puavo_authentication 0.2.2 → 0.2.3
Sign up to get free protection for your applications and to get access to all the features.
@@ -13,6 +13,13 @@ class SessionsController < ApplicationController
|
|
13
13
|
redirect_back_or_default root_path
|
14
14
|
end
|
15
15
|
|
16
|
+
def auth
|
17
|
+
|
18
|
+
respond_to do |format|
|
19
|
+
format.json { render :json => true.to_json }
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
16
23
|
def show
|
17
24
|
@user = current_user
|
18
25
|
respond_to do |format|
|
data/lib/puavo/authentication.rb
CHANGED
@@ -182,6 +182,10 @@ module Puavo
|
|
182
182
|
dn.rdns[1]["ou"] == "System Accounts"
|
183
183
|
end
|
184
184
|
|
185
|
+
def server?
|
186
|
+
dn.rdns[1]["ou"] == "Servers"
|
187
|
+
end
|
188
|
+
|
185
189
|
def oauth_client_server?
|
186
190
|
dn.rdns.first.keys.first == "puavoOAuthClientId"
|
187
191
|
end
|
@@ -225,6 +229,12 @@ module Puavo
|
|
225
229
|
return @authorized = true
|
226
230
|
end
|
227
231
|
|
232
|
+
# Authorize servers
|
233
|
+
if server?
|
234
|
+
logger.info "Authorization ok: Server #{ dn }"
|
235
|
+
return @authorized = true
|
236
|
+
end
|
237
|
+
|
228
238
|
raise AuthorizationFailed, "Unauthorized access for #{ dn }"
|
229
239
|
end
|
230
240
|
|
@@ -39,6 +39,7 @@ module PuavoAuthentication
|
|
39
39
|
# * OAuth Client Server ID & Secrect
|
40
40
|
# * External Service UID & password
|
41
41
|
# * User UID & password
|
42
|
+
# * Server dn & password
|
42
43
|
authenticate_with_http_basic do |username, password|
|
43
44
|
logger.debug "Using basic authentication with #{ username }"
|
44
45
|
|
@@ -65,6 +66,17 @@ module PuavoAuthentication
|
|
65
66
|
|
66
67
|
end
|
67
68
|
|
69
|
+
# Authenticate with server's distinguished name and password
|
70
|
+
if (server_dn = ActiveLdap::DistinguishedName.parse(username) rescue nil)
|
71
|
+
if server_dn.parent.rdns.first["ou"] == "Servers"
|
72
|
+
return {
|
73
|
+
:dn => server_dn,
|
74
|
+
:organisation_key => organisation_key_from_host,
|
75
|
+
:password => password,
|
76
|
+
}
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
68
80
|
return {
|
69
81
|
:uid => username,
|
70
82
|
:organisation_key => organisation_key_from_host,
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: puavo_authentication
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 17
|
5
5
|
prerelease: false
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 2
|
9
|
-
-
|
10
|
-
version: 0.2.
|
9
|
+
- 3
|
10
|
+
version: 0.2.3
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Jouni Korhonen
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2012-10-
|
18
|
+
date: 2012-10-18 00:00:00 +02:00
|
19
19
|
default_executable:
|
20
20
|
dependencies: []
|
21
21
|
|