doorkeeper_hub 0.2.9 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/app/controllers/doorkeeper_hub/omniauth_callbacks_controller.rb +10 -12
- data/config/initializers/omniauth.rb +10 -0
- data/config/initializers/warden.rb +26 -0
- data/config/routes.rb +1 -4
- data/doorkeeper_hub.gemspec +1 -1
- data/lib/doorkeeper_hub.rb +19 -14
- data/lib/doorkeeper_hub/configurator.rb +6 -2
- data/lib/doorkeeper_hub/engine.rb +4 -0
- data/lib/doorkeeper_hub/helpers.rb +22 -8
- data/lib/doorkeeper_hub/version.rb +1 -1
- metadata +7 -6
- data/lib/doorkeeper_hub/saml.rb +0 -42
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7d44355b88b5b8da4004fe095861f322193cd9506ba02ce7dd52c37397562fdd
|
|
4
|
+
data.tar.gz: 6a7a59d433cb482e80912f118de9487bee48a5dcc5ed7ab1efb6f780e1492a8d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: aaad6e673cd7b7661269f60c3f6d5d44482d55fbeb8575363023045197c5e1110734f78c1f8ae0e1831c4536e8eb0209f0c5630a24b867d9d3991900412efc1b
|
|
7
|
+
data.tar.gz: b8fa03bca3ac375ab0b0b9cda906c0ca9c25db36a18c61089b13bc90218933e91fa44291650be1358240a1844182b3692e3e2d768156ddc2788024bbfc70d334
|
data/.gitignore
CHANGED
|
@@ -1,19 +1,17 @@
|
|
|
1
1
|
module DoorkeeperHub
|
|
2
|
-
class OmniauthCallbacksController <
|
|
3
|
-
skip_before_action :
|
|
4
|
-
:
|
|
2
|
+
class OmniauthCallbacksController < ApplicationController
|
|
3
|
+
skip_before_action :authenticate_doorkeeper!,
|
|
4
|
+
:verify_authenticity_token, only: :saml
|
|
5
5
|
|
|
6
6
|
def saml
|
|
7
|
-
@user = DoorkeeperHub
|
|
8
|
-
.user_model
|
|
9
|
-
.constantize
|
|
10
|
-
.from_omniauth(request.env["omniauth.auth"])
|
|
11
7
|
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
8
|
+
warden = request.env['warden']
|
|
9
|
+
|
|
10
|
+
# warden.authenticated?(:user) && warden.logout(:user)
|
|
11
|
+
user = warden.authenticate(:doorkeeper)
|
|
12
|
+
warden.set_user(user)
|
|
13
|
+
|
|
14
|
+
redirect_to after_sign_in_path
|
|
17
15
|
end
|
|
18
16
|
end
|
|
19
17
|
end
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
|
2
|
+
provider :saml,
|
|
3
|
+
:assertion_consumer_service_url => DoorkeeperHub.config.callback_url,
|
|
4
|
+
:issuer => DoorkeeperHub.config.issuer,
|
|
5
|
+
:idp_sso_target_url => "https://id.hubhub.co/saml/auth",
|
|
6
|
+
:idp_sso_target_url_runtime_params => {:original_request_param => :mapped_idp_param},
|
|
7
|
+
:idp_cert_fingerprint => DoorkeeperHub.config.idp_fingerprint,
|
|
8
|
+
:idp_cert_fingerprint_validator => lambda { |fingerprint| fingerprint },
|
|
9
|
+
:name_identifier_format => "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
|
|
10
|
+
end
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
Warden::Strategies.add(:doorkeeper) do
|
|
2
|
+
def valid?
|
|
3
|
+
true
|
|
4
|
+
end
|
|
5
|
+
|
|
6
|
+
def authenticate!
|
|
7
|
+
u = DoorkeeperHub::User.new('company_tokens' => company_tokens, 'id' => auth.uid)
|
|
8
|
+
success!(u)
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def auth
|
|
12
|
+
request.env["omniauth.auth"]
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def company_tokens
|
|
16
|
+
auth.extra.raw_info.multi(DoorkeeperHub.token_name)
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
Warden::Manager.serialize_into_session do |user|
|
|
21
|
+
user
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
Warden::Manager.serialize_from_session do |data|
|
|
25
|
+
DoorkeeperHub::User.new(data)
|
|
26
|
+
end
|
data/config/routes.rb
CHANGED
|
@@ -1,8 +1,5 @@
|
|
|
1
1
|
Rails.application.routes.draw do
|
|
2
|
-
|
|
3
|
-
controllers: {
|
|
4
|
-
omniauth_callbacks: 'doorkeeper_hub/omniauth_callbacks'
|
|
5
|
-
}
|
|
2
|
+
post 'auth/saml/callback', to: 'doorkeeper_hub/omniauth_callbacks#saml'
|
|
6
3
|
|
|
7
4
|
unless DoorkeeperHub.client_mode?
