Class: OpenShift::RemoteUserAuthService

Inherits:
AuthService
  • Object
show all
Defined in:
lib/openshift/remote_user_auth_service.rb

Instance Method Summary collapse

Constructor Details

#initializeRemoteUserAuthService

Returns a new instance of RemoteUserAuthService.



8
9
10
11
12
 
# File 'lib/openshift/remote_user_auth_service.rb', line 8

def initialize
  super

  @trusted_header = @auth_info[:trusted_header]
end

Instance Method Details

#authenticate(request, login = nil, password = nil) ⇒ Object

The base_controller will actually pass in a password but it can’t be trusted. REMOTE_USER must only be set if the web server has verified the password.



17
18
19
20
21
22
23
24
25
26
 
# File 'lib/openshift/remote_user_auth_service.rb', line 17

def authenticate(request, =nil, password=nil)
  if request.headers['User-Agent'] == "OpenShift"
    # password == iv, login == key
    return validate_broker_key(password, )
  else
    authenticated_user = request.env[@trusted_header]
    raise OpenShift::AccessDeniedException if authenticated_user.nil?
    return {:username => authenticated_user, :auth_method => :login}
  end
end

#login(request, params, cookies) ⇒ Object

This is only called by the legacy controller and should be removed as soon as all clients have been ported.



30
31
32
33
34
35
36
37
38
 
# File 'lib/openshift/remote_user_auth_service.rb', line 30

def (request, params, cookies)
  if params['broker_auth_key'] && params['broker_auth_iv']
    return validate_broker_key(params['broker_auth_iv'], params['broker_auth_key'])
  else
    username = request.env[@trusted_header]
    Rails.logger.debug("Found" + username)
    return authenticate(request, username)
  end
end