From 02283fe4979ad055a20131166628a32b3c152897 Mon Sep 17 00:00:00 2001 From: IN COMMON Collective Date: Fri, 26 Mar 2021 15:24:16 +0100 Subject: [DEV] WIP: explore sso login alternative --- app/controllers/application_controller.rb | 1 + app/controllers/welcome_controller.rb | 2 +- app/lib/sso/from_discourse.rb | 14 ++++++++++++-- 3 files changed, 14 insertions(+), 3 deletions(-) (limited to 'app') diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 1eff1a9..25700af 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,6 +4,7 @@ class ApplicationController < ActionController::Base require 'sso' + SSO::FromDiscourse.config = Rails.configuration.sso before_action :current_user diff --git a/app/controllers/welcome_controller.rb b/app/controllers/welcome_controller.rb index ad9cd95..d5f5fe9 100644 --- a/app/controllers/welcome_controller.rb +++ b/app/controllers/welcome_controller.rb @@ -6,7 +6,7 @@ class WelcomeController < ApplicationController # GET / def index @map = Map.first - @taxonomy = @map.taxonomy + @taxonomy = @map&.taxonomy @resources = Resource.order(:uuid).page params[:page] Rails.logger.info "WECLOME ///// #{@resources&.count || 0}" end diff --git a/app/lib/sso/from_discourse.rb b/app/lib/sso/from_discourse.rb index 94969c9..8c5eea7 100644 --- a/app/lib/sso/from_discourse.rb +++ b/app/lib/sso/from_discourse.rb @@ -14,12 +14,12 @@ module SSO # This is a hash: # SSO::FromDiscourse.config = { # sso_url: 'https://talk.incommon.cc/session/sso_provider', - # return_url: "#{API_ROOT_URL}/my/account", + # return_url: 'https://incommon-map.example/authenticate', # sso_secret: Rails.application.credentials.sso_secret, # } # In config/routes.rb: # ... - # get 'my/account/:token' => 'authentications#sso_login' + # get 'authenticate/(:token)' => 'authentications#sso_login' attr_accessor :config end @@ -93,5 +93,15 @@ module SSO def mac_signature(payload = b64_payload) OpenSSL::HMAC.hexdigest('SHA256', self.class.config[:sso_secret], payload) end + + def sso_secret + @sso_secret = begin + self.class.config[:sso_secret].presence || + Rails.application.credentials.sso_secret || + raise + rescue MissingConstant + raise("Missing SSO Secret! Please set `SSO::FromDiscourse.config[:sso_secret]`") + end + end end end -- cgit v1.2.3 From 3c6561243b5f1abfad3292347c51aa1914f63b48 Mon Sep 17 00:00:00 2001 From: IN COMMON Collective Date: Fri, 9 Apr 2021 12:22:22 +0200 Subject: [DEV] Make SSO return_url dependent on Rails environment (fixes #1) Previously the return_url was hardcoded for all environments. It would create an issue where authentication outside of development would redirect to the wrong site. With the previous commit we introduced a staging environment and an environment-specific configuration file allowing to hardcode return_url for each environment. This commit fixes the proper capture of the SSO secret in the current configuration and introduces an SSO::MissingSecretError class that is raised when there's no configured secret. https://gitlab.com/incommon.cc/incommon-map/-/issues/1 --- app/lib/sso/from_discourse.rb | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'app') diff --git a/app/lib/sso/from_discourse.rb b/app/lib/sso/from_discourse.rb index 8c5eea7..7af7173 100644 --- a/app/lib/sso/from_discourse.rb +++ b/app/lib/sso/from_discourse.rb @@ -5,6 +5,8 @@ # frozen_string_literal: true module SSO + class MissingSecretError < ArgumentError; end + class FromDiscourse attr_accessor :nonce, :token attr_reader :request_uri, :user_info, :status @@ -91,17 +93,18 @@ module SSO end def mac_signature(payload = b64_payload) - OpenSSL::HMAC.hexdigest('SHA256', self.class.config[:sso_secret], payload) + OpenSSL::HMAC.hexdigest('SHA256', sso_secret, payload) end def sso_secret @sso_secret = begin - self.class.config[:sso_secret].presence || - Rails.application.credentials.sso_secret || - raise + self.class.config[:sso_secret] || + Rails.application.credentials.sso_secret rescue MissingConstant - raise("Missing SSO Secret! Please set `SSO::FromDiscourse.config[:sso_secret]`") + nil end + raise SSO::MissingSecretError if @sso_secret.nil? + self.class.config[:sso_secret] ||= @sso_secret end end end -- cgit v1.2.3 From 4375650ea0788ae6b2a390b10ca6679d67dfc7a3 Mon Sep 17 00:00:00 2001 From: IN COMMON Collective Date: Fri, 9 Apr 2021 12:28:31 +0200 Subject: [DOC] Indicate when JavaScript is disabled. --- app/views/welcome/index.html.erb | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'app') diff --git a/app/views/welcome/index.html.erb b/app/views/welcome/index.html.erb index ca0245a..b849e13 100644 --- a/app/views/welcome/index.html.erb +++ b/app/views/welcome/index.html.erb @@ -9,6 +9,14 @@

Cette application vous permet de visualiser les données recensées par le soin de nos Agents concernant les ressources partagées notamment sur le territoire Belge. Elle permet également l'édition de ces données afin de les maintenir toujours au plus près de la situation réelle et actuelle.

Si vous désirez rejoindre un Agent ou pourquoi pas en créer un, merci de consulter la Charte IN COMMON et, s'il vous plaît, de rejoindre la conversation.

+ + + <% content_for :aside do %>
-- cgit v1.2.3