RubyGems - j1_template - Versions diffs - 2019.4.10 → 2019.4.11 - Mend

j1_template 2019.4.10 → 2019.4.11

Files changed (60) hide show

checksums.yaml +4 -4
data/lib/j1/version.rb +1 -1
data/lib/starter_web/Gemfile +1 -1
data/lib/starter_web/_cc_test_data/_config.yml +1 -1
data/lib/starter_web/_config.yml +1 -1
data/lib/starter_web/assets/themes/j1/core/js/j1.js +9 -1
data/lib/starter_web/package.json +1 -1
data/lib/starter_web/pages/public/start/downloads/quickstarter/100_linux_starter.adoc +1 -1
data/lib/starter_web/utilsrv/_defaults/package.json +1 -1
data/lib/starter_web/utilsrv/package.json +1 -1
metadata +15 -50
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.before_merge_added.rb +0 -1267
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.new.rb +0 -1121
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.no_cookie.mgmt.rb +0 -1130
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.ok.rb +0 -1130
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.org.2.rb +0 -1086
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.org.rb +0 -1548
data/lib/j1_app/j1_auth_manager/_unused/auth_manager.update.web_cookie.rb +0 -1333
data/lib/j1_app/j1_auth_manager/_unused/auth_manager_ui.2.erb +0 -198
data/lib/j1_app/j1_auth_manager/_unused/auth_manager_ui.additional_inits.erb +0 -254
data/lib/j1_app/j1_auth_manager/_unused/auth_manager_ui.manage.cookies.erb +0 -255
data/lib/starter_web/assets/_data/_temp/_banner.html +0 -421
data/lib/starter_web/assets/_data/_temp/_panel.html +0 -585
data/lib/starter_web/assets/_data/_temp/banner.case.snippet.html.asciidoc +0 -91
data/lib/starter_web/assets/_data/_temp/banner.new.html.asciidoc +0 -559
data/lib/starter_web/assets/_data/_temp/banner.with.defaults.html.asciidoc +0 -547
data/lib/starter_web/assets/_data/_temp/footer.html.new +0 -228
data/lib/starter_web/assets/_data/_temp/footer.html.org +0 -234
data/lib/starter_web/assets/_data/_temp/footer.old.html +0 -231
data/lib/starter_web/assets/_data/_temp/footer_new.html +0 -226
data/lib/starter_web/assets/_data/_temp/footer_old.html +0 -222
data/lib/starter_web/assets/_data/_temp/menu.old.html +0 -462
data/lib/starter_web/assets/_data/_temp/panel.new.html +0 -560
data/lib/starter_web/assets/_data/_temp/panel.old.html +0 -597
data/lib/starter_web/assets/_data/_temp/panel.org.html +0 -597
data/lib/starter_web/assets/_data/animate.json +0 -120
data/lib/starter_web/assets/_data/ascii_code_table.json +0 -1794
data/lib/starter_web/assets/_data/authclient.html +0 -365
data/lib/starter_web/assets/_data/banner.html +0 -431
data/lib/starter_web/assets/_data/carousel.json +0 -110
data/lib/starter_web/assets/_data/colors.json +0 -43
data/lib/starter_web/assets/_data/cookie_consent.html +0 -225
data/lib/starter_web/assets/_data/countries.json +0 -974
data/lib/starter_web/assets/_data/font_sizes.json +0 -43
data/lib/starter_web/assets/_data/fontawesome_icons.json +0 -5525
data/lib/starter_web/assets/_data/footer.html +0 -239
data/lib/starter_web/assets/_data/galleries.json +0 -160
data/lib/starter_web/assets/_data/mdi_icons.json +0 -14641
data/lib/starter_web/assets/_data/menu.html +0 -469
data/lib/starter_web/assets/_data/messages.yml +0 -130
data/lib/starter_web/assets/_data/objects.json +0 -458
data/lib/starter_web/assets/_data/panel.html +0 -501
data/lib/starter_web/assets/_data/panel.new.html +0 -498
data/lib/starter_web/assets/_data/quicklinks.html +0 -178
data/lib/starter_web/assets/_data/search.yml +0 -131
data/lib/starter_web/assets/_data/sidebar.html +0 -261
data/lib/starter_web/assets/_data/themes.json +0 -59
data/lib/starter_web/assets/_data/twa_v1.json +0 -6978
data/lib/starter_web/assets/_data/twa_v2.json +0 -12812
data/lib/starter_web/assets/_data/webhook.html +0 -190

data/lib/j1_app/j1_auth_manager/_unused/auth_manager.before_merge_added.rb DELETED Viewed

@@ -1,1267 +0,0 @@
-# RuboCops - Documentation
-# ------------------------------------------------------------------------------
-# See: https://rubocop.readthedocs.io/en/latest/
-# RuboCops - Disabled Cops
-# ------------------------------------------------------------------------------
-# rubocop:disable Metrics/BlockLength
-# rubocop:disable Metrics/ClassLength
-# rubocop:disable Metrics/LineLength
-# rubocop:disable Style/StringLiterals
-# rubocop:disable Style/Documentation
-# rubocop:disable Metrics/BlockNesting
-# rubocop:disable Layout/ClosingParenthesisIndentation
-# rubocop:disable Layout/LeadingCommentSpace
-# rubocop:disable Layout/EmptyLines
-# rubocop:disable Layout/EmptyLinesAroundBlockBody
-# rubocop:disable Layout/FirstParameterIndentation
-# rubocop:disable Layout/CommentIndentation
-# rubocop:disable Layout/AlignParameters
-# rubocop:disable Layout/AlignHash
-# rubocop:disable Layout/TrailingWhitespace
-# rubocop:disable Layout/IndentHash
-# rubocop:disable Layout/SpaceAroundOperators
-# rubocop:disable Layout/ExtraSpacing
-# rubocop:disable Style/UnlessElse
-# rubocop:disable Style/HashSyntax
-# ------------------------------------------------------------------------------
-#  ~/lib/j1_auth_manager/auth_manager/.rb
-#
-#  Provides authentication services based on Warden|OmniAuth
-#
-#  Product/Info:
-#  https://jekyll.one
-#
-#  Copyright (C) 2019 Juergen Adams
-#
-#  J1 Template is licensed under the MIT License.
