go_sso 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +12 -1
- data/app/controllers/go_sso/application_controller.rb +7 -2
- data/lib/go_sso/controllers/helpers.rb +3 -2
- data/lib/go_sso/user.rb +0 -11
- data/lib/go_sso/version.rb +1 -1
- data/lib/go_sso.rb +21 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dec95b352aa71a72cf9fd14c8add2dbdf8071d13ec890f3e1b5932f692f894f8
|
4
|
+
data.tar.gz: 611c62890222269f6347118fdf4ac346a350e6bf89c896a322cfd2026b41f496
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 20800b3baa179f58fc6caef835e688b03a3933448e8937217f4b4e68887df690cd4b81f7e093c64dde8315e8d8266b8f809e57e198f4fd8dc706a9e74c6a624e
|
7
|
+
data.tar.gz: 8f9e5fe488ac6067421271acc75fb5fe0d4f82e8051f6a8976d3725e452c7d0db42f0ba62cb610f3268ef1e063cbdc95c10775005366f41f272cea57af74d7d4
|
data/README.md
CHANGED
@@ -22,6 +22,7 @@ GoSso.setup do |config|
|
|
22
22
|
config.user_cache_ttl # default 1.minute
|
23
23
|
config.main_app_module_name # default is your host app module name
|
24
24
|
config.host # set to your app host
|
25
|
+
config.fake_user_json # set this options for development or test environment only
|
25
26
|
end
|
26
27
|
```
|
27
28
|
|
@@ -33,4 +34,14 @@ Pages with this hook will be protected.
|
|
33
34
|
If `current_sso_user` is not present, redirect users to SSO to login.
|
34
35
|
Users can access the protected page only if after login and their applications attribute contains `main_app_module_name`
|
35
36
|
|
36
|
-
You can access current user in views or controllers via `current_sso_user`.
|
37
|
+
You can access current user in views or controllers via `current_sso_user`.
|
38
|
+
|
39
|
+
In a development environment, it is probably without SSO server support. When `fake_user_json` option is set, users will always login successfully and its user JSON will be `fake_user_json`:
|
40
|
+
```
|
41
|
+
GoSso.setup do |config|
|
42
|
+
# other configurations...
|
43
|
+
if Rails.env.development?
|
44
|
+
config.fake_user_json = { uid: 1, email: 'yfxie@me.com' }
|
45
|
+
end
|
46
|
+
end
|
47
|
+
```
|
@@ -8,12 +8,17 @@ module GoSso
|
|
8
8
|
|
9
9
|
def auth
|
10
10
|
session[:go_sso_referrer] = params[:redirect_url] || request.referrer || request.base_url
|
11
|
-
|
11
|
+
if GoSso.test_mode?
|
12
|
+
redirect_to go_sso_callback_url
|
13
|
+
else
|
14
|
+
redirect_to GoSso.authorize_url
|
15
|
+
end
|
12
16
|
end
|
13
17
|
|
14
18
|
def callback
|
15
|
-
token = GoSso.get_token(params[:code])
|
19
|
+
token = GoSso.test_mode? ? GoSso.generate_fake_token : GoSso.get_token(params[:code])
|
16
20
|
set_sso_token(token.token, expires_at: token.expires_at)
|
21
|
+
GoSso.after_login.call(self)
|
17
22
|
redirect_to session.delete(:go_sso_referrer) || request.base_url
|
18
23
|
rescue OAuth2::Error => error
|
19
24
|
render json: {
|
@@ -17,7 +17,8 @@ module GoSso
|
|
17
17
|
@current_sso_user ||= begin
|
18
18
|
return nil unless session[:go_sso_token]
|
19
19
|
return nil if sso_token_expired?
|
20
|
-
GoSso
|
20
|
+
user_json = GoSso.get_user_json(session[:go_sso_token])
|
21
|
+
GoSso::User.new(user_json)
|
21
22
|
end
|
22
23
|
rescue OAuth2::Error
|
23
24
|
nil
|
@@ -29,7 +30,7 @@ module GoSso
|
|
29
30
|
end
|
30
31
|
|
31
32
|
unless current_sso_user.can_access?(GoSso.main_app_module_name)
|
32
|
-
render json: { message: 'access denied' }, status: 401
|
33
|
+
return render json: { message: 'access denied' }, status: 401
|
33
34
|
end
|
34
35
|
end
|
35
36
|
|
data/lib/go_sso/user.rb
CHANGED
@@ -19,15 +19,4 @@ class GoSso::User
|
|
19
19
|
super
|
20
20
|
end
|
21
21
|
end
|
22
|
-
|
23
|
-
def self.from_token(token)
|
24
|
-
o_token = OAuth2::AccessToken.new(GoSso.client, token)
|
25
|
-
json_str = Rails.cache.fetch([:go_sso_user, token], expires_in: GoSso.user_cache_ttl) do
|
26
|
-
o_token.get(GoSso.user_json_url).body
|
27
|
-
end
|
28
|
-
attrs = JSON.parse(json_str)
|
29
|
-
new(attrs)
|
30
|
-
rescue Faraday::ConnectionFailed
|
31
|
-
raise GoSso::FailedToOpenConnection
|
32
|
-
end
|
33
22
|
end
|
data/lib/go_sso/version.rb
CHANGED
data/lib/go_sso.rb
CHANGED
@@ -15,6 +15,8 @@ module GoSso
|
|
15
15
|
mattr_accessor :user_cache_ttl, default: 1.minute
|
16
16
|
mattr_accessor :main_app_module_name
|
17
17
|
mattr_accessor :host
|
18
|
+
mattr_accessor :fake_user_json
|
19
|
+
mattr_accessor :after_login, default: ->(ctx){}
|
18
20
|
|
19
21
|
def self.setup
|
20
22
|
yield self
|
@@ -47,6 +49,25 @@ module GoSso
|
|
47
49
|
host || Current.host
|
48
50
|
end
|
49
51
|
|
52
|
+
def self.get_user_json(token = nil)
|
53
|
+
return fake_user_json.as_json if test_mode?
|
54
|
+
o_token = OAuth2::AccessToken.new(client, token)
|
55
|
+
json_str = Rails.cache.fetch([:go_sso_user, token], expires_in: user_cache_ttl) do
|
56
|
+
o_token.get(GoSso.user_json_url).body
|
57
|
+
end
|
58
|
+
JSON.parse(json_str)
|
59
|
+
rescue Faraday::ConnectionFailed
|
60
|
+
raise GoSso::FailedToOpenConnection
|
61
|
+
end
|
62
|
+
|
63
|
+
def self.test_mode?
|
64
|
+
fake_user_json.present?
|
65
|
+
end
|
66
|
+
|
67
|
+
def self.generate_fake_token
|
68
|
+
OAuth2::AccessToken.new(client, SecureRandom.urlsafe_base64, expires_in: 2.hours)
|
69
|
+
end
|
70
|
+
|
50
71
|
class FailedToOpenConnection < Exception; end
|
51
72
|
end
|
52
73
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: go_sso
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Yi Feng
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-10-
|
11
|
+
date: 2019-10-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: oauth2
|