-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f1d32cc
commit 4860293
Showing
8 changed files
with
126 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
|
||
# frozen_string_literal: true | ||
class OmniauthController < Devise::SessionsController | ||
def new | ||
Rails.logger.debug "SessionsController#new: request.referer = #{request.referer}" | ||
if Rails.env.production? || Rails.env.stage? | ||
redirect_to user_shibboleth_omniauth_authorize_path | ||
else | ||
super | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
# frozen_string_literal: true | ||
class OmniauthcallbacksController < Devise::OmniauthCallbacksController | ||
# handle omniauth logins from shibboleth | ||
def shibboleth | ||
# auth_headers = %w(HTTP_AFFILIATION HTTP_AUTH_TYPE HTTP_COOKIE HTTP_HOST | ||
# HTTP_PERSISTENT_ID HTTP_EPPN HTTP_REMOTE_USER HTTP_SHIB_APPLICATION_ID | ||
# HTTP_SHIB_AUTHENTICATION_INSTANT HTTP_SHIB_AUTHENTICATION_METHOD | ||
# HTTP_SHIB_AUTHNCONTEXT_CLASS HTTP_SHIB_HANDLER HTTP_SHIB_IDENTITY_PROVIDER | ||
# HTTP_SHIB_SESSION_ID HTTP_SHIB_SESSION_INDEX HTTP_UNSCOPED_AFFILIATION) | ||
# | ||
auth_headers = { | ||
uid: 'uid', | ||
shib_session_id: 'Shib-Session-ID', | ||
shib_application_id: 'Shib-Application-ID', | ||
provider: 'Shib-Identity-Provider', | ||
name: 'displayName', | ||
mail: 'mail' | ||
} | ||
auth = {} | ||
# Rails.logger.warn "request = #{request.env.inspect}" | ||
auth_headers.each do |k, v| | ||
auth[k] = request.env[v] | ||
end | ||
# Rails.logger.warn "request2 = #{auth.inspect}" | ||
# if auth.fetch('unscoped_affiliation', nil) | ||
# auth['affiliation'] = auth['unscoped_affiliation'].split(';').map(&:strip) | ||
# end | ||
auth.delete_if { |_k, v| v.blank? } | ||
@user = User.from_omniauth(auth) | ||
# capture data about the user from shib | ||
# session['shib_user_data'] = auth | ||
# sign_in_and_redirect @user, event: :authentication | ||
set_flash_message :notice, :success, kind: "Shibboleth" | ||
# logger.warn "auth_type :: #{current_user.inspect}" | ||
# logger.warn "#{request.env["omniauth.auth"]}" | ||
sign_in_and_redirect @user | ||
end | ||
|
||
## when shib login fails | ||
def failure | ||
## redirect them to the devise local login page | ||
# redirect_to new_local_user_session_path, :notice => "Shibboleth isn't available - local login only" | ||
redirect_to root_path, notice: "Shibboleth isn't available - local login only" | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
class AddColumnToUsers < ActiveRecord::Migration[5.2] | ||
def change | ||
add_column :users, :provider, :string | ||
end | ||
end |