RubyGems - j1_template - Versions diffs - 2019.4.10 → 2019.4.11 - Mend

j1_template 2019.4.10 → 2019.4.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (60) hide show

checksums.yaml +4 -4
data/lib/j1/version.rb +1 -1
data/lib/starter_web/Gemfile +1 -1
data/lib/starter_web/_cc_test_data/_config.yml +1 -1
data/lib/starter_web/_config.yml +1 -1
data/lib/starter_web/assets/themes/j1/core/js/j1.js +9 -1
data/lib/starter_web/package.json +1 -1
data/lib/starter_web/pages/public/start/downloads/quickstarter/100_linux_starter.adoc +1 -1
data/lib/starter_web/utilsrv/_defaults/package.json +1 -1
data/lib/starter_web/utilsrv/package.json +1 -1
metadata +15 -50
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.before_merge_added.rb +0 -1267
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.new.rb +0 -1121
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.no_cookie.mgmt.rb +0 -1130
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.ok.rb +0 -1130
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.org.2.rb +0 -1086
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.org.rb +0 -1548
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.update.web_cookie.rb +0 -1333
data/lib/j1_app/j1_auth_manager/_unused/auth_manager_ui.2.erb +0 -198
data/lib/j1_app/j1_auth_manager/_unused/auth_manager_ui.additional_inits.erb +0 -254
data/lib/j1_app/j1_auth_manager/_unused/auth_manager_ui.manage.cookies.erb +0 -255
data/lib/starter_web/assets/_data/_temp/_banner.html +0 -421
data/lib/starter_web/assets/_data/_temp/_panel.html +0 -585
data/lib/starter_web/assets/_data/_temp/banner.case.snippet.html.asciidoc +0 -91
data/lib/starter_web/assets/_data/_temp/banner.new.html.asciidoc +0 -559
data/lib/starter_web/assets/_data/_temp/banner.with.defaults.html.asciidoc +0 -547
data/lib/starter_web/assets/_data/_temp/footer.html.new +0 -228
data/lib/starter_web/assets/_data/_temp/footer.html.org +0 -234
data/lib/starter_web/assets/_data/_temp/footer.old.html +0 -231
data/lib/starter_web/assets/_data/_temp/footer_new.html +0 -226
data/lib/starter_web/assets/_data/_temp/footer_old.html +0 -222
data/lib/starter_web/assets/_data/_temp/menu.old.html +0 -462
data/lib/starter_web/assets/_data/_temp/panel.new.html +0 -560
data/lib/starter_web/assets/_data/_temp/panel.old.html +0 -597
data/lib/starter_web/assets/_data/_temp/panel.org.html +0 -597
data/lib/starter_web/assets/_data/animate.json +0 -120
data/lib/starter_web/assets/_data/ascii_code_table.json +0 -1794
data/lib/starter_web/assets/_data/authclient.html +0 -365
data/lib/starter_web/assets/_data/banner.html +0 -431
data/lib/starter_web/assets/_data/carousel.json +0 -110
data/lib/starter_web/assets/_data/colors.json +0 -43
data/lib/starter_web/assets/_data/cookie_consent.html +0 -225
data/lib/starter_web/assets/_data/countries.json +0 -974
data/lib/starter_web/assets/_data/font_sizes.json +0 -43
data/lib/starter_web/assets/_data/fontawesome_icons.json +0 -5525
data/lib/starter_web/assets/_data/footer.html +0 -239
data/lib/starter_web/assets/_data/galleries.json +0 -160
data/lib/starter_web/assets/_data/mdi_icons.json +0 -14641
data/lib/starter_web/assets/_data/menu.html +0 -469
data/lib/starter_web/assets/_data/messages.yml +0 -130
data/lib/starter_web/assets/_data/objects.json +0 -458
data/lib/starter_web/assets/_data/panel.html +0 -501
data/lib/starter_web/assets/_data/panel.new.html +0 -498
data/lib/starter_web/assets/_data/quicklinks.html +0 -178
data/lib/starter_web/assets/_data/search.yml +0 -131
data/lib/starter_web/assets/_data/sidebar.html +0 -261
data/lib/starter_web/assets/_data/themes.json +0 -59
data/lib/starter_web/assets/_data/twa_v1.json +0 -6978
data/lib/starter_web/assets/_data/twa_v2.json +0 -12812
data/lib/starter_web/assets/_data/webhook.html +0 -190

data/lib/j1_app/j1_auth_manager/_unused/auth_manager.before_merge_added.rb DELETED Viewed

@@ -1,1267 +0,0 @@
-# RuboCops - Documentation
-# ------------------------------------------------------------------------------
-# See: https://rubocop.readthedocs.io/en/latest/
-# RuboCops - Disabled Cops
-# ------------------------------------------------------------------------------
-# rubocop:disable Metrics/BlockLength
-# rubocop:disable Metrics/ClassLength
-# rubocop:disable Metrics/LineLength
-# rubocop:disable Style/StringLiterals
-# rubocop:disable Style/Documentation
-# rubocop:disable Metrics/BlockNesting
-# rubocop:disable Layout/ClosingParenthesisIndentation
-# rubocop:disable Layout/LeadingCommentSpace
-# rubocop:disable Layout/EmptyLines
-# rubocop:disable Layout/EmptyLinesAroundBlockBody
-# rubocop:disable Layout/FirstParameterIndentation
-# rubocop:disable Layout/CommentIndentation
-# rubocop:disable Layout/AlignParameters
-# rubocop:disable Layout/AlignHash
-# rubocop:disable Layout/TrailingWhitespace
-# rubocop:disable Layout/IndentHash
-# rubocop:disable Layout/SpaceAroundOperators
-# rubocop:disable Layout/ExtraSpacing
-# rubocop:disable Style/UnlessElse
-# rubocop:disable Style/HashSyntax
-# ------------------------------------------------------------------------------
-#  ~/lib/j1_auth_manager/auth_manager/.rb
-#
-#  Provides authentication services based on Warden|OmniAuth
-#
-#  Product/Info:
-#  https://jekyll.one
-#
-#  Copyright (C) 2019 Juergen Adams
-#
-#  J1 Template is licensed under the MIT License.
