puavo_authentication 0.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -13,6 +13,13 @@ class SessionsController < ApplicationController
|
|
|
13
13
|
redirect_back_or_default root_path
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
+
def auth
|
|
17
|
+
|
|
18
|
+
respond_to do |format|
|
|
19
|
+
format.json { render :json => true.to_json }
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
16
23
|
def show
|
|
17
24
|
@user = current_user
|
|
18
25
|
respond_to do |format|
|
data/lib/puavo/authentication.rb
CHANGED
|
@@ -182,6 +182,10 @@ module Puavo
|
|
|
182
182
|
dn.rdns[1]["ou"] == "System Accounts"
|
|
183
183
|
end
|
|
184
184
|
|
|
185
|
+
def server?
|
|
186
|
+
dn.rdns[1]["ou"] == "Servers"
|
|
187
|
+
end
|
|
188
|
+
|
|
185
189
|
def oauth_client_server?
|
|
186
190
|
dn.rdns.first.keys.first == "puavoOAuthClientId"
|
|
187
191
|
end
|
|
@@ -225,6 +229,12 @@ module Puavo
|
|
|
225
229
|
return @authorized = true
|
|
226
230
|
end
|
|
227
231
|
|
|
232
|
+
# Authorize servers
|
|
233
|
+
if server?
|
|
234
|
+
logger.info "Authorization ok: Server #{ dn }"
|
|
235
|
+
return @authorized = true
|
|
236
|
+
end
|
|
237
|
+
|
|
228
238
|
raise AuthorizationFailed, "Unauthorized access for #{ dn }"
|
|
229
239
|
end
|
|
230
240
|
|
|
@@ -39,6 +39,7 @@ module PuavoAuthentication
|
|
|
39
39
|
# * OAuth Client Server ID & Secrect
|
|
40
40
|
# * External Service UID & password
|
|
41
41
|
# * User UID & password
|
|
42
|
+
# * Server dn & password
|
|
42
43
|
authenticate_with_http_basic do |username, password|
|
|
43
44
|
logger.debug "Using basic authentication with #{ username }"
|
|
44
45
|
|
|
@@ -65,6 +66,17 @@ module PuavoAuthentication
|
|
|
65
66
|
|
|
66
67
|
end
|
|
67
68
|
|
|
69
|
+
# Authenticate with server's distinguished name and password
|
|
70
|
+
if (server_dn = ActiveLdap::DistinguishedName.parse(username) rescue nil)
|
|
71
|
+
if server_dn.parent.rdns.first["ou"] == "Servers"
|
|
72
|
+
return {
|
|
73
|
+
:dn => server_dn,
|
|
74
|
+
:organisation_key => organisation_key_from_host,
|
|
75
|
+
:password => password,
|
|
76
|
+
}
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
|
|
68
80
|
return {
|
|
69
81
|
:uid => username,
|
|
70
82
|
:organisation_key => organisation_key_from_host,
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: puavo_authentication
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 17
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 2
|
|
9
|
-
-
|
|
10
|
-
version: 0.2.
|
|
9
|
+
- 3
|
|
10
|
+
version: 0.2.3
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Jouni Korhonen
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2012-10-
|
|
18
|
+
date: 2012-10-18 00:00:00 +02:00
|
|
19
19
|
default_executable:
|
|
20
20
|
dependencies: []
|
|
21
21
|
|