lada/lada-client: app/override/RestProxy.js annotate

annotate app/override/RestProxy.js @ 608:7fd9350eacf9 openid

Add client side openID authentication handling If the client is not authenticated it will be redirected to the identity provider provided by the lada-server in the error message. The lada-server keeps track of the association and verifies the openID parameters sent by the client in the X-OPENID-PARAMS header

author	Andre Heinecke <andre.heinecke@intevation.de>
date	Thu, 12 Mar 2015 17:39:16 +0100
parents
children	fb89f61ab272

rev	line source
608 7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	1 /* Copyright (C) 2015 by Bundesamt fuer Strahlenschutz
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	2 * Software engineering by Intevation GmbH
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	3 *
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	4 * This file is Free Software under the GNU GPL (v>=3)
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	5 * and comes with ABSOLUTELY NO WARRANTY! Check out
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	6 * the documentation coming with IMIS-Labordaten-Application for details.
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	7 */
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	8
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	9 Ext.define('Lada.override.RestProxy', {
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	10 override: 'Ext.data.proxy.Rest',
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	11
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	12 buildRequest: function (operation) {
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	13 this.headers = { 'X-OPENID-PARAMS': Lada.openIDParams };
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	14 return this.callParent(arguments);
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	15 },
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	16
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	17 processResponse: function (success, operation, request, response, callback, scope) {
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	18 if (!success && response.status == 401) {
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	19 var json = Ext.decode(response.responseText);
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	20 if (json) {
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	21 if (json.message == "699") {
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	22 /* This is the unauthorized message with the authentication
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	23 * redirect in the data */
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	24
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	25 /* We decided to handle this with a redirect to the identity
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	26 * provider. In which case we have no other option then to
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	27 * handle it here with relaunch. */
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	28 Lada.launch(); // Data loss!
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	29 }
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	30 }
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	31 }
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	32 this.callParent(arguments);
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	33 }
7fd9350eacf9 Add client side openID authentication handling Andre Heinecke <andre.heinecke@intevation.de> parents: diff changeset	34 });

http://lada.wald.intevation.org