parent
2b8848dc8b
commit
d4dfdb9dcc
@ -1,7 +1,22 @@ |
||||
# Strategies provided by OpenProject: |
||||
require 'warden/strategies/basic_auth_failure' |
||||
require 'warden/strategies/global_basic_auth' |
||||
require 'warden/strategies/user_basic_auth' |
||||
require 'warden/strategies/session' |
||||
|
||||
Warden::Strategies.add :global_basic_auth, Warden::Strategies::GlobalBasicAuth |
||||
Warden::Strategies.add :user_basic_auth, Warden::Strategies::UserBasicAuth |
||||
Warden::Strategies.add :session, Warden::Strategies::Session |
||||
strategies = [ |
||||
[:basic_auth_failure, Warden::Strategies::BasicAuthFailure], |
||||
[:global_basic_auth, Warden::Strategies::GlobalBasicAuth], |
||||
[:user_basic_auth, Warden::Strategies::UserBasicAuth], |
||||
[:session, Warden::Strategies::Session] |
||||
] |
||||
|
||||
strategies.each do |name, clazz| |
||||
Warden::Strategies.add name, clazz |
||||
end |
||||
|
||||
include OpenProject::Authentication::Scope |
||||
|
||||
OpenProject::Authentication.update_strategies(API_V3) do |_strategies| |
||||
[:global_basic_auth, :user_basic_auth, :basic_auth_failure, :session] |
||||
end |
||||
|
@ -0,0 +1,46 @@ |
||||
require 'open_project/authentication/manager' |
||||
|
||||
module OpenProject |
||||
## |
||||
# OpenProject uses Warden strategies for request authentication. |
||||
module Authentication |
||||
class << self |
||||
## |
||||
# Updates the used warden strategies for a given scope. The strategies will be tried |
||||
# in the order they are set here. |
||||
# For available scopes please refer to `OpenProject::Authentication::Scope`. |
||||
# |
||||
# @param [Symbol] scope The scope for which to update the used warden strategies. |
||||
# @param [Boolean] store Indicates whether the user should be stored in the session for this scope. |
||||
# |
||||
# @yield [strategies] A block returning the strategies to be used for this scope. |
||||
# @yieldparam [Array] The strategies currently used by this scope. May be empty. |
||||
# @yieldreturn [Array] The strategies to be used by this scope. |
||||
def update_strategies(scope, store: nil, &block) |
||||
raise ArgumentError, "invalid scope: #{scope}" unless Scope.values.include? scope |
||||
|
||||
current_strategies = Array(Manager.scope_strategies[scope]) |
||||
|
||||
Manager.store_defaults[scope] = store unless store.nil? |
||||
Manager.scope_strategies[scope] = block.call current_strategies if block_given? |
||||
end |
||||
end |
||||
|
||||
## |
||||
# This module is only there to declare all used scopes. Technically a scope can be an |
||||
# arbitrary symbol. But we declare them here not to lose sight of them. |
||||
# |
||||
# Plugins can declare new scopes by declaring new constants in this module. |
||||
module Scope |
||||
API_V3 = :api_v3 |
||||
|
||||
class << self |
||||
def values |
||||
constants.map do |name| |
||||
const_get name |
||||
end |
||||
end |
||||
end |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,12 @@ |
||||
module Warden |
||||
module Strategies |
||||
## |
||||
# This strategy is inserted after optional basic auth strategies to |
||||
# indicate that invalid basic auth credentials were provided. |
||||
class BasicAuthFailure < BasicAuth |
||||
def authenticate_user(_username, _password) |
||||
nil # always fails |
||||
end |
||||
end |
||||
end |
||||
end |
Loading…
Reference in new issue