Download as
Browse Code »

Commit defa894e429101e64f2807e3930c26acac5fd9b8

Authored by Lucas Kanashiro
1 parent bd2e41b9
Exists in master and in 2 other branches cookie-httponly, fix_last_path

Added config.ru

Showing 1 changed file with 135 additions and 0 deletions   Show diff stats
config.ru 0 → 100644
  Diff comments   View file @defa894
... ... @@ -0,0 +1,135 @@
  1 +require 'sinatra'
  2 +require 'omniauth'
  3 +require 'json'
  4 +
  5 +module OmniAuth
  6 + module Strategies
  7 + class RemoteUser
  8 +
  9 + include OmniAuth::Strategy
  10 +
  11 + option :cookie, 'rack.session'
  12 + option :internal_cookie, '_remote_user'
  13 +
  14 + def call(env)
  15 + remote_user = env['HTTP_REMOTE_USER']
  16 + $stderr.puts('Remote-User: %s' % (remote_user || '(none'))
  17 + session_user = __current_user(env)
  18 + if remote_user
  19 + if session_user
  20 + if remote_user == session_user
  21 + super(env)
  22 + else
  23 + __login(env, remote_user) || super(env)
  24 + end
  25 + else
  26 + __login(env, remote_user) || super(env)
  27 + end
  28 + else
  29 + if session_user
  30 + __logout(env) || super(env)
  31 + else
  32 + super(env)
  33 + end
  34 + end
  35 + end
  36 +
  37 + def __current_user(env)
  38 + request = Rack::Request.new(env)
  39 + request.cookies.has_key?(options.internal_cookie) && request.cookies[options.internal_cookie]
  40 + end
  41 +
  42 + def __logout(env)
  43 + $stderr.puts 'LOGOUT'
  44 + request = Rack::Request.new(env)
  45 + response = redirect_if_not_logging_in(request, request.path)
  46 + if response
  47 + response.delete_cookie(options.cookie)
  48 + response.delete_cookie(options.internal_cookie)
  49 + response
  50 + end
  51 + end
  52 +
  53 + def __login(env, uid)
  54 + $stderr.puts 'LOGIN (%s)' % uid
  55 + request = Rack::Request.new(env)
  56 + response = redirect_if_not_logging_in(request, '/auth/remoteuser')
  57 + if response
  58 + response.set_cookie(options.internal_cookie, uid)
  59 + response
  60 + end
  61 + end
  62 +
  63 + def redirect_if_not_logging_in(request, url)
  64 + if ! [
  65 + '/auth/remoteuser',
  66 + '/auth/remoteuser/callback'
  67 + ].include?(request.path_info)
  68 + response = Rack::Response.new
  69 + response.redirect url
  70 + response
  71 + end
  72 + end
  73 +
  74 + uid do
  75 + request.env['HTTP_REMOTE_USER']
  76 + end
  77 +
  78 + info do
  79 + user_data = request.env['HTTP_REMOTE_USER_DATA']
  80 + if user_data
  81 + data = JSON.parse(user_data)
  82 + data['nickname'] = data['name']
  83 + data
  84 + else
  85 + {}
  86 + end
  87 + end
  88 +
  89 + def request_phase
  90 + form = OmniAuth::Form.new(:url => callback_path)
  91 + form.html '<script type="text/javascript"> document.forms[0].submit(); </script>'
  92 + form.to_response
  93 + end
  94 + end
  95 + end
  96 +end
  97 +
  98 +class MyApplication < Sinatra::Base
  99 + use Rack::Session::Cookie, secret: '123'
  100 +
  101 + STRATEGY = 'remoteuser'
  102 + use OmniAuth::Strategies::RemoteUser
  103 + #STRATEGY = 'developer'
  104 + #use OmniAuth::Strategies::Developer
  105 +
  106 + get '/login' do
  107 + redirect '/auth/%s' % STRATEGY
  108 + end
  109 +
  110 + get '/logout' do
  111 + session[:current_user] = nil
  112 + redirect '/'
  113 + end
  114 +
  115 + post '/auth/:provider/callback' do
  116 + session[:current_user] = request.env['omniauth.auth']['uid']
  117 + session[:current_user_email] = request.env['omniauth.auth']['info']['email']
  118 + session[:current_user_nickname] = request.env['omniauth.auth']['info']['nickname']
  119 +
  120 + redirect '/'
  121 + end
  122 +
  123 + get '/' do
  124 + user = session[:current_user]
  125 + if user
  126 + info = "(%s → %s)" % [session[:current_user_email], session[:current_user_nickname]]
  127 + user + info + ' <a href="/logout">logout</a>'
  128 + else
  129 + 'NOT AUTHENTICATED <a href="/login">login</a>'
  130 + end
  131 + end
  132 +end
  133 +
  134 +run MyApplication
  135 +
... ...