anoubis_sso_server 1.0.2 → 1.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/anoubis_sso_server/application_controller.rb +11 -5
- data/app/controllers/anoubis_sso_server/open_id_controller.rb +56 -3
- data/config/locales/en.yml +0 -3
- data/config/locales/ru.yml +0 -3
- data/config/routes.rb +1 -0
- data/lib/anoubis_sso_server/version.rb +1 -1
- metadata +15 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 756380520fc961ba7aaa7b12dc87efc34f4a598413677ea465392ebb355b9e70
|
4
|
+
data.tar.gz: eac01982f78ac39f0777d6579174c83eb0005a19fc9716f4f706ac006a0a9aa4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1f64317d742c45171e135251f77d0207b9dae0434db471d0e4247be6c8f33a2b4ee526697c82756765063e16224d94e611aa356730e3f48c3cd952ada4014f73
|
7
|
+
data.tar.gz: 70728997ed2c5bed827e84751ecff752b8264c5a5629c6b9e2832c3e0e1203ab1f35ec01a1b43a29d52e1c66fd6b215539dc7222d6af8f008d256f5d04a44ba8
|
@@ -38,18 +38,24 @@ class AnoubisSsoServer::ApplicationController < Anoubis::ApplicationController
|
|
38
38
|
if access_allowed?
|
39
39
|
options request.method.to_s.upcase
|
40
40
|
else
|
41
|
-
render_error_exit({ error: I18n.t('errors.access_not_allowed') })
|
41
|
+
render_error_exit({ error: I18n.t('anoubis.errors.access_not_allowed') })
|
42
42
|
return
|
43
43
|
end
|
44
44
|
|
45
|
-
if
|
46
|
-
if
|
47
|
-
if
|
48
|
-
return if !
|
45
|
+
if authenticate?
|
46
|
+
if authentication
|
47
|
+
if check_menu_access?
|
48
|
+
return if !menu_access params[:controller]
|
49
49
|
end
|
50
50
|
end
|
51
51
|
end
|
52
52
|
|
53
|
+
after_sso_server_initialization
|
54
|
+
end
|
55
|
+
|
56
|
+
##
|
57
|
+
# Procedure fires after initializes all basic parameters of {AnoubisSsoServer::ApplicationController}
|
58
|
+
def after_sso_server_initialization
|
53
59
|
#puts etc.inspect
|
54
60
|
end
|
55
61
|
|
@@ -197,7 +197,7 @@ class AnoubisSsoServer::OpenIdController < AnoubisSsoServer::ApplicationControll
|
|
197
197
|
|
198
198
|
header = {
|
199
199
|
alg: "RS256",
|
200
|
-
kid: "public:#{current_system.
|
200
|
+
kid: "public:#{current_system.uuid}",
|
201
201
|
typ: "JWT"
|
202
202
|
}
|
203
203
|
|
@@ -249,8 +249,8 @@ class AnoubisSsoServer::OpenIdController < AnoubisSsoServer::ApplicationControll
|
|
249
249
|
uuid: user.uuid
|
250
250
|
}
|
251
251
|
|
252
|
-
|
253
|
-
|
252
|
+
redis.set("#{redis_prefix}token:#{result[:access_token]}", token_hash.to_json, ex: current_system.ttl)
|
253
|
+
redis.del("#{redis_prefix}code:#{params[:code]}")
|
254
254
|
|
255
255
|
options
|
256
256
|
|
@@ -265,6 +265,59 @@ class AnoubisSsoServer::OpenIdController < AnoubisSsoServer::ApplicationControll
|
|
265
265
|
redirect_to sso_login_url, { allow_other_host: true }
|
266
266
|
end
|
267
267
|
|
268
|
+
##
|
269
|
+
# Action that returns user information parameters
|
270
|
+
def userinfo
|
271
|
+
auth_token = request.env.fetch('HTTP_AUTHORIZATION', '').scan(/Bearer (.*)$/).flatten.last
|
272
|
+
|
273
|
+
unless auth_token
|
274
|
+
render json: { error: I18n.t('anoubis.errors.access_not_allowed') }
|
275
|
+
return
|
276
|
+
end
|
277
|
+
|
278
|
+
begin
|
279
|
+
data = JSON.parse(redis.get("#{redis_prefix}token:#{auth_token}"), { symbolize_names: true })
|
280
|
+
rescue StandardError
|
281
|
+
data = nil
|
282
|
+
end
|
283
|
+
|
284
|
+
if data.class == Hash
|
285
|
+
data = nil unless data.key? :uuid
|
286
|
+
else
|
287
|
+
data = nil
|
288
|
+
end
|
289
|
+
|
290
|
+
if data
|
291
|
+
data = load_userinfo data[:uuid]
|
292
|
+
end
|
293
|
+
|
294
|
+
unless data
|
295
|
+
render json: { error: I18n.t('anoubis.errors.access_not_allowed') }
|
296
|
+
return
|
297
|
+
end
|
298
|
+
|
299
|
+
render json: data
|
300
|
+
end
|
301
|
+
|
302
|
+
##
|
303
|
+
# Load userinfo information from model and convert it into hash
|
304
|
+
# @param uuid [String] - User identifier
|
305
|
+
# @return [Hash] - User information
|
306
|
+
def load_userinfo(uuid)
|
307
|
+
data = user_model.where(uuid: uuid).first
