# frozen_string_literal: true require 'omniauth-oauth2' module OmniAuth::Strategies # Authentication strategy provided trough oAuth 2.0 class SsoOauth2Provider < OmniAuth::Strategies::OAuth2 def self.active_provider active_provider = AuthProvider.active if active_provider.providable_type != OAuth2Provider.name raise "Trying to instantiate the wrong provider: Expected OAuth2Provider, received #{active_provider.providable_type}" end active_provider end # Strategy name. option :name, active_provider.strategy_name option :client_options, site: active_provider.providable.base_url, authorize_url: active_provider.providable.authorization_endpoint, token_url: active_provider.providable.token_endpoint def authorize_params super.tap do |params| params[:scope] = 'api://b8b974a0-ecee-45fd-89cc-91d8f09d7904/User.read' end end def callback_url url = Rails.application.config.action_controller.default_url_options "#{url[:protocol]}://#{url[:host]}#{script_name}#{callback_path}" end uid { parsed_info['user.uid'.to_sym] } info do { mapping: parsed_info } end extra do { raw_info: raw_info } end # retrieve data from various url, querying each only once def raw_info @raw_info ||= {} puts "[raw_info] @raw_infos = #{@raw_info&.to_json}" unless @raw_info.size.positive? OmniAuth::Strategies::SsoOauth2Provider.active_provider.providable.o_auth2_mappings.each do |mapping| puts "mapping = #{mapping&.to_json}" unless @raw_info.key?(mapping.api_endpoint.to_sym) puts "api_endpoint = #{mapping.api_endpoint.to_sym}" puts "access_token = #{access_token&.to_json}" puts "token get = #{access_token.get(mapping.api_endpoint)}" puts "parsed = #{access_token.get(mapping.api_endpoint).parsed}" @raw_info[mapping.api_endpoint.to_sym] = access_token.get(mapping.api_endpoint).parsed end end end @raw_info end def parsed_info @parsed_info ||= {} puts "[parsed_info] @parsed_info = #{@parsed_info.to_json}" unless @parsed_info.size.positive? OmniAuth::Strategies::SsoOauth2Provider.active_provider.providable.o_auth2_mappings.each do |mapping| if mapping.transformation case mapping.transformation['type'] ## INTEGER when 'integer' @parsed_info[local_sym(mapping)] = map_integer(mapping.transformation, mapping.api_endpoint.to_sym, mapping.api_field) ## BOOLEAN when 'boolean' @parsed_info[local_sym(mapping)] = map_boolean(mapping.transformation, mapping.api_endpoint.to_sym, mapping.api_field) ## DATE when 'date' @params[local_sym(mapping)] = map_date(mapping.transformation, mapping.api_endpoint.to_sym, mapping.api_field) ## OTHER TRANSFORMATIONS (not supported) else @parsed_info[local_sym(mapping)] = raw_info[mapping.api_endpoint.to_sym][mapping.api_field] end ## NO TRANSFORMATION else puts "@parsed_info[#{local_sym(mapping)}] found in #{raw_info[mapping.api_endpoint.to_sym]}" @parsed_info[local_sym(mapping)] = raw_info[mapping.api_endpoint.to_sym][mapping.api_field] end end end @parsed_info end private def local_sym(mapping) (mapping.local_model + '.' + mapping.local_field).to_sym end def map_integer(transformation, api_endpoint, api_field) value = nil transformation['mapping'].each do |m| if m['from'] == raw_info[api_endpoint][api_field] value = m['to'] break end end # if no transformation had set any value, return the raw value value || raw_info[api_endpoint.to_sym][api_field] end def map_boolean(transformation, api_endpoint, api_field) return false if raw_info[api_endpoint][api_field] == transformation['false_value'] true if raw_info[api_endpoint][api_field] == transformation['true_value'] end def map_date(transformation, api_endpoint, api_field) case transformation['format'] when 'iso8601' DateTime.iso8601(raw_info[api_endpoint][api_field]) when 'rfc2822' DateTime.rfc2822(raw_info[api_endpoint][api_field]) when 'rfc3339' DateTime.rfc3339(raw_info[api_endpoint][api_field]) when 'timestamp-s' DateTime.strptime(raw_info[api_endpoint][api_field], '%s') when 'timestamp-ms' DateTime.strptime(raw_info[api_endpoint][api_field], '%Q') else DateTime.parse(raw_info[api_endpoint][api_field]) end end end end