-#  See: https://github.com/jekyll-one-org/j1_template/blob/master/LICENSE
-#
-# ------------------------------------------------------------------------------
-# NOTES
-#
-# ------------------------------------------------------------------------------
-# frozen_string_literal: true
-module J1App
-  class AuthManager < Sinatra::Base
-    include J1App::Helpers
-    include J1App::GithubHelpers
-    # ==========================================================================
-    # Sinatra Framework settings
-    # ==========================================================================
-    # NOTE: https://stackoverflow.com/questions/7847536/sinatra-in-facebook-iframe
-    #
-    #set :protection, :except => :frame_options
-    # Check: http://sinatrarb.com/intro.html
-    #
-    #set :static_cache_control, [:public, :max_age => 10]
-    # ==========================================================================
-    # Base App and Warden Framework settings
-    # ==========================================================================
-    # j1_web_session = {
-    #     :authenticated       => 'false',
-    #     :requested_page      => '/',
-    #     :user_name           => 'unknown',
-    #     :users_allowed       => 'unknown',
-    #     :user_id             => 'unknown',
-    #     :provider            => 'unknown',
-    #     :provider_url        => '/',
-    #     :payment_info        => 'unknown',
-    #     :permissions         => 'unknown',
-    #     :writer              => 'middleware'
-    # }
-    j1_web_session = {
-        :authenticated        => 'false',
-        :requested_page       => '/',
-        :user_name            => 'visitor',
-        :users_allowed        => 'all',
-        :user_id              => 'unknown',
-        :provider             => 'j1',
-        :provider_membership  => 'guest',
-        :provider_url         => 'https://jekyll.one',
-        :payment_info         => 'unknown',
-        :provider_permissions => 'public',
-        :writer               => 'middleware'
-    }
-    # Enable SSL for the rack session if configured
-    # --------------------------------------------------------------------------
-    require 'rack-ssl-enforcer' if J1App.ssl?
-    use Rack::SslEnforcer if J1App.ssl?
-    # Set the session cookie used by Rack to track all relevant data
-    # for the authentication service
-    # --------------------------------------------------------------------------
-    use Rack::Session::Cookie,
-        http_only: true,   # if set to 'true', make session cookie visible to the browser (document) for HTTP
-        key: 'j1.app.session',
-        secret: ENV['J1_SESSION_SECRET'] || SecureRandom.hex
-    # use Rack::Cache do |config|
-    #   #
-    #   # ------------------------------------------------------------------------
-    #   config.middleware.delete(Rack::Cache)
-    # end
-    # ==========================================================================
-    # Warden Framework initialisation
-    # ==========================================================================
-    # Define what (user) data should be put (serialized) into the session
-    # on requests and responses from Rack environment into the warden
-    # environment (env['warden']).
-    # --------------------------------------------------------------------------
-    Warden::Manager.serialize_into_session do |user|
-      user
-    end
-    Warden::Manager.serialize_from_session do |user|
-      user
-    end
-    # ==========================================================================
-    # OmniAuth|Warden Framework initialisation
-    # ==========================================================================
-    # Set the 'default' authentication strategy and exception handler
-    # (for warden) if the user was not explicitly signed in (signin dialog).
-    # If 'signin' fails, the default exception 'signin_failure' is thrown
-    # (used for all OmniAuth strategies registered).
-    # --------------------------------------------------------------------------
-    signin_failure = ->(_e) { Rack::Response.new("Can't login", 401).finish }
-    use Warden::Manager do |config|
-      # OmniAuth strategies are name-spaced by 'omni' (see: warden_omniauth.rb)
-      # ------------------------------------------------------------------------
-      config.default_strategies :"omni_#{J1App.default_provider}"
-      config.failure_app = signin_failure
-    end
-    use OmniAuth::Builder do |config|
-      # Workaround to rescue OmniAuth::Strategies::OAuth2::CallbackError?
-      # for chromium based browsers (e.g. google-chrome)
-      # ------------------------------------------------------------------------
-      config.on_failure do
-        new_path = '/redirect_requested_page'
-        Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
-      end
-      # Detect and set supported authentication strategies for OmniAuth
-      # ------------------------------------------------------------------------
-      # Additional (strategy) option skip_extra, default: true
-      #
-      # If true, skips the collection of raw data (extra) to NOT blow
-      # up the session cookie (as it is limited to 4K)
-      skip_extra = true
-      if J1App.active_providers.include? 'patreon'
-        scope             = J1App.auth_config['providers']['patreon']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['patreon']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :patreon,
-                 ENV['PATREON_CLIENT_ID'],
-                 ENV['PATREON_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-      if J1App.active_providers.include? 'disqus'
-        scope             = J1App.auth_config['providers']['disqus']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['disqus']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :disqus,
-                 ENV['DISQUS_CLIENT_ID'],
-                 ENV['DISQUS_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-      if J1App.active_providers.include? 'facebook'
-        scope             = J1App.auth_config['providers']['facebook']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['facebook']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :facebook,
-                 ENV['FACEBOOK_CLIENT_ID'],
-                 ENV['FACEBOOK_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-      if J1App.active_providers.include? 'github'
-        scope             = J1App.auth_config['providers']['github']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['github']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :github,
-                 ENV['GITHUB_CLIENT_ID'],
-                 ENV['GITHUB_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-      if J1App.active_providers.include? 'twitter'
-        scope             = J1App.auth_config['providers']['twitter']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['twitter']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :twitter,
-                 ENV['TWITTER_CLIENT_ID'],
-                 ENV['TWITTER_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-    end
-    # Set the (internal) endpoint if a user is successfully authenticated
-    # --------------------------------------------------------------------------
-    use J1WardenOmniAuth do |config|
-      config.redirect_after_callback = '/post_authentication'
-    end
-    # Add the internal logger from Rack to the middleware's of the stack
-    # --------------------------------------------------------------------------
-    use Rack::Logger
-    # Load user profiles, permissions, conditions and strategies
-    # --------------------------------------------------------------------------
-    providers   = J1App.auth_config['providers']
-    permissions = J1App.permissions
-    # ==========================================================================
-    # Sinatra (before) FILTER to preprocess all page requests
-    # ==========================================================================
-    # Prepare root (index) page for app detection
-    #
-    before '/' do
-      log_info! "ROOT", "Prepare", 'Web Session'
-      # read existing/current cookie 'j1.web.session' to update all data
-      # of j1_web_session (hash) otherwise set initial data
-      # ------------------------------------------------------------------------
-      unless env['HTTP_COOKIE'] == nil
-        if env['HTTP_COOKIE'].include? 'j1.web.session'
-          session_encoded = request.cookies['j1.web.session']
-          session_decoded = Base64.decode64(session_encoded)
-          j1_web_session = JSON.parse(session_decoded)
-        end
-      else
-        requested_page = env['REQUEST_URI']
-        j1_web_session['requested_page'] = "#{env['REQUEST_URI']}"
-      end
-      # Create|Initialize the J1 web session cookie
-      # ------------------------------------------------------------------------
-      if warden.authenticated?