-#  See: https://github.com/jekyll-one-org/j1_template/blob/master/LICENSE
-#
-# ------------------------------------------------------------------------------
-# NOTES
-#
-# ------------------------------------------------------------------------------
-# frozen_string_literal: true
-module J1App
-  class AuthManager < Sinatra::Base
-    include J1App::Helpers
-    include J1App::GithubHelpers
-    # ==========================================================================
-    # Sinatra Framework settings
-    # ==========================================================================
-    # NOTE: https://stackoverflow.com/questions/7847536/sinatra-in-facebook-iframe
-    #
-    #set :protection, :except => :frame_options
-    # Check: http://sinatrarb.com/intro.html
-    #
-    #set :static_cache_control, [:public, :max_age => 10]
-    # ==========================================================================
-    # Base App and Warden Framework settings
-    # ==========================================================================
-    # j1_web_session = {
-    #     :authenticated       => 'false',
-    #     :requested_page      => '/',
-    #     :user_name           => 'unknown',
-    #     :users_allowed       => 'unknown',
-    #     :user_id             => 'unknown',
-    #     :provider            => 'unknown',
-    #     :provider_url        => '/',
-    #     :payment_info        => 'unknown',
-    #     :permissions         => 'unknown',
-    #     :writer              => 'middleware'
-    # }
-    j1_web_session = {
-        :authenticated        => 'false',
-        :requested_page       => '/',
-        :user_name            => 'visitor',
-        :users_allowed        => 'all',
-        :user_id              => 'unknown',
-        :provider             => 'j1',
-        :provider_membership  => 'guest',
-        :provider_url         => 'https://jekyll.one',
-        :payment_info         => 'unknown',
-        :provider_permissions => 'public',
-        :writer               => 'middleware'
-    }
-    # Enable SSL for the rack session if configured
-    # --------------------------------------------------------------------------
-    require 'rack-ssl-enforcer' if J1App.ssl?
-    use Rack::SslEnforcer if J1App.ssl?
-    # Set the session cookie used by Rack to track all relevant data
-    # for the authentication service
-    # --------------------------------------------------------------------------
-    use Rack::Session::Cookie,
-        http_only: true,   # if set to 'true', make session cookie visible to the browser (document) for HTTP
-        key: 'j1.app.session',
-        secret: ENV['J1_SESSION_SECRET'] || SecureRandom.hex
-    # use Rack::Cache do |config|
-    #   #
-    #   # ------------------------------------------------------------------------
-    #   config.middleware.delete(Rack::Cache)
-    # end
-    # ==========================================================================
-    # Warden Framework initialisation
-    # ==========================================================================
-    # Define what (user) data should be put (serialized) into the session
-    # on requests and responses from Rack environment into the warden
-    # environment (env['warden']).
-    # --------------------------------------------------------------------------
-    Warden::Manager.serialize_into_session do |user|
-      user
-    end
-    Warden::Manager.serialize_from_session do |user|
-      user
-    end
-    # ==========================================================================
-    # OmniAuth|Warden Framework initialisation
-    # ==========================================================================
-    # Set the 'default' authentication strategy and exception handler
-    # (for warden) if the user was not explicitly signed in (signin dialog).
-    # If 'signin' fails, the default exception 'signin_failure' is thrown
-    # (used for all OmniAuth strategies registered).
-    # --------------------------------------------------------------------------
-    signin_failure = ->(_e) { Rack::Response.new("Can't login", 401).finish }
-    use Warden::Manager do |config|
-      # OmniAuth strategies are name-spaced by 'omni' (see: warden_omniauth.rb)
-      # ------------------------------------------------------------------------
-      config.default_strategies :"omni_#{J1App.default_provider}"
-      config.failure_app = signin_failure
-    end
-    use OmniAuth::Builder do |config|
-      # Workaround to rescue OmniAuth::Strategies::OAuth2::CallbackError?
-      # for chromium based browsers (e.g. google-chrome)
-      # ------------------------------------------------------------------------
-      config.on_failure do
-        new_path = '/redirect_requested_page'
-        Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
-      end
-      # Detect and set supported authentication strategies for OmniAuth
-      # ------------------------------------------------------------------------
-      # Additional (strategy) option skip_extra, default: true
-      #
-      # If true, skips the collection of raw data (extra) to NOT blow
-      # up the session cookie (as it is limited to 4K)
-      skip_extra = true
-      if J1App.active_providers.include? 'patreon'
-        scope             = J1App.auth_config['providers']['patreon']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['patreon']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :patreon,
-                 ENV['PATREON_CLIENT_ID'],
-                 ENV['PATREON_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-      if J1App.active_providers.include? 'disqus'
-        scope             = J1App.auth_config['providers']['disqus']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['disqus']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :disqus,
-                 ENV['DISQUS_CLIENT_ID'],
-                 ENV['DISQUS_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-      if J1App.active_providers.include? 'facebook'
-        scope             = J1App.auth_config['providers']['facebook']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['facebook']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :facebook,
-                 ENV['FACEBOOK_CLIENT_ID'],
-                 ENV['FACEBOOK_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-      if J1App.active_providers.include? 'github'
-        scope             = J1App.auth_config['providers']['github']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['github']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :github,
-                 ENV['GITHUB_CLIENT_ID'],
-                 ENV['GITHUB_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-      if J1App.active_providers.include? 'twitter'
-        scope             = J1App.auth_config['providers']['twitter']['scope'].join(',')
-        data_collection   = J1App.auth_config['providers']['twitter']['data_fields'].join(',')
-        skip_extra        = false if data_collection =~ /raw/i
-        provider :twitter,
-                 ENV['TWITTER_CLIENT_ID'],
-                 ENV['TWITTER_CLIENT_SECRET'],
-                 scope: "#{scope}",
-                 skip_extra: skip_extra
-      end
-    end
-    # Set the (internal) endpoint if a user is successfully authenticated
-    # --------------------------------------------------------------------------
-    use J1WardenOmniAuth do |config|
-      config.redirect_after_callback = '/post_authentication'
-    end
-    # Add the internal logger from Rack to the middleware's of the stack
-    # --------------------------------------------------------------------------
-    use Rack::Logger
-    # Load user profiles, permissions, conditions and strategies
-    # --------------------------------------------------------------------------
-    providers   = J1App.auth_config['providers']
-    permissions = J1App.permissions
-    # ==========================================================================
-    # Sinatra (before) FILTER to preprocess all page requests
-    # ==========================================================================
-    # Prepare root (index) page for app detection
-    #
-    before '/' do
-      log_info! "ROOT", "Prepare", 'Web Session'
-      # read existing/current cookie 'j1.web.session' to update all data
-      # of j1_web_session (hash) otherwise set initial data
-      # ------------------------------------------------------------------------
-      unless env['HTTP_COOKIE'] == nil
-        if env['HTTP_COOKIE'].include? 'j1.web.session'
-          session_encoded = request.cookies['j1.web.session']
-          session_decoded = Base64.decode64(session_encoded)
-          j1_web_session = JSON.parse(session_decoded)
-        end
-      else
-        requested_page = env['REQUEST_URI']
-        j1_web_session['requested_page'] = "#{env['REQUEST_URI']}"
-      end
-      # Create|Initialize the J1 web session cookie
-      # ------------------------------------------------------------------------
-      if warden.authenticated?
