module CruAuthLib::AccessTokenProtectedConcern

Protected Instance Methods

authenticate_request() click to toggle source
# File lib/cru_auth_lib/access_token_protected_concern.rb, line 9
def authenticate_request
  authenticate_token || render_unauthorized
end
authenticate_token() click to toggle source
# File lib/cru_auth_lib/access_token_protected_concern.rb, line 13
def authenticate_token
  token = oauth_access_token_from_header
  return unless oauth_access_token_from_header
  @access_token = AccessToken.read(token)
end
oauth_access_token_from_header() click to toggle source

grabs access_token from header if one is present

# File lib/cru_auth_lib/access_token_protected_concern.rb, line 20
def oauth_access_token_from_header
  auth_header = request.env['HTTP_AUTHORIZATION'] || ''
  match = auth_header.match(/^Bearer\s(.*)/)
  return match[1] if match.present?
  false
end
render_unauthorized() click to toggle source
# File lib/cru_auth_lib/access_token_protected_concern.rb, line 27
def render_unauthorized
  headers['WWW-Authenticate'] = %(CAS realm="Application")
  render_error('Bad token', status: 401)
end