-        log_info! "ROOT", 'Cookie', 'Update current user data'
-        user = warden.user
-        log_info! "ROOT", 'AuthCheck', 'User detected as signed in', "#{user[:provider]}"
-        j1_web_session['authenticated']         = 'true'
-        j1_web_session['requested_page']        = '/'
-        j1_web_session['users_allowed']         = providers["#{user[:provider]}"]['users']
-        j1_web_session['user_name']             = user[:info]['nickname']
-        j1_web_session['user_id']               = user[:uid]
-        j1_web_session['provider']              = user[:provider]
-        j1_web_session['provider_membership']   = 'member'
-        j1_web_session['provider_url']          = providers["#{user[:provider]}"]['provider_url']
-        j1_web_session['provider_permissions']  = providers["#{user[:provider]}"]['permissions']
-        j1_web_session['payment_status']        = user[:info][:payment_status]
-      else
-        log_info! "ROOT", 'AuthCheck', 'User detected', 'signed out'
-        j1_web_session['authenticated']         = 'false'
-        j1_web_session['requested_page']        = '/'
-        j1_web_session['users_allowed']         = 'all'
-        j1_web_session['user_name']             = 'visitor'
-        j1_web_session['user_id']               = 'unknown'
-        j1_web_session['payment_status']        = 'unknown'
-        j1_web_session['provider']              = 'j1'
-        j1_web_session['provider_membership']   = 'guest'
-        j1_web_session['provider_url']          = 'https://jekyll.one'
-        j1_web_session['provider_permissions']  = 'public'
-      end
-      j1_web_session['writer']                  = 'middleware'
-      session_json = j1_web_session.to_json
-      log_info! "ROOT", 'Cookie', 'Update web session data', "#{session_json}"
-      session_encoded = Base64.encode64(session_json)
-      response.set_cookie(
-          'j1.web.session',
-          domain: false,
-          value: session_encoded.to_s,
-          path: '/'
-      )
-    end
-    # General page detection (page auth pre-flight)
-    # --------------------------------------------------------------------------
-    before '/(pages|posts)/*' do
-      log_info! 'AuthManager', 'PreFlight', 'Initial checks initiated'
-      # read existing/current cookie 'j1.web.session'
-      # to update all data of j1_web_session (hash)
-      # if request.warden.user.respond_to?(:info)
-      # ------------------------------------------------------------------------
-      if env['HTTP_COOKIE'].include? 'j1.web.session'
-        session_encoded     = request.cookies['j1.web.session']
-        session_decoded     = Base64.decode64(session_encoded)
-        j1_web_session      = JSON.parse(session_decoded)
-        log_info! 'PreFlight', 'Cookie', 'Read web session data' # "#{session_decoded}"
-      else
-        requested_page                    = env['REQUEST_URI']
-        j1_web_session['requested_page']  = "#{env['REQUEST_URI']}"
-      end
-      # Create|Initialize the J1 web session cookie
-      # ------------------------------------------------------------------------
-      log_info! 'PreFlight', 'AuthCheck', 'Check authentication status'
-      if warden.authenticated?
-        user = warden.user
-        j1_web_session['authenticated']         = 'true'
-        j1_web_session['user_name']             = user[:info]['nickname']
-        j1_web_session['user_id']               = user[:uid]
-        j1_web_session['provider']              = user[:provider]
-        j1_web_session['provider_url']          = providers["#{user[:provider]}"]['provider_url']
-        j1_web_session['users_allowed']         = providers["#{user[:provider]}"]['users']#
-        j1_web_session['provider_permissions']  = providers["#{user[:provider]}"]['permissions']
-        j1_web_session['payment_status']        = user[:info][:payment_status]
-        j1_web_session['writer']                = 'middleware'
-        log_info! 'PreFlight', 'AuthCheck', 'User authenticated', "#{user[:info]['nickname']}"
-        session_json = j1_web_session.to_json
-        log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
-        session_encoded = Base64.encode64(session_json)
-        response.set_cookie(
-            'j1.web.session',
-            domain: false,
-            value: session_encoded.to_s,
-            path: '/'
-        )
-      end
-      # User state|content detection for implicit authentication
-      # ------------------------------------------------------------------------
-      log_info! 'PreFlight', 'CheckConfig', 'Authentication check', 'disabled' if authentication_enabled? == false
-      log_info! 'PreFlight', 'AuthCheck', 'Pass for all pages' if authentication_enabled? == false
-      pass if authentication_enabled? == false
-      log_info! 'PreFlight', 'CheckConfig', 'Authentication check', 'enabled'
-      log_info! 'PreFlight', 'DetectContent', 'Public content', 'YES' if public_content?
-      log_info! 'PreFlight', 'DetectContent', 'Pass all public content' if public_content?
-      pass if public_content?
-      log_info! 'PreFlight', 'DetectCookieConsent', 'Cookie Consent', "#{j1_web_session['cookies_accepted']}"
-      if j1_web_session['cookies_accepted'] === 'declined'
-        requested_page = env['REQUEST_URI']
-        requested_page.scan(/(protected|private)/) do |match|
-          category = match[0]
-          log_info! 'PreFlight', 'Redirect', 'Pass to dialog page (Cookie Consent)'
-          description_title = "Cookie consent declined"
-          redirect "/cookie_consent?provider=#{j1_web_session['provider']}&user=#{j1_web_session['user_name']}&category=#{category}&requested_page=#{requested_page}&title=#{description_title}"
-        end
-      end
-      log_info! 'PreFlight', 'DetectContent', 'Check content type'
-      requested_page = env['REQUEST_URI']
-      requested_page.scan(/(protected|private)/) do |match|
-        category = match[0]
-        log_info! 'PreFlight', 'DetectContent', 'Content type detected', "#{category}"
-        log_info! 'PreFlight', 'AuthCheck', 'Check authorisation status'
-        if warden.authenticated?
