2019-01-31 17:15:26 +01:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-03-23 18:39:41 +01:00
|
|
|
require 'omniauth-oauth2'
|
2021-12-20 13:40:19 +01:00
|
|
|
require 'jsonpath'
|
2022-01-17 15:24:07 +01:00
|
|
|
require 'sso_logger'
|
2022-04-20 14:12:22 +02:00
|
|
|
require_relative '../data_mapping/mapper'
|
2016-03-23 18:39:41 +01:00
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
module OmniAuth::Strategies
|
|
|
|
# Authentication strategy provided trough oAuth 2.0
|
|
|
|
class SsoOauth2Provider < OmniAuth::Strategies::OAuth2
|
2022-04-20 14:12:22 +02:00
|
|
|
include OmniAuth::DataMapping::Mapper
|
2016-03-23 18:39:41 +01:00
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
def self.active_provider
|
|
|
|
active_provider = AuthProvider.active
|
|
|
|
if active_provider.providable_type != OAuth2Provider.name
|
|
|
|
raise "Trying to instantiate the wrong provider: Expected OAuth2Provider, received #{active_provider.providable_type}"
|
2016-03-23 18:39:41 +01:00
|
|
|
end
|
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
active_provider
|
|
|
|
end
|
2016-03-23 18:39:41 +01:00
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
# Strategy name.
|
|
|
|
option :name, active_provider.strategy_name
|
2016-03-23 18:39:41 +01:00
|
|
|
|
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
option :client_options,
|
2019-01-31 17:22:23 +01:00
|
|
|
site: active_provider.providable.base_url,
|
|
|
|
authorize_url: active_provider.providable.authorization_endpoint,
|
|
|
|
token_url: active_provider.providable.token_endpoint
|
2016-03-23 18:39:41 +01:00
|
|
|
|
2021-11-02 11:24:10 +01:00
|
|
|
def authorize_params
|
|
|
|
super.tap do |params|
|
2022-06-07 15:23:11 +02:00
|
|
|
params[:scope] = OmniAuth::Strategies::SsoOauth2Provider.active_provider.providable.scopes
|
2021-11-02 11:24:10 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-10-02 16:06:27 +02:00
|
|
|
def callback_url
|
|
|
|
url = Rails.application.config.action_controller.default_url_options
|
|
|
|
"#{url[:protocol]}://#{url[:host]}#{script_name}#{callback_path}"
|
|
|
|
end
|
2016-03-23 18:39:41 +01:00
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
uid { parsed_info['user.uid'.to_sym] }
|
2016-03-23 18:39:41 +01:00
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
info do
|
|
|
|
{
|
|
|
|
mapping: parsed_info
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
extra do
|
|
|
|
{
|
|
|
|
raw_info: raw_info
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
# retrieve data from various url, querying each only once
|
|
|
|
def raw_info
|
2022-01-17 15:24:07 +01:00
|
|
|
logger = SsoLogger.new
|
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
@raw_info ||= {}
|
2022-01-17 15:24:07 +01:00
|
|
|
logger.debug "[raw_info] @raw_infos = #{@raw_info&.to_json}"
|
2019-01-31 17:15:26 +01:00
|
|
|
unless @raw_info.size.positive?
|
2022-03-28 19:50:36 +02:00
|
|
|
OmniAuth::Strategies::SsoOauth2Provider.active_provider.auth_provider_mappings.each do |mapping|
|
2022-01-17 15:24:07 +01:00
|
|
|
logger.debug "mapping = #{mapping&.to_json}"
|
|
|
|
next if @raw_info.key?(mapping.api_endpoint.to_sym)
|
|
|
|
|
|
|
|
logger.debug "api_endpoint = #{mapping.api_endpoint.to_sym}"
|
|
|
|
logger.debug "access_token = #{access_token&.to_json}"
|
|
|
|
logger.debug "token get = #{access_token.get(mapping.api_endpoint)}"
|
|
|
|
logger.debug "parsed = #{access_token.get(mapping.api_endpoint).parsed}"
|
|
|
|
@raw_info[mapping.api_endpoint.to_sym] = access_token.get(mapping.api_endpoint).parsed
|
2016-03-23 18:39:41 +01:00
|
|
|
end
|
|
|
|
end
|
2019-01-31 17:15:26 +01:00
|
|
|
@raw_info
|
|
|
|
end
|
2016-03-23 18:39:41 +01:00
|
|
|
|
2019-01-31 17:15:26 +01:00
|
|
|
def parsed_info
|
2022-04-20 14:12:22 +02:00
|
|
|
mapped_info(OmniAuth::Strategies::SsoOauth2Provider.active_provider.auth_provider_mappings, raw_info)
|
2016-03-23 18:39:41 +01:00
|
|
|
end
|
|
|
|
end
|
2019-01-31 17:15:26 +01:00
|
|
|
end
|