view app/override/RestProxy.js @ 608:7fd9350eacf9 openid

Add client side openID authentication handling If the client is not authenticated it will be redirected to the identity provider provided by the lada-server in the error message. The lada-server keeps track of the association and verifies the openID parameters sent by the client in the X-OPENID-PARAMS header
author Andre Heinecke <andre.heinecke@intevation.de>
date Thu, 12 Mar 2015 17:39:16 +0100
parents
children fb89f61ab272
line wrap: on
line source
/* Copyright (C) 2015 by Bundesamt fuer Strahlenschutz
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=3)
 * and comes with ABSOLUTELY NO WARRANTY! Check out
 * the documentation coming with IMIS-Labordaten-Application for details.
 */

Ext.define('Lada.override.RestProxy', {
    override: 'Ext.data.proxy.Rest',

    buildRequest: function (operation) {
        this.headers = { 'X-OPENID-PARAMS': Lada.openIDParams };
        return this.callParent(arguments);
    },

    processResponse: function (success, operation, request, response, callback, scope) {
        if (!success && response.status == 401) {
            var json = Ext.decode(response.responseText);
            if (json) {
                if (json.message == "699") {
                    /* This is the unauthorized message with the authentication
                     * redirect in the data */

                    /* We decided to handle this with a redirect to the identity
                     * provider. In which case we have no other option then to
                     * handle it here with relaunch. */
                    Lada.launch(); // Data loss!
                }
            }
        }
        this.callParent(arguments);
    }
});

http://lada.wald.intevation.org