remote_user.rb
2.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
module OmniAuth
module Strategies
class RemoteUser
include OmniAuth::Strategy
option :internal_cookie, '_remote_user'
def call(env)
remote_user = env['HTTP_REMOTE_USER']
session_user = __current_user(env)
if remote_user
if session_user
if remote_user == session_user
super(env)
else
__logout(env)
end
else
__login(env, remote_user)
end
else
if session_user
__logout(env)
else
super(env)
end
end
end
def __current_user(env)
request = Rack::Request.new(env)
request.cookies.has_key?(options.internal_cookie) && request.cookies[options.internal_cookie]
end
def __logout(env)
request = Rack::Request.new(env)
request.session.clear
response = redirect_if_not_logging_in(request, request.path )
if response
response.delete_cookie(options.internal_cookie , path: "#{request.script_name}" )
response.finish
end
end
def __login(env, uid)
request = Rack::Request.new(env)
response = redirect_if_not_logging_in(request,_auth_path(request) )
if response
response.set_cookie(options.internal_cookie, {value: uid , path: "#{request.script_name}"})
response.finish
end
end
def redirect_if_not_logging_in(request, url)
if ! [
_auth_path(request),
_callback_path(request)
].include?(request.path_info)
response = Rack::Response.new
response.redirect url
response
end
end
uid do
request.env['HTTP_REMOTE_USER']
end
info do
user_data = request.env['HTTP_REMOTE_USER_DATA']
if user_data
data = JSON.parse(user_data)
data['nickname'] = uid
data['firstname'] = data['name'].split()[0]
data['lastname'] = data['name'].split()[1]
data
else
{}
end
end
def request_phase
redirect _callback_path(request)
end
def _callback_path(request)
"#{_auth_path(request)}/callback"
end
def _auth_path(request)
"#{request.script_name}#{path_prefix}/RemoteUser"
end
end
end
end