Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Extract out common method for rendering a 401 Access Denied response.

Looks after setting the WWW-Authenticate header, the status code and the response body.
  • Loading branch information...
commit cdafc1fa1932d0530f7e735c6f8dc4f4d68f0c48 1 parent ec77498
@darragh authored
Showing with 15 additions and 9 deletions.
  1. +15 −9 actionpack/lib/action_controller/metal/http_authentication.rb
View
24 actionpack/lib/action_controller/metal/http_authentication.rb
@@ -4,6 +4,14 @@
module ActionController
# Makes it dead easy to do HTTP Basic, Digest and Token authentication.
module HttpAuthentication
+ module AccessDeniedResponder
+ def respond_with_access_denied(controller, type, header, message=nil)
+ controller.headers["WWW-Authenticate"] = header
+ controller.response_body = message || "HTTP #{type}: Access denied.\n"
+ controller.status = 401
+ end
+ end
+
# Makes it dead easy to do HTTP \Basic authentication.
#
# === Simple \Basic example
@@ -63,6 +71,7 @@ module HttpAuthentication
# end
module Basic
extend self
+ extend AccessDeniedResponder
module ControllerMethods
extend ActiveSupport::Concern
@@ -109,9 +118,7 @@ def encode_credentials(user_name, password)
end
def authentication_request(controller, realm)
- controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.gsub(/"/, "")}")
- controller.response_body = "HTTP Basic: Access denied.\n"
- controller.status = 401
+ respond_with_access_denied(controller, "Basic", %(Basic realm="#{realm.gsub(/"/, "")}"))
end
end
@@ -159,6 +166,7 @@ def authentication_request(controller, realm)
# variables, and check for HTTP_AUTHORIZATION, amongst others.
module Digest
extend self
+ extend AccessDeniedResponder
module ControllerMethods
def authenticate_or_request_with_http_digest(realm = "Application", &password_procedure)
@@ -239,14 +247,12 @@ def authentication_header(controller, realm)
secret_key = secret_token(controller.request)
nonce = self.nonce(secret_key)
opaque = opaque(secret_key)
- controller.headers["WWW-Authenticate"] = %(Digest realm="#{realm}", qop="auth", algorithm=MD5, nonce="#{nonce}", opaque="#{opaque}")
+ %(Digest realm="#{realm}", qop="auth", algorithm=MD5, nonce="#{nonce}", opaque="#{opaque}")
end
def authentication_request(controller, realm, message = nil)
message ||= "HTTP Digest: Access denied.\n"
- authentication_header(controller, realm)
- controller.response_body = message
- controller.status = 401
+ respond_with_access_denied(controller, "Digest", authentication_header(controller, realm), message)
end
def secret_token(request)
@@ -386,6 +392,7 @@ def opaque(secret_key)
# RewriteRule ^(.*)$ dispatch.fcgi [E=X-HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]
module Token
extend self
+ extend AccessDeniedResponder
module ControllerMethods
def authenticate_or_request_with_http_token(realm = "Application", &login_procedure)
@@ -460,8 +467,7 @@ def encode_credentials(token, options = {})
#
# Returns nothing.
def authentication_request(controller, realm)
- controller.headers["WWW-Authenticate"] = %(Token realm="#{realm.gsub(/"/, "")}")
- controller.__send__ :render, :text => "HTTP Token: Access denied.\n", :status => :unauthorized
+ respond_with_access_denied(controller, "Token", %(Token realm="#{realm.gsub(/"/, "")}"))
end
end
end
Please sign in to comment.
Something went wrong with that request. Please try again.