-        log_info! "ROOT", 'Cookie', 'Update current user data'
-        user = warden.user
-        log_info! "ROOT", 'AuthCheck', 'User detected as signed in', "#{user[:provider]}"
-        j1_web_session['authenticated']         = 'true'
-        j1_web_session['requested_page']        = '/'
-        j1_web_session['users_allowed']         = providers["#{user[:provider]}"]['users']
-        j1_web_session['user_name']             = user[:info]['nickname']
-        j1_web_session['user_id']               = user[:uid]
-        j1_web_session['provider']              = user[:provider]
-        j1_web_session['provider_membership']   = 'member'
-        j1_web_session['provider_url']          = providers["#{user[:provider]}"]['provider_url']
-        j1_web_session['provider_permissions']  = providers["#{user[:provider]}"]['permissions']
-        j1_web_session['payment_status']        = user[:info][:payment_status]
-      else
-        log_info! "ROOT", 'AuthCheck', 'User detected', 'signed out'
-        j1_web_session['authenticated']         = 'false'
-        j1_web_session['requested_page']        = '/'
-        j1_web_session['users_allowed']         = 'all'
-        j1_web_session['user_name']             = 'visitor'
-        j1_web_session['user_id']               = 'unknown'
-        j1_web_session['payment_status']        = 'unknown'
-        j1_web_session['provider']              = 'j1'
-        j1_web_session['provider_membership']   = 'guest'
-        j1_web_session['provider_url']          = 'https://jekyll.one'
-        j1_web_session['provider_permissions']  = 'public'
-      end
-      j1_web_session['writer']                  = 'middleware'
-      session_json = j1_web_session.to_json
-      log_info! "ROOT", 'Cookie', 'Update web session data', "#{session_json}"
-      session_encoded = Base64.encode64(session_json)
-      response.set_cookie(
-          'j1.web.session',
-          domain: false,
-          value: session_encoded.to_s,
-          path: '/'
-      )
-    end
-    # General page detection (page auth pre-flight)
-    # --------------------------------------------------------------------------
-    before '/(pages|posts)/*' do
-      log_info! 'AuthManager', 'PreFlight', 'Initial checks initiated'
-      # read existing/current cookie 'j1.web.session'
-      # to update all data of j1_web_session (hash)
-      # if request.warden.user.respond_to?(:info)
-      # ------------------------------------------------------------------------
-      if env['HTTP_COOKIE'].include? 'j1.web.session'
-        session_encoded     = request.cookies['j1.web.session']
-        session_decoded     = Base64.decode64(session_encoded)
-        j1_web_session      = JSON.parse(session_decoded)
-        log_info! 'PreFlight', 'Cookie', 'Read web session data' # "#{session_decoded}"
-      else
-        requested_page                    = env['REQUEST_URI']
-        j1_web_session['requested_page']  = "#{env['REQUEST_URI']}"
-      end
-      # Create|Initialize the J1 web session cookie
-      # ------------------------------------------------------------------------
-      log_info! 'PreFlight', 'AuthCheck', 'Check authentication status'
-      if warden.authenticated?
-        user = warden.user
-        j1_web_session['authenticated']         = 'true'
-        j1_web_session['user_name']             = user[:info]['nickname']
-        j1_web_session['user_id']               = user[:uid]
-        j1_web_session['provider']              = user[:provider]
-        j1_web_session['provider_url']          = providers["#{user[:provider]}"]['provider_url']
-        j1_web_session['users_allowed']         = providers["#{user[:provider]}"]['users']#
-        j1_web_session['provider_permissions']  = providers["#{user[:provider]}"]['permissions']
-        j1_web_session['payment_status']        = user[:info][:payment_status]
-        j1_web_session['writer']                = 'middleware'
-        log_info! 'PreFlight', 'AuthCheck', 'User authenticated', "#{user[:info]['nickname']}"
-        session_json = j1_web_session.to_json
-        log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
-        session_encoded = Base64.encode64(session_json)
-        response.set_cookie(
-            'j1.web.session',
-            domain: false,
-            value: session_encoded.to_s,
-            path: '/'
-        )
-      end
-      # User state|content detection for implicit authentication
-      # ------------------------------------------------------------------------
-      log_info! 'PreFlight', 'CheckConfig', 'Authentication check', 'disabled' if authentication_enabled? == false
-      log_info! 'PreFlight', 'AuthCheck', 'Pass for all pages' if authentication_enabled? == false
-      pass if authentication_enabled? == false
-      log_info! 'PreFlight', 'CheckConfig', 'Authentication check', 'enabled'
-      log_info! 'PreFlight', 'DetectContent', 'Public content', 'YES' if public_content?
-      log_info! 'PreFlight', 'DetectContent', 'Pass all public content' if public_content?
-      pass if public_content?
-      log_info! 'PreFlight', 'DetectCookieConsent', 'Cookie Consent', "#{j1_web_session['cookies_accepted']}"
-      if j1_web_session['cookies_accepted'] === 'declined'
-        requested_page = env['REQUEST_URI']
-        requested_page.scan(/(protected|private)/) do |match|
-          category = match[0]
-          log_info! 'PreFlight', 'Redirect', 'Pass to dialog page (Cookie Consent)'
-          description_title = "Cookie consent declined"
-          redirect "/cookie_consent?provider=#{j1_web_session['provider']}&user=#{j1_web_session['user_name']}&category=#{category}&requested_page=#{requested_page}&title=#{description_title}"
-        end
-      end
-      log_info! 'PreFlight', 'DetectContent', 'Check content type'
-      requested_page = env['REQUEST_URI']
-      requested_page.scan(/(protected|private)/) do |match|
-        category = match[0]
-        log_info! 'PreFlight', 'DetectContent', 'Content type detected', "#{category}"
-        log_info! 'PreFlight', 'AuthCheck', 'Check authorisation status'
-        if warden.authenticated?
