env.rb
1.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# Based on code from the oa-env gem
require 'omniauth'
require 'omniauth-ldap/adaptor'
module OmniAuth
module Strategies
class Env
include OmniAuth::Strategy
def env_user
if env['HTTP_REMOTE_USER'] && env['HTTP_REMOTE_USER'] != ''
env['HTTP_REMOTE_USER']
else
env['HTTP_X_FORWARDED_USER']
end
end
def request_phase
@user_data = {}
return fail!(:no_user) unless env_user
@uid = env_user.gsub(/@.*/, '')
# fill in some defaults
@user_data[:name] = @uid
@user_data[:email] = env_user
fill_ldap_info unless @options.empty?
@env['omniauth.auth'] = auth_hash
@env['REQUEST_METHOD'] = 'GET'
@env['PATH_INFO'] = "#{OmniAuth.config.path_prefix}/#{name}/callback"
call_app!
end
uid { @uid }
info { @user_data }
private
def fill_ldap_info
ldap = Net::LDAP.new :host => @options[:host],
:port => @options[:port],
:auth => {
:method => :simple,
:username => @options[:bind_dn],
:password => @options[:password]
}
filter = Net::LDAP::Filter.eq('uid', @uid)
ldap.search(:base => @options[:base], filter: filter) do |entry|
@user_data[:name] = "#{entry.givenname.first} #{entry.sn.first}"
@user_data[:email] = entry.mail.first
end
end
end
end
end