1 # This file is part of NIT ( http://www.nitlanguage.org ).
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
15 # Gather the authenticated users on UQAM websites.
17 # The main method to use is `HttpRequest::user` and it extracts the information
18 # of the authenticated user from the request header.
19 # The real authentication must be done by a mandatory reverse proxy server.
25 # Information on a user from Shibboleth/UQAM
27 # The *code permanent* (or the uid for non student)
30 # Usually the first name
31 var given_name
: String
33 # Usually "FamilyName, FirstName"
34 var display_name
: String
36 # The email @courrier.uqam.ca (or @uqam.ca for non student)
39 # The Gravatar URL (based on `email`)
40 var avatar
: String is lazy
do
42 return "https://www.gravatar.com/avatar/{md5}?d=retro"
46 redef class HttpRequest
47 # Extract the Shibboleth/UQAM information from the header, if any.
49 # We assume that a reverse proxy does the authentication and fill the request header.
50 # If the server is accessible directly, these headers can be easily forged.
51 # Thus, we assume that the reverse proxy is not by-passable.
53 # The reverse proxy might choose to force an authentication or not.
54 # If there is no authentication, there is no information in the request header (or with the `(null)` value).
55 # In this case, `null` is returned by this function.
56 fun user
: nullable User do
57 var user
= header
.get_or_null
("Remote-User")
58 if user
== null or user
== "(null)" then return null
60 var display_name
= header
.get_or_null
("User-Display-Name")
61 var given_name
= header
.get_or_null
("User-Given-Name")
62 var email
= header
.get_or_null
("User-Mail")
64 if display_name
== null or given_name
== null or email
== null then return null
66 var res
= new User(user
, given_name
, display_name
, email
)