-          user_name = user[:info]['nickname']
-          log_info! 'PreFlight', 'AuthCheck', 'User detected', "#{user_name}"
-          current_provider  = warden.user[:provider]
-          # provider_strategy = strategies["#{default_provider}"]
-          strategy          = providers["#{current_provider}"]['strategy']
-          provider_strategy = :"#{strategy}"
-          j1_web_session['user_name']             = user_name
-          j1_web_session['provider_url']          = providers["#{current_provider}"]['provider_url']
-          j1_web_session['users_allowed']         = providers["#{current_provider}"]['users']
-          j1_web_session['provider_permissions']  = providers["#{user[:provider]}"]['permissions']
-          j1_web_session['requested_page']        = requested_page
-          log_info! 'PreFlight', 'ContentCheck', 'Check permissions'
-          if permissions[:"#{category}"].include? current_provider
-            log_info! 'PreFlight', 'ContentCheck', 'Provider detected', "#{current_provider}"
-            log_info! 'PreFlight', 'ContentCheck', 'Category detected', "#{category}"
-            log_info! 'PreFlight', 'ContentCheck', 'Category support', 'enabled'
-            # Check permissions
-            #
-            #log_info! 'Authorisation', 'ConditionCheck', 'Check permissions for provider', "#{current_provider}"
-            #conditions = J1App.conditions current_provider
-            # if conditions["#{category}"]
-            #   log_info! 'Authorisation', 'ConditionCheck', 'Conditions detected', "#{category}"
-            #   conditions["#{category}"].each do |k, v|
-            #     case k
-            #     when 'enabled'
-            #       log_info! 'Authorisation', 'ConditionCheck', "#{k}", "#{v}"
-            #     when 'users'
-            #       log_info! 'Authorisation', 'ConditionCheck', 'users'
-            #       v.each do |k, v|
-            #         log_info! 'Authorisation', 'ConditionCheck', "users - #{k}", "#{v}"
-            #       end
-            #     when 'payment'
-            #       log_info! 'Authorisation', 'ConditionCheck', 'payment'
-            #       v.each do |k, v|
-            #         case k
-            #         when 'tiers'
-            #           log_info! 'Authorisation', 'ConditionCheck', "payment - #{k}", "#{v}"
-            #         when 'tier'
-            #           v.each do |k, v|
-            #             log_info! 'Authorisation', 'ConditionCheck', 'payment - tiers - tier : ' "#{k}", "#{v}"
-            #           end
-            #         end
-            #       end
-            #     end
-            #   end
-            # end
-          else
-            provider  = permissions[:"#{category}"][0]
-            log_info! 'PreFlight', 'ContentCheck', 'Provider detected', "#{current_provider}"
-            log_info! 'PreFlight', 'ContentCheck', 'Category detected', "#{category}"
-            log_info! 'PreFlight', 'ContentCheck', 'Category supported', 'NO'
-            log_info! 'PreFlight', 'AuthCheck', 'Authorisation failed for user', "#{user_name}"
-            log_info! 'PreFlight', 'SignOut', 'Sign out user', "#{user_name}"
-            warden.logout
-            session.clear
-            session_json = j1_web_session.to_json
-            log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
-            session_encoded = Base64.encode64(session_json)
-            response.set_cookie(
-                'j1.web.session',
-                domain: false,
-                value: session_encoded.to_s,
-                path: '/'
-            )
-            log_info! 'PreFlight', 'Redirect', 'Call API request', 'PageValidate'
-            allowed_users = providers["#{provider}"]['users'].join(',')
-            redirect "/page_validation?provider=#{provider}&category=#{category}&page=#{requested_page}&allowed_users=#{allowed_users}"
-          end
-          time = Time.now.ctime.to_s
-          log_info! 'PreFlight', 'AuthCheck', 'Pass to requested page', "#{requested_page}"
-          log_info! 'PreFlight', 'AuthCheck', 'Set X-Response-Headers'
-          # See: https://stackoverflow.com/questions/10438276/how-to-disable-static-file-caching-in-rails-3-thin-on-windows
-          # response.headers["Cache-Control"]   = 'no-cache, no-store, max-age=0, must-revalidate'
-          # response.headers["Pragma"]          = 'no-cache'
-          # response.headers["Expires"]         = 'Fri, 01 Jan 1990 00:00:00 GMT'
-          response.headers['X-J1-AuthManager']  = "page-validated;category=#{category};called=" +  time
-          pass
-        else
-          log_info! 'PreFlight', 'AuthCheck', 'User detected', 'signed out'
-          default_provider = permissions[:"#{category}"][0]
-          log_info! 'PreFlight', 'AuthCheck', 'Set default provider', "#{default_provider}"
-          strategy          = providers["#{default_provider}"]['strategy']
-          provider_strategy = :"#{strategy}"
-          log_info! 'PreFlight', 'AuthCheck', 'Start processing provider', "#{default_provider}"
-          log_info! 'PreFlight', 'AuthCheck', 'Authentication strategy', "#{provider_strategy}"
-          case provider_strategy
-          when :org
-            warden.authenticate!
-            github_organization_authenticate! ENV['GITHUB_ORG_NAME']
-            logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} organization"
-          when :team
-            warden.authenticate!
-            github_team_authenticate! ENV['GITHUB_TEAM_ID']
-            logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} team"
-          when :teams
-            warden.authenticate!
-            github_teams_authenticate! ENV['GITHUB_TEAM_IDS'].split(',')
-            logger.info "Hi There, #{j1_web_session[:user_name]}! You have access to the #{params['id']} team"
-          when :member
-            log_info! 'PreFlight', 'AuthCheck', 'Process authentication strategy'
-            if env['HTTP_COOKIE'].include? 'j1.web.session'
-              session_encoded   = request.cookies['j1.web.session']
-              session_decoded   = Base64.decode64(session_encoded)
-              log_info! 'PreFlight', 'Cookie', 'Read web session data'          # "#{session_decoded}"
-              j1_web_session    = JSON.parse(session_decoded)
-            end
-            # Update cookie data
-            # ----------------------------------------------------------------------
-            j1_web_session['provider_url']          = providers["#{default_provider}"]['provider_url']
-            j1_web_session['users_allowed']         = providers["#{default_provider}"]['users']
-            j1_web_session['provider_permissions']  = providers["#{default_provider}"]['permissions']
-            j1_web_session['requested_page']        = env['REQUEST_URI']
-            j1_web_session['writer']                = 'middleware'
-            # write updated J1 session cookie
-            #
-            session_json = j1_web_session.to_json
-            session_encoded = Base64.encode64(session_json)
-            log_info! 'PreFlight', 'Cookie', 'Write web session data', "#{session_json}"
-            response.set_cookie(
-                'j1.web.session',
-                domain: false,
-                value: session_encoded.to_s,
-                path: '/'
-            )
-            allowed_users   = providers["#{default_provider}"]['users'].join(',')
-            requested_page  = env['REQUEST_URI']
-            log_info! 'PreFlight', 'Redirect', 'Call API request', 'PageValidate'
-            redirect "/page_validation?provider=#{default_provider}&category=#{category}&page=#{requested_page}&allowed_users=#{allowed_users}"
-          else
-            raise J1App::ConfigError
-          end
-        end
-      end
-    end
-    # ==========================================================================
-    # API ENDPOINTS (Sinatra HANDLERS)
-    # ==========================================================================
-    # ENDPOINT authentication (called from WEB by auth client)
-    # --------------------------------------------------------------------------
-    get '/authentication' do
-      # collect (common) GET parameter|s
-      #
-      request   = params.fetch('request')
-      provider  = params.fetch('provider')
-      log_info! 'API', 'Authentication', 'Authentication request received'
-      # SignIn
-      # ------------------------------------------------------------------------
-      if request === 'signin'
-        log_info! 'Authentication', 'SignIn', 'Called for provider', "#{provider}"
-        # collect (additional) GET parameter|s
-        # ----------------------------------------------------------------------
-        allowed_users                   =  params.fetch('allowed_users')
-        j1_web_session['users_allowed'] = allowed_users
-        j1_web_session['writer']        = 'middleware'
-        # Write updated J1 session data to cookie
-        # --------------------------------------------------------------------
-        session_json = j1_web_session.to_json
-        log_info! 'Authentication', 'Cookie', 'Write web session data', "#{session_json}"
-        session_encoded = Base64.encode64(session_json)
-        response.set_cookie(
-            'j1.web.session',
-            domain: false,
-            value: session_encoded.to_s,
-            path: '/'
-        )
-        if warden.authenticated?