|
|
8
5
|
post 'doorkeeper/activation', to: 'doorkeeper_hub/callbacks#activation'
|
data/doorkeeper_hub.gemspec
CHANGED
|
@@ -24,6 +24,6 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.add_development_dependency "bundler", "~> 1.16"
|
|
25
25
|
spec.add_development_dependency "rake", "~> 10.0"
|
|
26
26
|
|
|
27
|
-
spec.add_dependency "
|
|
27
|
+
spec.add_dependency "warden", "~> 1.2"
|
|
28
28
|
spec.add_dependency "omniauth-saml", "~> 1.10"
|
|
29
29
|
end
|
data/lib/doorkeeper_hub.rb
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
require "doorkeeper_hub/version"
|
|
2
2
|
require 'doorkeeper_hub/configurator'
|
|
3
|
-
require "doorkeeper_hub/saml"
|
|
4
3
|
require "doorkeeper_hub/helpers"
|
|
5
4
|
require 'doorkeeper_hub/engine' if defined?(::Rails) && Rails::VERSION::MAJOR > 4
|
|
6
5
|
|
|
@@ -13,18 +12,6 @@ module DoorkeeperHub
|
|
|
13
12
|
yield config
|
|
14
13
|
end
|
|
15
14
|
|
|
16
|
-
def self.devise_routes_scope
|
|
17
|
-
user_model.tableize.to_sym
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def self.devise_scope
|
|
21
|
-
user_model.underscore.to_sym
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
def self.user_model
|
|
25
|
-
config.user_model
|
|
26
|
-
end
|
|
27
|
-
|
|
28
15
|
def self.token_name
|
|
29
16
|
config.doorkeeper_token_name
|
|
30
17
|
end
|
|
@@ -36,4 +23,22 @@ module DoorkeeperHub
|
|
|
36
23
|
def self.client_mode?
|
|
37
24
|
config.client_mode
|
|
38
25
|
end
|
|
39
|
-
|
|
26
|
+
|
|
27
|
+
class User
|
|
28
|
+
attr_accessor :company_tokens, :id
|
|
29
|
+
|
|
30
|
+
def initialize(attrs)
|
|
31
|
+
@company_tokens = attrs['company_tokens']
|
|
32
|
+
@id = attrs['id']
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def to_key
|
|
36
|
+
id
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def authenticatable_salt
|
|
40
|
+
''
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
end
|
|
@@ -2,16 +2,20 @@ module DoorkeeperHub
|
|
|
2
2
|
class Configurator
|
|
3
3
|
attr_accessor :service_token
|
|
4
4
|
attr_accessor :scope_model
|
|
5
|
-
attr_accessor :user_model
|
|
6
5
|
attr_accessor :doorkeeper_token_name
|
|
7
6
|
attr_accessor :client_mode
|
|
7
|
+
attr_accessor :issuer
|
|
8
|
+
attr_accessor :callback_url
|
|
9
|
+
attr_accessor :idp_fingerprint
|
|
8
10
|
|
|
9
11
|
def initialize
|
|
10
12
|
self.service_token = ENV["SERVICE_TOKEN"]
|
|
11
|
-
self.user_model = 'User'
|
|
12
13
|
self.scope_model = 'Company'
|
|
13
14
|
self.doorkeeper_token_name = :doorkeeper_token
|
|
14
15
|
self.client_mode = false
|
|
16
|
+
self.issuer = 'doorkeeper-client'
|
|
17
|
+
self.callback_url = 'http://localhost:3000/auth/saml/callback'
|
|
18
|
+
self.idp_fingerprint = "3A:56:BE:36:48:69:91:CD:60:42:0D:15:5B:21:85:8E:E3:F5:7D:74"
|
|
15
19
|
end
|
|
16
20
|
end
|
|
17
21
|
end
|
|
@@ -7,15 +7,13 @@ module DoorkeeperHub
|
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
def authenticate_doorkeeper!
|
|
10
|
-
if
|
|
10
|
+
if warden.authenticated?
|
|
11
11
|
return if DoorkeeperHub.client_mode?
|
|
12
12
|
|
|
13
13
|
redirect_to root_path_with_token if params[DoorkeeperHub.token_param].nil?
