capcoauth 0.2.3 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4d01caf13b1d26c506dc0cb1024079306f7f1bbc
|
4
|
+
data.tar.gz: eae8b93664bc2d3a92732cb041930bcdbdda2e8d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 17a98e7286027a3a03c957b0b1635db8924db933e8ed688efe176266ca77dab3378d6fb58df220d88a4882f9ffcc3c7966b33b5b1fb7a9216c0323547ae2a352
|
7
|
+
data.tar.gz: 9c70e143373d22799b4fc1c8b27b2b6567bc5a472392a55a751ae1e88e6809836cf989c1bf7baa716d5c3fbee175a9e2d0e7af2994a7e4c8e5dba3e93904e9eb
|
data/lib/capcoauth/config.rb
CHANGED
@@ -74,5 +74,10 @@ module Capcoauth
|
|
74
74
|
|
75
75
|
option :token_verify_ttl, default: 10
|
76
76
|
option :capcoauth_url, default: 'https://capcoauth.capco.com'
|
77
|
+
option :user_id_field, default: :capcoauth
|
78
|
+
option :user_resolver, default: (lambda do |capcoauth_user_id|
|
79
|
+
Capcoauth.configuration.logger.warn('[CapcOAuth] User resolver is not configured. Please specify a block in configuration to resolve the proper user')
|
80
|
+
nil
|
81
|
+
end)
|
77
82
|
end
|
78
83
|
end
|
@@ -20,13 +20,28 @@ module Capcoauth
|
|
20
20
|
|
21
21
|
# Set the user_id from the token response
|
22
22
|
if response.code == 200
|
23
|
-
|
23
|
+
|
24
|
+
# Get the proper ID value field from the response
|
25
|
+
user_id_field = Capcoauth.configuration.user_id_field
|
26
|
+
if user_id_field == :capcoauth
|
27
|
+
access_token.user_id = response.parsed_response['resource_owner_id']
|
28
|
+
else
|
29
|
+
access_token.user_id = response.parsed_response['external_ids'][user_id_field.to_s]
|
30
|
+
end
|
31
|
+
|
32
|
+
# Throw unauthorized if ID of specified type doesn't exist
|
33
|
+
unless access_token.user_id
|
34
|
+
logger.info("CapcOAuth: The access token for #{user_id_field} user ##{access_token.user_id} did not have an ID for type `#{user_id_field}`") unless logger.nil?
|
35
|
+
raise UnauthorizedError
|
36
|
+
end
|
37
|
+
|
38
|
+
# Verify token is for correct application/client
|
24
39
|
if response.parsed_response.fetch('application', {}).fetch('uid', nil) === Capcoauth.configuration.client_id
|
25
|
-
logger.info("CapcOAuth: The access token for user ##{access_token.user_id} was verified successfully") unless logger.nil?
|
40
|
+
logger.info("CapcOAuth: The access token for #{user_id_field} user ##{access_token.user_id} was verified successfully") unless logger.nil?
|
26
41
|
TTLCache.update(access_token.token, access_token.user_id)
|
27
42
|
access_token
|
28
43
|
else
|
29
|
-
logger.info("CapcOAuth: The access token for user ##{access_token.user_id} was valid, but for a different OAuth client ID") unless logger.nil?
|
44
|
+
logger.info("CapcOAuth: The access token for #{user_id_field} user ##{access_token.user_id} was valid, but for a different OAuth client ID") unless logger.nil?
|
30
45
|
raise UnauthorizedError
|
31
46
|
end
|
32
47
|
elsif response.code == 401
|
@@ -12,7 +12,7 @@ module Capcoauth
|
|
12
12
|
session.delete(:previous_url)
|
13
13
|
end
|
14
14
|
|
15
|
-
@
|
15
|
+
@capcoauth_user_id ||= capcoauth_token.user_id
|
16
16
|
rescue OAuth::TokenVerifier::UnauthorizedError
|
17
17
|
if handle_sessions?
|
18
18
|
session[:previous_url] = request.url
|
@@ -30,7 +30,17 @@ module Capcoauth
|
|
30
30
|
|
31
31
|
def current_user
|
32
32
|
verify_authorized!
|
33
|
-
|
33
|
+
|
34
|
+
# Resolve user ID using configuration resolver unless already found
|
35
|
+
unless @current_user
|
36
|
+
begin
|
37
|
+
@current_user = Capcoauth.configuration.user_resolver.call(@capcoauth_user_id)
|
38
|
+
rescue ActiveRecord::RecordNotFound => e
|
39
|
+
Capcoauth.configuration.logger.warn "[CapcOAuth] Error looking up user - #{e.message}"
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
@current_user
|
34
44
|
end
|
35
45
|
|
36
46
|
protected
|
data/lib/capcoauth/version.rb
CHANGED
@@ -18,4 +18,13 @@ Capcoauth.configure do |config|
|
|
18
18
|
|
19
19
|
# Configure the logger to use for OAuth events
|
20
20
|
config.logger Rails.logger
|
21
|
+
|
22
|
+
# Configure which ID to identify the user by. Valid options are :capcoauth, :capco (4-letter), :psoft, :e_number, and :cit
|
23
|
+
# config.user_id_field :capcoauth
|
24
|
+
|
25
|
+
# Block to resolve your user from the provided CapcOAuth ID. If you're using different primary keys than any of the
|
26
|
+
# existing services, you might consider looking up by an external ID, e.g. `User.find_by_psoft_id! capcoauth_user_id`
|
27
|
+
config.user_resolver do |capcoauth_user_id|
|
28
|
+
User.find capcoauth_user_id
|
29
|
+
end
|
21
30
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: capcoauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Adam Robertson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-10-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: railties
|