Download as
Browse Code »

Commit c3d6bc81407b7e790dbed069cc139d40c99a8382

Authored by Macartur Sousa
1 parent 3cec0f79
Exists in master and in 2 other branches cookie-httponly, fix_last_path

Refectored relative_url_path

Showing 2 changed files with 83 additions and 62 deletions   Show diff stats
@@ -5,32 +5,43 @@ require 'json' @@ -5,32 +5,43 @@ require 'json'
5 module OmniAuth 5 module OmniAuth
6 module Strategies 6 module Strategies
7 class RemoteUser 7 class RemoteUser
8 -  
9 include OmniAuth::Strategy 8 include OmniAuth::Strategy
10 -  
11 - option :cookie, 'rack.session' 9 +
  10 + option :cookie, '_gitlab_session'
12 option :internal_cookie, '_remote_user' 11 option :internal_cookie, '_remote_user'
13 12
14 def call(env) 13 def call(env)
  14 +
15 remote_user = env['HTTP_REMOTE_USER'] 15 remote_user = env['HTTP_REMOTE_USER']
16 - $stderr.puts('Remote-User: %s' % (remote_user || '(none')) 16 +
  17 +# $stderr.puts('Remote-User: %s ' % (remote_user || '(none)'))
  18 +
  19 + # $stderr.puts('relative_url: %s ' % ( env['SCRIPT_NAME'] ))
  20 + # :script_name - Specifies application path relative to domain root. If provided, prepends application path.
  21 + # http://api.rubyonrails.org/classes/ActionDispatch/Routing/UrlFor.html
  22 +
17 session_user = __current_user(env) 23 session_user = __current_user(env)
18 - if remote_user  
19 - if session_user  
20 - if remote_user == session_user  
21 - super(env) 24 +
  25 + if ! is_in_logout? (env)
  26 + if remote_user
  27 + if session_user
  28 + if remote_user == session_user
  29 + super(env)
  30 + else
  31 + __logout(env) || super(env)
  32 + end
22 else 33 else
23 __login(env, remote_user) || super(env) 34 __login(env, remote_user) || super(env)
24 end 35 end
25 else 36 else
26 - __login(env, remote_user) || super(env) 37 + if session_user
  38 + __logout(env) || super(env)
  39 + else
  40 + super(env)
  41 + end
27 end 42 end
28 else 43 else
29 - if session_user  
30 - __logout(env) || super(env)  
31 - else  
32 - super(env)  
33 - end 44 + super env
34 end 45 end
35 end 46 end
36 47
@@ -40,9 +51,8 @@ module OmniAuth @@ -40,9 +51,8 @@ module OmniAuth
40 end 51 end
41 52
42 def __logout(env) 53 def __logout(env)
43 - $stderr.puts 'LOGOUT'  
44 request = Rack::Request.new(env) 54 request = Rack::Request.new(env)
45 - response = redirect_if_not_logging_in(request, request.path) 55 + response = redirect_if_not_logging_in(request, sign_out_path )
46 if response 56 if response
47 response.delete_cookie(options.cookie) 57 response.delete_cookie(options.cookie)
48 response.delete_cookie(options.internal_cookie) 58 response.delete_cookie(options.internal_cookie)
@@ -51,20 +61,25 @@ module OmniAuth @@ -51,20 +61,25 @@ module OmniAuth
51 end 61 end
52 62
53 def __login(env, uid) 63 def __login(env, uid)
54 - $stderr.puts 'LOGIN (%s)' % uid  
55 request = Rack::Request.new(env) 64 request = Rack::Request.new(env)
56 - response = redirect_if_not_logging_in(request, '/auth/remoteuser') 65 + response = redirect_if_not_logging_in(request, auth_path )
57 if response 66 if response
58 response.set_cookie(options.internal_cookie, uid) 67 response.set_cookie(options.internal_cookie, uid)
59 response 68 response
60 end 69 end
61 end 70 end
62 71
  72 + def is_in_logout? (env)
  73 + request = Rack::Request.new(env)
  74 + request.path == sign_out_path
  75 + end
  76 +
63 def redirect_if_not_logging_in(request, url) 77 def redirect_if_not_logging_in(request, url)
64 if ! [ 78 if ! [
65 - '/auth/remoteuser',  
66 - '/auth/remoteuser/callback'  
67 - ].include?(request.path_info) 79 + sign_out_path,
  80 + auth_path,
  81 + callback_path
  82 + ].include?(request.path_info)
68 response = Rack::Response.new 83 response = Rack::Response.new
69 response.redirect url 84 response.redirect url
70 response 85 response
@@ -87,10 +102,21 @@ module OmniAuth @@ -87,10 +102,21 @@ module OmniAuth
87 end 102 end
88 103
89 def request_phase 104 def request_phase
90 - form = OmniAuth::Form.new(:url => callback_path)  
91 - form.html '<script type="text/javascript"> document.forms[0].submit(); </script>'  
92 - form.to_response 105 + redirect callback_path
  106 + end
  107 +
  108 + def callback_path
  109 + "#{auth_path}/callback"
  110 + end
  111 +
  112 + def auth_path
  113 + "#{path_prefix}/RemoteUser"
93 end 114 end
  115 +
  116 + def sign_out_path
  117 + '/users/sign_out'
  118 + end
  119 +
94 end 120 end
95 end 121 end
96 end 122 end
@@ -98,13 +124,14 @@ end @@ -98,13 +124,14 @@ end
98 class MyApplication < Sinatra::Base 124 class MyApplication < Sinatra::Base