-          user_name = user[:info]['nickname']
-          log_info! 'PreFlight', 'AuthCheck', 'User detected', "#{user_name}"
-          current_provider  = warden.user[:provider]
-          # provider_strategy = strategies["#{default_provider}"]
-          strategy          = providers["#{current_provider}"]['strategy']
-          provider_strategy = :"#{strategy}"
-          j1_web_session['user_name']             = user_name
-          j1_web_session['provider_url']          = providers["#{current_provider}"]['provider_url']
-          j1_web_session['users_allowed']         = providers["#{current_provider}"]['users']
-          j1_web_session['provider_permissions']  = providers["#{user[:provider]}"]['permissions']
-          j1_web_session['requested_page']        = requested_page
-          log_info! 'PreFlight', 'ContentCheck', 'Check permissions'
-          if permissions[:"#{category}"].include? current_provider
-            log_info! 'PreFlight', 'ContentCheck', 'Provider detected', "#{current_provider}"
-            log_info! 'PreFlight', 'ContentCheck', 'Category detected', "#{category}"
-            log_info! 'PreFlight', 'ContentCheck', 'Category support', 'enabled'
-            # Check permissions
-            #
-            #log_info! 'Authorisation', 'ConditionCheck', 'Check permissions for provider', "#{current_provider}"
-            #conditions = J1App.conditions current_provider
-            # if conditions["#{category}"]
-            #   log_info! 'Authorisation', 'ConditionCheck', 'Conditions detected', "#{category}"
-            #   conditions["#{category}"].each do |k, v|
-            #     case k
-            #     when 'enabled'
-            #       log_info! 'Authorisation', 'ConditionCheck', "#{k}", "#{v}"
-            #     when 'users'
-            #       log_info! 'Authorisation', 'ConditionCheck', 'users'
-            #       v.each do |k, v|
-            #         log_info! 'Authorisation', 'ConditionCheck', "users - #{k}", "#{v}"
-            #       end
-            #     when 'payment'
-            #       log_info! 'Authorisation', 'ConditionCheck', 'payment'
-            #       v.each do |k, v|
-            #         case k
-            #         when 'tiers'
-            #           log_info! 'Authorisation', 'ConditionCheck', "payment - #{k}", "#{v}"
-            #         when 'tier'
-            #           v.each do |k, v|
-            #             log_info! 'Authorisation', 'ConditionCheck', 'payment - tiers - tier : ' "#{k}", "#{v}"
-            #           end
-            #         end
-            #       end
-            #     end
-            #   end
-            # end
-          else
-            provider  = permissions[:"#{category}"][0]
-            log_info! 'PreFlight', 'ContentCheck', 'Provider detected', "#{current_provider}"
-            log_info! 'PreFlight', 'ContentCheck', 'Category detected', "#{category}"
-            log_info! 'PreFlight', 'ContentCheck', 'Category supported', 'NO'
-            log_info! 'PreFlight', 'AuthCheck', 'Authorisation failed for user', "#{user_name}"
-            log_info! 'PreFlight', 'SignOut', 'Sign out user', "#{user_name}"
-            warden.logout
-            session.clear
-            session_json = j1_web_session.to_json
-            log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
-            session_encoded = Base64.encode64(session_json)
-            response.set_cookie(
-                'j1.web.session',
-                domain: false,
-                value: session_encoded.to_s,
-                path: '/'
-            )
-            log_info! 'PreFlight', 'Redirect', 'Call API request', 'PageValidate'
-            allowed_users = providers["#{provider}"]['users'].join(',')
-            redirect "/page_validation?provider=#{provider}&category=#{category}&page=#{requested_page}&allowed_users=#{allowed_users}"
-          end
-          time = Time.now.ctime.to_s
-          log_info! 'PreFlight', 'AuthCheck', 'Pass to requested page', "#{requested_page}"
-          log_info! 'PreFlight', 'AuthCheck', 'Set X-Response-Headers'
-          # See: https://stackoverflow.com/questions/10438276/how-to-disable-static-file-caching-in-rails-3-thin-on-windows
-          # response.headers["Cache-Control"]   = 'no-cache, no-store, max-age=0, must-revalidate'
-          # response.headers["Pragma"]          = 'no-cache'
-          # response.headers["Expires"]         = 'Fri, 01 Jan 1990 00:00:00 GMT'
-          response.headers['X-J1-AuthManager']  = "page-validated;category=#{category};called=" +  time
-          pass
-        else
-          log_info! 'PreFlight', 'AuthCheck', 'User detected', 'signed out'
-          default_provider = permissions[:"#{category}"][0]
-          log_info! 'PreFlight', 'AuthCheck', 'Set default provider', "#{default_provider}"
-          strategy          = providers["#{default_provider}"]['strategy']
-          provider_strategy = :"#{strategy}"
-          log_info! 'PreFlight', 'AuthCheck', 'Start processing provider', "#{default_provider}"
-          log_info! 'PreFlight', 'AuthCheck', 'Authentication strategy', "#{provider_strategy}"
-          case provider_strategy
-          when :org
-            warden.authenticate!
-            github_organization_authenticate! ENV['GITHUB_ORG_NAME']
-            logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} organization"
-          when :team
-            warden.authenticate!
-            github_team_authenticate! ENV['GITHUB_TEAM_ID']
-            logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} team"
-          when :teams
-            warden.authenticate!
-            github_teams_authenticate! ENV['GITHUB_TEAM_IDS'].split(',')
-            logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} team"
-          when :member
-            log_info! 'PreFlight', 'AuthCheck', 'Process authentication strategy'
-            if env['HTTP_COOKIE'].include? 'j1.web.session'
-              session_encoded   = request.cookies['j1.web.session']
-              session_decoded   = Base64.decode64(session_encoded)
-              log_info! 'PreFlight', 'Cookie', 'Read web session data'          # "#{session_decoded}"
-              j1_web_session    = JSON.parse(session_decoded)
-            end
-            # Update cookie data
-            # ----------------------------------------------------------------------
-            j1_web_session['provider_url']          = providers["#{default_provider}"]['provider_url']
-            j1_web_session['users_allowed']         = providers["#{default_provider}"]['users']
-            j1_web_session['provider_permissions']  = providers["#{default_provider}"]['permissions']
-            j1_web_session['requested_page']        = env['REQUEST_URI']
-            j1_web_session['writer']                = 'middleware'
-            # write updated J1 session cookie
-            #
-            session_json = j1_web_session.to_json
-            session_encoded = Base64.encode64(session_json)
-            log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
-            response.set_cookie(
-                'j1.web.session',
-                domain: false,
-                value: session_encoded.to_s,
-                path: '/'
-            )
-            allowed_users   = providers["#{default_provider}"]['users'].join(',')
-            requested_page  = env['REQUEST_URI']
-            log_info! 'PreFlight', 'Redirect', 'Call API request', 'PageValidate'
-            redirect "/page_validation?provider=#{default_provider}&category=#{category}&page=#{requested_page}&allowed_users=#{allowed_users}"
-          else
-            raise J1App::ConfigError
-          end
-        end
-      end
-    end
-    # ==========================================================================
-    # API ENDPOINTS (Sinatra HANDLERS)
-    # ==========================================================================
-    # ENDPOINT authentication (called from WEB by auth client)
-    # --------------------------------------------------------------------------
-    get '/authentication' do
-      # collect (common) GET parameter|s
-      #
-      request   = params.fetch('request')
-      provider  = params.fetch('provider')
-      log_info! 'API', 'Authentication', 'Authentication request received'
-      # SignIn
-      # ------------------------------------------------------------------------
-      if request === 'signin'
-        log_info! 'Authentication', 'SignIn', 'Called for provider', "#{provider}"
-        # collect (additional) GET parameter|s
-        # ----------------------------------------------------------------------
-        allowed_users                   =  params.fetch('allowed_users')
-        j1_web_session['users_allowed'] = allowed_users
-        j1_web_session['writer']        = 'middleware'
-        # Write updated J1 session data to cookie
-        # --------------------------------------------------------------------
-        session_json = j1_web_session.to_json
-        log_info! 'Authentication', 'Cookie', 'Write web session data', "#{session_json}"
-        session_encoded = Base64.encode64(session_json)
-        response.set_cookie(
-            'j1.web.session',
-            domain: false,
-            value: session_encoded.to_s,
-            path: '/'
-        )
-        if warden.authenticated?
