Skip to main content
Version: 4.25.x.x LTS

DirectResponseState

Introduction and overview

This AuthState can be used to send a direct HTTP response to an end user / client by forcing nevisProxy to directly forward the response.

An example is a situation where nevisAuth needs to send a JSON response to a web application. As the DirectResponseState does nothing but generating a response, it should be used as a final AuthState and the resumeState flag should be set to false.

A typical example where the DirectResponseState can be used is in the context of a mobile application: Depending on whether the authentication was successful or not, nevisAuth will send different JSON content in the HTTP response.

Description

The following table describes the characteristics of the AuthState.

TopicDescription
Classch.nevis.esauth.auth.states.directResponse.DirectResponseState
LoggingDirectResponseState
Auditingnone
Markernone
PropertiescontentType (string, - )This optional property defines the Content-Type header field of the HTTP response. It must be set if the content property is set.
content (string, -)This optional property defines the content of the HTTP response. The value can be a URL of a file, starting with file://. For example:<property name="content" value="file://path/to/my/file"/>.nevisAuth does not have to be restarted when the file content changes.
statusCode (string, "200")This property defines the status code of the HTTP response status line.
header.<header-field> (string, -)Optional properties to define custom HTTP response header fields.
Methodsprocess generate
Transitionsnone (should only be used as final AuthState)
Inputnone
OutputAn HTTP response containing the fields and content defined in the properties.
Errorsnone

Example 1

The following DirectResponseState definition is used when the processing has failed. It sends a JSON response with an attribute called ErrorCode, whose value is 150: {ErrorCode: "150"}

<AuthState class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState"

final="false"

name="GenMob-AuthErrGeneric"

resumeState="false">
<Response value="AUTH_ERROR">
<!-- This is not necessary but is kept here to avoid a warning -->
<Gui name="DummyGui" />
</Response>
<property name="content" value="{ "ErrorCode":"150" }" />
<property name="contentType" value="application/json" />
<property name="statusCode" value="401" />
</AuthState>

The following DirectResponseState definition can be used when the processing was successful and sends a JSON response with an attribute called message whose value is login successful: {message: "login successful"}

<AuthState
name="GenMob-Ok"
class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState"
final="true"
resumeState="false">
<Response value="AUTH_DONE"/>
<property name="contentType" value="application/json"/>
<property name="content" value="{"message":"login successful"}"/>
<property name="header.Expires" value="Tue, 15 Nov 2020 08:12:31 GMT"/>
</AuthState>

The AuthStates can be referenced by other AuthStates. For example, the following AuthState will use the previously defined DirectResponseStates, which depends on the result condition:

<AuthState
class="ch.nevis.esauth.auth.states.xml.DocumentProcessor"
final="false"
name="GenMob-Ok"
resumeState="true">
<ResultCond name="default" next="GenMob-AuthErrGeneric" />
<ResultCond name="ok" next="GenMob-Ok" />
...

Example 2

<AuthState
name="DirectResponse"
class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState"
final="true"
resumeState="false">
<Response value="AUTH_ERROR"/>
<property name="contentType" value="application/json"/>
<property name="content" value="{"Error Message":"${notes.lasterrorinfo}"}"/>
<property name="statusCode" value="401"/>
<property name="header.Expires" value="Tue, 15 Nov 2020 08:12:31 GMT"/>
</AuthState>

Example 3

The following example uses the contents in the session to generates a JSON response providing the authentication level stored in the notes in the JSON status attribute:

<AuthState
class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState"
final="false"
name="GenMob-RegNewDevAuthDoneResponse"
resumeState="false">
<Response value="AUTH_DONE">
<Gui name="AuthDoneDialog" />
</Response>
<property name="content" value="{ "status":"${notes:authlevel}" }" />
<property name="contentType" value="application/json" />
<property name="header.isiwebauthstate" value="valid" />
<property name="statusCode" value="200" />
</AuthState>