From fd934f1434149be3d8cbb373de821a83aae38e8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Tue, 6 Apr 2010 22:36:41 +0200 Subject: [PATCH] Revert "Only triggers http in failure app if devise.authentication_method is :http." It has not fixed the problem it was supposed to fix. This reverts commit 9d1a52978c6aa362768cf8e66b9c476f825113fb. --- lib/devise/failure_app.rb | 2 +- lib/devise/strategies/authenticatable.rb | 7 +++---- test/failure_app_test.rb | 12 ++---------- 3 files changed, 6 insertions(+), 15 deletions(-) diff --git a/lib/devise/failure_app.rb b/lib/devise/failure_app.rb index b0e130ad..0e3ec1a7 100644 --- a/lib/devise/failure_app.rb +++ b/lib/devise/failure_app.rb @@ -63,7 +63,7 @@ module Devise end def http_auth? - env["devise.authentication_method"] == :http && request.authorization + request.authorization end def http_auth_body diff --git a/lib/devise/strategies/authenticatable.rb b/lib/devise/strategies/authenticatable.rb index 7b9a985b..e251fdd8 100644 --- a/lib/devise/strategies/authenticatable.rb +++ b/lib/devise/strategies/authenticatable.rb @@ -16,14 +16,13 @@ module Devise # Check if this is strategy is valid for http authentication. def valid_for_http_auth? - http_authenticatable? && request.authorization && - with_authentication_hash(http_auth_hash) && (env["devise.authentication_method"] = :http) + http_authenticatable? && request.authorization && with_authentication_hash(http_auth_hash) end # Check if this is strategy is valid for params authentication. def valid_for_params_auth? - params_authenticatable? && valid_request? && valid_params? && - with_authentication_hash(params_auth_hash) && (env["devise.authentication_method"] = :params) + params_authenticatable? && valid_request? && + valid_params? && with_authentication_hash(params_auth_hash) end # Check if the model accepts this strategy as http authenticatable. diff --git a/test/failure_app_test.rb b/test/failure_app_test.rb index e2a5d089..3601f4e5 100644 --- a/test/failure_app_test.rb +++ b/test/failure_app_test.rb @@ -22,11 +22,8 @@ class FailureTest < ActiveSupport::TestCase end def call_failure_with_http(env_params={}) - env = { - "HTTP_AUTHORIZATION" => "Basic #{ActiveSupport::Base64.encode64("foo:bar")}", - "devise.authentication_method" => :http - } - call_failure(env.merge!(env_params)) + env = { "HTTP_AUTHORIZATION" => "Basic #{ActiveSupport::Base64.encode64("foo:bar")}" } + call_failure(env_params.merge!(env)) end context 'When redirecting' do @@ -72,11 +69,6 @@ class FailureTest < ActiveSupport::TestCase assert_equal 401, @response.first end - test 'does trigger http authentication if devise.authentication_method is not :http' do - call_failure_with_http("devise.authentication_method" => :params) - assert_equal 302, @response.first - end - test 'return WWW-authenticate headers' do call_failure_with_http assert_equal 'Basic realm="Application"', @response.second["WWW-Authenticate"]