Download as
Browse Code »

Commit 8fc7ea8897eb4bbdb3bd47caf8bb2e25cd6ea505

Authored by Thiago Ribeiro
1 parent c3d6bc81
Exists in master and in 2 other branches cookie-httponly, fix_last_path

Correct way the User data is passed. 

Signed-off-by: Macartur Sousa <macartur.sc@gmail.com>
Showing 5 changed files with 148 additions and 156 deletions   Show diff stats
Gemfile
  Diff comments   View file @8fc7ea8
... ... @@ -3,15 +3,15 @@ source &quot;http://rubygems.org&quot;
3 3 gemspec
4 4  
5 5 group :development do
6   - gem 'guard'
7   - gem 'guard-bundler'
8   - gem 'guard-rspec'
9   - gem 'rake'
  6 + gem 'guard'
  7 + gem 'guard-bundler'
  8 + gem 'guard-rspec'
  9 + gem 'rake'
10 10 end
11 11  
12 12 group :test do
13   - gem 'coveralls'
14   - gem 'rack-test'
15   - gem 'simplecov'
16   - gem 'rspec'
  13 + gem 'coveralls'
  14 + gem 'rack-test'
  15 + gem 'simplecov'
  16 + gem 'rspec'
17 17 end
... ...
Rakefile
  Diff comments   View file @8fc7ea8
... ... @@ -7,5 +7,3 @@ RSpec::Core::RakeTask.new(:spec)
7 7  
8 8 task :default => :spec
9 9 task :test => :spec
10   -
11   -
... ...
lib/omniauth-remote-user/version.rb
  Diff comments   View file @8fc7ea8
1 1 module Omniauth
2   - module RemoteUser
3   - VERSION = '0.0.1'
4   - end
  2 + module RemoteUser
  3 + VERSION = '0.0.1'
  4 + end
5 5 end
... ...
lib/omniauth/strategies/remote_user.rb
  Diff comments   View file @8fc7ea8
... ... @@ -2,38 +2,31 @@ module OmniAuth
2 2 module Strategies
3 3 class RemoteUser
4 4 include OmniAuth::Strategy
5   -
6   - option :internal_cookie, '_remote_user'
7   -
8   - def __write_file message
9   - file = File.open("/home/git/gitlab/log/remote_user.log",'a')
10   - file.write " \n #{message} \n"
11   - file.close
12   - end
13 5  
  6 + option :internal_cookie, '_remote_user'
14 7  
15 8 def call(env)
16 9  
17 10 remote_user = env['HTTP_REMOTE_USER']
18 11 session_user = __current_user(env)
19   -
20   - if remote_user
21   - if session_user
22   - if remote_user == session_user
23   - super(env)
24   - else
25   - __logout(env)
26   - end
  12 +
  13 + if remote_user
  14 + if session_user
  15 + if remote_user == session_user
  16 + super(env)
27 17 else
28   - __login(env, remote_user)
29   - end
30   - else
31   - if session_user
32 18 __logout(env)
33   - else
34   - super(env)
35 19 end
  20 + else
  21 + __login(env, remote_user)
  22 + end
  23 + else
  24 + if session_user
  25 + __logout(env)
  26 + else
  27 + super(env)
36 28 end
  29 + end
37 30 end
38 31  
39 32 def __current_user(env)
... ... @@ -43,7 +36,7 @@ module OmniAuth
43 36  
44 37 def __logout(env)
45 38 request = Rack::Request.new(env)
46   - request.session.clear
  39 + request.session.clear
47 40 response = redirect_if_not_logging_in(request, request.path )
48 41 if response
49 42 response.delete_cookie(options.internal_cookie , path: "#{request.script_name}" )
... ... @@ -62,15 +55,15 @@ module OmniAuth
62 55  
63 56 def redirect_if_not_logging_in(request, url)
64 57 if ! [
65   - _auth_path(request),
66   - _callback_path(request)
67   - ].include?(request.path_info)
  58 + _auth_path(request),
  59 + _callback_path(request)
  60 + ].include?(request.path_info)
68 61 response = Rack::Response.new
69 62 response.redirect url
70 63 response
71 64 end
72 65 end
73   -
  66 +
74 67  
75 68 uid do
76 69 request.env['HTTP_REMOTE_USER']
... ... @@ -80,7 +73,8 @@ module OmniAuth
80 73 user_data = request.env['HTTP_REMOTE_USER_DATA']
81 74 if user_data
82 75 data = JSON.parse(user_data)
83   - data['nickname'] = data['name']
  76 + data['nickname'] = data['firstname'] = data['name'].split()[0]
  77 + data['lastname'] = data['name'].split()[1]
84 78 data
85 79 else
86 80 {}
... ... @@ -88,15 +82,15 @@ module OmniAuth
88 82 end
89 83  
90 84 def request_phase
91   - redirect _callback_path(request)
  85 + redirect _callback_path(request)
92 86 end
93 87  
94 88 def _callback_path(request)
95   - "#{_auth_path(request)}/callback"
  89 + "#{_auth_path(request)}/callback"
96 90 end
97 91  
98 92 def _auth_path(request)
99   - "#{request.script_name}#{path_prefix}/RemoteUser"
  93 + "#{request.script_name}#{path_prefix}/RemoteUser"
100 94 end
101 95  
102 96 end
... ...
spec/omniauth/strategies/remote_user_spec.rb
  Diff comments   View file @8fc7ea8
1 1 require 'spec_helper'
2 2  
3 3 describe 'Test Strategy Remote_User' do
4   - let(:app) do
5   - Rack::Builder.new do |b|
6   - b.use Rack::Session::Cookie, :secret => 'abc123'
7   - b.use OmniAuth::Strategies::RemoteUser
8   - b.run lambda { |_env| [200, {}, ['My body']] }
9   - end.to_app
10   - end
11   -
12   - context 'Without REMOTE_USER and not logged in' do
13   - before(:each){
14   - get '/', {}, {}
15   - }
16   -
17   - it 'Do nothing' do
18   - expect(last_response.status).to eq(200)
19   - expect(last_request.cookies['_remote_user']).to eq(nil)
20   - expect(last_request.cookies['_gitlab_session']).to eq(nil)
21   - end
22   - end
23   -
24   - context 'Without REMOTE_USER and logged in' do
25   - before(:each){
26   - clear_cookies
27   - set_cookie "_gitlab_session=test"
28   - set_cookie "_remote_user=test"
29   - get '/', {}, {}
30   - }
31   -
32   - it 'Logout curreent user' do
33   - cookie_session_str = "_gitlab_session=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000" <<
34   - "\n_remote_user=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000"
35   - expect(last_request.cookies['_gitlab_session']).to eq('test')
36   - expect(last_request.cookies['_remote_user']).to eq('test')
37   - expect(last_response.status).to eq(302)
38   - expect(last_response['Set-Cookie']).to eq(cookie_session_str)
39   - end
40   - end
41   -
42   - context 'With REMOTE_USER and not logged in' do
43   - before(:each){
44   - get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
45   - }
46   -
47   - it 'logs REMOTE_USER in' do
48   - expect(last_response.status).to eq(302)
49   - expect(last_response['Set-Cookie']).to eq('_remote_user=foobar')
50   - end
51   - end
52   -
53   - context 'With REMOTE_USER, logged in and current user equals REMOTE_USER' do
54   - before(:each){
55   - clear_cookies
56   - set_cookie "_gitlab_session=foobar"
57   - set_cookie "_remote_user=foobar"
58   - get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
59   - }
60   -
61   - it 'Do nothing' do
62   - expect(last_request.cookies['_gitlab_session']).to eq('foobar')
63   - expect(last_request.cookies['_remote_user']).to eq('foobar')
64   - expect(last_response.status).to eq(200)
65   - expect(last_response['Set-Cookie']).to eq(nil)
66   - end
67   - end
68   -
69   - context 'With REMOTE_USER, logged in and current user not equals REMOTE_USER' do
70   - before(:each){
71   - clear_cookies
72   - set_cookie "_gitlab_session=foobar"
73   - set_cookie "_remote_user=foobar"
74   - get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar2' }
75   - }
76   -
77   - it 'Logout current user and login REMOTE_USER and no have _gitlab_session' do
78   - expect(last_request.cookies['_gitlab_session']).to eq('foobar')
79   - expect(last_request.cookies['_remote_user']).to eq('foobar')
80   - expect(last_response.status).to eq(302)
81   - expect(last_response['Set-Cookie']).to include('_gitlab_session=')
82   - end
83   - end
84   -
85   - context 'Verify omniauth hash with REMOTE_USER_DATA' do
86   - before(:each){
87   - clear_cookies
88   - post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar',
89   - 'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar', 'email' => 'foobar@test.com'})}
90   - }
91   -
92   - it 'Verify uid' do
93   - expect(last_request.env['omniauth.auth']['uid']).to eq('foobar')
94   - end
95   -
96   - it 'Verify info' do
97   - expect(last_request.env['omniauth.auth']['info']['nickname']).to eq('foobar')
98   - expect(last_request.env['omniauth.auth']['info']['email']).to eq('foobar@test.com')
99   - end
100   - end
101   -
102   - context 'Verify omniauth.auth info without REMOTE_USER_DATA' do
103   - before(:each){
104   - clear_cookies
105   - post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
106   - }
107   -
108   - it 'Verify uid' do
109   - expect(last_request.env['omniauth.auth']['uid']).to eq('foobar')
110   - end
111   -
112   - it 'Verify info' do
