RubyGems - okta_saml - Versions diffs - 0.0.6 → 3.0.0 - Mend

okta_saml 0.0.6 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +7 -0
data/CONTRIBUTORS +11 -0
data/{LICENSE.txt → LICENSE} +2 -2
data/README.md +2 -0
data/Rakefile +2 -17
data/app/controllers/saml_controller.rb +1 -1
data/config/routes.rb +2 -2
data/lib/okta_saml.rb +1 -1
data/lib/okta_saml/constants.rb +8 -7
data/lib/okta_saml/engine.rb +64 -2
data/lib/okta_saml/session_helper.rb +1 -2
data/lib/okta_saml/version.rb +1 -1
metadata +30 -42

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c75f4693aef436cf69cfd2d7b63ac4bacb42f397
+  data.tar.gz: f01778c3f18cf909d9ecc927a5c73469340f162a
+SHA512:
+  metadata.gz: cd25ad264353c69513000f4d6d6b2027e2b921b063e20c2cf8f736cba8fbb5431093359a98cdaf56e920f4496cf012dae2236d4239e8afd7f5c7f3078c89cc7f
+  data.tar.gz: afed5cd8f440331994fc18be18da01bc841cc7f7a3a85bfa13466eec12e0281b919578228823d0087345ac465d294841e44e946888bc9cdbcbd6dee47b4f5304

data/CONTRIBUTORS ADDED Viewed

@@ -0,0 +1,11 @@
+Michael Hoitomt
+Jared Branum
+Ed Leung
+Luke Fender
+Thomas Stankus
+Jeb Beich
+Eric Caspary
+Phong Si
+Eric Toulson
+Colin Rymer
+Jordi Noguera

data/{LICENSE.txt → LICENSE} RENAMED Viewed

@@ -1,4 +1,4 @@
-Copyright (c) 2012 Jared Branum
+Copyright (c) 2014 RentPath, Inc.
 MIT License
@@ -19,4 +19,4 @@ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md CHANGED Viewed

@@ -1,5 +1,7 @@
 # OktaSaml
+[![Code Climate](https://codeclimate.com/repos/5175815b56b1020c56000864/badges/aec34f2ab248de6035e0/gpa.png)](https://codeclimate.com/repos/5175815b56b1020c56000864/feed)
 [Okta](http://www.okta.com) is an IDP (Identity Provider) that offers enterprise authentication solutions. Okta works by redirecting visitors to your application to a login page that is hosted by Okta. Upon successful authentication Okta sends a POST request with a SAML payload to a Post Back URL (configured by you at setup). The okta_saml gem helps Ruby on Rails applications communicate with Okta.
 It is an engine that adds the following features to your application

data/Rakefile CHANGED Viewed

@@ -12,6 +12,8 @@ rescue LoadError
   RDoc::Task = Rake::RDocTask
 end
+require 'bundler/gem_tasks'
 RDoc::Task.new(:rdoc) do |rdoc|
   rdoc.rdoc_dir = 'rdoc'
   rdoc.title    = 'OktaSaml'
@@ -23,12 +25,6 @@ end
 APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
 load 'rails/tasks/engine.rake'
-Bundler::GemHelper.install_tasks
-Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each{|f| load f}
 require 'rspec/core'
 require 'rspec/core/rake_task'
@@ -37,14 +33,3 @@ RSpec::Core::RakeTask.new(:spec)
 task :default => :spec
-namespace :gem do
-  task :build do
-    output = IO.popen("gem build okta_saml.gemspec")
-    a = output.readlines
-    a.keep_if{|line| line =~ /File:/}
-    a[0].match(/File:/)
-    filename = $'.strip
-    # puts `echo #{filename}`
-    puts `gem inabox #{filename}`
-  end
-end

data/app/controllers/saml_controller.rb CHANGED Viewed

@@ -21,7 +21,7 @@ class SamlController < ApplicationController
   private
   def redirect_url
-    session[:redirect_url]
+    session[:redirect_url] || root_url
   end
   # Rails override to handle unverified post requests from Okta

data/config/routes.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 Rails.application.routes.draw do
   get '/saml/init' => 'saml#init'
-  match '/saml/consume' => 'saml#consume'
-end
+  post '/saml/consume' => 'saml#consume'
+end

data/lib/okta_saml.rb CHANGED Viewed

@@ -2,7 +2,7 @@ require "okta_saml/version"
 require "okta_saml/session_helper"
 module OktaSaml
-  if defined?(Rails) && Rails::VERSION::MAJOR == 3
+  if defined?(Rails) && Rails::VERSION::MAJOR >= 3
     require "okta_saml/engine"
   end
 end

data/lib/okta_saml/constants.rb CHANGED Viewed

@@ -1,11 +1,12 @@
 if defined?(Rails)
-  saml = begin
-    YAML::load_file(Rails.root.join("config/okta_saml.yml").to_s)
+  begin
+    saml = YAML::load_file(Rails.root.join("config/okta_saml.yml").to_s)
+    SAML_SETTINGS = {
+      :idp_sso_target_url => saml[Rails.env]['idp_sso_target_url'],
+      :idp_cert_fingerprint => saml[Rails.env]['idp_cert_fingerprint']
+    }
   rescue Errno::ENOENT
     p "Missing okta_saml.yml file in Rails.root/config"
+    SAML_SETTINGS = {}
   end
-  SAML_SETTINGS = {
-    :idp_sso_target_url => saml[Rails.env]['idp_sso_target_url'],
-    :idp_cert_fingerprint => saml[Rails.env]['idp_cert_fingerprint']
-  }
-end
+end