-          log_info! 'Authentication', 'SignIn', 'User already signed in', "#{warden.user[:info]['nickname']} "
-        else
-          log_info! 'Authentication', 'SignIn', 'Initiate OmniAuth authentication'
-          # Make (really) sure that old session is cleared before login
-          # --------------------------------------------------------------------
-          warden.logout
-          session.clear
-          warden.authenticate! :"omni_#{provider}"
-        end
-        # SignOut
-        # ------------------------------------------------------------------------
-      elsif request === 'signout'
-        # collect (additional) GET parameter|s
-        provider_signout = params.fetch('provider_signout')
-        log_info! 'Authentication', 'SignOut', 'Called for provider', #{provider}"
-                  if warden.authenticated?
-                    user         = warden.user[:info]['nickname']
-                    provider     = warden.user[:provider]
-                    provider_url = j1_web_session['provider_url']
-                    log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
-                    warden.logout
-                    session.clear
-                    # Read current J1 web session cookie
-                    # --------------------------------------------------------------------
-                    if env['HTTP_COOKIE'].include? 'j1.web.session'
-                      session_encoded = env['rack.request.cookie_hash']['j1.web.session']
-                      session_decoded = Base64.decode64(session_encoded)
-                      log_info! 'Authentication', 'Cookie', 'Read web session data' # #{session_decoded}"
-                      j1_web_session = JSON.parse(session_decoded)
-                    else
-                      j1_web_session['requested_page'] = env['REQUEST_URI']
-                    end
-                    # Update J1 web session data
-                    # --------------------------------------------------------------------
-                    j1_web_session['user_name']             = 'visitor'
-                    j1_web_session['user_id']               = 'unknown'
-                    j1_web_session['users_allowed']         = 'all'
-                    j1_web_session['payment_status']        = 'unknown'
-                    j1_web_session['provider']              = 'j1'
-                    j1_web_session['provider_url']          = 'https://jekyll.one'
-                    j1_web_session['provider_permissions']  = 'public'
-                    j1_web_session['authenticated']         = 'false'
-                    j1_web_session['writer']                = 'middleware'
-                    # Write updated J1 session data to cookie
-                    # --------------------------------------------------------------------
-                    session_json = j1_web_session.to_json
-                    log_info! 'Authentication', 'Cookie', 'Write web session data', "#{session_json}"
-                    session_encoded = Base64.encode64(session_json)
-                    response.set_cookie(
-                        'j1.web.session',
-                        domain: false,
-                        value: session_encoded.to_s,
-                        path: '/'
-                    )
-                    if provider_signout === 'true'
-                      log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
-                      log_info! 'Authentication', 'SignOut', 'Sign out from', "#{provider}"
-                      log_info! 'Authentication', 'Redirect', 'Pass to provider', "#{provider_url}"
-                      redirect "#{provider_url}"
-                    else
-                      log_info! 'Authentication', 'SignOut', 'Sign out user', "#{user}"
-                      log_info! 'Authentication', 'SignOut', 'Sign out from', "session"
-                      # If signed out, redirect ONLY for PUBLIC pages
-                      # ------------------------------------------------------------------
-                      if redirect_whitelisted?j1_web_session['requested_page']
-                        log_info! 'Authentication', 'Redirect', 'Pass to page', "#{j1_web_session['requested_page']}"
-                        redirect j1_web_session['requested_page']
-                      else
-                        log_info! 'Authentication', 'Redirect', 'Redirect NOT whitelisted'
-                        log_info! 'Authentication', 'Redirect', 'Pass to page', "/"
-                        redirect '/'
-                      end
-                    end
-                  else
-                    # THIS condition should NEVER REACHED because NO logout dialog
-                    # (modal) is provided by the auth client if a user isn't signed in.
-                    # Kept this alternative for cases something went wrong.
-                    # --------------------------------------------------------------------
-                    log_info! 'Authentication', 'API', 'DEAD PATH: Called for sign out', 'NOT signed in'
-                    # Read current J1 session cookie
-                    # --------------------------------------------------------------------
-                    if env['HTTP_COOKIE'].include? 'j1.web.session'
-                      session_encoded   = env['rack.request.cookie_hash']['j1.web.session']
-                      session_decoded   = Base64.decode64(session_encoded)
-                      j1_web_session  = JSON.parse(session_decoded)
-                      log_info! 'Authentication', 'Cookie', 'DEAD PATH. Read web session data' # #{session_decoded}"
-                    else
-                      j1_web_session['requested_page'] = env['REQUEST_URI']
-                    end
-                    # Update J1 web session data
-                    # --------------------------------------------------------------------
-                    j1_web_session['user_name']             = 'visitor'
-                    j1_web_session['user_id']               = 'unknown'
-                    j1_web_session['users_allowed']         = 'all'
-                    j1_web_session['payment_status']        = 'unknown'
-                    j1_web_session['provider']              = 'j1'
-                    j1_web_session['provider_url']          = 'https://jekyll.one'
-                    j1_web_session['provider_permissions']  = 'public'
-                    j1_web_session['authenticated']         = 'false'
-                    j1_web_session['writer']                = 'middleware'
-                    # Write updated J1 session data to cookie
-                    # --------------------------------------------------------------------
-                    session_json = j1_web_session.to_json
-                    log_info! 'Authentication', 'Cookie', 'DEAD PATH. Write web session data', "#{session_json}"
-                    session_encoded = Base64.encode64(session_json)
-                    response.set_cookie(
-                        'j1.web.session',
-                        domain: false,
-                        value: session_encoded.to_s,
-                        path: '/'
-                    )
-                    log_info! 'Post Authentication', 'Redirect', 'DEAD PATH: Pass to requested page', "#{j1_web_session['requested_page']}"
-                    redirect j1_web_session['requested_page']
-                  end
-      else
-        raise J1App::ConfigError
-      end
-    end
-    # END: get '/authentication'
-    # --------------------------------------------------------------------------
-    # ENDPOINT post_authentication (called after a user is back from OAuth Provider)
-    # --------------------------------------------------------------------------
-    get '/post_authentication' do
-      reward = {
-          :id    => 'unknown',
-          :name  => 'unknown',
-          :link  => '#'
-      }
-      campaign = {
-          :id    => 'unknown',
-          :link  => '#'
-      }
-      log_info! 'API', 'Post Authentication', 'Identification request received'
-      log_info! 'Post Authentication',  'Cookie', 'Read web session data'
-      session_encoded   = request.cookies['j1.web.session']
-      session_decoded   = Base64.decode64(session_encoded)
-      j1_web_session    = JSON.parse(session_decoded)
-      user                              = warden.user
-      user_json                         = user.to_json
-      if user[:provider] === 'disqus'
-        user[:info][:urls][:site]       = "https://disqus.com"
-        user[:info][:urls][:home]       = user[:info]['urls']['profileUrl']
-        user[:info][:urls][:blog]       = "https://disqus.com/by/juergen_adams/"
-        user[:info][:urls][:member]     = user[:info]['urls']['profileUrl']
-      end
-      if user[:provider] === 'github'
-        user[:info][:urls][:site]       = "https://github.com"
-        user[:info][:urls][:home]       = user[:info]['urls']['GitHub']
-        user[:info][:urls][:blog]       = "https://github.com/jekyll-one"
-        user[:info][:urls][:member]     = user[:info]['urls']['Blog']
-      end
-      if user[:provider] === 'patreon'
-        user[:info][:urls][:site]       = "https://patreon.com"
-        user[:info][:urls][:home]       = "https://patreon.com/home"
-        user[:info][:urls][:blog]       = "https://patreon.com/jekyll_one"
-        unless user[:info]['payment_info'].empty?