-          log_info! 'Authentication', 'SignIn', 'User already signed in', "#{warden.user[:info]['nickname']} "
-        else
-          log_info! 'Authentication', 'SignIn', 'Initiate OmniAuth authentication'
-          # Make (really) sure that old session is cleared before login
-          # --------------------------------------------------------------------
-          warden.logout
-          session.clear
-          warden.authenticate! :"omni_#{provider}"
-        end
-        # SignOut
-        # ------------------------------------------------------------------------
-      elsif request === 'signout'
-        # collect (additional) GET parameter|s
-        provider_signout = params.fetch('provider_signout')
-        log_info! 'Authentication', 'SignOut', 'Called for provider', #{provider}"
-                  if warden.authenticated?
-                    user         = warden.user[:info]['nickname']
-                    provider     = warden.user[:provider]
-                    provider_url = j1_web_session['provider_url']
-                    log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
-                    warden.logout
-                    session.clear
-                    # Read current J1 web session cookie
-                    # --------------------------------------------------------------------
-                    if env['HTTP_COOKIE'].include? 'j1.web.session'
-                      session_encoded = env['rack.request.cookie_hash']['j1.web.session']
-                      session_decoded = Base64.decode64(session_encoded)
-                      log_info! 'Authentication', 'Cookie', 'Read web session data' # #{session_decoded}"
-                      j1_web_session = JSON.parse(session_decoded)
-                    else
-                      j1_web_session['requested_page'] = env['REQUEST_URI']
-                    end
-                    # Update J1 web session data
-                    # --------------------------------------------------------------------
-                    j1_web_session['user_name']             = 'visitor'
-                    j1_web_session['user_id']               = 'unknown'
-                    j1_web_session['users_allowed']         = 'all'
-                    j1_web_session['payment_status']        = 'unknown'
-                    j1_web_session['provider']              = 'j1'
-                    j1_web_session['provider_url']          = 'https://jekyll.one'
-                    j1_web_session['provider_permissions']  = 'public'
-                    j1_web_session['authenticated']         = 'false'
-                    j1_web_session['writer']                = 'middleware'
-                    # Write updated J1 session data to cookie
-                    # --------------------------------------------------------------------
-                    session_json = j1_web_session.to_json
-                    log_info! 'Authentication', 'Cookie', 'Write web session data', "#{session_json}"
-                    session_encoded = Base64.encode64(session_json)
-                    response.set_cookie(
-                        'j1.web.session',
-                        domain: false,
-                        value: session_encoded.to_s,
-                        path: '/'
-                    )
-                    if provider_signout === 'true'
-                      log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
-                      log_info! 'Authentication', 'SignOut', 'Sign out from', "#{provider}"
-                      log_info! 'Authentication', 'Redirect', 'Pass to provider', "#{provider_url}"
-                      redirect "#{provider_url}"
-                    else
-                      log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
-                      log_info! 'Authentication', 'SignOut', 'Sign out from', "session"
-                      # If signed out, redirect ONLY for PUBLIC pages
-                      # ------------------------------------------------------------------
-                      if redirect_whitelisted?j1_web_session['requested_page']
-                        log_info! 'Authentication', 'Redirect', 'Pass to page', "#{j1_web_session['requested_page']}"
-                        redirect j1_web_session['requested_page']
-                      else
-                        log_info! 'Authentication', 'Redirect', 'Redirect NOT whitelisted'
-                        log_info! 'Authentication', 'Redirect', 'Pass to page', "/"
-                        redirect '/'
-                      end
-                    end
-                  else
-                    # THIS condition should NEVER REACHED because NO logout dialog
-                    # (modal) is provided by the auth client if a user isn't signed in.
-                    # Kept this alternative for cases something went wrong.
-                    # --------------------------------------------------------------------
-                    log_info! 'Authentication', 'API', 'DEAD PATH: Called for sign out', 'NOT signed in'
-                    # Read current J1 session cookie
-                    # --------------------------------------------------------------------
-                    if env['HTTP_COOKIE'].include? 'j1.web.session'
-                      session_encoded   = env['rack.request.cookie_hash']['j1.web.session']
-                      session_decoded   = Base64.decode64(session_encoded)
-                      j1_web_session  = JSON.parse(session_decoded)
-                      log_info! 'Authentication', 'Cookie', 'DEAD PATH. Read web session data' # #{session_decoded}"
-                    else
-                      j1_web_session['requested_page'] = env['REQUEST_URI']
-                    end
-                    # Update J1 web session data
-                    # --------------------------------------------------------------------
-                    j1_web_session['user_name']             = 'visitor'
-                    j1_web_session['user_id']               = 'unknown'
-                    j1_web_session['users_allowed']         = 'all'
-                    j1_web_session['payment_status']        = 'unknown'
-                    j1_web_session['provider']              = 'j1'
-                    j1_web_session['provider_url']          = 'https://jekyll.one'
-                    j1_web_session['provider_permissions']  = 'public'
-                    j1_web_session['authenticated']         = 'false'
-                    j1_web_session['writer']                = 'middleware'
-                    # Write updated J1 session data to cookie
-                    # --------------------------------------------------------------------
-                    session_json = j1_web_session.to_json
-                    log_info! 'Authentication', 'Cookie', 'DEAD PATH. Write web session data', "#{session_json}"
-                    session_encoded = Base64.encode64(session_json)
-                    response.set_cookie(
-                        'j1.web.session',
-                        domain: false,
-                        value: session_encoded.to_s,
-                        path: '/'
-                    )
-                    log_info! 'Post Authentication', 'Redirect', 'DEAD PATH: Pass to requested page', "#{j1_web_session['requested_page']}"
-                    redirect j1_web_session['requested_page']
-                  end
-      else
-        raise J1App::ConfigError
-      end
-    end
-    # END: get '/authentication'
-    # --------------------------------------------------------------------------
-    # ENDPOINT post_authentication (called after a user is back from OAuth Provider)
-    # --------------------------------------------------------------------------
-    get '/post_authentication' do
-      reward = {
-          :id    => 'unknown',
-          :name  => 'unknown',
-          :link  => '#'
-      }
-      campaign = {
-          :id    => 'unknown',
-          :link  => '#'
-      }
-      log_info! 'API', 'Post Authentication', 'Identification request received'
-      log_info! 'Post Authentication',  'Cookie', 'Read web session data'
-      session_encoded   = request.cookies['j1.web.session']
-      session_decoded   = Base64.decode64(session_encoded)
-      j1_web_session    = JSON.parse(session_decoded)
-      user                              = warden.user
-      user_json                         = user.to_json
-      if user[:provider] === 'disqus'
-        user[:info][:urls][:site]       = "https://disqus.com"
-        user[:info][:urls][:home]       = user[:info]['urls']['profileUrl']
-        user[:info][:urls][:blog]       = "https://disqus.com/by/juergen_adams/"
-        user[:info][:urls][:member]     = user[:info]['urls']['profileUrl']
-      end
-      if user[:provider] === 'github'
-        user[:info][:urls][:site]       = "https://github.com"
-        user[:info][:urls][:home]       = user[:info]['urls']['GitHub']
-        user[:info][:urls][:blog]       = "https://github.com/jekyll-one"
-        user[:info][:urls][:member]     = user[:info]['urls']['Blog']
-      end
-      if user[:provider] === 'patreon'
-        user[:info][:urls][:site]       = "https://patreon.com"
-        user[:info][:urls][:home]       = "https://patreon.com/home"
-        user[:info][:urls][:blog]       = "https://patreon.com/jekyll_one"
-        unless user[:info]['payment_info'].empty?
