Added sso feature.
This commit is contained in:
parent
5b9ba8611d
commit
9e6cf750b3
7 changed files with 101 additions and 6 deletions
|
@ -113,6 +113,17 @@ class ApplicationController < ActionController::Base
|
|||
}
|
||||
end
|
||||
|
||||
# check sso
|
||||
if !session[:user_id]
|
||||
|
||||
user = User.sso(params)
|
||||
|
||||
# Log the authorizing user in.
|
||||
if user
|
||||
session[:user_id] = user.id
|
||||
end
|
||||
end
|
||||
|
||||
# return auth not ok (no session exists)
|
||||
if !session[:user_id]
|
||||
message = 'no valid session, user_id'
|
||||
|
|
|
@ -111,7 +111,7 @@ class SessionsController < ApplicationController
|
|||
logger.info("AUTH IS NULL, SERVICE NOT LINKED TO ACCOUNT")
|
||||
|
||||
# redirect to app
|
||||
redirect_to '/app'
|
||||
redirect_to '/'
|
||||
end
|
||||
|
||||
# Create a new user or add an auth to existing user, depending on
|
||||
|
@ -128,7 +128,19 @@ class SessionsController < ApplicationController
|
|||
session[:user_id] = authorization.user.id
|
||||
|
||||
# redirect to app
|
||||
redirect_to '/app'
|
||||
redirect_to '/'
|
||||
end
|
||||
|
||||
def create_sso
|
||||
user = User.sso(params)
|
||||
|
||||
# Log the authorizing user in.
|
||||
if user
|
||||
session[:user_id] = user.id
|
||||
end
|
||||
|
||||
# redirect to app
|
||||
redirect_to '/#'
|
||||
end
|
||||
|
||||
end
|
|
@ -103,6 +103,47 @@ class User < ApplicationModel
|
|||
return user_auth
|
||||
end
|
||||
|
||||
def self.sso(params)
|
||||
|
||||
# use auth backends
|
||||
config = [
|
||||
{
|
||||
:adapter => 'env',
|
||||
},
|
||||
{
|
||||
:adapter => 'otrs',
|
||||
},
|
||||
]
|
||||
# Setting.where( :area => 'Security::Authentication' ).each {|setting|
|
||||
# if setting.state[:value]
|
||||
# config.push setting.state[:value]
|
||||
# end
|
||||
# }
|
||||
|
||||
# try to login against configure auth backends
|
||||
user_auth = nil
|
||||
config.each {|config_item|
|
||||
file = "sso/#{config_item[:adapter]}"
|
||||
require file
|
||||
user_auth = SSO.const_get("#{config_item[:adapter].to_s.upcase}").check( params, config_item )
|
||||
|
||||
# auth ok
|
||||
if user_auth
|
||||
|
||||
# remember last login date
|
||||
user_auth.update_last_login
|
||||
|
||||
# reset login failed
|
||||
user_auth.login_failed = 0
|
||||
user_auth.save
|
||||
|
||||
return user_auth
|
||||
end
|
||||
}
|
||||
|
||||
return false
|
||||
end
|
||||
|
||||
def self.create_from_hash!(hash)
|
||||
url = ''
|
||||
if hash['info']['urls'] then
|
||||
|
|
|
@ -4,6 +4,9 @@ module ExtraRoutes
|
|||
# omniauth
|
||||
map.match '/auth/:provider/callback', :to => 'sessions#create_omniauth'
|
||||
|
||||
# sso
|
||||
map.match '/auth/sso', :to => 'sessions#create_sso'
|
||||
|
||||
# sessions
|
||||
map.match '/signin', :to => 'sessions#create'
|
||||
map.match '/signshow', :to => 'sessions#show'
|
||||
|
|
|
@ -52,6 +52,15 @@ module Import::OTRS
|
|||
return result
|
||||
end
|
||||
|
||||
def self.session(session_id)
|
||||
response = post( "public.pl", { :Action => 'Export', :Type => 'SessionCheck', :SessionID => session_id } )
|
||||
return if !response
|
||||
return if response.code.to_s != '200'
|
||||
|
||||
result = json(response)
|
||||
return result
|
||||
end
|
||||
|
||||
def self.start
|
||||
puts 'Start import...'
|
||||
|
||||
|
@ -257,7 +266,7 @@ module Import::OTRS
|
|||
:email => email,
|
||||
:password => '',
|
||||
:active => true,
|
||||
:roles => roles,
|
||||
:role_ids => [roles.id],
|
||||
:updated_by_id => 1,
|
||||
:created_by_id => 1,
|
||||
)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
module Auth
|
||||
module SSO
|
||||
end
|
||||
module Auth::ENV
|
||||
def self.check( username, password, config, user )
|
||||
module SSO::ENV
|
||||
def self.check( params, config_item )
|
||||
|
||||
# try to find user based on login
|
||||
if ENV['REMOTE_USER']
|
19
lib/sso/otrs.rb
Normal file
19
lib/sso/otrs.rb
Normal file
|
@ -0,0 +1,19 @@
|
|||
module SSO
|
||||
end
|
||||
module SSO::OTRS
|
||||
def self.check( params, config_item )
|
||||
|
||||
endpoint = Setting.get('import_otrs_endpoint')
|
||||
return false if !endpoint || endpoint.empty? || endpoint == 'http://otrs_host/otrs'
|
||||
return false if !params['SessionID']
|
||||
|
||||
# connect to OTRS
|
||||
result = Import::OTRS.session( params['SessionID'] )
|
||||
return false if !result
|
||||
|
||||
user = User.where( :login => result['UserLogin'], :active => true ).first
|
||||
return user if user
|
||||
|
||||
return false
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue