Download as
Browse Code »

Commit c3d6bc81407b7e790dbed069cc139d40c99a8382

Authored by Macartur Sousa
1 parent 3cec0f79
Exists in master and in 2 other branches cookie-httponly, fix_last_path

Refectored relative_url_path

Showing 2 changed files with 83 additions and 62 deletions   Show diff stats
config.ru
  Diff comments   View file @c3d6bc8
... ... @@ -5,32 +5,43 @@ require 'json'
5 5 module OmniAuth
6 6 module Strategies
7 7 class RemoteUser
8   -
9 8 include OmniAuth::Strategy
10   -
11   - option :cookie, 'rack.session'
  9 +
  10 + option :cookie, '_gitlab_session'
12 11 option :internal_cookie, '_remote_user'
13 12  
14 13 def call(env)
  14 +
15 15 remote_user = env['HTTP_REMOTE_USER']
16   - $stderr.puts('Remote-User: %s' % (remote_user || '(none'))
  16 +
  17 +# $stderr.puts('Remote-User: %s ' % (remote_user || '(none)'))
  18 +
  19 + # $stderr.puts('relative_url: %s ' % ( env['SCRIPT_NAME'] ))
  20 + # :script_name - Specifies application path relative to domain root. If provided, prepends application path.
  21 + # http://api.rubyonrails.org/classes/ActionDispatch/Routing/UrlFor.html
  22 +
17 23 session_user = __current_user(env)
18   - if remote_user
19   - if session_user
20   - if remote_user == session_user
21   - super(env)
  24 +
  25 + if ! is_in_logout? (env)
  26 + if remote_user
  27 + if session_user
  28 + if remote_user == session_user
  29 + super(env)
  30 + else
  31 + __logout(env) || super(env)
  32 + end
22 33 else
23 34 __login(env, remote_user) || super(env)
24 35 end
25 36 else
26   - __login(env, remote_user) || super(env)
  37 + if session_user
  38 + __logout(env) || super(env)
  39 + else
  40 + super(env)
  41 + end
27 42 end
28 43 else
29   - if session_user
30   - __logout(env) || super(env)
31   - else
32   - super(env)
33   - end
  44 + super env
34 45 end
35 46 end
36 47  
... ... @@ -40,9 +51,8 @@ module OmniAuth
40 51 end
41 52  
42 53 def __logout(env)
43   - $stderr.puts 'LOGOUT'
44 54 request = Rack::Request.new(env)
45   - response = redirect_if_not_logging_in(request, request.path)
  55 + response = redirect_if_not_logging_in(request, sign_out_path )
46 56 if response
47 57 response.delete_cookie(options.cookie)
48 58 response.delete_cookie(options.internal_cookie)
... ... @@ -51,20 +61,25 @@ module OmniAuth
51 61 end
52 62  
53 63 def __login(env, uid)
54   - $stderr.puts 'LOGIN (%s)' % uid
55 64 request = Rack::Request.new(env)
56   - response = redirect_if_not_logging_in(request, '/auth/remoteuser')
  65 + response = redirect_if_not_logging_in(request, auth_path )
57 66 if response
58 67 response.set_cookie(options.internal_cookie, uid)
59 68 response
60 69 end
61 70 end
62 71  
  72 + def is_in_logout? (env)
  73 + request = Rack::Request.new(env)
  74 + request.path == sign_out_path
  75 + end
  76 +
63 77 def redirect_if_not_logging_in(request, url)
64 78 if ! [
65   - '/auth/remoteuser',
66   - '/auth/remoteuser/callback'
67   - ].include?(request.path_info)
  79 + sign_out_path,
  80 + auth_path,
  81 + callback_path
  82 + ].include?(request.path_info)
68 83 response = Rack::Response.new
69 84 response.redirect url
70 85 response
... ... @@ -87,10 +102,21 @@ module OmniAuth
87 102 end
88 103  
89 104 def request_phase
90   - form = OmniAuth::Form.new(:url => callback_path)
91   - form.html '<script type="text/javascript"> document.forms[0].submit(); </script>'
92   - form.to_response
  105 + redirect callback_path
  106 + end
  107 +
  108 + def callback_path
  109 + "#{auth_path}/callback"
  110 + end
  111 +
  112 + def auth_path
  113 + "#{path_prefix}/RemoteUser"
93 114 end
  115 +
  116 + def sign_out_path
  117 + '/users/sign_out'
  118 + end
  119 +
94 120 end
95 121 end
96 122 end
... ... @@ -98,13 +124,14 @@ end