-          reward_url                    = user[:info]['payment_info']['relationships']['reward']['links']['related']
-          reward_json                   = RestClient.get "#{reward_url}", {:content_type => :json, :accept => :json}
-          reward_data                   = JSON.parse(reward_json)
-          user[:info][:urls][:member]   = "https://patreon.com" + reward_data['data']['attributes']['url']
-          user[:info][:payment_status]  = user[:info]['payment_info']['attributes']['declined_since'].nil? ? 'true' : 'false'
-        else
-          reward_url                    = ""
-          reward_json                   = ""
-          reward_data                   = ""
-          user[:info][:payment_status]  = 'false'
-        end
-        unless reward_data.empty?
-          reward[:id]                   = reward_data['data']['id']
-          reward[:name]                 = reward_data['data']['attributes']['title']
-          reward[:link]                 = "https://patreon.com" + reward_data['data']['attributes']['url']
-          campaign[:id]                 = reward_data['data']['relationships']['campaign']['data']['id']
-          campaign[:link]               = reward_data['data']['relationships']['campaign']['links']['related']
-        else
-          reward[:id]                   = ""
-          reward[:name]                 = "no tiers"
-          reward[:link]                 = ""
-          campaign[:id]                 = ""
-          campaign[:link]               = ""
-        end
-      end
-      user[:extra][:reward]             = reward
-      user[:extra][:campaign]           = campaign
-      if user.nil?
-        # Collection of session data failed (e.g cookie > 4K)
-        #
-        log_info! 'Post Authentication', 'Identification', 'Internal error', 'User identification failed'
-        warden.logout
-        session.clear
-        log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-        description_title = "Access Denied"
-        redirect "/access_denied?provider=unknown&user=unknown&category=unknown&title=#{description_title}"
-      else
-        log_info! 'Post Authentication', 'Identification', 'User identified successfully'
-        log_info! 'Post Authentication',  'Cookie', 'Update web session data'    # "#{j1_web_session}"
-        j1_web_session['user_name']             = user[:info]['nickname']
-        j1_web_session['user_id']               = user[:uid]
-        j1_web_session['provider']              = user[:provider]
-        j1_web_session['provider_membership']   = 'member'
-        j1_web_session['provider_permissions']  = providers["#{user[:provider]}"]['permissions']
-        j1_web_session['authenticated']         = 'true'
-        j1_web_session['payment_status']        = user[:info][:payment_status]
-        j1_web_session['writer']                = 'middleware'
-        current_user                            = user[:info]['nickname']  = user[:info]['nickname']
-        current_provider                        = user[:provider]
-        j1_web_session['requested_page'].scan(/(protected|private)/) do |match|
-          # Set category from requested page
-          #
-          category = match[0]
-          log_info! 'Post Authentication', 'Identification', 'Process content type', "#{category}"
-          # Check if user is allowed to access protected content in GENERAL
-          #
-          log_info! 'Post Authentication', 'Identification', 'Check for allowed users'
-          unless j1_web_session['users_allowed'].include? 'all'
-            unless j1_web_session['users_allowed'].include? "#{current_user}"
-              log_info! 'Post Authentication', 'Identification', 'User not allowed', "#{current_user}"
-              log_info! 'Post Authentication', 'Identification', 'Allowed users', "#{j1_web_session['users_allowed']}"
-              log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
-              warden.logout
-              session.clear
-              log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-              description_title = "Access Denied"
-              redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-            end
-          end
-          log_info! 'Post Authentication', 'Identification', 'Allowed users', "#{j1_web_session['users_allowed']}"
-          # Check conditions to access protected content (if any)
-          #
-          log_info! 'Post Authentication', 'Identification', 'Check for conditions', "#{current_provider}"
-          check_conditions = providers["#{user[:provider]}"]['conditions'][category]['enabled']
-          if check_conditions
-            if providers["#{user[:provider]}"]['conditions'][category]['users']['whitelist'].nil?
-              category_whitelist = 'all'
-            else
-              category_whitelist = providers["#{user[:provider]}"]['conditions'][category]['users']['whitelist']
-            end
-            # Check if user is BLACKLISTED
-            #
-            blacklist = providers["#{user[:provider]}"]['conditions'][category]['users']['blacklist']
-            if blacklist.include? "#{current_user}"
-              log_info! 'Post Authentication', 'Identification', 'Check blacklisting'
-              log_info! 'Post Authentication', 'Identification', 'User blacklisted', "#{current_user}"
-              user[:info][:blacklisted] = 'true'
-              log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
-              warden.logout
-              session.clear
-              log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-              description_title = "Access Denied"
-              redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-            end
-            log_info! 'Post Authentication', 'Identification', 'Check whitelisting'
-            if category_whitelisted? category_whitelist, current_user
-              user[:info][:whitelisted]   = 'true'
-              reward[:name]               = 'whitelisted'
-              log_info! 'Post Authentication', 'Identification', 'User whitelisted', "#{current_user}"
-              log_info! 'Post Authentication', 'Identification', 'Reward set to', 'Whitelisted'
-            else
-              log_info! 'Post Authentication', 'Identification', 'No whitelisting found', "#{current_user}"
-            end
-            log_info! 'Post Authentication', 'Identification', 'Check conditions'
-            unless category_whitelisted? category_whitelist, current_user
-              log_info! 'Post Authentication', 'Identification', 'Check rewards'
-              payment_tiers = providers["#{user[:provider]}"]['conditions'][category]['payment']['activated']
-              log_info! 'Post Authentication', 'Identification', 'Check rewards', "#{current_user}"
-              if payment_activated? payment_tiers
-                log_info! 'Post Authentication', 'Identification', 'Reward found', "#{reward[:name]}"
-                # Check if any payment exists for that user
-                #
-                log_info! 'Post Authentication', 'Identification', 'Check payment status'
-                if user[:info]['payment_info'].empty?
