diff options
author | IN COMMON Collective <collective@incommon.cc> | 2021-04-09 12:29:16 +0200 |
---|---|---|
committer | IN COMMON Collective <collective@incommon.cc> | 2021-04-09 12:29:16 +0200 |
commit | 90c67665394bdd36e86e484020cfbd5ad4f188b2 (patch) | |
tree | b41e2db43f72c92db88c4bc5069a5323c3488021 /app/lib | |
parent | d14700c51d692335f001a93c2f6b13b135783206 (diff) | |
parent | 4375650ea0788ae6b2a390b10ca6679d67dfc7a3 (diff) | |
download | incommon-map-main.tar.gz |
Diffstat (limited to 'app/lib')
-rw-r--r-- | app/lib/sso/from_discourse.rb | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/app/lib/sso/from_discourse.rb b/app/lib/sso/from_discourse.rb index 94969c9..7af7173 100644 --- a/app/lib/sso/from_discourse.rb +++ b/app/lib/sso/from_discourse.rb @@ -5,6 +5,8 @@ # frozen_string_literal: true module SSO + class MissingSecretError < ArgumentError; end + class FromDiscourse attr_accessor :nonce, :token attr_reader :request_uri, :user_info, :status @@ -14,12 +16,12 @@ module SSO # This is a hash: # SSO::FromDiscourse.config = { # sso_url: 'https://talk.incommon.cc/session/sso_provider', - # return_url: "#{API_ROOT_URL}/my/account", + # return_url: 'https://incommon-map.example/authenticate', # sso_secret: Rails.application.credentials.sso_secret, # } # In config/routes.rb: # ... - # get 'my/account/:token' => 'authentications#sso_login' + # get 'authenticate/(:token)' => 'authentications#sso_login' attr_accessor :config end @@ -91,7 +93,18 @@ module SSO end def mac_signature(payload = b64_payload) - OpenSSL::HMAC.hexdigest('SHA256', self.class.config[:sso_secret], payload) + OpenSSL::HMAC.hexdigest('SHA256', sso_secret, payload) + end + + def sso_secret + @sso_secret = begin + self.class.config[:sso_secret] || + Rails.application.credentials.sso_secret + rescue MissingConstant + nil + end + raise SSO::MissingSecretError if @sso_secret.nil? + self.class.config[:sso_secret] ||= @sso_secret end end end |