113   - expect(last_request.env['omniauth.auth']['info']).to eq({})
114   - end
115   - end
  4 + let(:app) do
  5 + Rack::Builder.new do |b|
  6 + b.use Rack::Session::Cookie, :secret => 'abc123'
  7 + b.use OmniAuth::Strategies::RemoteUser
  8 + b.run lambda { |_env| [200, {}, ['My body']] }
  9 + end.to_app
  10 + end
  11 +
  12 + context 'Without REMOTE_USER and not logged in' do
  13 + before(:each){
  14 + get '/', {}, {}
  15 + }
  16 +
  17 + it 'Do nothing' do
  18 + expect(last_response.status).to eq(200)
  19 + expect(last_request.cookies['_remote_user']).to eq(nil)
  20 + expect(last_request.cookies['_gitlab_session']).to eq(nil)
  21 + end
  22 + end
  23 +
  24 + context 'Without REMOTE_USER and logged in' do
  25 + before(:each){
  26 + clear_cookies
  27 + set_cookie "_gitlab_session=test"
  28 + set_cookie "_remote_user=test"
  29 + get '/', {}, {}
  30 + }
  31 +
  32 + it 'Logout curreent user' do
  33 + cookie_session_str = "_gitlab_session=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000" <<
  34 + "\n_remote_user=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000"
  35 + expect(last_request.cookies['_gitlab_session']).to eq('test')
  36 + expect(last_request.cookies['_remote_user']).to eq('test')
  37 + expect(last_response.status).to eq(302)
  38 + expect(last_response['Set-Cookie']).to eq(cookie_session_str)
  39 + end
  40 + end
  41 +
  42 + context 'With REMOTE_USER and not logged in' do
  43 + before(:each){
  44 + get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
  45 + }
  46 +
  47 + it 'logs REMOTE_USER in' do
  48 + expect(last_response.status).to eq(302)
  49 + expect(last_response['Set-Cookie']).to eq('_remote_user=foobar')
  50 + end
  51 + end
  52 +
  53 + context 'With REMOTE_USER, logged in and current user equals REMOTE_USER' do
  54 + before(:each){
  55 + clear_cookies
  56 + set_cookie "_gitlab_session=foobar"
  57 + set_cookie "_remote_user=foobar"
  58 + get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
  59 + }
  60 +
  61 + it 'Do nothing' do
  62 + expect(last_request.cookies['_gitlab_session']).to eq('foobar')
  63 + expect(last_request.cookies['_remote_user']).to eq('foobar')
  64 + expect(last_response.status).to eq(200)
  65 + expect(last_response['Set-Cookie']).to eq(nil)
  66 + end
  67 + end
  68 +
  69 + context 'With REMOTE_USER, logged in and current user not equals REMOTE_USER' do
  70 + before(:each){
  71 + clear_cookies
  72 + set_cookie "_gitlab_session=foobar"
  73 + set_cookie "_remote_user=foobar"
  74 + get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar2' }
  75 + }
  76 +
  77 + it 'Logout current user and login REMOTE_USER and no have _gitlab_session' do
  78 + expect(last_request.cookies['_gitlab_session']).to eq('foobar')
  79 + expect(last_request.cookies['_remote_user']).to eq('foobar')
  80 + expect(last_response.status).to eq(302)
  81 + expect(last_response['Set-Cookie']).to include('_gitlab_session=')
  82 + end
  83 + end
  84 +
  85 + context 'Verify omniauth hash with REMOTE_USER_DATA' do
  86 + before(:each){
  87 + clear_cookies
  88 + post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar',
  89 + 'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar', 'email' => 'foobar@test.com'})}
  90 + }
  91 +
  92 + it 'Verify uid' do
  93 + expect(last_request.env['omniauth.auth']['uid']).to eq('foobar')
  94 + end
  95 +
  96 + it 'Verify info' do
  97 + expect(last_request.env['omniauth.auth']['info']['nickname']).to eq('foobar')
  98 + expect(last_request.env['omniauth.auth']['info']['email']).to eq('foobar@test.com')
  99 + end
  100 + end
  101 +
  102 + context 'Verify omniauth.auth info without REMOTE_USER_DATA' do
  103 + before(:each){
  104 + clear_cookies
  105 + post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
  106 + }
  107 +
  108 + it 'Verify uid' do
  109 + expect(last_request.env['omniauth.auth']['uid']).to eq('foobar')
  110 + end
  111 +
  112 + it 'Verify info' do
  113 + expect(last_request.env['omniauth.auth']['info']).to eq({})
  114 + end
  115 + end
116 116 end
... ...