anoubis_sso_server 1.0.2 → 1.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '0148b84eeebcb0d63e3959c2bd2fe28baeae62a2f223d4e314b5fd3a9e4a9401'
-  data.tar.gz: 13ca48de82c3d0028bfe0e1954324a404f7a6db95ff7d2388d1c9772d8e4414a
+  metadata.gz: 756380520fc961ba7aaa7b12dc87efc34f4a598413677ea465392ebb355b9e70
+  data.tar.gz: eac01982f78ac39f0777d6579174c83eb0005a19fc9716f4f706ac006a0a9aa4
 SHA512:
-  metadata.gz: bf848a61c3f01f4e1e5effa132c0d1a88a72a0f4f550fa00819aacb9482658d6ee2094b694849bb1742054c041eb37d0c1e6f9fe7b1798e26ae113907aed25e5
-  data.tar.gz: bedcc154d4636babacc398b3e86ac141bf7898013436104c8c27355cf30efd20c12726cae5f8812844d1bb7855e94dec425ad9fce2cc7257331a361296e8fc75
+  metadata.gz: 1f64317d742c45171e135251f77d0207b9dae0434db471d0e4247be6c8f33a2b4ee526697c82756765063e16224d94e611aa356730e3f48c3cd952ada4014f73
+  data.tar.gz: 70728997ed2c5bed827e84751ecff752b8264c5a5629c6b9e2832c3e0e1203ab1f35ec01a1b43a29d52e1c66fd6b215539dc7222d6af8f008d256f5d04a44ba8

data/app/controllers/anoubis_sso_server/application_controller.rb

@@ -38,18 +38,24 @@ class AnoubisSsoServer::ApplicationController < Anoubis::ApplicationController
     if access_allowed?
       options request.method.to_s.upcase
     else
-      render_error_exit({ error: I18n.t('errors.access_not_allowed') })
+      render_error_exit({ error: I18n.t('anoubis.errors.access_not_allowed') })
       return
     end
 
-    if self.authenticate?
-      if self.authentication
-        if self.check_menu_access?
-          return if !self.menu_access params[:controller]
+    if authenticate?
+      if authentication
+        if check_menu_access?
+          return if !menu_access params[:controller]
         end
       end
     end
 
+    after_sso_server_initialization
+  end
+
+  ##
+  # Procedure fires after initializes all basic parameters of {AnoubisSsoServer::ApplicationController}
+  def after_sso_server_initialization
     #puts etc.inspect
   end
 

data/app/controllers/anoubis_sso_server/open_id_controller.rb

@@ -197,7 +197,7 @@ class AnoubisSsoServer::OpenIdController < AnoubisSsoServer::ApplicationControll
 
     header = {
       alg: "RS256",
-      kid: "public:#{current_system.public}",
+      kid: "public:#{current_system.uuid}",
       typ: "JWT"
     }
 
@@ -249,8 +249,8 @@ class AnoubisSsoServer::OpenIdController < AnoubisSsoServer::ApplicationControll
       uuid: user.uuid
     }
 
-    self.redis.set("#{redis_prefix}token:#{result[:access_token]}", token_hash.to_json, ex: current_system.ttl)
-    self.redis.del("#{redis_prefix}code:#{params[:code]}")
+    redis.set("#{redis_prefix}token:#{result[:access_token]}", token_hash.to_json, ex: current_system.ttl)
+    redis.del("#{redis_prefix}code:#{params[:code]}")
 
     options
 
@@ -265,6 +265,59 @@ class AnoubisSsoServer::OpenIdController < AnoubisSsoServer::ApplicationControll
     redirect_to sso_login_url, { allow_other_host: true }
   end
 
