Class: Otto::Security::Authentication::RouteAuthWrapperComponents::ResponseBuilder

Inherits:

Object

• Object
• Otto::Security::Authentication::RouteAuthWrapperComponents::ResponseBuilder

Defined in:

lib/otto/security/authentication/route_auth_wrapper/response_builder.rb

Overview

Builds HTTP error responses for authentication/authorization failures

Handles content negotiation (JSON vs HTML) and applies security headers. Route’s declared response_type takes precedence over Accept header.

Examples:

builder = ResponseBuilder.new(route_definition, auth_config, security_config)
response = builder.unauthorized(env, "Invalid token")
response = builder.forbidden(env, "Admin role required")
response = builder.auth_failure(env, auth_failure_result)

Instance Method Summary

• #auth_failure(env, result) ⇒ Array

  Generate response for authentication failure.

• #forbidden(env, message) ⇒ Array

  Generate 403 Forbidden response.

• #initialize(route_definition, auth_config, security_config = nil) ⇒ ResponseBuilder constructor

  A new instance of ResponseBuilder.

• #unauthorized(env, message) ⇒ Array

  Generate 401 Unauthorized response.

Constructor Details

#initialize(route_definition, auth_config, security_config = nil) ⇒ ResponseBuilder

Returns a new instance of ResponseBuilder.

Parameters:

• route_definition (RouteDefinition) —

  Route with response_type info

• auth_config (Hash) —

  Auth config with :login_path for HTML redirects

• security_config (SecurityConfig, nil) (defaults to: nil) —

  Optional security config for headers

# File 'lib/otto/security/authentication/route_auth_wrapper/response_builder.rb', line 22

def initialize(route_definition, auth_config, security_config = nil)
  @route_definition = route_definition
  @auth_config = auth_config
  @security_config = security_config
end

Instance Method Details

#auth_failure(env, result) ⇒ Array

Generate response for authentication failure

Parameters:

• env (Hash) —

  Rack environment

• result (AuthFailure) —

  Failure result from strategy

Returns:

• (Array) —

  Rack response array

# File 'lib/otto/security/authentication/route_auth_wrapper/response_builder.rb', line 33

def auth_failure(env, result)
  wants_json?(env) ? json_auth_error(result) : html_auth_error(result)
end

#forbidden(env, message) ⇒ Array

Generate 403 Forbidden response

Parameters:

• env (Hash) —

  Rack environment

• message (String) —

  Error message

Returns:

• (Array) —

  Rack response array

# File 'lib/otto/security/authentication/route_auth_wrapper/response_builder.rb', line 55

def forbidden(env, message)
  if wants_json?(env)
    json_response(403, error: 'Forbidden', message: message)
  else
    text_response(403, message)
  end
end

#unauthorized(env, message) ⇒ Array

Generate 401 Unauthorized response

Parameters:

• env (Hash) —

  Rack environment

• message (String) —

  Error message

Returns:

• (Array) —

  Rack response array

# File 'lib/otto/security/authentication/route_auth_wrapper/response_builder.rb', line 42

def unauthorized(env, message)
  if wants_json?(env)
    json_response(401, error: message)
  else
    text_response(401, message)
  end
end