aboutsummaryrefslogtreecommitdiff
path: root/app/lib
diff options
context:
space:
mode:
Diffstat (limited to 'app/lib')
-rw-r--r--app/lib/sso/from_discourse.rb19
1 files changed, 16 insertions, 3 deletions
diff --git a/app/lib/sso/from_discourse.rb b/app/lib/sso/from_discourse.rb
index 94969c9..7af7173 100644
--- a/app/lib/sso/from_discourse.rb
+++ b/app/lib/sso/from_discourse.rb
@@ -5,6 +5,8 @@
# frozen_string_literal: true
module SSO
+ class MissingSecretError < ArgumentError; end
+
class FromDiscourse
attr_accessor :nonce, :token
attr_reader :request_uri, :user_info, :status
@@ -14,12 +16,12 @@ module SSO
# This is a hash:
# SSO::FromDiscourse.config = {
# sso_url: 'https://talk.incommon.cc/session/sso_provider',
- # return_url: "#{API_ROOT_URL}/my/account",
+ # return_url: 'https://incommon-map.example/authenticate',
# sso_secret: Rails.application.credentials.sso_secret,
# }
# In config/routes.rb:
# ...
- # get 'my/account/:token' => 'authentications#sso_login'
+ # get 'authenticate/(:token)' => 'authentications#sso_login'
attr_accessor :config
end
@@ -91,7 +93,18 @@ module SSO
end
def mac_signature(payload = b64_payload)
- OpenSSL::HMAC.hexdigest('SHA256', self.class.config[:sso_secret], payload)
+ OpenSSL::HMAC.hexdigest('SHA256', sso_secret, payload)
+ end
+
+ def sso_secret
+ @sso_secret = begin
+ self.class.config[:sso_secret] ||
+ Rails.application.credentials.sso_secret
+ rescue MissingConstant
+ nil
+ end
+ raise SSO::MissingSecretError if @sso_secret.nil?
+ self.class.config[:sso_secret] ||= @sso_secret
end
end
end