-          reward_url                    = user[:info]['payment_info']['relationships']['reward']['links']['related']
-          reward_json                   = RestClient.get "#{reward_url}", {:content_type => :json, :accept => :json}
-          reward_data                   = JSON.parse(reward_json)
-          user[:info][:urls][:member]   = "https://patreon.com" + reward_data['data']['attributes']['url']
-          user[:info][:payment_status]  = user[:info]['payment_info']['attributes']['declined_since'].nil? ? 'true' : 'false'
-        else
-          reward_url                    = ""
-          reward_json                   = ""
-          reward_data                   = ""
-          user[:info][:payment_status]  = 'false'
-        end
-        unless reward_data.empty?
-          reward[:id]                   = reward_data['data']['id']
-          reward[:name]                 = reward_data['data']['attributes']['title']
-          reward[:link]                 = "https://patreon.com" + reward_data['data']['attributes']['url']
-          campaign[:id]                 = reward_data['data']['relationships']['campaign']['data']['id']
-          campaign[:link]               = reward_data['data']['relationships']['campaign']['links']['related']
-        else
-          reward[:id]                   = ""
-          reward[:name]                 = "no tiers"
-          reward[:link]                 = ""
-          campaign[:id]                 = ""
-          campaign[:link]               = ""
-        end
-      end
-      user[:extra][:reward]             = reward
-      user[:extra][:campaign]           = campaign
-      if user.nil?
-        # Collection of session data failed (e.g cookie > 4K)
-        #
-        log_info! 'Post Authentication', 'Identification', 'Internal error', 'User identification failed'
-        warden.logout
-        session.clear
-        log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-        description_title = "Access Denied"
-        redirect "/access_denied?provider=unknown&user=unknown&category=unknown&title=#{description_title}"
-      else
-        log_info! 'Post Authentication', 'Identification', 'User identified successfully'
-        log_info! 'Post Authentication',  'Cookie', 'Update web session data'    # "#{j1_web_session}"
-        j1_web_session['user_name']             = user[:info]['nickname']
-        j1_web_session['user_id']               = user[:uid]
-        j1_web_session['provider']              = user[:provider]
-        j1_web_session['provider_membership']   = 'member'
-        j1_web_session['provider_permissions']  = providers["#{user[:provider]}"]['permissions']
-        j1_web_session['authenticated']         = 'true'
-        j1_web_session['payment_status']        = user[:info][:payment_status]
-        j1_web_session['writer']                = 'middleware'
-        current_user                            = user[:info]['nickname']  = user[:info]['nickname']
-        current_provider                        = user[:provider]
-        j1_web_session['requested_page'].scan(/(protected|private)/) do |match|
-          # Set category from requested page
-          #
-          category = match[0]
-          log_info! 'Post Authentication', 'Identification', 'Process content type', "#{category}"
-          # Check if user is allowed to access protected content in GENERAL
-          #
-          log_info! 'Post Authentication', 'Identification', 'Check for allowed users'
-          unless j1_web_session['users_allowed'].include? 'all'
-            unless j1_web_session['users_allowed'].include? "#{current_user}"
-              log_info! 'Post Authentication', 'Identification', 'User not allowed', "#{current_user}"
-              log_info! 'Post Authentication', 'Identification', 'Allowed users', "#{j1_web_session['users_allowed']}"
-              log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
-              warden.logout
-              session.clear
-              log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-              description_title = "Access Denied"
-              redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-            end
-          end
-          log_info! 'Post Authentication', 'Identification', 'Allowed users', "#{j1_web_session['users_allowed']}"
-          # Check conditions to access protected content (if any)
-          #
-          log_info! 'Post Authentication', 'Identification', 'Check for conditions', "#{current_provider}"
-          check_conditions = providers["#{user[:provider]}"]['conditions'][category]['enabled']
-          if check_conditions
-            if providers["#{user[:provider]}"]['conditions'][category]['users']['whitelist'].nil?
-              category_whitelist = 'all'
-            else
-              category_whitelist = providers["#{user[:provider]}"]['conditions'][category]['users']['whitelist']
-            end
-            # Check if user is BLACKLISTED
-            #
-            blacklist = providers["#{user[:provider]}"]['conditions'][category]['users']['blacklist']
-            if blacklist.include? "#{current_user}"
-              log_info! 'Post Authentication', 'Identification', 'Check blacklisting'
-              log_info! 'Post Authentication', 'Identification', 'User blacklisted', "#{current_user}"
-              user[:info][:blacklisted] = 'true'
-              log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
-              warden.logout
-              session.clear
-              log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-              description_title = "Access Denied"
-              redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-            end
-            log_info! 'Post Authentication', 'Identification', 'Check whitelisting'
-            if category_whitelisted? category_whitelist, current_user
-              user[:info][:whitelisted]   = 'true'
-              reward[:name]               = 'whitelisted'
-              log_info! 'Post Authentication', 'Identification', 'User whitelisted', "#{current_user}"
-              log_info! 'Post Authentication', 'Identification', 'Reward set to', 'Whitelisted'
-            else
-              log_info! 'Post Authentication', 'Identification', 'No whitelisting found', "#{current_user}"
-            end
-            log_info! 'Post Authentication', 'Identification', 'Check conditions'
-            unless category_whitelisted? category_whitelist, current_user
-              log_info! 'Post Authentication', 'Identification', 'Check rewards'
-              payment_tiers = providers["#{user[:provider]}"]['conditions'][category]['payment']['activated']
-              log_info! 'Post Authentication', 'Identification', 'Check rewards', "#{current_user}"
-              if payment_activated? payment_tiers
-                log_info! 'Post Authentication', 'Identification', 'Reward found', "#{reward[:name]}"
-                # Check if any payment exists for that user
-                #
-                log_info! 'Post Authentication', 'Identification', 'Check payment status'
-                if user[:info]['payment_info'].empty?
