Merge Request #6

← To merge requests From fix_last_path into master
Open
softwarepublico/omniauth-remote-user!6
Created by Macartur Sousa

Fix last path

Added currect redirect using request path before login.

Assignee: Antonio Terceiro
Milestone: None
This can't be merged automatically, even if it could be merged you don't have the permission to do so.
This can be merged automatically but you don't have the permission to do so.
Commits (5)
2 participants
Showing 4 changed files   Show diff stats
1 require 'sinatra' 1 require 'sinatra'
2 require 'omniauth' 2 require 'omniauth'
3 require 'json' 3 require 'json'
  4 +require_relative 'lib/omniauth/strategies/remote_user'
4 5
5 class MyApplication < Sinatra::Base 6 class MyApplication < Sinatra::Base
6 - use Rack::Session::Cookie, secret: '123'  
7 -  
8 STRATEGY = 'RemoteUser' 7 STRATEGY = 'RemoteUser'
9 - #use OmniAuth::Strategies::RemoteUser  
10 - #STRATEGY = 'developer'  
11 - use OmniAuth::Strategies::Developer  
12 - 8 + use Rack::Session::Cookie, secret: '123'
  9 + use OmniAuth::Strategies::RemoteUser
13 10
14 get '/login' do 11 get '/login' do
15 - redirect '/gitlab/auth/%s' % STRATEGY 12 + redirect '/auth/%s' % STRATEGY
16 end 13 end
17 14
18 get '/logout' do 15 get '/logout' do
@@ -20,7 +17,7 @@ class MyApplication &lt; Sinatra::Base @@ -20,7 +17,7 @@ class MyApplication &lt; Sinatra::Base
20 redirect '/' 17 redirect '/'
21 end 18 end
22 19
23 - post '/auth/:provider/callback' do 20 + get '/auth/:provider/callback' do
24 session[:current_user] = request.env['omniauth.auth']['uid'] 21 session[:current_user] = request.env['omniauth.auth']['uid']
25 session[:current_user_email] = request.env['omniauth.auth']['info']['email'] 22 session[:current_user_email] = request.env['omniauth.auth']['info']['email']
26 session[:current_user_nickname] = request.env['omniauth.auth']['info']['nickname'] 23 session[:current_user_nickname] = request.env['omniauth.auth']['info']['nickname']
@@ -40,4 +37,3 @@ class MyApplication &lt; Sinatra::Base @@ -40,4 +37,3 @@ class MyApplication &lt; Sinatra::Base
40 end 37 end
41 38
42 run MyApplication 39 run MyApplication
43 -  
lib/omniauth/strategies/remote_user.rb
  Diff comments   Edit   View file @8c17b11
@@ -3,17 +3,19 @@ module OmniAuth @@ -3,17 +3,19 @@ module OmniAuth
3 class RemoteUser 3 class RemoteUser
4 include OmniAuth::Strategy 4 include OmniAuth::Strategy
5 5
6 - option :internal_cookie, '_remote_user' 6 + option :remote_user_cookie, '_remote_user'
  7 + option :last_path_cookie, '_last_path'
7 8
8 def call(env) 9 def call(env)
9 10
10 remote_user = env['HTTP_REMOTE_USER'] 11 remote_user = env['HTTP_REMOTE_USER']
  12 +
11 session_user = __current_user(env) 13 session_user = __current_user(env)
12 14
13 if remote_user 15 if remote_user
14 if session_user 16 if session_user
15 if remote_user == session_user 17 if remote_user == session_user
16 - super(env) 18 + __return_last_path(env) || super(env)
17 else 19 else
18 __logout(env) 20 __logout(env)
19 end 21 end
@@ -31,7 +33,33 @@ module OmniAuth @@ -31,7 +33,33 @@ module OmniAuth
31 33
32 def __current_user(env) 34 def __current_user(env)
33 request = Rack::Request.new(env) 35 request = Rack::Request.new(env)
34 - request.cookies.has_key?(options.internal_cookie) && request.cookies[options.internal_cookie] 36 + request.cookies.has_key?(options.remote_user_cookie) && request.cookies[options.remote_user_cookie]
  37 + end
  38 +
  39 + def __last_path(env)
  40 + request = Rack::Request.new(env)
  41 + request.cookies.has_key?(options.last_path_cookie) && request.cookies[options.last_path_cookie]
  42 + end
  43 +
  44 + def __request_path(env)
  45 + env['REQUEST_PATH']
  46 + end
  47 +
  48 + def __set_last_path(env,response)
  49 + request = Rack::Request.new(env)
  50 + if not __last_path(env)
