FOCUS-5622: updated for LWE 2.9 Secure Solr:

* pass along auth headers to solr server if present
* monkey-patched Blacklight 4.3 to take opts so :headers key can be
passed to RSolr

app/controllers/base_controller.rb

@@ -18,7 +18,16 @@ def current_collection
 
   # TODO: refactor to use lucidworks-ruby gem
   def lws_api_get(path)
-    resp = Net::HTTP.get_response(URI.parse("#{FlareConfig.lws_api_url}#{path}"))
+    options = {headers: solr_headers}
+    resp = HTTParty.get("#{FlareConfig.lws_api_url}#{path}", options)
     result = JSON.parse(resp.body)
   end
+
+  def solr_headers
+    if request.headers["HTTP_LWS_ROLES"].blank? || request.headers["HTTP_AUTHORIZATION"].blank?
+      {}
+    else
+      {"lws_roles" => request.headers["HTTP_LWS_ROLES"], "Authorization" => request.headers["HTTP_AUTHORIZATION"]}
+    end
+  end
 end

app/controllers/catalog_controller.rb

@@ -15,7 +15,7 @@ def index
       extra_head_content << view_context.auto_discovery_link_tag(:rss, url_for(params.merge(:format => 'rss')), :title => t('flare.search.rss_feed') )
       extra_head_content << view_context.auto_discovery_link_tag(:atom, url_for(params.merge(:format => 'atom')), :title => t('flare.search.atom_feed') )
 
-      (@response, @document_list) = get_search_results
+      (@response, @document_list) = get_search_results(params, {}, {headers: solr_headers})
       @filters = params[:f] || []
 
       respond_to do |format|

app/controllers/collections_controller.rb

@@ -14,7 +14,7 @@ def index
 
   def find(*args)
     path = "#{args[2]}/#{blacklight_config.solr_path}"
-    response = blacklight_solr.get(path, :params=> args[1])
+    response = blacklight_solr.get(path, {:params=> args[1], headers: solr_headers})
     Blacklight::SolrResponse.new(force_to_utf8(response), args[1])
     rescue Errno::ECONNREFUSED => e
     raise Blacklight::Exceptions::ECONNREFUSED.new("Unable to connect to Solr instance using #{blacklight_solr.inspect}")

config/initializers/blacklight_patches.rb

@@ -0,0 +1,35 @@
+Blacklight::SolrHelper.module_eval do
+  # As get_search_results and query_solr do not take additional options to pass along
+  # to RSolr's send_and_receive, they are patched here to take an additional arg to do so.
+  # We need this in order to pass along the :headers key for auth as per FOCUS-5578.
+
+  def get_search_results(user_params = params || {}, extra_controller_params = {}, opts = {})
+    Rails.logger.info("*** Using patched Blacklight::SolrHelper.get_search_results")
+    solr_response = query_solr(user_params, extra_controller_params, opts)
+    document_list = solr_response.docs.collect {|doc| SolrDocument.new(doc, solr_response)} 
+    return [solr_response, document_list]
+  end
+
+  def query_solr(user_params = params || {}, extra_controller_params = {}, opts = {})
+    Rails.logger.info("*** Using patched Blacklight::SolrHelper.query_solr")
+    # In later versions of Rails, the #benchmark method can do timing
+    # better for us. 
+    bench_start = Time.now
+    solr_params = self.solr_search_params(user_params).merge(extra_controller_params)
+    solr_params[:qt] ||= blacklight_config.qt
+    path = blacklight_config.solr_path
+
+    options = opts.merge({params: solr_params})
+    # delete these parameters, otherwise rsolr will pass them through.
+    res = blacklight_solr.send_and_receive(path, options)
+
+    solr_response = Blacklight::SolrResponse.new(force_to_utf8(res), solr_params)
+
+    Rails.logger.debug("Solr query: #{solr_params.inspect}")
+    Rails.logger.debug("Solr response: #{solr_response.inspect}") if defined?(::BLACKLIGHT_VERBOSE_LOGGING) and ::BLACKLIGHT_VERBOSE_LOGGING
+    Rails.logger.debug("Solr fetch: #{self.class}#query_solr (#{'%.1f' % ((Time.now.to_f - bench_start.to_f)*1000)}ms)")
+
+
+    solr_response
+  end
+end