Commit eef50e7875bb7ed4b43b42b23db1d74eed62a047

Authored by Lucas Kanashiro
1 parent c9f5fce2

Added new strategy

This strategy was tested with apache and sinatra application

Signed-off-by: Lucas Kanashiro <kanashiro.duarte@gmail.com>
Signed-off-by: Rodrigo Siqueira <rodrigosiqueiramelo@gmail.com>
Signed-off-by: Antonio Terceiro <terceiro@softwarelivre.org>
lib/omniauth/remote_user.rb
1 1 require 'omniauth'
  2 +require 'json'
2 3  
3 4 module OmniAuth
4 5 module Strategies
... ...
lib/omniauth/strategies/remote_user.rb
1 1 module OmniAuth
2 2 module Strategies
3 3 class RemoteUser
  4 +
4 5 include OmniAuth::Strategy
5 6  
6   - option :fields, [:name, :email]
7   - option :uid_field, :email
  7 + #option :cookie, 'rack.session'
  8 + option :cookie, '_gitlab_session'
  9 + option :internal_cookie, '_remote_user'
8 10  
9 11 def call(env)
10   - request = Rack::Request.new env
11   - cookies = request.cookies["_gitlab_session"]
12   - remote_user = env["HTTP_REMOTE_USER"]
13   - unless remote_user.empty? && cookies.empty?
14   - super(env)
  12 + remote_user = env['HTTP_REMOTE_USER']
  13 + $stderr.puts('Remote-User: %s' % (remote_user || '(none'))
  14 + session_user = __current_user(env)
  15 + if remote_user
  16 + if session_user
  17 + if remote_user == session_user
  18 + super(env)
  19 + else
  20 + __login(env, remote_user) || super(env)
  21 + end
  22 + else
  23 + __login(env, remote_user) || super(env)
  24 + end
  25 + else
  26 + if session_user
  27 + __logout(env) || super(env)
  28 + else
  29 + super(env)
  30 + end
15 31 end
16 32 end
17 33  
18   - def request_phase
19   - @user_data = {}
20   - @uid = env
21   - return fail!(:no_remote_user) unless @uid
  34 + def __current_user(env)
  35 + request = Rack::Request.new(env)
  36 + request.cookies.has_key?(options.internal_cookie) && request.cookies[options.internal_cookie]
  37 + end
22 38  
23   - @user_data[:name] = @uid['NAME']
24   - @user_data[:email] = @uid['EMAIL']
  39 + def __logout(env)
  40 + $stderr.puts 'LOGOUT'
  41 + request = Rack::Request.new(env)
  42 + response = redirect_if_not_logging_in(request, request.path)
  43 + if response
  44 + response.delete_cookie(options.cookie)
  45 + response.delete_cookie(options.internal_cookie)
  46 + response
  47 + end
  48 + end
25 49  
26   - @env['omniauth.auth'] = auth_hash
27   - @env['REQUEST_METHOD'] = 'GET'
28   - @env['PATH_INFO'] = "#{OmniAuth.config.path_prefix}/#{name}/callback"
  50 + def __login(env, uid)
  51 + $stderr.puts 'LOGIN (%s)' % uid
  52 + request = Rack::Request.new(env)
  53 + response = redirect_if_not_logging_in(request, '/auth/remoteuser')
  54 + if response
  55 + response.set_cookie(options.internal_cookie, uid)
  56 + response
  57 + end
  58 + end
29 59  
30   - call_app!
  60 + def redirect_if_not_logging_in(request, url)
  61 + if ! [
  62 + '/auth/remoteuser',
  63 + '/auth/remoteuser/callback'
  64 + ].include?(request.path_info)
  65 + response = Rack::Response.new
  66 + response.redirect url
  67 + response
  68 + end
31 69 end
32 70  
33   - uid { @uid['NAME'] }
34   - info{ @user_data }
  71 + uid do
  72 + request.env['HTTP_REMOTE_USER']
  73 + end
35 74  
36   - def callback_phase
37   - fail(:invalid_request)
  75 + info do
  76 + user_data = request.env['HTTP_REMOTE_USER_DATA']
  77 + if user_data
  78 + data = JSON.parse(user_data)
  79 + data['nickname'] = data['name']
  80 + data
  81 + else
  82 + {}
  83 + end
38 84 end
39 85  
40   - def auth_hash
41   - Omniauth::Utils.deep_merge(super, {'uid' => @uid})
  86 + def request_phase
  87 + form = OmniAuth::Form.new(:url => callback_path)
  88 + form.html '<script type="text/javascript"> document.forms[0].submit(); </script>'
  89 + form.to_response
42 90 end
43 91 end
44 92 end
45 93 end
  94 +
... ...