maestrano-rails 0.1.0 → 0.2.0

data/app/controllers/maestrano/rails/saml_base_controller.rb

@@ -1,5 +1,6 @@
 class Maestrano::Rails::SamlBaseController < ApplicationController
   attr_reader :saml_response, :user_auth_hash, :group_auth_hash, :user_group_rel_hash
+  protect_from_forgery :except => [:consume]
   around_filter :saml_response_transaction, only: [:consume]
   
   # Initialize the SAML request and redirects the
@@ -17,8 +18,12 @@ class Maestrano::Rails::SamlBaseController < ApplicationController
       yield
       Maestrano::SSO.set_session(session,@user_auth_hash)
     rescue Exception => e
-      logger.error e
-      redirect_to "#{Maestrano::SSO.unauthorized_url}?err=internal"
+      if Rails.env.development?
+        raise
+      else
+        logger.error e
+        redirect_to "#{Maestrano::SSO.unauthorized_url}?err=internal"
+      end
     end
   end
   
@@ -29,9 +34,9 @@ class Maestrano::Rails::SamlBaseController < ApplicationController
         @user_auth_hash = Maestrano::SSO::BaseUser.new(@saml_response).to_hash
         @group_auth_hash = Maestrano::SSO::BaseGroup.new(@saml_response).to_hash
         @user_group_rel_hash = {
-          user_uid: @saml_response.attributes['uid'],
-          group_uid: @saml_response.attributes['group_uid'],
-          role: @saml_response.attributes['group_role']
+          user_uid: @user_auth_hash[:uid],
+          group_uid: @group_auth_hash[:uid],
+          role: @user_auth_hash[:extra][:group][:role]
         }
       end
     end

data/lib/generators/active_record/templates/migration.rb

@@ -2,6 +2,7 @@ class AddMaestranoTo<%= table_name.camelize %> < ActiveRecord::Migration
   def self.up
     change_table(:<%= table_name %>) do |t|
 <%= migration_data -%>
+    end
   end
 
   def self.down

data/lib/generators/maestrano/templates/maestrano.rb

@@ -26,7 +26,7 @@ Maestrano.configure do |config|
   # ==> Application host
   # This is your application host (e.g: mysuperapp.com) which is ultimately
   # used to redirect users to the right SAML url during SSO handshake.
-  config.app_host = Rails.env.production? ? 'https://my-production-app.com' : 'http://localhost::3000'
+  config.app_host = Rails.env.production? ? 'https://my-production-app.com' : 'http://localhost:3000'
   
   # ==> SSO Initialization endpoint
   # This is your application path to the SAML endpoint that allows users to

data/lib/maestrano/rails/models/maestrano_auth_resource.rb

@@ -1,3 +1,5 @@
+require 'digest/sha1'
+
 module Maestrano
   module Rails
     module MaestranoAuthResource
@@ -62,8 +64,20 @@ module Maestrano
             info = OpenStruct.new(auth_hash[:info])
             extra = OpenStruct.new(auth_hash[:extra])
             
-            # Create entity and call mapping block
+            # Create entity
             entity = self.new
+            
+            # Set password on entity in case this is required
+            # This is done before the mapping block in case
+            # password has been taken care of by the developer
+            password = Digest::SHA1.hexdigest("#{Time.now.utc}-#{rand(100)}")[0..20]
+            begin
+              entity.password = password if entity.respond_to?(:password)
+              entity.password_confirmation = password if entity.respond_to?(:password_confirmation)
+            rescue Exception => e
+            end
+            
+            # Call mapping block
             self.maestrano_options[:mapping].call(entity,info,extra)
             
             # Finally set provider and uid then save

data/lib/maestrano/rails/version.rb

@@ -1,5 +1,5 @@
 module Maestrano
   module Rails
-    VERSION = "0.1.0"
+    VERSION = "0.2.0"
   end
 end

metadata

@@ -2,7 +2,7 @@
 name: maestrano-rails
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors: 
 - Arnaud Lachaume
@@ -31,7 +31,7 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        version: "0.1"
+        version: "0.2"
   type: :runtime
   version_requirements: *id002
 - !ruby/object:Gem::Dependency