1 # This file is part of NIT ( http://www.nitlanguage.org ).
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
15 # Gather the authenticated users on UQAM websites.
17 # The main method to use is `HttpRequest::user` and it extracts the information
18 # of the authenticated user from the request header.
19 # The real authentication must be done by a mandatory reverse proxy server.
26 # Information on a user from Shibboleth/UQAM
30 # The *code permanent* (or the uid for non student)
33 # Usually the first name
34 var given_name
: String
36 # Usually "FamilyName, FirstName"
37 var display_name
: String
39 # The email @courrier.uqam.ca (or @uqam.ca for non student)
42 # The Gravatar URL (based on `email`)
43 var avatar
: String is lazy
do
45 return "https://www.gravatar.com/avatar/{md5}?d=retro"
49 redef class HttpRequest
50 # Extract the Shibboleth/UQAM information from the header, if any.
52 # We assume that a reverse proxy does the authentication and fill the request header.
53 # If the server is accessible directly, these headers can be easily forged.
54 # Thus, we assume that the reverse proxy is not by-passable.
56 # The reverse proxy might choose to force an authentication or not.
57 # If there is no authentication, there is no information in the request header (or with the `(null)` value).
58 # In this case, `null` is returned by this function.
59 fun user
: nullable User do
60 var user
= header
.get_or_null
("Remote-User")
61 if user
== null or user
== "(null)" then return null
63 var display_name
= header
.get_or_null
("User-Display-Name")
64 var given_name
= header
.get_or_null
("User-Given-Name")
65 var email
= header
.get_or_null
("User-Mail")
67 if display_name
== null or given_name
== null or email
== null then return null
69 var res
= new User(user
, given_name
, display_name
, email
)