|
308
|
+
|
309
|
+
return nil unless data
|
310
|
+
|
311
|
+
{
|
312
|
+
public: data.public,
|
313
|
+
email: data.email,
|
314
|
+
name: data.name,
|
315
|
+
surname: data.surname,
|
316
|
+
timezone: data.timezone,
|
317
|
+
locale: data.locale
|
318
|
+
}
|
319
|
+
end
|
320
|
+
|
268
321
|
##
|
269
322
|
# Check basic oauth parameters (client_id, redirect_uri)
|
270
323
|
def check_basic_parameters
|
data/config/locales/en.yml
CHANGED
@@ -1,10 +1,7 @@
|
|
1
1
|
en:
|
2
2
|
anoubis:
|
3
3
|
errors:
|
4
|
-
incorrect_login: "Incorrect login or password"
|
5
4
|
system_not_defined: "SSO system is not defined in Rails.configuration.anoubis_sso_system"
|
6
|
-
session_expired: "Session expired"
|
7
|
-
incorrect_user: "Incorrect user"
|
8
5
|
is_not_defined: "%{title} isn't defined"
|
9
6
|
is_not_correct: "%{title} isn't correct"
|
10
7
|
less_than: "%{title} length should be %{size} or more symbols"
|
data/config/locales/ru.yml
CHANGED
@@ -1,10 +1,7 @@
|
|
1
1
|
ru:
|
2
2
|
anoubis:
|
3
3
|
errors:
|
4
|
-
incorrect_login: "Некорректный логин или пароль"
|
5
4
|
system_not_defined: "SSO система не определена в Rails.configuration.anoubis_sso_system"
|
6
|
-
session_expired: "Сессия завершена"
|
7
|
-
incorrect_user: "Некорректный пользователь"
|
8
5
|
is_not_defined: "Переменная %{title} не определена"
|
9
6
|
is_not_correct: "Переменная %{title} некорректна"
|
10
7
|
less_than: "Длина переменной %{title} должна быть %{size} или более символов"
|
data/config/routes.rb
CHANGED
@@ -14,6 +14,7 @@ AnoubisSsoServer::Engine.routes.draw do
|
|
14
14
|
scope path: 'openid', defaults: { format: 'json' } do
|
15
15
|
get '.well-known/openid-configuration', to: 'anoubis_sso_server/open_id#configuration', as: 'openid_configuration'
|
16
16
|
get '.well-known/jwks.json', to: 'anoubis_sso_server/open_id#jwks', as: 'openid_jwks'
|
17
|
+
get 'userinfo', to: 'anoubis_sso_server/open_id#userinfo', as: 'userinfo'
|
17
18
|
get 'oauth2/auth', to: 'anoubis_sso_server/open_id#auth', as: 'oauth_auth'
|
18
19
|
post 'oauth2/token', to: 'anoubis_sso_server/open_id#access_token', as: 'oauth_token'
|
19
20
|
options 'oauth2/token', to: 'anoubis_sso_server/application#options', as: nil
|
metadata
CHANGED
@@ -1,29 +1,35 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: anoubis_sso_server
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrey Ryabov
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-04-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: anoubis
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- - "
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 1.0.5
|
20
|
+
- - "<"
|
18
21
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
22
|
+
version: '2.0'
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
24
|
-
- - "
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 1.0.5
|
30
|
+
- - "<"
|
25
31
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
32
|
+
version: '2.0'
|
27
33
|
- !ruby/object:Gem::Dependency
|
28
34
|
name: rails
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -206,7 +212,8 @@ dependencies:
|
|
206
212
|
- - "~>"
|
207
213
|
- !ruby/object:Gem::Version
|
208
214
|
version: '1.25'
|
209
|
-
description: Library for create basic SSO Server based on OAUTH authentication
|
215
|
+
description: Library for create basic SSO Server based on OAUTH authentication for
|
216
|
+
simplify deployment.
|
210
217
|
email:
|
211
218
|
- andrey.ryabov@ra-company.kz
|
212
219
|
executables: []
|
@@ -248,6 +255,7 @@ metadata:
|
|
248
255
|
homepage_uri: https://github.com/RA-Company/
|
249
256
|
source_code_uri: https://github.com/RA-Company/anoubis_sso_server
|
250
257
|
changelog_uri: https://github.com/RA-Company/anoubis_sso_server/blob/main/CHANGELOG.md
|
258
|
+
documentation_uri: https://www.rubydoc.info/gems/anoubis_sso_server/1.0.5
|
251
259
|
post_install_message:
|
252
260
|
rdoc_options: []
|
253
261
|
require_paths:
|