Added sso feature.
This commit is contained in:
parent
5b9ba8611d
commit
9e6cf750b3
7 changed files with 101 additions and 6 deletions
|
@ -113,6 +113,17 @@ class ApplicationController < ActionController::Base
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# check sso
|
||||||
|
if !session[:user_id]
|
||||||
|
|
||||||
|
user = User.sso(params)
|
||||||
|
|
||||||
|
# Log the authorizing user in.
|
||||||
|
if user
|
||||||
|
session[:user_id] = user.id
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
# return auth not ok (no session exists)
|
# return auth not ok (no session exists)
|
||||||
if !session[:user_id]
|
if !session[:user_id]
|
||||||
message = 'no valid session, user_id'
|
message = 'no valid session, user_id'
|
||||||
|
|
|
@ -111,7 +111,7 @@ class SessionsController < ApplicationController
|
||||||
logger.info("AUTH IS NULL, SERVICE NOT LINKED TO ACCOUNT")
|
logger.info("AUTH IS NULL, SERVICE NOT LINKED TO ACCOUNT")
|
||||||
|
|
||||||
# redirect to app
|
# redirect to app
|
||||||
redirect_to '/app'
|
redirect_to '/'
|
||||||
end
|
end
|
||||||
|
|
||||||
# Create a new user or add an auth to existing user, depending on
|
# Create a new user or add an auth to existing user, depending on
|
||||||
|
@ -128,7 +128,19 @@ class SessionsController < ApplicationController
|
||||||
session[:user_id] = authorization.user.id
|
session[:user_id] = authorization.user.id
|
||||||
|
|
||||||
# redirect to app
|
# redirect to app
|
||||||
redirect_to '/app'
|
redirect_to '/'
|
||||||
|
end
|
||||||
|
|
||||||
|
def create_sso
|
||||||
|
user = User.sso(params)
|
||||||
|
|
||||||
|
# Log the authorizing user in.
|
||||||
|
if user
|
||||||
|
session[:user_id] = user.id
|
||||||
|
end
|
||||||
|
|
||||||
|
# redirect to app
|
||||||
|
redirect_to '/#'
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
|
@ -103,6 +103,47 @@ class User < ApplicationModel
|
||||||
return user_auth
|
return user_auth
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def self.sso(params)
|
||||||
|
|
||||||
|
# use auth backends
|
||||||
|
config = [
|
||||||
|
{
|
||||||
|
:adapter => 'env',
|
||||||
|
},
|
||||||
|
{
|
||||||
|
:adapter => 'otrs',
|
||||||
|
},
|
||||||
|
]
|
||||||
|
# Setting.where( :area => 'Security::Authentication' ).each {|setting|
|
||||||
|
# if setting.state[:value]
|
||||||
|
# config.push setting.state[:value]
|
||||||
|
# end
|
||||||
|
# }
|
||||||
|
|
||||||
|
# try to login against configure auth backends
|
||||||
|
user_auth = nil
|
||||||
|
config.each {|config_item|
|
||||||
|
file = "sso/#{config_item[:adapter]}"
|
||||||
|
require file
|
||||||
|
user_auth = SSO.const_get("#{config_item[:adapter].to_s.upcase}").check( params, config_item )
|
||||||
|
|
||||||
|
# auth ok
|
||||||
|
if user_auth
|
||||||
|
|
||||||
|
# remember last login date
|
||||||
|
user_auth.update_last_login
|
||||||
|
|
||||||
|
# reset login failed
|
||||||
|
user_auth.login_failed = 0
|
||||||
|
user_auth.save
|
||||||
|
|
||||||
|
return user_auth
|
||||||
|
end
|
||||||
|
}
|
||||||
|
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
def self.create_from_hash!(hash)
|
def self.create_from_hash!(hash)
|
||||||
url = ''
|
url = ''
|
||||||
if hash['info']['urls'] then
|
if hash['info']['urls'] then
|
||||||
|
|
|
@ -4,6 +4,9 @@ module ExtraRoutes
|
||||||
# omniauth
|
# omniauth
|
||||||
map.match '/auth/:provider/callback', :to => 'sessions#create_omniauth'
|
map.match '/auth/:provider/callback', :to => 'sessions#create_omniauth'
|
||||||
|
|
||||||
|
# sso
|
||||||
|
map.match '/auth/sso', :to => 'sessions#create_sso'
|
||||||
|
|
||||||
# sessions
|
# sessions
|
||||||
map.match '/signin', :to => 'sessions#create'
|
map.match '/signin', :to => 'sessions#create'
|
||||||
map.match '/signshow', :to => 'sessions#show'
|
map.match '/signshow', :to => 'sessions#show'
|
||||||
|
|
|
@ -52,6 +52,15 @@ module Import::OTRS
|
||||||
return result
|
return result
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def self.session(session_id)
|
||||||
|
response = post( "public.pl", { :Action => 'Export', :Type => 'SessionCheck', :SessionID => session_id } )
|
||||||
|
return if !response
|
||||||
|
return if response.code.to_s != '200'
|
||||||
|
|
||||||
|
result = json(response)
|
||||||
|
return result
|
||||||
|
end
|
||||||
|
|
||||||
def self.start
|
def self.start
|
||||||
puts 'Start import...'
|
puts 'Start import...'
|
||||||
|
|
||||||
|
@ -257,7 +266,7 @@ module Import::OTRS
|
||||||
:email => email,
|
:email => email,
|
||||||
:password => '',
|
:password => '',
|
||||||
:active => true,
|
:active => true,
|
||||||
:roles => roles,
|
:role_ids => [roles.id],
|
||||||
:updated_by_id => 1,
|
:updated_by_id => 1,
|
||||||
:created_by_id => 1,
|
:created_by_id => 1,
|
||||||
)
|
)
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
module Auth
|
module SSO
|
||||||
end
|
end
|
||||||
module Auth::ENV
|
module SSO::ENV
|
||||||
def self.check( username, password, config, user )
|
def self.check( params, config_item )
|
||||||
|
|
||||||
# try to find user based on login
|
# try to find user based on login
|
||||||
if ENV['REMOTE_USER']
|
if ENV['REMOTE_USER']
|
19
lib/sso/otrs.rb
Normal file
19
lib/sso/otrs.rb
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
module SSO
|
||||||
|
end
|
||||||
|
module SSO::OTRS
|
||||||
|
def self.check( params, config_item )
|
||||||
|
|
||||||
|
endpoint = Setting.get('import_otrs_endpoint')
|
||||||
|
return false if !endpoint || endpoint.empty? || endpoint == 'http://otrs_host/otrs'
|
||||||
|
return false if !params['SessionID']
|
||||||
|
|
||||||
|
# connect to OTRS
|
||||||
|
result = Import::OTRS.session( params['SessionID'] )
|
||||||
|
return false if !result
|
||||||
|
|
||||||
|
user = User.where( :login => result['UserLogin'], :active => true ).first
|
||||||
|
return user if user
|
||||||
|
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue