Revisando a saída de `git diff master..origin/gitlab_integration` ... outras coisas que precisam ser arrumadas mas que não estão comentadas abaixo porque não estão no diff: - no gemspec todas as linhas que têm gem.add_runtime_dependency estão erradas. aqueles pacotes são dependências de desenvolvimento e não de runtime. - coloquem as dependências de desenvolvimento ou apenas no gemspec ou apenas no Gemfile, mas não duas listas diferentes em cada arquivo.
... > diff --git a/README.md b/README.md > index 6ea389f..6af5ff7 100644 > --- a/README.md > +++ b/README.md > @@ -1,3 +1,18 @@ > # Omniath Remote User > > The Omniauth Remote User gem provides a way for application to utilize a authentication with remote user HTTP header. > + > +# Omniauth Gitlab Remote User > + > +This gem provides authentication of remote users in gitlab. > + > +# Instalation > + > +Include in you gitlab Gemfile > + > +```ruby > +gem "omniauth-remote-user", :git => "git@beta.softwarepublico.gov.br:softwarepublico/omniauth-remote-user.git" > +```
a gente não vai apontar usuários para o git. Quando estiver pronto, vamos fazer um release no rubygems.org e pra usar vai ser só gem "omniauth-remote-user" Além disso, se for pra ter uma seção com instruções específica para o Gitlab, que fique no final de não no começo.
... > +Then run `bundle install` from the command line: > + > + bundle install > diff --git a/lib/omniauth/remote-user.rb b/lib/omniauth/remote-user.rb > index b2d2514..eeffcc1 100644 > --- a/lib/omniauth/remote-user.rb > +++ b/lib/omniauth/remote-user.rb > @@ -3,6 +3,6 @@ require 'json' > > module OmniAuth > module Strategies > - autoload :RemoteUser, 'omniauth/strategies/remote_user' > + autoload :RemoteUser , 'omniauth/strategies/remote_user' > end > end
alteração inútil
... > diff --git a/lib/omniauth/strategies/remote_user.rb b/lib/omniauth/strategies/remote_user.rb > index 4e476cf..cb0526e 100644 > --- a/lib/omniauth/strategies/remote_user.rb > +++ b/lib/omniauth/strategies/remote_user.rb > @@ -1,32 +1,35 @@ > module OmniAuth > module Strategies > class RemoteUser > - > include OmniAuth::Strategy > - > - #option :cookie, 'rack.session' > + > option :cookie, '_gitlab_session'
A gente está escrevendo um plugin do omniauth e não pode ter nada hardcoded para o gitlab ... tem que restaurar nas instruções para aplicações rails tem que dizer como setar o nome do cookie que precisa ser apagado no logout. Talvez tenha uma forma de ler isso das configurações do rails e fazer com que seja automático.
... > option :internal_cookie, '_remote_user' > > def call(env) > remote_user = env['HTTP_REMOTE_USER'] > session_user = __current_user(env) > - if remote_user > - if session_user > - if remote_user == session_user > - super(env) > + > + if ! is_in_logout? (env) > + if remote_user > + if session_user > + if remote_user == session_user > + super(env) > + else > + __logout(env) || super(env) > + end > else > __login(env, remote_user) || super(env) > end > else > - __login(env, remote_user) || super(env) > + if session_user > + __logout(env) || super(env) > + else > + super(env) > + end > end > else > - if session_user > - __logout(env) || super(env) > - else > - super(env) > - end > + super env > end > end > > @@ -37,7 +40,7 @@ module OmniAuth > > def __logout(env) > request = Rack::Request.new(env) > - response = redirect_if_not_logging_in(request, request.path) > + response = redirect_if_not_logging_in(request, sign_out_path ) > if response > response.delete_cookie(options.cookie) > response.delete_cookie(options.internal_cookie) > @@ -47,18 +50,24 @@ module OmniAuth > > def __login(env, uid) > request = Rack::Request.new(env) > - response = redirect_if_not_logging_in(request, '/auth/remoteuser') > + response = redirect_if_not_logging_in(request, auth_path ) > if response > response.set_cookie(options.internal_cookie, uid) > response > end > end > > + def is_in_logout? (env) > + request = Rack::Request.new(env) > + request.path == sign_out_path > + end > + > def redirect_if_not_logging_in(request, url) > if ! [ > - '/auth/remoteuser', > - '/auth/remoteuser/callback' > - ].include?(request.path_info) > + sign_out_path, > + auth_path, > + callback_path > + ].include?(request.path_info) > response = Rack::Response.new > response.redirect url > response > @@ -81,11 +90,21 @@ module OmniAuth > end > > def request_phase > - form = OmniAuth::Form.new(:url => callback_path) > - form.html ' document.forms[0].submit(); ' > - form.to_response > + redirect callback_path > + end > + > + def callback_path > + "#{auth_path}/callback" > end > + > + def auth_path > + "#{path_prefix}/RemoteUser" > + end > + > + def sign_out_path > + '/users/sign_out' > + end
de novo coisas específicas do gitlab hardcoded. tem que ser uma opção também.
... > +
> end
> end
> end
> -
> diff --git a/omniauth-remote-user.gemspec b/omniauth-remote-user.gemspec
> index ab02bf3..c6a8e86 100644
> --- a/omniauth-remote-user.gemspec
> +++ b/omniauth-remote-user.gemspec
> @@ -14,9 +14,9 @@ Gem::Specification.new do |gem|
> gem.version = Omniauth::RemoteUser::VERSION
> gem.description = %q{Authentication with Remote-User HTTP header for Omniauth.}
> gem.summary = gem.description
> - gem.email = ['kanashiro.duarte@gmail.com', 'thiagitosouza@gmail.com', 'rodrigosiqueiramelo@gmail.com']
> + gem.email = ['kanashiro.duarte@gmail.com', 'thiagitosouza@gmail.com', 'rodrigosiqueiramelo@gmail.com','macartur.sc@gmail.com','Antonio Terceiro']
> gem.homepage = '
http://beta.softwarepublico.gov.br/gitlab/softwarepublico/omiauth-remote-user' > - gem.authors = ['Lucas Kanashiro', 'Thiago Ribeiro', 'Rodrigo Siqueira']
> + gem.authors = ['Lucas Kanashiro', 'Thiago Ribeiro', 'Rodrigo Siqueira','Macartur Sousa', 'Antonio Terceiro']
... > gem.require_paths = %w(lib) > gem.files = `git ls-files -z`.split("\x0").reject {|f| f.start_with?('spec/')} > gem.test_files = `git ls-files -- {test,spec,feature}/*`.split("\n") > diff --git a/spec/omniauth/strategies/remote_user_spec.rb b/spec/omniauth/strategies/remote_user_spec.rb > index 0e8e50c..e37ace9 100644 > --- a/spec/omniauth/strategies/remote_user_spec.rb > +++ b/spec/omniauth/strategies/remote_user_spec.rb > @@ -23,12 +23,12 @@ describe 'Test Strategy Remote_User' do > > context 'Without REMOTE_USER and logged in' do > before(:each){ > - clear_cookies > + clear_cookies > set_cookie "_gitlab_session=test" > set_cookie "_remote_user=test" > get '/', {}, {} > } > - > + > it 'Logout curreent user' do > cookie_session_str = "_gitlab_session=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000" << > "\n_remote_user=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000" > @@ -45,49 +45,48 @@ describe 'Test Strategy Remote_User' do > } > > it 'logs REMOTE_USER in' do > - expect(last_response.status).to eq(302) > + expect(last_response.status).to eq(302) > expect(last_response['Set-Cookie']).to eq('_remote_user=foobar') > end > end > > context 'With REMOTE_USER, logged in and current user equals REMOTE_USER' do > before(:each){ > - clear_cookies > + clear_cookies > set_cookie "_gitlab_session=foobar" > set_cookie "_remote_user=foobar" > get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' } > } > > it 'Do nothing' do > - cookie_session_str = "_gitlab_session=foobar\n_remote_user=foobar" > expect(last_request.cookies['_gitlab_session']).to eq('foobar') > expect(last_request.cookies['_remote_user']).to eq('foobar') > - expect(last_response.status).to eq(200) > - expect(last_response['Set-Cookie']).to eq(nil) > + expect(last_response.status).to eq(200) > + expect(last_response['Set-Cookie']).to eq(nil) > end > end > > context 'With REMOTE_USER, logged in and current user not equals REMOTE_USER' do > before(:each){ > - clear_cookies > + clear_cookies > set_cookie "_gitlab_session=foobar" > set_cookie "_remote_user=foobar" > get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar2' } > } > > - it 'Logout current user and login REMOTE_USER' do > + it 'Logout current user and login REMOTE_USER and no have _gitlab_session' do > expect(last_request.cookies['_gitlab_session']).to eq('foobar') > expect(last_request.cookies['_remote_user']).to eq('foobar') > - expect(last_response.status).to eq(302) > - expect(last_response['Set-Cookie']).to eq('_remote_user=foobar2') > + expect(last_response.status).to eq(302) > + expect(last_response['Set-Cookie']).to include('_gitlab_session=')
de novo coisas hardcoded to gitlab ...
... > end > end > > context 'Verify omniauth hash with REMOTE_USER_DATA' do > before(:each){ > clear_cookies > - post '/auth/remoteuser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar', > - 'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar', 'email' => 'foobar@test.com'})} > + post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar', > + 'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar', 'email' => 'foobar@test.com'})} > } > > it 'Verify uid' do > @@ -103,7 +102,7 @@ describe 'Test Strategy Remote_User' do > context 'Verify omniauth.auth info without REMOTE_USER_DATA' do > before(:each){ > clear_cookies > - post '/auth/remoteuser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar' } > + post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar' } > } > > it 'Verify uid' do > @@ -115,4 +114,3 @@ describe 'Test Strategy Remote_User' do > end > end > end > - > diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb > index 2f86151..68ae65c 100644 > --- a/spec/spec_helper.rb > +++ b/spec/spec_helper.rb > @@ -18,7 +18,7 @@ require 'omniauth/test' > Bundler.setup :default, :development, :test > > require 'rack/test' > -require 'omniauth/remote_user' > +require 'omniauth/remote-user' > > RSpec.configure do |config| > config.include Rack::Test::Methods --