Commit eef50e7875bb7ed4b43b42b23db1d74eed62a047
1 parent
c9f5fce2
Exists in
master
and in
2 other branches
Added new strategy
This strategy was tested with apache and sinatra application Signed-off-by: Lucas Kanashiro <kanashiro.duarte@gmail.com> Signed-off-by: Rodrigo Siqueira <rodrigosiqueiramelo@gmail.com> Signed-off-by: Antonio Terceiro <terceiro@softwarelivre.org>
Showing
2 changed files
with
73 additions
and
23 deletions
Show diff stats
lib/omniauth/remote_user.rb
lib/omniauth/strategies/remote_user.rb
1 | 1 | module OmniAuth |
2 | 2 | module Strategies |
3 | 3 | class RemoteUser |
4 | + | |
4 | 5 | include OmniAuth::Strategy |
5 | 6 | |
6 | - option :fields, [:name, :email] | |
7 | - option :uid_field, :email | |
7 | + #option :cookie, 'rack.session' | |
8 | + option :cookie, '_gitlab_session' | |
9 | + option :internal_cookie, '_remote_user' | |
8 | 10 | |
9 | 11 | def call(env) |
10 | - request = Rack::Request.new env | |
11 | - cookies = request.cookies["_gitlab_session"] | |
12 | - remote_user = env["HTTP_REMOTE_USER"] | |
13 | - unless remote_user.empty? && cookies.empty? | |
14 | - super(env) | |
12 | + remote_user = env['HTTP_REMOTE_USER'] | |
13 | + $stderr.puts('Remote-User: %s' % (remote_user || '(none')) | |
14 | + session_user = __current_user(env) | |
15 | + if remote_user | |
16 | + if session_user | |
17 | + if remote_user == session_user | |
18 | + super(env) | |
19 | + else | |
20 | + __login(env, remote_user) || super(env) | |
21 | + end | |
22 | + else | |
23 | + __login(env, remote_user) || super(env) | |
24 | + end | |
25 | + else | |
26 | + if session_user | |
27 | + __logout(env) || super(env) | |
28 | + else | |
29 | + super(env) | |
30 | + end | |
15 | 31 | end |
16 | 32 | end |
17 | 33 | |
18 | - def request_phase | |
19 | - @user_data = {} | |
20 | - @uid = env | |
21 | - return fail!(:no_remote_user) unless @uid | |
34 | + def __current_user(env) | |
35 | + request = Rack::Request.new(env) | |
36 | + request.cookies.has_key?(options.internal_cookie) && request.cookies[options.internal_cookie] | |
37 | + end | |
22 | 38 | |
23 | - @user_data[:name] = @uid['NAME'] | |
24 | - @user_data[:email] = @uid['EMAIL'] | |
39 | + def __logout(env) | |
40 | + $stderr.puts 'LOGOUT' | |
41 | + request = Rack::Request.new(env) | |
42 | + response = redirect_if_not_logging_in(request, request.path) | |
43 | + if response | |
44 | + response.delete_cookie(options.cookie) | |
45 | + response.delete_cookie(options.internal_cookie) | |
46 | + response | |
47 | + end | |
48 | + end | |
25 | 49 | |
26 | - @env['omniauth.auth'] = auth_hash | |
27 | - @env['REQUEST_METHOD'] = 'GET' | |
28 | - @env['PATH_INFO'] = "#{OmniAuth.config.path_prefix}/#{name}/callback" | |
50 | + def __login(env, uid) | |
51 | + $stderr.puts 'LOGIN (%s)' % uid | |
52 | + request = Rack::Request.new(env) | |
53 | + response = redirect_if_not_logging_in(request, '/auth/remoteuser') | |
54 | + if response | |
55 | + response.set_cookie(options.internal_cookie, uid) | |
56 | + response | |
57 | + end | |
58 | + end | |
29 | 59 | |
30 | - call_app! | |
60 | + def redirect_if_not_logging_in(request, url) | |
61 | + if ! [ | |
62 | + '/auth/remoteuser', | |
63 | + '/auth/remoteuser/callback' | |
64 | + ].include?(request.path_info) | |
65 | + response = Rack::Response.new | |
66 | + response.redirect url | |
67 | + response | |
68 | + end | |
31 | 69 | end |
32 | 70 | |
33 | - uid { @uid['NAME'] } | |
34 | - info{ @user_data } | |
71 | + uid do | |
72 | + request.env['HTTP_REMOTE_USER'] | |
73 | + end | |
35 | 74 | |
36 | - def callback_phase | |
37 | - fail(:invalid_request) | |
75 | + info do | |
76 | + user_data = request.env['HTTP_REMOTE_USER_DATA'] | |
77 | + if user_data | |
78 | + data = JSON.parse(user_data) | |
79 | + data['nickname'] = data['name'] | |
80 | + data | |
81 | + else | |
82 | + {} | |
83 | + end | |
38 | 84 | end |
39 | 85 | |
40 | - def auth_hash | |
41 | - Omniauth::Utils.deep_merge(super, {'uid' => @uid}) | |
86 | + def request_phase | |
87 | + form = OmniAuth::Form.new(:url => callback_path) | |
88 | + form.html '<script type="text/javascript"> document.forms[0].submit(); </script>' | |
89 | + form.to_response | |
42 | 90 | end |
43 | 91 | end |
44 | 92 | end |
45 | 93 | end |
94 | + | ... | ... |