DirectResponseState
Introduction and overview
This AuthState can be used to send a direct HTTP response to an end user / client by forcing nevisProxy to directly forward the response.
An example is a situation where nevisAuth needs to send a JSON response to a web application. As the DirectResponseState does nothing but generating a response, it should be used as a final AuthState and the resumeState flag should be set to false.
A typical example where the DirectResponseState can be used is in the context of a mobile application: Depending on whether the authentication was successful or not, nevisAuth will send different JSON content in the HTTP response.
Description
The following table describes the characteristics of the AuthState.
| Topic | Description |
|---|---|
| Class | ch.nevis.esauth.auth.states.directResponse.DirectResponseState |
| Logging | DirectResponseState |
| Auditing | none |
| Marker | none |
| Properties | contentType (string, - )This optional property defines the Content-Type header field of the HTTP response. It must be set if the content property is set. |
content (string, -)This optional property defines the content of the HTTP response. The value can be a URL of a file, starting with file://. For example:<property name="content" value="file://path/to/my/file"/>.nevisAuth does not have to be restarted when the file content changes. | |
| statusCode (string, "200")This property defines the status code of the HTTP response status line. | |
header.<header-field> (string, -)Optional properties to define custom HTTP response header fields. | |
| Methods | process generate |
| Transitions | none (should only be used as final AuthState) |
| Input | none |
| Output | An HTTP response containing the fields and content defined in the properties. |
| Errors | none |
Example 1
The following DirectResponseState definition is used when the processing has failed. It sends a JSON response with an attribute called ErrorCode, whose value is 150: {ErrorCode: "150"}
<AuthState class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState"
final="false"
name="GenMob-AuthErrGeneric"
resumeState="false">
<Response value="AUTH_ERROR">
<!-- This is not necessary but is kept here to avoid a warning -->
<Gui name="DummyGui" />
</Response>
<property name="content" value="{ "ErrorCode":"150" }" />
<property name="contentType" value="application/json" />
<property name="statusCode" value="401" />
</AuthState>
The following DirectResponseState definition can be used when the processing was successful and sends a JSON response with an attribute called message whose value is login successful: {message: "login successful"}
<AuthState
name="GenMob-Ok"
class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState"
final="true"
resumeState="false">
<Response value="AUTH_DONE"/>
<property name="contentType" value="application/json"/>
<property name="content" value="{"message":"login successful"}"/>
<property name="header.Expires" value="Tue, 15 Nov 2020 08:12:31 GMT"/>
</AuthState>
The AuthStates can be referenced by other AuthStates. For example, the following AuthState will use the previously defined DirectResponseStates, which depends on the result condition:
<AuthState
class="ch.nevis.esauth.auth.states.xml.DocumentProcessor"
final="false"
name="GenMob-Ok"
resumeState="true">
<ResultCond name="default" next="GenMob-AuthErrGeneric" />
<ResultCond name="ok" next="GenMob-Ok" />
...
Example 2
<AuthState
name="DirectResponse"
class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState"
final="true"
resumeState="false">
<Response value="AUTH_ERROR"/>
<property name="contentType" value="application/json"/>
<property name="content" value="{"Error Message":"${notes.lasterrorinfo}"}"/>
<property name="statusCode" value="401"/>
<property name="header.Expires" value="Tue, 15 Nov 2020 08:12:31 GMT"/>
</AuthState>
Example 3
The following example uses the contents in the session to generates a JSON response providing the authentication level stored in the notes in the JSON status attribute:
<AuthState
class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState"
final="false"
name="GenMob-RegNewDevAuthDoneResponse"
resumeState="false">
<Response value="AUTH_DONE">
<Gui name="AuthDoneDialog" />
</Response>
<property name="content" value="{ "status":"${notes:authlevel}" }" />
<property name="contentType" value="application/json" />
<property name="header.isiwebauthstate" value="valid" />
<property name="statusCode" value="200" />
</AuthState>