-                  log_info! 'Post Authentication', 'Identification', 'Payment status: NOT AVAILABLE', "#{current_user}"
-                  log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
-                  warden.logout
-                  session.clear
-                  log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-                  description_title = "Access Denied"
-                  redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-                end
-                # Check for VALID payments (scope: pledge-to-me)
-                #
-                payment_status = user[:info]['payment_info']['attributes']['declined_since']
-                unless payment_valid? payment_status
-                  log_info! 'Post Authentication', 'Identification', 'Payment status INVALID', "#{current_user}"
-                  log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
-                  warden.logout
-                  session.clear
-                  log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-                  description_title = "Access Denied"
-                  redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-                else
-                  log_info! 'Post Authentication', 'Identification', 'Payment status VALID', "#{current_user}"
-                end
-              end
-            end
-            # end category_whitelisted
-          else
-            category_condition_state = providers["#{user[:provider]}"]['conditions'][category]['enabled']
-            log_info! 'Post Authentication', 'Identification', 'Category check failed for', "#{current_provider}"
-            log_info! 'Post Authentication', 'Identification', "Category checked", "#{category}"
-            log_info! 'Post Authentication', 'Identification', "Category support", "#{category_condition_state}"
-            warden.logout
-            session.clear
-            log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-            description_title = "Access Denied"
-            redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-          end
-          # end check conditions
-        end
-        # end protected content
-      end
-      # end user.nil?
-      # redirect authenticated|validated user to requested page
-      #
-      j1_web_session['provider']      = current_provider
-      j1_web_session['users_allowed'] = providers["#{current_provider}"]['users']
-      # TODO: Add membership|product specific data for the SideBar
-      # write updated J1 session data to cookie
-      #
-      session_json = j1_web_session.to_json
-      log_info! 'Post Authentication', 'Cookie', 'Write web session data', "#{session_json}"
-      session_encoded = Base64.encode64(session_json)
-      response.set_cookie(
-          'j1.web.session',
-          domain: false,
-          value: session_encoded.to_s,
-          path: '/'
-      )
-      time = Time.now.ctime.to_s
-      log_info! 'Post Authentication', 'Identification', 'Provider', "#{user[:provider]}"
-      log_info! 'Post Authentication', 'Identification', 'User', "#{user[:info]['nickname']}"
-      log_info! 'Post Authentication', 'Redirect', 'Set Last-Modified', "#{time}"
-      log_info! 'Post Authentication', 'Redirect', 'Pass to requested page', "#{j1_web_session['requested_page']}"
-      response.headers['Last-Modified'] = time
-      response.headers['Cache-Control'] = 'private,max-age=0,must-revalidate,no-store'
-      redirect j1_web_session['requested_page']
-    end
-    # END: get /post_authentication
-    # --------------------------------------------------------------------------
-    # ENDPOINT status (called from WEB to get current state of an user)
-    # --------------------------------------------------------------------------
-    get '/status' do
-      session_encoded   = request.cookies['j1.web.session']
-      session_decoded   = Base64.decode64(session_encoded)
-      j1_web_session    = JSON.parse(session_decoded)
-      log_info! 'API', 'Status Request', 'Info request received'
-      # if request.warden.user.respond_to?(:info)
-      #
-      if warden.authenticated?
-        user_name               = warden.user[:info]['nickname']
-        user_id                 = warden.user[:uid]
-        provider                = warden.user[:provider]
-        provider_permissions    = j1_web_session['provider_permissions']
-        provider_site_url       = warden.user[:info][:urls][:site]
-        provider_home_url       = warden.user[:info][:urls][:home]
-        provider_blog_url       = warden.user[:info][:urls][:blog]
-        provider_member_url     = warden.user[:info][:urls][:member]
-        if provider == 'patreon'
-          provider_membership   = warden.user[:extra][:reward][:name]
-          provider_member_url   = warden.user[:extra][:reward][:link]
-        else
-          provider_membership   = 'member'
-          provider_member_url   = '#'
-        end
-        log_info! 'API', 'Status Request', 'User detected as signed in', "#{user_name}"
-      else
-        user_name = 'unknown'
-        log_info! 'API', 'Status Request', 'User detected', 'signed out'
-      end
-      # if request.warden.authenticated?
-      #
-      if user_name != 'unknown'
-        log_info! 'API', 'Status Request', 'Send data', 'SIGNED_IN'
-        content_type 'application/json'
-        {
-            user_name:                user_name,
-            user_id:                  user_id,
-            provider:                 provider,
-            provider_membership:      provider_membership,
-            provider_permissions:     provider_permissions,
-            provider_site_url:        provider_site_url,
-            provider_home_url:        provider_home_url,
-            provider_blog_url:        provider_blog_url,
-            provider_member_url:      provider_member_url,
-            status:                   'signed in'
-        }.to_json
-      else
-        log_info! 'API', 'Status Request', 'Send data', 'SIGNED_OUT'
-        content_type 'application/json'
-        {
-            user_name:                'visitor',
-            user_id:                  'unknown',
-            provider:                 'j1',
-            provider_membership:      'guest',
-            provider_permissions:     'public',
-            provider_site_url:        '#',
-            provider_home_url:        '#',
-            provider_blog_url:        '#',
-            provider_member_url:      '#',
-            status:                   'signed out'
-        }.to_json
-      end
-    end
-    # END: get /status
-    # --------------------------------------------------------------------------
-    # ENDPOINT  cookie_consent (exception, called from the app|auth manager)
-    # --------------------------------------------------------------------------
-    get '/cookie_consent' do
-      provider          = params.fetch('provider')
-      category          = params.fetch('category')
-      user              = params.fetch('user')
-      requested_page    = params.fetch('requested_page')
-      description_title = params.fetch('title')
-      log_info! 'API', 'ExceptionHandler', 'Request received'
-      log_info! 'ExceptionHandler', 'ERROR', 'Cookies declined'
-      log_info! 'ExceptionHandler', 'Redirect', 'Pass to dialog page', 'Cookie Consent'
-      # Capitalize first char
-      provider                = provider.sub(/^./, &:upcase)
-      route                   = requested_page
-      @route                  = route
-      @provider               = provider
-      @modal                  = "centralCookieConsent"
-      @info_type              = "danger"
-      @modal_icon             = "cookie"
-      @modal_agreed_text      = "Yes, please"
-      @modal_disagreed_text   = "No, thanks"
-      @modal_title            = "Authentication Manager"
-      # @modal_description    = "<h4>#{description_title}</h4><br /><br />User <b>#{user}</b> from provider <b>#{provider}</b> requested access on <b>#{category}</b> pages.<br /> In order to continue, you need to accept on <b>Cookies</b>."
-      @modal_description      = "<h4>#{description_title}</h4><br /><br /> In order to continue, you need to accept on <b>Cookies</b>."