99 use Rack::Session::Cookie, secret: '123' 125 use Rack::Session::Cookie, secret: '123'
100 126
101 - STRATEGY = 'remoteuser' 127 + STRATEGY = 'RemoteUser'
102 use OmniAuth::Strategies::RemoteUser 128 use OmniAuth::Strategies::RemoteUser
103 #STRATEGY = 'developer' 129 #STRATEGY = 'developer'
104 #use OmniAuth::Strategies::Developer 130 #use OmniAuth::Strategies::Developer
105 131
  132 +
106 get '/login' do 133 get '/login' do
107 - redirect '/auth/%s' % STRATEGY 134 + redirect '/gitlab/auth/%s' % STRATEGY
108 end 135 end
109 136
110 get '/logout' do 137 get '/logout' do
lib/omniauth/strategies/remote_user.rb
  Diff comments   View file @c3d6bc8
@@ -3,34 +3,37 @@ module OmniAuth @@ -3,34 +3,37 @@ module OmniAuth
3 class RemoteUser 3 class RemoteUser
4 include OmniAuth::Strategy 4 include OmniAuth::Strategy
5 5
6 - option :cookie, '_gitlab_session'  
7 option :internal_cookie, '_remote_user' 6 option :internal_cookie, '_remote_user'
8 7
  8 + def __write_file message
  9 + file = File.open("/home/git/gitlab/log/remote_user.log",'a')
  10 + file.write " \n #{message} \n"
  11 + file.close
  12 + end
  13 +
  14 +
9 def call(env) 15 def call(env)
  16 +
10 remote_user = env['HTTP_REMOTE_USER'] 17 remote_user = env['HTTP_REMOTE_USER']
11 session_user = __current_user(env) 18 session_user = __current_user(env)
12 -  
13 - if ! is_in_logout? (env)  
14 - if remote_user 19 +
  20 + if remote_user
15 if session_user 21 if session_user
16 if remote_user == session_user 22 if remote_user == session_user
17 super(env) 23 super(env)
18 else 24 else
19 - __logout(env) || super(env) 25 + __logout(env)
20 end 26 end
21 else 27 else
22 - __login(env, remote_user) || super(env) 28 + __login(env, remote_user)
23 end 29 end
24 else 30 else
25 if session_user 31 if session_user
26 - __logout(env) || super(env) 32 + __logout(env)
27 else 33 else
28 super(env) 34 super(env)
29 end 35 end
30 end 36 end
31 - else  
32 - super env  
33 - end  
34 end 37 end
35 38
36 def __current_user(env) 39 def __current_user(env)
@@ -40,39 +43,34 @@ module OmniAuth @@ -40,39 +43,34 @@ module OmniAuth
40 43
41 def __logout(env) 44 def __logout(env)
42 request = Rack::Request.new(env) 45 request = Rack::Request.new(env)
43 - response = redirect_if_not_logging_in(request, sign_out_path ) 46 + request.session.clear
  47 + response = redirect_if_not_logging_in(request, request.path )
44 if response 48 if response
45 - response.delete_cookie(options.cookie)  
46 - response.delete_cookie(options.internal_cookie)  
47 - response 49 + response.delete_cookie(options.internal_cookie , path: "#{request.script_name}" )
  50 + response.finish
48 end 51 end
49 end 52 end
50 53
51 def __login(env, uid) 54 def __login(env, uid)
52 request = Rack::Request.new(env) 55 request = Rack::Request.new(env)
53 - response = redirect_if_not_logging_in(request, auth_path ) 56 + response = redirect_if_not_logging_in(request,_auth_path(request) )
54 if response 57 if response
55 - response.set_cookie(options.internal_cookie, uid)  
56 - response 58 + response.set_cookie(options.internal_cookie, {value: uid , path: "#{request.script_name}"})
  59 + response.finish
57 end 60 end
58 end 61 end
59 62
60 - def is_in_logout? (env)  
61 - request = Rack::Request.new(env)  
62 - request.path == sign_out_path  
63 - end  
64 -  
65 def redirect_if_not_logging_in(request, url) 63 def redirect_if_not_logging_in(request, url)
66 if ! [ 64 if ! [
67 - sign_out_path,  
68 - auth_path,  
69 - callback_path  
70 - ].include?(request.path_info) 65 + _auth_path(request),
  66 + _callback_path(request)
  67 + ].include?(request.path_info)
71 response = Rack::Response.new 68 response = Rack::Response.new
72 response.redirect url 69 response.redirect url
73 response 70 response
74 end 71 end
75 end 72 end
  73 +
76 74
77 uid do 75 uid do
78 request.env['HTTP_REMOTE_USER'] 76 request.env['HTTP_REMOTE_USER']
@@ -90,21 +88,17 @@ module OmniAuth @@ -90,21 +88,17 @@ module OmniAuth
90 end 88 end
91 89
92 def request_phase 90 def request_phase
93 - redirect callback_path 91 + redirect _callback_path(request)
94 end 92 end
95 93
96 - def callback_path  
97 - "#{auth_path}/callback" 94 + def _callback_path(request)
  95 + "#{_auth_path(request)}/callback"
98 end 96 end
99 97
100 - def auth_path  
101 - "#{path_prefix}/RemoteUser" 98 + def _auth_path(request)
  99 + "#{request.script_name}#{path_prefix}/RemoteUser"
102 end 100 end
103 -  
104 - def sign_out_path  
105 - '/users/sign_out'  
106 - end  
107 - 101 +
108 end 102 end
109 end 103 end
110 end 104 end