  51 + response.set_cookie(options.last_path_cookie, {value: __request_path(env) , path: "#{request.script_name}"})
  52 + end
  53 + end
  54 +
  55 + def __return_last_path(env)
  56 + request = Rack::Request.new(env)
  57 + if ! [_auth_path(request),_callback_path(request)].include?(__request_path(env)) && __last_path(env)
  58 + response = Rack::Response.new
  59 + response.redirect __last_path(env)
  60 + response.delete_cookie(options.last_path_cookie , path: "#{request.script_name}" )
  61 + response.finish
  62 + end
35 end 63 end
36 64
37 def __logout(env) 65 def __logout(env)
@@ -39,7 +67,8 @@ module OmniAuth @@ -39,7 +67,8 @@ module OmniAuth
39 request.session.clear 67 request.session.clear
40 response = redirect_if_not_logging_in(request, request.path ) 68 response = redirect_if_not_logging_in(request, request.path )
41 if response 69 if response
42 - response.delete_cookie(options.internal_cookie , path: "#{request.script_name}" ) 70 + response.delete_cookie(options.remote_user_cookie , path: "#{request.script_name}" )
  71 + __set_last_path(env,response)
43 response.finish 72 response.finish
44 end 73 end
45 end 74 end
@@ -48,7 +77,8 @@ module OmniAuth @@ -48,7 +77,8 @@ module OmniAuth
48 request = Rack::Request.new(env) 77 request = Rack::Request.new(env)
49 response = redirect_if_not_logging_in(request,_auth_path(request) ) 78 response = redirect_if_not_logging_in(request,_auth_path(request) )
50 if response 79 if response
51 - response.set_cookie(options.internal_cookie, {value: uid, path: "#{request.script_name}", httponly: true}) 80 + response.set_cookie(options.remote_user_cookie, {value: uid, path: "#{request.script_name}", httponly: true})
  81 + __set_last_path(env,response)
52 response.finish 82 response.finish
53 end 83 end
54 end 84 end
spec/omniauth/strategies/remote_user_spec.rb
  Diff comments   Edit   View file @8c17b11
@@ -122,4 +122,17 @@ describe &#39;Test Strategy Remote_User&#39; do @@ -122,4 +122,17 @@ describe &#39;Test Strategy Remote_User&#39; do
122 end 122 end
123 end 123 end
124 124
  125 + context 'Redirect After login in' do
  126 + before(:each){
  127 + set_cookie '_remote_user=foobar'
  128 + set_cookie '_last_path=/dashboard'
  129 + get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
  130 + }
  131 +
  132 + it 'redirect to last path before login' do
  133 + expect(last_response.status).to eq(302)
  134 + expect(last_response.location).to eq('/dashboard')
  135 + end
  136 + end
  137 +
125 end 138 end
1 Configurando apache para setar header Remote-User: 1 Configurando apache para setar header Remote-User:
2 2
  3 +--- USING APACHE2 ---
  4 +
3 1 - Instalar apache2 5 1 - Instalar apache2
4 2 - Criar arquivo de configuração (ex: proxy.conf) em /etc/apache2/sites-available 6 2 - Criar arquivo de configuração (ex: proxy.conf) em /etc/apache2/sites-available
5 7
@@ -25,3 +27,28 @@ Executando aplicação sinatra: @@ -25,3 +27,28 @@ Executando aplicação sinatra:
25 27
26 1 - Entrar no diretório que contem o arquivo conf.ru 28 1 - Entrar no diretório que contem o arquivo conf.ru
27 2 - Executar aplicação (rackup) 29 2 - Executar aplicação (rackup)
  30 +
  31 +
  32 +-- USING NGINX --
  33 +
  34 +sudo apt-get install nginx
  35 +
  36 +editar um arquivo de configuração em /etc/nginx/sites-available/proxy.conf
  37 + e criar um link para /etc/nginx/sites-enable/proxy.conf com o conteudo:
  38 +
  39 +server {
  40 + server_name 127.0.0.1;
  41 + listen 80;
  42 + location / {
  43 + proxy_pass http://127.0.0.1:9292;
  44 + proxy_set_header Host $http_host;
  45 + proxy_set_header REMOTE_USER "<usuário>";
  46 + }
  47 +}
  48 +
  49 +Executando aplicação sinatra:
  50 +
  51 +1 - Entrar no diretório que contem o arquivo conf.ru
  52 +2 - Executar aplicação (rackup)
  53 +
  54 +------------------