+  ##
+  # Action that returns user information parameters
+  def userinfo
+    auth_token = request.env.fetch('HTTP_AUTHORIZATION', '').scan(/Bearer (.*)$/).flatten.last
+
+    unless auth_token
+      render json: { error: I18n.t('anoubis.errors.access_not_allowed') }
+      return
+    end
+
+    begin
+      data = JSON.parse(redis.get("#{redis_prefix}token:#{auth_token}"), { symbolize_names: true })
+    rescue StandardError
+      data = nil
+    end
+
+    if data.class == Hash
+      data = nil unless data.key? :uuid
+    else
+      data = nil
+    end
+
+    if data
+      data = load_userinfo data[:uuid]
+    end
+
+    unless data
+      render json: { error: I18n.t('anoubis.errors.access_not_allowed') }
+      return
+    end
+
+    render json: data
+  end
+
+  ##
+  # Load userinfo information from model and convert it into hash
+  # @param uuid [String] - User identifier
+  # @return [Hash] - User information
+  def load_userinfo(uuid)
+    data = user_model.where(uuid: uuid).first
+
+    return nil unless data
+
+    {
+      public: data.public,
+      email: data.email,
+      name: data.name,
+      surname: data.surname,
+      timezone: data.timezone,
+      locale: data.locale
+    }
+  end
+
   ##
   # Check basic oauth parameters (client_id, redirect_uri)
   def check_basic_parameters

data/config/locales/en.yml

@@ -1,10 +1,7 @@
 en:
   anoubis:
     errors:
-      incorrect_login: "Incorrect login or password"
       system_not_defined: "SSO system is not defined in Rails.configuration.anoubis_sso_system"
-      session_expired: "Session expired"
-      incorrect_user: "Incorrect user"
       is_not_defined: "%{title} isn't defined"
       is_not_correct: "%{title} isn't correct"
       less_than: "%{title} length should be %{size} or more symbols"

data/config/locales/ru.yml

@@ -1,10 +1,7 @@
 ru:
   anoubis:
     errors:
-      incorrect_login: "Некорректный логин или пароль"
       system_not_defined: "SSO система не определена в Rails.configuration.anoubis_sso_system"
-      session_expired: "Сессия завершена"
-      incorrect_user: "Некорректный пользователь"
       is_not_defined: "Переменная %{title} не определена"
       is_not_correct: "Переменная %{title} некорректна"
       less_than: "Длина переменной %{title} должна быть %{size} или более символов"

data/config/routes.rb

@@ -14,6 +14,7 @@ AnoubisSsoServer::Engine.routes.draw do
     scope path: 'openid', defaults: { format: 'json' } do
       get '.well-known/openid-configuration', to: 'anoubis_sso_server/open_id#configuration', as: 'openid_configuration'
       get '.well-known/jwks.json', to: 'anoubis_sso_server/open_id#jwks', as: 'openid_jwks'
+      get 'userinfo', to: 'anoubis_sso_server/open_id#userinfo', as: 'userinfo'
       get 'oauth2/auth', to: 'anoubis_sso_server/open_id#auth', as: 'oauth_auth'
       post 'oauth2/token', to: 'anoubis_sso_server/open_id#access_token', as: 'oauth_token'
       options 'oauth2/token', to: 'anoubis_sso_server/application#options', as: nil

data/lib/anoubis_sso_server/version.rb

@@ -2,5 +2,5 @@
 
 module AnoubisSsoServer
   ## Library version
-  VERSION = "1.0.2"
+  VERSION = "1.0.5"
 end

metadata

@@ -1,29 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: anoubis_sso_server
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.0.5
 platform: ruby
 authors:
 - Andrey Ryabov
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-02-28 00:00:00.000000000 Z
+date: 2022-04-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: anoubis
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.5
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 1.0.1
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.5
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 1.0.1
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
@@ -206,7 +212,8 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.25'
-description: Library for create basic SSO Server based on OAUTH authentication.
+description: Library for create basic SSO Server based on OAUTH authentication for
+  simplify deployment.
 email:
 - andrey.ryabov@ra-company.kz
 executables: []
@@ -248,6 +255,7 @@ metadata:
   homepage_uri: https://github.com/RA-Company/
   source_code_uri: https://github.com/RA-Company/anoubis_sso_server
   changelog_uri: https://github.com/RA-Company/anoubis_sso_server/blob/main/CHANGELOG.md
+  documentation_uri: https://www.rubydoc.info/gems/anoubis_sso_server/1.0.5
 post_install_message: 
 rdoc_options: []
 require_paths: