lib_static/open_project/authentication/failure_app.rb
module OpenProject
module Authentication
class FailureApp
attr_reader :failure_handlers
def initialize(failure_handlers)
@failure_handlers = failure_handlers
end
def call(env)
warden = self.warden env
scope = self.scope env
if warden && warden.result == :failure
handler = failure_handlers[scope] || default_failure_handler
if handler
handler.call warden, warden_options(env)
else
handle_failure warden
end
else
unauthorized env
end
end
def default_failure_handler
failure_handlers[nil]
end
def handle_failure(warden)
[warden.status || 401, warden.headers, [warden.message]]
end
def unauthorized(env)
[401, unauthorized_header(env), ["unauthorized"]]
end
def warden(env)
env["warden"]
end
def warden_options(env)
Hash(env["warden.options"])
end
def unauthorized_header(env)
header = OpenProject::Authentication::WWWAuthenticate
.response_header(scope: scope(env), request_headers: env)
{ "WWW-Authenticate" => header }
end
def scope(env)
warden_options(env)[:scope]
end
end
end
end