-                  log_info! 'Post Authentication', 'Identification', 'Payment status: NOT AVAILABLE', "#{current_user}"
-                  log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
-                  warden.logout
-                  session.clear
-                  log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-                  description_title = "Access Denied"
-                  redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-                end
-                # Check for VALID payments (scope: pledge-to-me)
-                #
-                payment_status = user[:info]['payment_info']['attributes']['declined_since']
-                unless payment_valid? payment_status
-                  log_info! 'Post Authentication', 'Identification', 'Payment status INVALID', "#{current_user}"
-                  log_info! 'Post Authentication', 'Identification', 'Logout user from current session', "#{current_user}"
-                  warden.logout
-                  session.clear
-                  log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-                  description_title = "Access Denied"
-                  redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-                else
-                  log_info! 'Post Authentication', 'Identification', 'Payment status VALID', "#{current_user}"
-                end
-              end
-            end
-            # end category_whitelisted
-          else
-            category_condition_state = providers["#{user[:provider]}"]['conditions'][category]['enabled']
-            log_info! 'Post Authentication', 'Identification', 'Category check failed for', "#{current_provider}"
-            log_info! 'Post Authentication', 'Identification', "Category checked", "#{category}"
-            log_info! 'Post Authentication', 'Identification', "Category support", "#{category_condition_state}"
-            warden.logout
-            session.clear
-            log_info! 'Post Authentication', 'Redirect', 'Pass to error page (access_denied)'
-            description_title = "Access Denied"
-            redirect "/access_denied?provider=#{current_provider}&user=#{current_user}&category=#{category}&title=#{description_title}"
-          end
-          # end check conditions
-        end
-        # end protected content
-      end
-      # end user.nil?
-      # redirect authenticated|validated user to requested page
-      #
-      j1_web_session['provider']      = current_provider
-      j1_web_session['users_allowed'] = providers["#{current_provider}"]['users']
-      # TODO: Add membership|product specific data for the SideBar
-      # write updated J1 session data to cookie
-      #
-      session_json = j1_web_session.to_json
-      log_info! 'Post Authentication', 'Cookie', 'Write web session data', "#{session_json}"
-      session_encoded = Base64.encode64(session_json)
-      response.set_cookie(
-          'j1.web.session',
-          domain: false,
-          value: session_encoded.to_s,
-          path: '/'
-      )
-      time = Time.now.ctime.to_s
-      log_info! 'Post Authentication', 'Identification', 'Provider', "#{user[:provider]}"
-      log_info! 'Post Authentication', 'Identification', 'User', "#{user[:info]['nickname']}"
-      log_info! 'Post Authentication', 'Redirect', 'Set Last-Modified', "#{time}"
-      log_info! 'Post Authentication', 'Redirect', 'Pass to requested page', "#{j1_web_session['requested_page']}"
-      response.headers['Last-Modified'] = time
-      response.headers['Cache-Control'] = 'private,max-age=0,must-revalidate,no-store'
-      redirect j1_web_session['requested_page']
-    end
-    # END: get /post_authentication
-    # --------------------------------------------------------------------------
-    # ENDPOINT status (called from WEB to get current state of an user)
-    # --------------------------------------------------------------------------
-    get '/status' do
-      session_encoded   = request.cookies['j1.web.session']
-      session_decoded   = Base64.decode64(session_encoded)
-      j1_web_session    = JSON.parse(session_decoded)
-      log_info! 'API', 'Status Request', 'Info request received'
-      # if request.warden.user.respond_to?(:info)
-      #
-      if warden.authenticated?
-        user_name               = warden.user[:info]['nickname']
-        user_id                 = warden.user[:uid]
-        provider                = warden.user[:provider]
-        provider_permissions    = j1_web_session['provider_permissions']
-        provider_site_url       = warden.user[:info][:urls][:site]
-        provider_home_url       = warden.user[:info][:urls][:home]
-        provider_blog_url       = warden.user[:info][:urls][:blog]
-        provider_member_url     = warden.user[:info][:urls][:member]
-        if provider == 'patreon'
-          provider_membership   = warden.user[:extra][:reward][:name]
-          provider_member_url   = warden.user[:extra][:reward][:link]
-        else
-          provider_membership   = 'member'
-          provider_member_url   = '#'
-        end
-        log_info! 'API', 'Status Request', 'User detected as signed in', "#{user_name}"
-      else
-        user_name = 'unknown'
-        log_info! 'API', 'Status Request', 'User detected', 'signed out'
-      end
-      # if request.warden.authenticated?
-      #
-      if user_name != 'unknown'
-        log_info! 'API', 'Status Request', 'Send data', 'SIGNED_IN'
-        content_type 'application/json'
-        {
-            user_name:                user_name,
-            user_id:                  user_id,
-            provider:                 provider,
-            provider_membership:      provider_membership,
-            provider_permissions:     provider_permissions,
-            provider_site_url:        provider_site_url,
-            provider_home_url:        provider_home_url,
-            provider_blog_url:        provider_blog_url,
-            provider_member_url:      provider_member_url,
-            status:                   'signed in'
-        }.to_json
-      else
-        log_info! 'API', 'Status Request', 'Send data', 'SIGNED_OUT'
-        content_type 'application/json'
-        {
-            user_name:                'visitor',
-            user_id:                  'unknown',
-            provider:                 'j1',
-            provider_membership:      'guest',
-            provider_permissions:     'public',
-            provider_site_url:        '#',
-            provider_home_url:        '#',
-            provider_blog_url:        '#',
-            provider_member_url:      '#',
-            status:                   'signed out'
-        }.to_json
-      end
-    end
-    # END: get /status
-    # --------------------------------------------------------------------------
-    # ENDPOINT  cookie_consent (exception, called from the app|auth manager)
-    # --------------------------------------------------------------------------
-    get '/cookie_consent' do
-      provider          = params.fetch('provider')
-      category          = params.fetch('category')
-      user              = params.fetch('user')
-      requested_page    = params.fetch('requested_page')
-      description_title = params.fetch('title')
-      log_info! 'API', 'ExceptionHandler', 'Request received'
-      log_info! 'ExceptionHandler', 'ERROR', 'Cookies declined'
-      log_info! 'ExceptionHandler', 'Redirect', 'Pass to dialog page', 'Cookie Consent'
-      # Capitalize first char
-      provider                = provider.sub(/^./, &:upcase)
-      route                   = requested_page
-      @route                  = route
-      @provider               = provider
-      @modal                  = "centralCookieConsent"
-      @info_type              = "danger"
-      @modal_icon             = "cookie"
-      @modal_agreed_text      = "Yes, please"
-      @modal_disagreed_text   = "No, thanks"
-      @modal_title            = "Authentication Manager"
-      # @modal_description    = "<h4>#{description_title}</h4><br /><br />User <b>#{user}</b> from provider <b>#{provider}</b> requested access on <b>#{category}</b> pages.<br /> In order to continue, you need to accept on <b>Cookies</b>."
-      @modal_description      = "<h4>#{description_title}</h4><br /><br /> In order to continue, you need to accept on <b>Cookies</b>."
