omniauth-oauth2-oneid 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/omniauth/oneid/version.rb +1 -1
- data/lib/omniauth/strategies/oauth2_oneid.rb +30 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e5587fb3f326337ca7207ae6b9c9d7d0c0afc4d14f439e7b39e98949aab4848f
|
|
4
|
+
data.tar.gz: cb4e7707ff4d9475ba011bd33f07953aedacbede029e3d3d92d176b6de0824d4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8167b8c848d19f2d5ea403421bc5e64443ed92c73f00a3a37621dfcdbe91f532a26ae8c1f08197fbfba585244d016efb53497f8b2cb9f16c5c884288b9c155f9
|
|
7
|
+
data.tar.gz: 5736a350bcdc15fd7db8873d1d7f82c657575e4a341659d044df842395a4e2ecbfa46c1422b93edeae7c778aa9b0b0623036e78455acf787d317e5febb0704b6
|
|
@@ -20,8 +20,10 @@ module OmniAuth
|
|
|
20
20
|
authorize_url: "/api/oauth/getcode",
|
|
21
21
|
token_url: "/oauth/token",
|
|
22
22
|
business_url: "/api/v3/business/service/list-business",
|
|
23
|
+
department_url: "/go-api/v1/business/service/account-detail"
|
|
23
24
|
}
|
|
24
25
|
option :businesses, []
|
|
26
|
+
option :departments, {}
|
|
25
27
|
option :auto_block,
|
|
26
28
|
{
|
|
27
29
|
enabled: false,
|
|
@@ -60,6 +62,7 @@ module OmniAuth
|
|
|
60
62
|
hash = {}
|
|
61
63
|
hash[:id_info] = user_path
|
|
62
64
|
hash[:business_info] = business_info
|
|
65
|
+
hash[:deepartment_info] = deepartment_info
|
|
63
66
|
if business_info['data'].empty?
|
|
64
67
|
gitlab_auto_block
|
|
65
68
|
raise "Forbidden. Unauthorized access restricted."
|
|
@@ -78,6 +81,10 @@ module OmniAuth
|
|
|
78
81
|
def business_info
|
|
79
82
|
@business_info ||= access_token.get(options.client_options[:business_url]).parsed
|
|
80
83
|
end
|
|
84
|
+
|
|
85
|
+
def deepartment_info
|
|
86
|
+
@department_info || access_token.get(options.client_options[:department_url]).parsed
|
|
87
|
+
end
|
|
81
88
|
|
|
82
89
|
def authorize_params
|
|
83
90
|
params = super
|
|
@@ -100,6 +107,12 @@ module OmniAuth
|
|
|
100
107
|
end
|
|
101
108
|
|
|
102
109
|
def check_business
|
|
110
|
+
# Check department 1st if configured
|
|
111
|
+
if !options.departments.empty?
|
|
112
|
+
return check_department
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
# Check business 2nd
|
|
103
116
|
return true unless !options.businesses.empty?
|
|
104
117
|
b_set = options.businesses.to_set
|
|
105
118
|
business_info['data'].each do |b|
|
|
@@ -111,6 +124,23 @@ module OmniAuth
|
|
|
111
124
|
false
|
|
112
125
|
end
|
|
113
126
|
|
|
127
|
+
def check_department
|
|
128
|
+
deepartment_info['data']['business_lists'].each do |b|
|
|
129
|
+
b_id = b[:id]
|
|
130
|
+
if options.departments.include?(b_id)
|
|
131
|
+
# Option
|
|
132
|
+
dept_set = options.departments[b_id].to_set
|
|
133
|
+
b[:account_roles].each do |a|
|
|
134
|
+
if dept_set.include?(a[:dept_id])
|
|
135
|
+
log :info, "Match account department_id: #{a[:dept_id]} at biz_id: #{b_id}"
|
|
136
|
+
return true
|
|
137
|
+
end
|
|
138
|
+
end
|
|
139
|
+
end
|
|
140
|
+
end
|
|
141
|
+
false
|
|
142
|
+
end
|
|
143
|
+
|
|
114
144
|
def gitlab_auto_block
|
|
115
145
|
if !options.auto_block[:enabled]
|
|
116
146
|
return
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-oauth2-oneid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Patcharapong
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-03-
|
|
11
|
+
date: 2025-03-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth-oauth2
|