-      erb :auth_manager_ui
-    end
-    # END: get /cookies_rejected
-    # --------------------------------------------------------------------------
-    #  ENDPOINT access_denied (exception, called from the app|auth manager)
-    # --------------------------------------------------------------------------
-    get '/access_denied' do
-      provider          = params.fetch('provider')
-      category          = params.fetch('category')
-      user              = params.fetch('user')
-      description_title = params.fetch('title')
-      log_info! 'API', 'ExceptionHandler', 'Request received'
-      log_info! 'ExceptionHandler', 'ERROR', 'Access Denied'
-      session_encoded = request.cookies['j1.web.session']
-      session_decoded = Base64.decode64(session_encoded)
-      j1_web_session  = JSON.parse(session_decoded)
-      # Update J1 web session data
-      # --------------------------------------------------------------------
-      j1_web_session['user_name']             = user
-      # j1_web_session['user_id']               = 'unknown'
-      # j1_web_session['users_allowed']         = 'unknown'
-      # j1_web_session['payment_status']        = 'unknown'
-      j1_web_session['provider']              = provider
-      # j1_web_session['provider_url']          = 'unknown'
-      # j1_web_session['provider_permissions']  = 'unknown'
-      # j1_web_session['authenticated']         = 'false'
-      j1_web_session['writer']                = 'middleware'
-      log_info! 'ExceptionHandler', 'Cookie', 'Write web session data', "#{session_json}"
-      # write updated J1 session data to cookie
-      #
-      session_json = j1_web_session.to_json
-      session_encoded = Base64.encode64(session_json)
-      response.set_cookie(
-          'j1.web.session',
-          domain: false,
-          value: session_encoded.to_s,
-          path: '/'
-      )
-      log_info! 'ExceptionHandler', 'Redirect', 'Pass to error page', "Access Denied"
-      # Capitalize first char
-      provider  =  provider.sub(/^./, &:upcase)
-      route     = '/'
-      @route                  = route
-      @provider               = provider
-      @modal                  = "centralModalInfo"
-      @info_type              = "danger"
-      @modal_icon             = "account-off"
-      @modal_ok_text          = "Ok, understood"
-      @modal_title            = "Authentication Manager"
-      @modal_description      = "<h4>#{description_title}</h4></br></br> User <b>#{user}</b> from provider <b>#{provider}</b> is not allowed to access <b>#{category}</b> pages."
-      erb :auth_manager_ui
-    end
-    # END: get '/access_denied'
-    # --------------------------------------------------------------------------
-    # ENDPOINT  invalid_funds (exception, called from the app|auth manager)
-    # --------------------------------------------------------------------------
-    get '/invalid_funds' do
-      provider          = params.fetch('provider')
-      category          = params.fetch('category')
-      user              = params.fetch('user')
-      description_title = params.fetch('title')
-      log_info! 'API', 'ExceptionHandler', 'Request received'
-      log_info! 'ExceptionHandler', 'ERROR', 'Invalid Funds'
-      session_encoded = request.cookies['j1.web.session']
-      session_decoded = Base64.decode64(session_encoded)
-      j1_web_session  = JSON.parse(session_decoded)
-      # Update J1 web session data
-      # --------------------------------------------------------------------
-      j1_web_session['user_name']             = user
-      # j1_web_session['user_id']               = 'unknown'
-      # j1_web_session['users_allowed']         = 'unknown'
-      # j1_web_session['payment_status']        = 'unknown'
-      j1_web_session['provider']              = provider
-      # j1_web_session['provider_url']          = 'unknown'
-      # j1_web_session['provider_permissions']  = 'unknown'
-      # j1_web_session['authenticated']         = 'false'
-      j1_web_session['writer']                = 'middleware'
-      log_info! 'ExceptionHandler', 'Cookie', 'Write web session data', "#{session_json}"
-      # write updated J1 session data to cookie
-      #
-      log_info! 'API', 'Exception Handler', 'ERROR', 'Invalid Funds'
-      session_json = j1_web_session.to_json
-      session_encoded = Base64.encode64(session_json)
-      response.set_cookie(
-          'j1.web.session',
-          domain: false,
-          value: session_encoded.to_s,
-          path: '/'
-      )
-      log_info! 'ExceptionHandler', 'Redirect', 'Pass to error page', 'Invalid Funds'
-      # Capitalize first char
-      provider  =  provider.sub(/^./, &:upcase)
-      route     = '/'
-      @route                  = route
-      @provider               = provider
-      @modal                  = "centralModalInfo"
-      @info_type              = "danger"
-      @modal_icon             = "account-off"
-      @modal_ok_text          = "Ok, understood"
-      @modal_title            = "Authentication Manager"
-      @modal_description      = "<h4>#{description_title}</h4></br></br> User <b>#{user}</b> from provider <b>#{provider}</b> is not allowed to access <b>#{category}</b> pages."
-      erb :auth_manager_ui
-    end
-    # END: get /invalid_funds
-    # --------------------------------------------------------------------------
-    # access_protected_content ENDPOINT called from the app (auth manager)
-    # --------------------------------------------------------------------------
-    get '/page_validation' do
-      provider        = params.fetch('provider')
-      allowed_users   = params.fetch('allowed_users')
-      page            = params.fetch('page')
-      category        = params.fetch('category')
-      log_info! 'API', 'PageAccessControl', 'PageValidate request received'
-      # Capitalize first char
-      # provider        =  provider.sub(/^./, &:upcase)
-      log_info! 'PageAccessControl', 'AuthCheck', 'Check provider', "#{provider}"
-      # jadams, 2019-03-16: Hier ist das Problem
-      #
-      if warden.authenticated?
-        log_info! 'PageAccessControl', 'AuthCheck', 'Grant access for', "#{provider}"
-        log_info! 'PageAccessControl', 'Redirect', 'Pass to page', "#{page}"
-        route = page
-      else
-        log_info! 'PageAccessControl', 'AuthCheck', 'Authentication failed', "#{provider}"
-        route = "/authentication?request=signin&provider=#{provider}&allowed_users=#{allowed_users}"
-      end
-      log_info! 'PageAccessControl', 'Redirect', 'Pass to SignIn dialog, page', "#{page}"
-      # Capitalize first char
-      provider                =  provider.sub(/^./, &:upcase)
-      @provider               = provider
-      @route                  = route
-      @modal                  = "signInProtectedContent"
-      @modal_icon             = "login"
-      @modal_agreed_text      = "Yes, please"
-      @modal_disagreed_text   = "No, thanks"
-      @modal_title            = "SignIn"
-      @modal_image            = "/assets/images/attics/admin-dashboard-bootstrap-1280x600.png"
-      @modal_description      = "The page <b>#{page}</b> you requested belongs to <b>#{category}</b> content. You'll be redirected to authenticate with the provider <b>#{provider}</b>. If signed in successfully, you get access to all <b>#{category} pages</b>."
-      erb :auth_manager_ui
-    end
-    # END: get '/page_validation
-    # --------------------------------------------------------------------------
-    # ENDPOINT iframe
-    # --------------------------------------------------------------------------
-    get '/iframe' do
-      @website_url = "https://jekyll-one.github.io/"
-      erb :iframe
-    end
-    # Workaround to rescue OmniAuth::Strategies::OAuth2::CallbackError?
-    # for chromium based browsers (e.g. google-chrome)
-    # ------------------------------------------------------------------------
-    get '/redirect_requested_page' do
-      log_info! 'Fallback', 'Redirect', 'Pass to requested page', "#{j1_web_session['requested_page']}"
-      redirect j1_web_session['requested_page']
-    end
-    # END: get /iframe
-    # --------------------------------------------------------------------------
-  end
-end