doorkeeper_hub 0.2.9 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/app/controllers/doorkeeper_hub/omniauth_callbacks_controller.rb +10 -12
- data/config/initializers/omniauth.rb +10 -0
- data/config/initializers/warden.rb +26 -0
- data/config/routes.rb +1 -4
- data/doorkeeper_hub.gemspec +1 -1
- data/lib/doorkeeper_hub.rb +19 -14
- data/lib/doorkeeper_hub/configurator.rb +6 -2
- data/lib/doorkeeper_hub/engine.rb +4 -0
- data/lib/doorkeeper_hub/helpers.rb +22 -8
- data/lib/doorkeeper_hub/version.rb +1 -1
- metadata +7 -6
- data/lib/doorkeeper_hub/saml.rb +0 -42
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7d44355b88b5b8da4004fe095861f322193cd9506ba02ce7dd52c37397562fdd
|
|
4
|
+
data.tar.gz: 6a7a59d433cb482e80912f118de9487bee48a5dcc5ed7ab1efb6f780e1492a8d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: aaad6e673cd7b7661269f60c3f6d5d44482d55fbeb8575363023045197c5e1110734f78c1f8ae0e1831c4536e8eb0209f0c5630a24b867d9d3991900412efc1b
|
|
7
|
+
data.tar.gz: b8fa03bca3ac375ab0b0b9cda906c0ca9c25db36a18c61089b13bc90218933e91fa44291650be1358240a1844182b3692e3e2d768156ddc2788024bbfc70d334
|
data/.gitignore
CHANGED
|
@@ -1,19 +1,17 @@
|
|
|
1
1
|
module DoorkeeperHub
|
|
2
|
-
class OmniauthCallbacksController <
|
|
3
|
-
skip_before_action :
|
|
4
|
-
:
|
|
2
|
+
class OmniauthCallbacksController < ApplicationController
|
|
3
|
+
skip_before_action :authenticate_doorkeeper!,
|
|
4
|
+
:verify_authenticity_token, only: :saml
|
|
5
5
|
|
|
6
6
|
def saml
|
|
7
|
-
@user = DoorkeeperHub
|
|
8
|
-
.user_model
|
|
9
|
-
.constantize
|
|
10
|
-
.from_omniauth(request.env["omniauth.auth"])
|
|
11
7
|
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
8
|
+
warden = request.env['warden']
|
|
9
|
+
|
|
10
|
+
# warden.authenticated?(:user) && warden.logout(:user)
|
|
11
|
+
user = warden.authenticate(:doorkeeper)
|
|
12
|
+
warden.set_user(user)
|
|
13
|
+
|
|
14
|
+
redirect_to after_sign_in_path
|
|
17
15
|
end
|
|
18
16
|
end
|
|
19
17
|
end
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
|
2
|
+
provider :saml,
|
|
3
|
+
:assertion_consumer_service_url => DoorkeeperHub.config.callback_url,
|
|
4
|
+
:issuer => DoorkeeperHub.config.issuer,
|
|
5
|
+
:idp_sso_target_url => "https://id.hubhub.co/saml/auth",
|
|
6
|
+
:idp_sso_target_url_runtime_params => {:original_request_param => :mapped_idp_param},
|
|
7
|
+
:idp_cert_fingerprint => DoorkeeperHub.config.idp_fingerprint,
|
|
8
|
+
:idp_cert_fingerprint_validator => lambda { |fingerprint| fingerprint },
|
|
9
|
+
:name_identifier_format => "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
|
|
10
|
+
end
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
Warden::Strategies.add(:doorkeeper) do
|
|
2
|
+
def valid?
|
|
3
|
+
true
|
|
4
|
+
end
|
|
5
|
+
|
|
6
|
+
def authenticate!
|
|
7
|
+
u = DoorkeeperHub::User.new('company_tokens' => company_tokens, 'id' => auth.uid)
|
|
8
|
+
success!(u)
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def auth
|
|
12
|
+
request.env["omniauth.auth"]
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def company_tokens
|
|
16
|
+
auth.extra.raw_info.multi(DoorkeeperHub.token_name)
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
Warden::Manager.serialize_into_session do |user|
|
|
21
|
+
user
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
Warden::Manager.serialize_from_session do |data|
|
|
25
|
+
DoorkeeperHub::User.new(data)
|
|
26
|
+
end
|
data/config/routes.rb
CHANGED
|
@@ -1,8 +1,5 @@
|
|
|
1
1
|
Rails.application.routes.draw do
|
|
2
|
-
|
|
3
|
-
controllers: {
|
|
4
|
-
omniauth_callbacks: 'doorkeeper_hub/omniauth_callbacks'
|
|
5
|
-
}
|
|
2
|
+
post 'auth/saml/callback', to: 'doorkeeper_hub/omniauth_callbacks#saml'
|
|
6
3
|
|
|
7
4
|
unless DoorkeeperHub.client_mode?
