From 3a11ba2918795821600b7113d0758415718d263a Mon Sep 17 00:00:00 2001
From: gebele <gebele@in-silico.ch>
Date: Mon, 11 Jun 2018 12:46:06 +0200
Subject: combine gui with rest

---
 lib/aa.rb | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 82 insertions(+)
 create mode 100644 lib/aa.rb

(limited to 'lib/aa.rb')

diff --git a/lib/aa.rb b/lib/aa.rb
new file mode 100644
index 0000000..6dfec4b
--- /dev/null
+++ b/lib/aa.rb
@@ -0,0 +1,82 @@
+post "/aa/authenticate/?" do
+  mime_types = ["text/plain"]
+  bad_request_error "Mime type #{@accept} not supported here. Please request data as  #{mime_types.join(', ')}." unless mime_types.include? @accept
+  bad_request_error "Please send formdata username." unless params[:username]
+  bad_request_error "Please send formdata password." unless params[:password]
+  case @accept
+  when "text/plain"
+    if OpenTox::Authorization.authenticate(params[:username], params[:password])
+      return OpenTox::RestClientWrapper.subjectid
+    else
+      return nil
+    end
+  else
+    bad_request_error "'#{@accept}' is not a supported content type."
+   end
+end
+
+post "/aa/logout/?" do
+  mime_types = ["text/plain"]
+  bad_request_error "Mime type #{@accept} not supported here. Please request data as  #{mime_types.join(', ')}." unless mime_types.include? @accept
+  bad_request_error "Please send formdata subjectid." unless params[:subjectid]
+  case @accept
+  when "text/plain"
+    if OpenTox::Authorization.logout(params[:subjectid])
+      return "Successfully logged out. \n"
+    else
+      return "Logout failed.\n"
+    end
+  else
+    bad_request_error "'#{@accept}' is not a supported content type."
+   end
+end
+
+module OpenTox
+
+  AA = "https://opensso.in-silico.ch"
+  
+  module Authorization
+    #Authentication against OpenSSO. Returns token. Requires Username and Password.
+    # @param user [String] Username
+    # @param pw [String] Password
+    # @return [Boolean] true if successful
+    def self.authenticate(user, pw)
+      begin
+        res = RestClientWrapper.post("#{AA}/auth/authenticate",{:username=>user, :password => pw},{:subjectid => ""}).sub("token.id=","").sub("\n","")
+        if is_token_valid(res)
+          RestClientWrapper.subjectid = res
+          return true
+        else
+          bad_request_error "Authentication failed #{res.inspect}"
+        end
+      rescue
+        bad_request_error "Authentication failed #{res.inspect}"
+      end
+    end
+
+    #Logout on opensso. Make token invalid. Requires token
+    # @param [String] subjectid the subjectid
+    # @return [Boolean] true if logout is OK
+    def self.logout(subjectid=RestClientWrapper.subjectid)
+      begin
+        out = RestClientWrapper.post("#{AA}/auth/logout", :subjectid => subjectid)
+        return true unless is_token_valid(subjectid)
+      rescue
+        return false
+      end
+      return false
+    end
+
+    #Checks if a token is a valid token
+    # @param [String]subjectid subjectid from openSSO session
+    # @return [Boolean] subjectid is valid or not.
+    def self.is_token_valid(subjectid=RestClientWrapper.subjectid)
+      begin
+        return true if RestClientWrapper.post("#{AA}/auth/isTokenValid",:tokenid => subjectid) == "boolean=true\n"
+      rescue #do rescue because openSSO throws 401
+        return false
+      end
+      return false
+    end
+  end
+end
\ No newline at end of file
-- 
cgit v1.2.3