Jocelyn Fiat
3496536751
- Removed CMS_REQUEST_UTIL - centralize a few request related code into CMS_API Added CMS_API.user, CMS_API.set_user (CMS_USER), ... and user related routines. Refactored Auth related code - added various abstractions to factorize implementation and harmonize solutions. - revisited the logout strategy. - updated the account info page, and remove info user should not care about. - simplified the process, and encourage auth module to follow same design. Added CMS_LINK helper routines to modify the related query string. Removed CMS_USER.profile (and related routines) - It was not used so far. - it will probably a specific module later, if needed. Update various module to avoid fetching user from sql directly, and let this task to CMS_USER_API. Removed CMS_NODE_API.node_author (a_node: CMS_NODE): detachable CMS_USER, - as the info is already in CMS_NODE.author Added CMS_RESPONSE.redirection_delay, if ever one code want to redirect after a few seconds. Added the request uri info to the not found cms response.
99 lines
2.5 KiB
Plaintext
99 lines
2.5 KiB
Plaintext
note
|
|
description: "[
|
|
API to manage CMS User Openid authentication.
|
|
]"
|
|
date: "$Date$"
|
|
revision: "$Revision$"
|
|
|
|
class
|
|
CMS_OPENID_API
|
|
|
|
inherit
|
|
CMS_AUTH_API_I
|
|
|
|
REFACTORING_HELPER
|
|
|
|
create {CMS_OPENID_MODULE}
|
|
make_with_storage
|
|
|
|
feature {NONE} -- Initialization
|
|
|
|
make_with_storage (a_api: CMS_API; a_openid_storage: CMS_OPENID_STORAGE_I)
|
|
-- Create an object with api `a_api' and storage `a_openid_storage'.
|
|
local
|
|
s: detachable READABLE_STRING_8
|
|
do
|
|
openid_storage := a_openid_storage
|
|
make (a_api)
|
|
|
|
-- Initialize openid related settings.
|
|
s := a_api.setup.string_8_item ("auth." + {CMS_OPENID_MODULE}.name + ".token")
|
|
if s = Void then
|
|
s := a_api.setup.site_id + default_session_token_suffix
|
|
end
|
|
create session_token.make_from_string (s)
|
|
|
|
s := a_api.setup.string_8_item ("auth.openid.max_age")
|
|
if s /= Void and then s.is_integer then
|
|
session_max_age := s.to_integer
|
|
else
|
|
session_max_age := 3600 --| one hour: *60(min) *60(sec)
|
|
end
|
|
ensure
|
|
openid_storage_set: openid_storage = a_openid_storage
|
|
end
|
|
|
|
feature {CMS_MODULE} -- Access: User openid storage.
|
|
|
|
openid_storage: CMS_OPENID_STORAGE_I
|
|
-- storage interface.
|
|
|
|
feature -- Access: token
|
|
|
|
default_session_token_suffix: STRING = "_OPENID_TOKEN_"
|
|
|
|
session_token: IMMUTABLE_STRING_8
|
|
-- Name of Cookie used to keep the session info.
|
|
|
|
session_max_age: INTEGER
|
|
-- Max age.
|
|
|
|
feature -- Access: User Openid
|
|
|
|
user_openid_by_userid_identity (a_uid: like {CMS_USER}.id; a_identity: READABLE_STRING_GENERAL): detachable CMS_USER
|
|
-- Retrieve a user by id `a_uid' with identity `a_identity', if any.
|
|
do
|
|
Result := openid_storage.user_openid_by_userid_identity (a_uid, a_identity)
|
|
end
|
|
|
|
user_openid_by_identity (a_identity: READABLE_STRING_GENERAL): detachable CMS_USER
|
|
do
|
|
Result := openid_storage.user_openid_by_identity (a_identity)
|
|
end
|
|
|
|
feature -- Access: Consumers OAuth20
|
|
|
|
openid_consumers: LIST [STRING]
|
|
-- List of Openid consumers, if any, empty in other case.
|
|
do
|
|
Result := openid_storage.openid_consumers
|
|
end
|
|
|
|
openid_consumer_by_name (a_name: READABLE_STRING_8): detachable CMS_OPENID_CONSUMER
|
|
-- Retrieve a consumer by name `a_name', if any.
|
|
do
|
|
Result := openid_storage.openid_consumer_by_name (a_name)
|
|
end
|
|
|
|
feature -- Change: User Openid
|
|
|
|
new_user_openid (a_identity: READABLE_STRING_GENERAL; a_user: CMS_USER)
|
|
-- Add a new user with openid using the identity `a_identity'.
|
|
require
|
|
has_id: a_user.has_id
|
|
do
|
|
openid_storage.new_user_openid (a_identity,a_user)
|
|
end
|
|
|
|
end
|