|
|
8
5
|
post 'doorkeeper/activation', to: 'doorkeeper_hub/callbacks#activation'
|
data/doorkeeper_hub.gemspec
CHANGED
|
@@ -24,6 +24,6 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.add_development_dependency "bundler", "~> 1.16"
|
|
25
25
|
spec.add_development_dependency "rake", "~> 10.0"
|
|
26
26
|
|
|
27
|
-
spec.add_dependency "
|
|
27
|
+
spec.add_dependency "warden", "~> 1.2"
|
|
28
28
|
spec.add_dependency "omniauth-saml", "~> 1.10"
|
|
29
29
|
end
|
data/lib/doorkeeper_hub.rb
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
require "doorkeeper_hub/version"
|
|
2
2
|
require 'doorkeeper_hub/configurator'
|
|
3
|
-
require "doorkeeper_hub/saml"
|
|
4
3
|
require "doorkeeper_hub/helpers"
|
|
5
4
|
require 'doorkeeper_hub/engine' if defined?(::Rails) && Rails::VERSION::MAJOR > 4
|
|
6
5
|
|
|
@@ -13,18 +12,6 @@ module DoorkeeperHub
|
|
|
13
12
|
yield config
|
|
14
13
|
end
|
|
15
14
|
|
|
16
|
-
def self.devise_routes_scope
|
|
17
|
-
user_model.tableize.to_sym
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def self.devise_scope
|
|
21
|
-
user_model.underscore.to_sym
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
def self.user_model
|
|
25
|
-
config.user_model
|
|
26
|
-
end
|
|
27
|
-
|
|
28
15
|
def self.token_name
|
|
29
16
|
config.doorkeeper_token_name
|
|
30
17
|
end
|
|
@@ -36,4 +23,22 @@ module DoorkeeperHub
|
|
|
36
23
|
def self.client_mode?
|
|
37
24
|
config.client_mode
|
|
38
25
|
end
|
|
39
|
-
|
|
26
|
+
|
|
27
|
+
class User
|
|
28
|
+
attr_accessor :company_tokens, :id
|
|
29
|
+
|
|
30
|
+
def initialize(attrs)
|
|
31
|
+
@company_tokens = attrs['company_tokens']
|
|
32
|
+
@id = attrs['id']
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def to_key
|
|
36
|
+
id
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def authenticatable_salt
|
|
40
|
+
''
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
end
|
|
@@ -2,16 +2,20 @@ module DoorkeeperHub
|
|
|
2
2
|
class Configurator
|
|
3
3
|
attr_accessor :service_token
|
|
4
4
|
attr_accessor :scope_model
|
|
5
|
-
attr_accessor :user_model
|
|
6
5
|
attr_accessor :doorkeeper_token_name
|
|
7
6
|
attr_accessor :client_mode
|
|
7
|
+
attr_accessor :issuer
|
|
8
|
+
attr_accessor :callback_url
|
|
9
|
+
attr_accessor :idp_fingerprint
|
|
8
10
|
|
|
9
11
|
def initialize
|
|
10
12
|
self.service_token = ENV["SERVICE_TOKEN"]
|
|
11
|
-
self.user_model = 'User'
|
|
12
13
|
self.scope_model = 'Company'
|
|
13
14
|
self.doorkeeper_token_name = :doorkeeper_token
|
|
14
15
|
self.client_mode = false
|
|
16
|
+
self.issuer = 'doorkeeper-client'
|
|
17
|
+
self.callback_url = 'http://localhost:3000/auth/saml/callback'
|
|
18
|
+
self.idp_fingerprint = "3A:56:BE:36:48:69:91:CD:60:42:0D:15:5B:21:85:8E:E3:F5:7D:74"
|
|
15
19
|
end
|
|
16
20
|
end
|
|
17
21
|
end
|
|
@@ -7,15 +7,13 @@ module DoorkeeperHub
|
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
def authenticate_doorkeeper!
|
|
10
|
-
if
|
|
10
|
+
if warden.authenticated?
|
|
11
11
|
return if DoorkeeperHub.client_mode?
|
|
12
12
|
|
|
13
13
|
redirect_to root_path_with_token if params[DoorkeeperHub.token_param].nil?