-      erb :auth_manager_ui
-    end
-    # END: get /cookies_rejected
-    # --------------------------------------------------------------------------
-    #  ENDPOINT access_denied (exception, called from the app|auth manager)
-    # --------------------------------------------------------------------------
-    get '/access_denied' do
-      provider          = params.fetch('provider')
-      category          = params.fetch('category')
-      user              = params.fetch('user')
-      description_title = params.fetch('title')
-      log_info! 'API', 'ExceptionHandler', 'Request received'
-      log_info! 'ExceptionHandler', 'ERROR', 'Access Denied'
-      session_encoded = request.cookies['j1.web.session']
-      session_decoded = Base64.decode64(session_encoded)
-      j1_web_session  = JSON.parse(session_decoded)
-      # Update J1 web session data
-      # --------------------------------------------------------------------
-      j1_web_session['user_name']             = user
-      # j1_web_session['user_id']               = 'unknown'
-      # j1_web_session['users_allowed']         = 'unknown'
-      # j1_web_session['payment_status']        = 'unknown'
-      j1_web_session['provider']              = provider
-      # j1_web_session['provider_url']          = 'unknown'
-      # j1_web_session['provider_permissions']  = 'unknown'
-      # j1_web_session['authenticated']         = 'false'
-      j1_web_session['writer']                = 'middleware'
-      log_info! 'ExceptionHandler', 'Cookie', 'Write web session data', "#{session_json}"
-      # write updated J1 session data to cookie
-      #
-      session_json = j1_web_session.to_json
-      session_encoded = Base64.encode64(session_json)
-      response.set_cookie(
-          'j1.web.session',
-          domain: false,
-          value: session_encoded.to_s,
-          path: '/'
-      )
-      log_info! 'ExceptionHandler', 'Redirect', 'Pass to error page', "Access Denied"
-      # Capitalize first char
-      provider  =  provider.sub(/^./, &:upcase)
-      route     = '/'
-      @route                  = route
-      @provider               = provider
-      @modal                  = "centralModalInfo"
-      @info_type              = "danger"
-      @modal_icon             = "account-off"
-      @modal_ok_text          = "Ok, understood"
-      @modal_title            = "Authentication Manager"
-      @modal_description      = "<h4>#{description_title}</h4></br></br> User <b>#{user}</b> from provider <b>#{provider}</b> is not allowed to access <b>#{category}</b> pages."
-      erb :auth_manager_ui
-    end
-    # END: get '/access_denied'
-    # --------------------------------------------------------------------------
-    # ENDPOINT  invalid_funds (exception, called from the app|auth manager)
-    # --------------------------------------------------------------------------
-    get '/invalid_funds' do
-      provider          = params.fetch('provider')
-      category          = params.fetch('category')
-      user              = params.fetch('user')
-      description_title = params.fetch('title')
-      log_info! 'API', 'ExceptionHandler', 'Request received'
-      log_info! 'ExceptionHandler', 'ERROR', 'Invalid Funds'
-      session_encoded = request.cookies['j1.web.session']
-      session_decoded = Base64.decode64(session_encoded)
-      j1_web_session  = JSON.parse(session_decoded)
-      # Update J1 web session data
-      # --------------------------------------------------------------------
-      j1_web_session['user_name']             = user
-      # j1_web_session['user_id']               = 'unknown'
-      # j1_web_session['users_allowed']         = 'unknown'
-      # j1_web_session['payment_status']        = 'unknown'
-      j1_web_session['provider']              = provider
-      # j1_web_session['provider_url']          = 'unknown'
-      # j1_web_session['provider_permissions']  = 'unknown'
-      # j1_web_session['authenticated']         = 'false'
-      j1_web_session['writer']                = 'middleware'
-      log_info! 'ExceptionHandler', 'Cookie', 'Write web session data', "#{session_json}"
-      # write updated J1 session data to cookie
-      #
-      log_info! 'API', 'Exception Handler', 'ERROR', 'Invalid Funds'
-      session_json = j1_web_session.to_json
-      session_encoded = Base64.encode64(session_json)
-      response.set_cookie(
-          'j1.web.session',
-          domain: false,
-          value: session_encoded.to_s,
-          path: '/'
-      )
-      log_info! 'ExceptionHandler', 'Redirect', 'Pass to error page', 'Invalid Funds'
-      # Capitalize first char
-      provider  =  provider.sub(/^./, &:upcase)
-      route     = '/'
-      @route                  = route
-      @provider               = provider
-      @modal                  = "centralModalInfo"
-      @info_type              = "danger"
-      @modal_icon             = "account-off"
-      @modal_ok_text          = "Ok, understood"
-      @modal_title            = "Authentication Manager"
-      @modal_description      = "<h4>#{description_title}</h4></br></br> User <b>#{user}</b> from provider <b>#{provider}</b> is not allowed to access <b>#{category}</b> pages."
-      erb :auth_manager_ui
-    end
-    # END: get /invalid_funds
-    # --------------------------------------------------------------------------
-    # access_protected_content ENDPOINT called from the app (auth manager)
-    # --------------------------------------------------------------------------
-    get '/page_validation' do
-      provider        = params.fetch('provider')
-      allowed_users   = params.fetch('allowed_users')
-      page            = params.fetch('page')
-      category        = params.fetch('category')
-      log_info! 'API', 'PageAccessControl', 'PageValidate request received'
-      # Capitalize first char
-      # provider        =  provider.sub(/^./, &:upcase)
-      log_info! 'PageAccessControl', 'AuthCheck', 'Check provider', "#{provider}"
-      # jadams, 2019-03-16: Hier ist das Problem
-      #
-      if warden.authenticated?
-        log_info! 'PageAccessControl', 'AuthCheck', 'Grant access for', "#{provider}"
-        log_info! 'PageAccessControl', 'Redirect', 'Pass to page', "#{page}"
-        route = page
-      else
-        log_info! 'PageAccessControl', 'AuthCheck', 'Authentication failed', "#{provider}"
-        route = "/authentication?request=signin&provider=#{provider}&allowed_users=#{allowed_users}"
-      end
-      log_info! 'PageAccessControl', 'Redirect', 'Pass to SignIn dialog, page', "#{page}"
-      # Capitalize first char
-      provider                =  provider.sub(/^./, &:upcase)
-      @provider               = provider
-      @route                  = route
-      @modal                  = "signInProtectedContent"
-      @modal_icon             = "login"
-      @modal_agreed_text      = "Yes, please"
-      @modal_disagreed_text   = "No, thanks"
-      @modal_title            = "SignIn"
-      @modal_image            = "/assets/images/attics/admin-dashboard-bootstrap-1280x600.png"
-      @modal_description      = "The page <b>#{page}</b> you requested belongs to <b>#{category}</b> content. You'll be redirected to authenticate with the provider <b>#{provider}</b>. If signed in successfully, you get access to all <b>#{category} pages</b>."
-      erb :auth_manager_ui
-    end
-    # END: get '/page_validation
-    # --------------------------------------------------------------------------
-    # ENDPOINT iframe
-    # --------------------------------------------------------------------------
-    get '/iframe' do
-      @website_url = "https://jekyll-one.github.io/"
-      erb :iframe
-    end
-    # Workaround to rescue OmniAuth::Strategies::OAuth2::CallbackError?
-    # for chromium based browsers (e.g. google-chrome)
-    # ------------------------------------------------------------------------
-    get '/redirect_requested_page' do
-      log_info! 'Fallback', 'Redirect', 'Pass to requested page', "#{j1_web_session['requested_page']}"
-      redirect j1_web_session['requested_page']
-    end
-    # END: get /iframe
-    # --------------------------------------------------------------------------
-  end
-end