data/lib/okta_saml/engine.rb CHANGED Viewed

@@ -1,5 +1,8 @@
 require 'rubygems'
 require 'ruby-saml'
+require "net/http"
+require "uri"
+require "json"
 require_relative 'session_helper'
 class ActionController::Base
@@ -7,13 +10,72 @@ class ActionController::Base
   def okta_authenticate!
     session[:redirect_url] = params[:app_referer] || "#{request.protocol}#{request.host_with_port}#{request.fullpath}"
-    redirect_to saml_init_path unless signed_in?
+    session[:referrer]  = params[:referrer]  if params[:referrer]
+    session[:auth_code] = params[:auth_code] if params[:auth_code]
+    auth_code = session[:auth_code]
+    # if no auth_code from propsol, auth using okta
+    if auth_code.blank?
+      redirect_to login_path unless signed_in?
+    else
+      ps_user_info = get_user_info(auth_code)
+      ps_user_id = ps_user_info["user-id"]
+      ps_token = ps_user_info["token"]
+      email = get_cr3_email(ps_user_id, ps_token)
+      if email.present?
+        # They have auth_code and mapping already exists (since email present)
+        # so log them in.
+        sign_in(OktaUser.new({:email => email}))
+      else # no mapping exists
+        if signed_in? # if already signed into okta, but does have
+                      # auth_code create the mapping.
+          create_ps_to_cr3_mapping(ps_user_id, current_user.email, ps_token)
+        else # since not signed into okta, send them to okta login.
+          redirect_to login_path
+        end
+      end
+    end
   end
   def okta_logout
     redirect_to saml_logout_path
   end
+  def create_ps_to_cr3_mapping(ps_user_id, email, token)
+    randr_uri = randr_uri("/portalsvc/propsol/add-user-mapping")
+    params = {"ps-user-id" => ps_user_id, "cr3-email" => email, "token" => token}
+    res = http_get(randr_uri, params)
+    res["result"]
+  end
+  def get_cr3_email(ps_user_id, ps_token)
+    randr_uri = randr_uri("/portalsvc/propsol/get-cr3-user")
+    params = {"ps-user-id" => ps_user_id, "token" => ps_token}
+    res = http_get(randr_uri, params)
+    res["email"]
+  end
+  def get_user_info(auth_code)
+    randr_uri = randr_uri("/portalsvc/propsol/get-ps-user-id")
+    params = {"auth-code" => auth_code}
+    res = http_get(randr_uri, params)
+  end
+  def http_get(uri, params)
+    uri = URI.parse(uri)
+    uri.query = URI.encode_www_form(params)
+    res = Net::HTTP.get_response(uri)
+    JSON.parse(res.body)
+  end
+  def randr_uri(path)
+    uri = Rails.application.config.randr_service + path
+  end
 end
 module OktaSaml
@@ -30,4 +92,4 @@ module OktaSaml
       end
     end
   end
-end
+end

data/lib/okta_saml/session_helper.rb CHANGED Viewed

@@ -2,8 +2,7 @@ module OktaSaml
   module SessionHelper
     def sign_in(user)
       cookies.signed[:remember_token] = {
-        :value => user.email,
-        :expires => 3.hours.from_now
+        :value => user.email
       }
       current_user = user
     end

data/lib/okta_saml/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module OktaSaml
-  VERSION = "0.0.6"
+  VERSION = "3.0.0"
 end

metadata CHANGED Viewed

@@ -1,130 +1,118 @@
 --- !ruby/object:Gem::Specification
 name: okta_saml
 version: !ruby/object:Gem::Version
-  version: 0.0.6
-  prerelease:
+  version: 3.0.0
 platform: ruby
 authors:
 - Michael Hoitomt
 - Jared Branum
 - Ed Leung
 - Luke Fender
+- Thomas Stankus
+- Jeb Beich
+- Eric Caspary
+- Phong Si
+- Eric Toulson
+- Jordi Noguera
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-05-30 00:00:00.000000000 Z
+date: 2014-04-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.13
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.13
 - !ruby/object:Gem::Dependency
   name: ruby-saml
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.7.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.7.2
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: geminabox
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 description: The okta_saml gem helps Ruby on Rails applications communicate with Okta
 email:
-- mhoitomt@primedia.com
+- mhoitomt@rentpath.com
 - jbranum@primedia.com
 - eleung@primedia.com
 - lfender@primedia.com
+- tstankus@rentpath.com
+- jbeich@rentpath.com
+- ecaspary@rentpath.com
+- phong.si@gmail.com
+- etoulson@rentpath.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- CONTRIBUTORS
+- LICENSE
+- README.md
+- Rakefile
 - app/controllers/saml_controller.rb
 - app/helpers/okta_application_helper.rb
 - app/models/okta_user.rb
 - config/okta_saml.sample.yml
 - config/routes.rb
 - lib/generators/okta_saml_generator.rb
+- lib/okta_saml.rb
 - lib/okta_saml/constants.rb
 - lib/okta_saml/engine.rb
 - lib/okta_saml/session_helper.rb
 - lib/okta_saml/version.rb
-- lib/okta_saml.rb
-- LICENSE.txt
-- Rakefile
-- README.md
 homepage: https://github.com/primedia/okta_saml
 licenses: []
+metadata: {}
 post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.24
+rubygems_version: 2.2.2
 signing_key:
-specification_version: 3
+specification_version: 4
 summary: The okta_saml gem helps Ruby on Rails applications communicate with Okta.
   The gem properly contstructs the request to Okta and handles the response back from
   Okta.