98 124 class MyApplication < Sinatra::Base
99 125 use Rack::Session::Cookie, secret: '123'
100 126  
101   - STRATEGY = 'remoteuser'
  127 + STRATEGY = 'RemoteUser'
102 128 use OmniAuth::Strategies::RemoteUser
103 129 #STRATEGY = 'developer'
104 130 #use OmniAuth::Strategies::Developer
105 131  
  132 +
106 133 get '/login' do
107   - redirect '/auth/%s' % STRATEGY
  134 + redirect '/gitlab/auth/%s' % STRATEGY
108 135 end
109 136  
110 137 get '/logout' do
... ...
lib/omniauth/strategies/remote_user.rb
  Diff comments   View file @c3d6bc8
... ... @@ -3,34 +3,37 @@ module OmniAuth
3 3 class RemoteUser
4 4 include OmniAuth::Strategy
5 5  
6   - option :cookie, '_gitlab_session'
7 6 option :internal_cookie, '_remote_user'
8 7  
  8 + def __write_file message
  9 + file = File.open("/home/git/gitlab/log/remote_user.log",'a')
  10 + file.write " \n #{message} \n"
  11 + file.close
  12 + end
  13 +
  14 +
9 15 def call(env)
  16 +
10 17 remote_user = env['HTTP_REMOTE_USER']
11 18 session_user = __current_user(env)
12   -
13   - if ! is_in_logout? (env)
14   - if remote_user
  19 +
  20 + if remote_user
15 21 if session_user
16 22 if remote_user == session_user
17 23 super(env)
18 24 else
19   - __logout(env) || super(env)
  25 + __logout(env)
20 26 end
21 27 else
22   - __login(env, remote_user) || super(env)
  28 + __login(env, remote_user)
23 29 end
24 30 else
25 31 if session_user
26   - __logout(env) || super(env)
  32 + __logout(env)
27 33 else
28 34 super(env)
29 35 end
30 36 end
31   - else
32   - super env
33   - end
34 37 end
35 38  
36 39 def __current_user(env)
... ... @@ -40,39 +43,34 @@ module OmniAuth
40 43  
41 44 def __logout(env)
42 45 request = Rack::Request.new(env)
43   - response = redirect_if_not_logging_in(request, sign_out_path )
  46 + request.session.clear
  47 + response = redirect_if_not_logging_in(request, request.path )
44 48 if response
45   - response.delete_cookie(options.cookie)
46   - response.delete_cookie(options.internal_cookie)
47   - response
  49 + response.delete_cookie(options.internal_cookie , path: "#{request.script_name}" )
  50 + response.finish
48 51 end
49 52 end
50 53  
51 54 def __login(env, uid)
52 55 request = Rack::Request.new(env)
53   - response = redirect_if_not_logging_in(request, auth_path )
  56 + response = redirect_if_not_logging_in(request,_auth_path(request) )
54 57 if response
55   - response.set_cookie(options.internal_cookie, uid)
56   - response
  58 + response.set_cookie(options.internal_cookie, {value: uid , path: "#{request.script_name}"})
  59 + response.finish
57 60 end
58 61 end
59 62  
60   - def is_in_logout? (env)
61   - request = Rack::Request.new(env)
62   - request.path == sign_out_path
63   - end
64   -
65 63 def redirect_if_not_logging_in(request, url)
66 64 if ! [
67   - sign_out_path,
68   - auth_path,
69   - callback_path
70   - ].include?(request.path_info)
  65 + _auth_path(request),
  66 + _callback_path(request)
  67 + ].include?(request.path_info)
71 68 response = Rack::Response.new
72 69 response.redirect url
73 70 response
74 71 end
75 72 end
  73 +
76 74  
77 75 uid do
78 76 request.env['HTTP_REMOTE_USER']
... ... @@ -90,21 +88,17 @@ module OmniAuth
90 88 end
91 89  
92 90 def request_phase
93   - redirect callback_path
  91 + redirect _callback_path(request)
94 92 end
95 93  
96   - def callback_path
97   - "#{auth_path}/callback"
  94 + def _callback_path(request)
  95 + "#{_auth_path(request)}/callback"
98 96 end
99 97  
100   - def auth_path
101   - "#{path_prefix}/RemoteUser"
  98 + def _auth_path(request)
  99 + "#{request.script_name}#{path_prefix}/RemoteUser"
102 100 end
103   -
104   - def sign_out_path
105   - '/users/sign_out'
106   - end
107   -
  101 +
108 102 end
109 103 end
110 104 end
... ...