Skip to content

Commit

Permalink
Try out updated Panda settings code
Browse files Browse the repository at this point in the history
  • Loading branch information
rtyley committed Sep 4, 2024
1 parent 6a19c90 commit 451b447
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 28 deletions.
46 changes: 19 additions & 27 deletions app/lib/PanAuth.scala
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package lib


import com.gu.pandomainauth.model.{Authenticated, AuthenticatedUser, AuthenticationStatus, User}
import com.gu.pandomainauth.service.CryptoConf.Verification
import com.gu.pandomainauth.{PanDomain, PublicSettings}
import play.api.Logging
import play.api.mvc._
Expand All @@ -18,43 +19,34 @@ trait PandaController extends BaseControllerHelpers with Logging {
Future.successful(Unauthorized(views.html.login(S3UploadAppConfig.loginUri)(request)))
}

def authStatus(cookie: Cookie, publicKey: PublicKey): AuthenticationStatus = {
PanDomain.authStatus(
cookie.value,
publicKey,
PanDomain.guardianValidation,
apiGracePeriod = 0,
system = "s3-upload",
cacheValidation = false,
forceExpiry = false
)
}
def authStatus(cookie: Cookie, verification: Verification): AuthenticationStatus = PanDomain.authStatus(
cookie.value,
verification,
PanDomain.guardianValidation,
apiGracePeriod = 0,
system = "s3-upload",
cacheValidation = false,
forceExpiry = false
)

object AuthAction extends ActionBuilder[UserRequest, AnyContent] {
override def parser: BodyParser[AnyContent] = PandaController.this.controllerComponents.parsers.default
override protected def executionContext: ExecutionContext = PandaController.this.controllerComponents.executionContext

override def invokeBlock[A](request: Request[A], block: UserRequest[A] => Future[Result]): Future[Result] = {
publicSettings.publicKey match {
case Some(pk) =>
request.cookies.get("gutoolsAuth-assym") match {
case Some(cookie) =>
authStatus(cookie, pk) match {
case Authenticated(AuthenticatedUser(user, _, _, _, _)) =>
block(new UserRequest(user, request))

case other =>
logger.info(s"Login response $other")
unauthorisedResponse(request)
}

case None =>
logger.warn("Panda cookie missing")
request.cookies.get("gutoolsAuth-assym") match {
case Some(cookie) =>
authStatus(cookie, publicSettings.verification) match {
case Authenticated(AuthenticatedUser(user, _, _, _, _)) =>
block(new UserRequest(user, request))

case other =>
logger.info(s"Login response $other")
unauthorisedResponse(request)
}

case None =>
logger.error("Panda public key unavailable")
logger.warn("Panda cookie missing")
unauthorisedResponse(request)
}
}
Expand Down
2 changes: 1 addition & 1 deletion build.sbt
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ scalacOptions := Seq(
libraryDependencies ++= Seq(
ws, filters,
"com.amazonaws" % "aws-java-sdk-s3" % "1.12.761",
"com.gu" %% "pan-domain-auth-verification" % "5.0.0"
"com.gu" %% "pan-domain-auth-verification" % "6.0.0-PREVIEW.support-accepting-multiple-public-keys.2024-09-04T0937.eff1e068"
)

lazy val root = (project in file("."))
Expand Down

0 comments on commit 451b447

Please sign in to comment.