|
|
14
14
|
else
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
origin: request.fullpath
|
|
18
|
-
)
|
|
15
|
+
# TODO add origin path to params
|
|
16
|
+
redirect_to '/auth/saml'
|
|
19
17
|
end
|
|
20
18
|
end
|
|
21
19
|
|
|
@@ -26,7 +24,7 @@ module DoorkeeperHub
|
|
|
26
24
|
options
|
|
27
25
|
end
|
|
28
26
|
|
|
29
|
-
def
|
|
27
|
+
def after_sign_in_path
|
|
30
28
|
request.env['omniauth.origin'] || (DoorkeeperHub.client_mode? ? root_path : root_path_with_token)
|
|
31
29
|
end
|
|
32
30
|
|
|
@@ -36,13 +34,29 @@ module DoorkeeperHub
|
|
|
36
34
|
|
|
37
35
|
def params_or_default_token
|
|
38
36
|
params[DoorkeeperHub.token_param] ||
|
|
39
|
-
|
|
37
|
+
companies.first.send(DoorkeeperHub.config.doorkeeper_token_name)
|
|
40
38
|
end
|
|
41
39
|
|
|
42
40
|
def company
|
|
43
41
|
@company ||=
|
|
44
|
-
|
|
42
|
+
companies.active.find_by(DoorkeeperHub.config.doorkeeper_token_name => params[DoorkeeperHub.token_param]) ||
|
|
45
43
|
raise(ActionController::RoutingError.new('Not Found'))
|
|
44
|
+
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def current_user
|
|
48
|
+
warden.user
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def companies
|
|
52
|
+
@companies ||= DoorkeeperHub.config
|
|
53
|
+
.scope_model
|
|
54
|
+
.constantize
|
|
55
|
+
.where(DoorkeeperHub.config.doorkeeper_token_name => current_user.company_tokens)
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def warden
|
|
59
|
+
request.env['warden']
|
|
46
60
|
end
|
|
47
61
|
end
|
|
48
62
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: doorkeeper_hub
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jimmy Fan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-07-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -39,19 +39,19 @@ dependencies:
|
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '10.0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
|
-
name:
|
|
42
|
+
name: warden
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '
|
|
47
|
+
version: '1.2'
|
|
48
48
|
type: :runtime
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '
|
|
54
|
+
version: '1.2'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: omniauth-saml
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -83,6 +83,8 @@ files:
|
|
|
83
83
|
- app/controllers/doorkeeper_hub/omniauth_callbacks_controller.rb
|
|
84
84
|
- bin/console
|
|
85
85
|
- bin/setup
|
|
86
|
+
- config/initializers/omniauth.rb
|
|
87
|
+
- config/initializers/warden.rb
|
|
86
88
|
- config/routes.rb
|
|
87
89
|
- doorkeeper_hub.gemspec
|
|
88
90
|
- lib/doorkeeper_hub.rb
|
|
@@ -90,7 +92,6 @@ files:
|
|
|
90
92
|
- lib/doorkeeper_hub/engine.rb
|
|
91
93
|
- lib/doorkeeper_hub/helpers.rb
|
|
92
94
|
- lib/doorkeeper_hub/routes.rb
|
|
93
|
-
- lib/doorkeeper_hub/saml.rb
|
|
94
95
|
- lib/doorkeeper_hub/version.rb
|
|
95
96
|
homepage: https://devhub.co
|
|
96
97
|
licenses:
|
data/lib/doorkeeper_hub/saml.rb
DELETED
|
@@ -1,42 +0,0 @@
|
|
|
1
|
-
require 'active_support/concern'
|
|
2
|
-
|
|
3
|
-
module DoorkeeperHub
|
|
4
|
-
module Saml
|
|
5
|
-
extend ActiveSupport::Concern
|
|
6
|
-
|
|
7
|
-
included do
|
|
8
|
-
devise :omniauthable, omniauth_providers: %i[saml]
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
class_methods do
|
|
12
|
-
def from_omniauth(auth)
|
|
13
|
-
return if !DoorkeeperHub.client_mode? && scope_results(auth).empty?
|
|
14
|
-
|
|
15
|
-
user = where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
|
|
16
|
-
user.email = auth.info.email
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
unless DoorkeeperHub.client_mode?
|
|
20
|
-
scope_results(auth).each do |result|
|
|
21
|
-
user.users_companies.find_or_create_by(company: result)
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
user
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def scope_results(auth)
|
|
29
|
-
@scope_results ||= DoorkeeperHub
|
|
30
|
-
.config.scope_model
|
|
31
|
-
.constantize
|
|
32
|
-
.where(scope_query(auth))
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
def scope_query(auth)
|
|
36
|
-
{
|
|
37
|
-
DoorkeeperHub.token_name => auth.extra.raw_info.multi(DoorkeeperHub.token_name)
|
|
38
|
-
}
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
end
|
|
42
|
-
end
|