aboutsummaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorIN COMMON Collective <collective@incommon.cc>2021-04-09 12:22:22 +0200
committerIN COMMON Collective <collective@incommon.cc>2021-04-09 12:27:54 +0200
commit3c6561243b5f1abfad3292347c51aa1914f63b48 (patch)
treec0350820acb3ae07d4750f5d8b4542d51c0eb4fb /app
parent02283fe4979ad055a20131166628a32b3c152897 (diff)
downloadincommon-map-3c6561243b5f1abfad3292347c51aa1914f63b48.tar.gz
[DEV] Make SSO return_url dependent on Rails environment (fixes #1)
Previously the return_url was hardcoded for all environments. It would create an issue where authentication outside of development would redirect to the wrong site. With the previous commit we introduced a staging environment and an environment-specific configuration file allowing to hardcode return_url for each environment. This commit fixes the proper capture of the SSO secret in the current configuration and introduces an SSO::MissingSecretError class that is raised when there's no configured secret. https://gitlab.com/incommon.cc/incommon-map/-/issues/1
Diffstat (limited to 'app')
-rw-r--r--app/lib/sso/from_discourse.rb13
1 files changed, 8 insertions, 5 deletions
diff --git a/app/lib/sso/from_discourse.rb b/app/lib/sso/from_discourse.rb
index 8c5eea7..7af7173 100644
--- a/app/lib/sso/from_discourse.rb
+++ b/app/lib/sso/from_discourse.rb
@@ -5,6 +5,8 @@
# frozen_string_literal: true
module SSO
+ class MissingSecretError < ArgumentError; end
+
class FromDiscourse
attr_accessor :nonce, :token
attr_reader :request_uri, :user_info, :status
@@ -91,17 +93,18 @@ module SSO
end
def mac_signature(payload = b64_payload)
- OpenSSL::HMAC.hexdigest('SHA256', self.class.config[:sso_secret], payload)
+ OpenSSL::HMAC.hexdigest('SHA256', sso_secret, payload)
end
def sso_secret
@sso_secret = begin
- self.class.config[:sso_secret].presence ||
- Rails.application.credentials.sso_secret ||
- raise
+ self.class.config[:sso_secret] ||
+ Rails.application.credentials.sso_secret
rescue MissingConstant
- raise("Missing SSO Secret! Please set `SSO::FromDiscourse.config[:sso_secret]`")
+ nil
end
+ raise SSO::MissingSecretError if @sso_secret.nil?
+ self.class.config[:sso_secret] ||= @sso_secret
end
end
end