|
|
14
14
|
else
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
origin: request.fullpath
|
|
18
|
-
)
|
|
15
|
+
# TODO add origin path to params
|
|
16
|
+
redirect_to '/auth/saml'
|
|
19
17
|
end
|
|
20
18
|
end
|
|
21
19
|
|
|
@@ -26,7 +24,7 @@ module DoorkeeperHub
|
|
|
26
24
|
options
|
|
27
25
|
end
|
|
28
26
|
|
|
29
|
-
def
|
|
27
|
+
def after_sign_in_path
|
|
30
28
|
request.env['omniauth.origin'] || (DoorkeeperHub.client_mode? ? root_path : root_path_with_token)
|
|
31
29
|
end
|
|
32
30
|
|
|
@@ -36,13 +34,29 @@ module DoorkeeperHub
|
|
|
36
34
|
|
|
37
35
|
def params_or_default_token
|
|
38
36
|
params[DoorkeeperHub.token_param] ||
|
|
39
|
-
|
|
37
|
+
companies.first.send(DoorkeeperHub.config.doorkeeper_token_name)
|
|
40
38
|
end
|
|
41
39
|
|
|
42
40
|
def company
|
|
43
41
|
@company ||=
|
|
44
|
-
|
|
42
|
+
companies.active.find_by(DoorkeeperHub.config.doorkeeper_token_name => params[DoorkeeperHub.token_param]) ||
|
|
45
43
|
raise(ActionController::RoutingError.new('Not Found'))
|
|
44
|
+
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def current_user
|
|
48
|
+
warden.user
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def companies
|
|
52
|
+
@companies ||= DoorkeeperHub.config
|
|
53
|
+
.scope_model
|
|
54
|
+
.constantize
|
|
55
|
+
.where(DoorkeeperHub.config.doorkeeper_token_name => current_user.company_tokens)
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def warden
|
|
59
|
+
request.env['warden']
|
|
46
60
|
end
|
|
47
61
|
end
|
|
48
62
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: doorkeeper_hub
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jimmy Fan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-07-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -39,19 +39,19 @@ dependencies:
|
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '10.0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
|
-
name:
|
|
42
|
+
name: warden
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '
|
|
47
|
+
version: '1.2'
|
|
48
48
|
type: :runtime
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '
|
|
54
|
+
version: '1.2'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: omniauth-saml
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -83,6 +83,8 @@ files:
|
|
|
83
83
|
- app/controllers/doorkeeper_hub/omniauth_callbacks_controller.rb
|
|
84
84
|
- bin/console
|
|
85
85
|
- bin/setup
|
|
86
|
+
- config/initializers/omniauth.rb
|
|
87
|
+
- config/initializers/warden.rb
|
|
86
88
|
- config/routes.rb
|
|
87
89
|
- doorkeeper_hub.gemspec
|
|
88
90
|
- lib/doorkeeper_hub.rb
|
|
@@ -90,7 +92,6 @@ files:
|
|
|
90
92
|
- lib/doorkeeper_hub/engine.rb
|
|
91
93
|
- lib/doorkeeper_hub/helpers.rb
|
|
92
94
|
- lib/doorkeeper_hub/routes.rb
|
|
93
|
-
- lib/doorkeeper_hub/saml.rb
|
|
94
95
|
- lib/doorkeeper_hub/version.rb
|
|
95
96
|
homepage: https://devhub.co
|
|
96
97
|
licenses:
|
data/lib/doorkeeper_hub/saml.rb
DELETED
|
@@ -1,42 +0,0 @@
|
|
|
1
|
-
require 'active_support/concern'
|
|
2
|
-
|
|
3
|
-
module DoorkeeperHub
|
|
4
|
-
module Saml
|
|
5
|
-
extend ActiveSupport::Concern
|
|
6
|
-
|
|
7
|
-
included do
|
|
8
|
-
devise :omniauthable, omniauth_providers: %i[saml]
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
class_methods do
|
|
12
|
-
def from_omniauth(auth)
|
|
13
|
-
return if !DoorkeeperHub.client_mode? && scope_results(auth).empty?
|
|
14
|
-
|
|
15
|
-
user = where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
|
|
16
|
-
user.email = auth.info.email
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
unless DoorkeeperHub.client_mode?
|
|
20
|
-
scope_results(auth).each do |result|
|
|
21
|
-
user.users_companies.find_or_create_by(company: result)
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
user
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def scope_results(auth)
|
|
29
|
-
@scope_results ||= DoorkeeperHub
|
|
30
|
-
.config.scope_model
|
|
31
|
-
.constantize
|
|
32
|
-
.where(scope_query(auth))
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
def scope_query(auth)
|
|
36
|
-
{
|
|
37
|
-
DoorkeeperHub.token_name => auth.extra.raw_info.multi(DoorkeeperHub.token_name)
|
|
38
|
-
}
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
end
|
|
42
|
-
end
|