Added sso feature.

This commit is contained in:
Martin Edenhofer 2013-02-17 19:28:32 +01:00
parent 5b9ba8611d
commit 9e6cf750b3
7 changed files with 101 additions and 6 deletions

View file

@ -113,6 +113,17 @@ class ApplicationController < ActionController::Base
}
end
# check sso
if !session[:user_id]
user = User.sso(params)
# Log the authorizing user in.
if user
session[:user_id] = user.id
end
end
# return auth not ok (no session exists)
if !session[:user_id]
message = 'no valid session, user_id'

View file

@ -111,7 +111,7 @@ class SessionsController < ApplicationController
logger.info("AUTH IS NULL, SERVICE NOT LINKED TO ACCOUNT")
# redirect to app
redirect_to '/app'
redirect_to '/'
end
# Create a new user or add an auth to existing user, depending on
@ -128,7 +128,19 @@ class SessionsController < ApplicationController
session[:user_id] = authorization.user.id
# redirect to app
redirect_to '/app'
redirect_to '/'
end
def create_sso
user = User.sso(params)
# Log the authorizing user in.
if user
session[:user_id] = user.id
end
# redirect to app
redirect_to '/#'
end
end

View file

@ -103,6 +103,47 @@ class User < ApplicationModel
return user_auth
end
def self.sso(params)
# use auth backends
config = [
{
:adapter => 'env',
},
{
:adapter => 'otrs',
},
]
# Setting.where( :area => 'Security::Authentication' ).each {|setting|
# if setting.state[:value]
# config.push setting.state[:value]
# end
# }
# try to login against configure auth backends
user_auth = nil
config.each {|config_item|
file = "sso/#{config_item[:adapter]}"
require file
user_auth = SSO.const_get("#{config_item[:adapter].to_s.upcase}").check( params, config_item )
# auth ok
if user_auth
# remember last login date
user_auth.update_last_login
# reset login failed
user_auth.login_failed = 0
user_auth.save
return user_auth
end
}
return false
end
def self.create_from_hash!(hash)
url = ''
if hash['info']['urls'] then

View file

@ -4,6 +4,9 @@ module ExtraRoutes
# omniauth
map.match '/auth/:provider/callback', :to => 'sessions#create_omniauth'
# sso
map.match '/auth/sso', :to => 'sessions#create_sso'
# sessions
map.match '/signin', :to => 'sessions#create'
map.match '/signshow', :to => 'sessions#show'

View file

@ -52,6 +52,15 @@ module Import::OTRS
return result
end
def self.session(session_id)
response = post( "public.pl", { :Action => 'Export', :Type => 'SessionCheck', :SessionID => session_id } )
return if !response
return if response.code.to_s != '200'
result = json(response)
return result
end
def self.start
puts 'Start import...'
@ -257,7 +266,7 @@ module Import::OTRS
:email => email,
:password => '',
:active => true,
:roles => roles,
:role_ids => [roles.id],
:updated_by_id => 1,
:created_by_id => 1,
)

View file

@ -1,7 +1,7 @@
module Auth
module SSO
end
module Auth::ENV
def self.check( username, password, config, user )
module SSO::ENV
def self.check( params, config_item )
# try to find user based on login
if ENV['REMOTE_USER']

19
lib/sso/otrs.rb Normal file
View file

@ -0,0 +1,19 @@
module SSO
end
module SSO::OTRS
def self.check( params, config_item )
endpoint = Setting.get('import_otrs_endpoint')
return false if !endpoint || endpoint.empty? || endpoint == 'http://otrs_host/otrs'
return false if !params['SessionID']
# connect to OTRS
result = Import::OTRS.session( params['SessionID'] )
return false if !result
user = User.where( :login => result['UserLogin'], :active => true ).first
return user if user
return false
end
end