Merge branch 'sso-login' into mainHEADmain

4 files changed, 26 insertions, 4 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1eff1a9..25700af 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -4,6 +4,7 @@
 
 class ApplicationController < ActionController::Base
   require 'sso'
+  SSO::FromDiscourse.config = Rails.configuration.sso
 
   before_action :current_user
 
diff --git a/app/controllers/welcome_controller.rb b/app/controllers/welcome_controller.rb
index ad9cd95..d5f5fe9 100644
--- a/app/controllers/welcome_controller.rb
+++ b/app/controllers/welcome_controller.rb
@@ -6,7 +6,7 @@ class WelcomeController < ApplicationController
   # GET /
   def index
     @map       = Map.first
-    @taxonomy  = @map.taxonomy
+    @taxonomy  = @map&.taxonomy
     @resources = Resource.order(:uuid).page params[:page]
     Rails.logger.info "WECLOME ///// #{@resources&.count || 0}"
   end
diff --git a/app/lib/sso/from_discourse.rb b/app/lib/sso/from_discourse.rb
index 94969c9..7af7173 100644
--- a/app/lib/sso/from_discourse.rb
+++ b/app/lib/sso/from_discourse.rb
@@ -5,6 +5,8 @@
 # frozen_string_literal: true
 
 module SSO
+  class MissingSecretError < ArgumentError; end
+
   class FromDiscourse
     attr_accessor :nonce, :token
     attr_reader   :request_uri, :user_info, :status
@@ -14,12 +16,12 @@ module SSO
       # This is a hash:
       # SSO::FromDiscourse.config = {
       #   sso_url: 'https://talk.incommon.cc/session/sso_provider',
-      #   return_url: "#{API_ROOT_URL}/my/account",
+      #   return_url: 'https://incommon-map.example/authenticate',
       #   sso_secret: Rails.application.credentials.sso_secret,
       # }
       # In config/routes.rb:
       # ...
-      # get 'my/account/:token' => 'authentications#sso_login'
+      # get 'authenticate/(:token)' => 'authentications#sso_login'
       attr_accessor :config
     end
 
@@ -91,7 +93,18 @@ module SSO
     end
 
     def mac_signature(payload = b64_payload)
-      OpenSSL::HMAC.hexdigest('SHA256', self.class.config[:sso_secret], payload)
+      OpenSSL::HMAC.hexdigest('SHA256', sso_secret, payload)
+    end
+
+    def sso_secret
+      @sso_secret = begin
+                      self.class.config[:sso_secret] ||
+                        Rails.application.credentials.sso_secret
+                    rescue MissingConstant
+                      nil
+                    end
+      raise SSO::MissingSecretError if @sso_secret.nil?
+      self.class.config[:sso_secret] ||= @sso_secret
     end
   end
 end
diff --git a/app/views/welcome/index.html.erb b/app/views/welcome/index.html.erb
index ca0245a..b849e13 100644
--- a/app/views/welcome/index.html.erb
+++ b/app/views/welcome/index.html.erb
@@ -9,6 +9,14 @@
     <p>Cette application vous permet de visualiser les données recensées par le soin de nos Agents concernant les ressources partagées notamment sur le territoire Belge. Elle permet également l'édition de ces données afin de les maintenir toujours au plus près de la situation réelle et actuelle.</p>
     <p>Si vous désirez rejoindre un Agent ou pourquoi pas en créer un, merci de consulter <a href="https://talk.incommon.cc/pub/charte-incommon">la Charte IN COMMON</a> et, s'il vous plaît, de <a href="https://talk.incommon.cc">rejoindre la conversation</a>.</p>
 </section>
+
+<noscript>
+    <section class="hidden" lang="fr">
+        <h3>Attention !</h3>
+        <p>JavaScript est désactivé pour ce site : la visualisation de la carte requiert son activation.</p>
+    </section>
+</noscript>
+
 <% content_for :aside do %>
     <div data-controller="taxonomy" data-taxonomy-uuid="<%= @taxonomy.to_param %>">
         <div class="leaflet-bar leaftlet-control" id="taxonomy-toggle">