diff options
author | IN COMMON Collective <collective@incommon.cc> | 2021-04-09 12:22:22 +0200 |
---|---|---|
committer | IN COMMON Collective <collective@incommon.cc> | 2021-04-09 12:27:54 +0200 |
commit | 3c6561243b5f1abfad3292347c51aa1914f63b48 (patch) | |
tree | c0350820acb3ae07d4750f5d8b4542d51c0eb4fb /app/lib | |
parent | 02283fe4979ad055a20131166628a32b3c152897 (diff) | |
download | incommon-map-3c6561243b5f1abfad3292347c51aa1914f63b48.tar.gz |
[DEV] Make SSO return_url dependent on Rails environment (fixes #1)
Previously the return_url was hardcoded for all environments.
It would create an issue where authentication outside of development
would redirect to the wrong site.
With the previous commit we introduced a staging environment and
an environment-specific configuration file allowing to hardcode
return_url for each environment.
This commit fixes the proper capture of the SSO secret in the
current configuration and introduces an SSO::MissingSecretError
class that is raised when there's no configured secret.
https://gitlab.com/incommon.cc/incommon-map/-/issues/1
Diffstat (limited to 'app/lib')
-rw-r--r-- | app/lib/sso/from_discourse.rb | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/app/lib/sso/from_discourse.rb b/app/lib/sso/from_discourse.rb index 8c5eea7..7af7173 100644 --- a/app/lib/sso/from_discourse.rb +++ b/app/lib/sso/from_discourse.rb @@ -5,6 +5,8 @@ # frozen_string_literal: true module SSO + class MissingSecretError < ArgumentError; end + class FromDiscourse attr_accessor :nonce, :token attr_reader :request_uri, :user_info, :status @@ -91,17 +93,18 @@ module SSO end def mac_signature(payload = b64_payload) - OpenSSL::HMAC.hexdigest('SHA256', self.class.config[:sso_secret], payload) + OpenSSL::HMAC.hexdigest('SHA256', sso_secret, payload) end def sso_secret @sso_secret = begin - self.class.config[:sso_secret].presence || - Rails.application.credentials.sso_secret || - raise + self.class.config[:sso_secret] || + Rails.application.credentials.sso_secret rescue MissingConstant - raise("Missing SSO Secret! Please set `SSO::FromDiscourse.config[:sso_secret]`") + nil end + raise SSO::MissingSecretError if @sso_secret.nil? + self.class.config[:sso_secret] ||= @sso_secret end end end |