Skip to main content
Version: 7.2402.x.x RR

DirectResponseState

Introduction and overview

This AuthState can be used to send a direct HTTP response to an end user / client by forcing nevisProxy to directly forward the response.

An example is a situation where nevisAuth needs to send a JSON response to a web application. As the DirectResponseState does nothing but generating a response, it should be used as a final AuthState and the resumeState flag should be set to false.

A typical example where the DirectResponseState can be used is in the context of a mobile application: Depending on whether the authentication was successful or not, nevisAuth will send different JSON content in the HTTP response.

Description

The following table and chapters describe the characteristics of the AuthState.

TopicDescription
Classch.nevis.esauth.auth.states.directResponse.DirectResponseState
LoggingDirectResponseState
Auditingnone
Markernone
Methodsprocess, generate

Properties

  • contentType (string, - )

    This optional property defines the Content-Type header field of the HTTP response. It must be set if the content property is set.

  • content (string, - )

    This optional property defines the content of the HTTP response. The value can be a URL of a file, starting with file://. For example: <property name="content" value="file://path/to/my/file"/>.

    nevisAuth does not have to be restarted when the file content changes.

  • statusCode (string, "200")

    This property defines the status code of the HTTP response status line.

  • header.<header-field> (string, -)

    Optional properties to define custom HTTP response header fields.

Input

none

Transitions

none (should only be used as final AuthState)

Output

An HTTP response containing the fields and content defined in the properties.

Errors

none

Notes

none

Example

The following DirectResponseState definition is used when the processing has failed. It sends a JSON response with an attribute called ErrorCode, whose value is 150: {ErrorCode: "150"}

<AuthState class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="false" name="GenMob-AuthErrGeneric" resumeState="false">
     <Response value="AUTH_ERROR">
     <!-- This is not necessary but is kept here to avoid a warning -->
     <Gui name="DummyGui" />
     </Response>
     <property name="content" value="{ "ErrorCode":"150" }" />
     <property name="contentType" value="application/json" />
     <property name="statusCode" value="401" />
</AuthState>

The following DirectResponseState definition can be used when the processing was successful and sends a JSON response with an attribute called message whose value is login successful: {message: "login successful"}

<AuthState
name="GenMob-Ok" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
     <Response value="AUTH_DONE"/>
     <property name="contentType" value="application/json"/>
     <property name="content" value="{"message":"login successful"}"/>
     <property name="header.Expires" value="Tue, 15 Nov 2020 08:12:31 GMT"/>
</AuthState>

The AuthStates can be referenced by other AuthStates. For example, the following AuthState will use the previously defined DirectResponseStates, which depends on the result condition:

<AuthState class="ch.nevis.esauth.auth.states.xml.DocumentProcessor" final="false" name="GenMob-Ok" resumeState="true">
         <ResultCond name="default" next="GenMob-AuthErrGeneric" />
         <ResultCond name="ok" next="GenMob-Ok" />
...
<AuthState name="DirectResponse" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
     <Response value="AUTH_ERROR"/>
     <property name="contentType" value="application/json"/>
     <property name="content" value="{"Error Message":"${notes.lasterrorinfo}"}"/>
     <property name="statusCode" value="401"/>
     <property name="header.Expires" value="Tue, 15 Nov 2020 08:12:31 GMT"/>
</AuthState>

The following example uses the contents in the session to generates a JSON response providing the authentication level stored in the notes in the JSON status attribute:

<AuthState
class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="false" name="GenMob-RegNewDevAuthDoneResponse" resumeState="false">
     <Response value="AUTH_DONE">
     <Gui name="AuthDoneDialog" />
     </Response>
     <property name="content" value="{ "status":"${notes:authlevel}" }" />
     <property name="contentType" value="application/json" />
     <property name="header.isiwebauthstate" value="valid" />   
     <property name="statusCode" value="200" />
</AuthState>