field)
end

#wind_redirect_urlObject 



77
78
79
 
# File 'lib/devise_wind/strategy.rb', line 77

def wind_redirect_url
  "https://#{mapping.to.wind_host}/login?destination=#{CGI.escapeHTML(request_url)}&service=#{CGI.escapeHTML(mapping.to.wind_service)}"
end

#wind_responseObject 



63
64
65
 
# File 'lib/devise_wind/strategy.rb', line 63

def wind_response
  params['ticketid']
end

#wind_response?Boolean

Returns:

  • (Boolean) 


59
60
61
 
# File 'lib/devise_wind/strategy.rb', line 59

def wind_response?
  not wind_response.nil?
end