Project

General

Profile

« Previous | Next » 

Revision 8ffa0b9a

Added by Jan Pazdziora over 10 years ago

fixes #3528 - Populate first name, last name, and email, if available.

View differences:

app/models/user.rb
end
end
def self.find_or_create_external_user(login, auth_source_name)
if (user = unscoped.find_by_login(login))
user.post_successful_login
def self.find_or_create_external_user(attrs, auth_source_name)
if (user = unscoped.find_by_login(attrs[:login]))
return true
elsif auth_source_name.nil?
return false
......
User.as :admin do
options = { :name => auth_source_name }
auth_source = AuthSource.where(options).first || AuthSourceExternal.create!(options)
user = User.create!(:login => login, :auth_source => auth_source)
user = User.create!(attrs.merge(:auth_source => auth_source))
user.post_successful_login
end
return true
app/services/sso/apache.rb
require 'iconv' if RUBY_VERSION.start_with?('1.8.')
module SSO
class Apache < Base
delegate :session, :to => :controller
CAS_USERNAME = 'REMOTE_USER'
ENV_TO_ATTR_MAPPING = {
'REMOTE_USER_EMAIL' => :mail,
'REMOTE_USER_FIRSTNAME' => :firstname,
'REMOTE_USER_LASTNAME' => :lastname,
}
def available?
return false unless Setting['authorize_login_delegation']
return false if controller.api_request? and not Setting['authorize_login_delegation_api']
......
# authenticate the user without using password.
def authenticated?
return false unless (self.user = request.env[CAS_USERNAME])
return false unless User.find_or_create_external_user(self.user, Setting['authorize_login_delegation_auth_source_user_autocreate'])
attrs = { :login => self.user }.merge(additional_attributes)
return false unless User.find_or_create_external_user(attrs, Setting['authorize_login_delegation_auth_source_user_autocreate'])
store
true
end
......
private
def additional_attributes
attrs = {}
ENV_TO_ATTR_MAPPING.each do |header, attribute|
if request.env.has_key?(header)
attrs[attribute] = convert_encoding(request.env[header].dup)
end
end
attrs
end
def convert_encoding(value)
if value.respond_to?(:force_encoding)
value.force_encoding(Encoding::UTF_8)
if not value.valid_encoding?
value.encode(Encoding::UTF_8, Encoding::ISO_8859_1, { :invalid => :replace, :replace => '-' }).force_encoding(Encoding::UTF_8)
end
else
Iconv.new('UTF-8//IGNORE', 'UTF-8').iconv(value) rescue value
end
value
end
def store
session[:sso_method] = self.class.to_s
end
test/unit/sso/apache_test.rb
# encoding: UTF-8
require 'test_helper'
class ApacheTest < ActiveSupport::TestCase
......
def test_authenticated?
Setting['authorize_login_delegation_auth_source_user_autocreate'] = 'apache'
apache = get_apache_method
apache.controller.request.env[SSO::Apache::CAS_USERNAME] = nil
apache.controller.request.env[SSO::Apache::CAS_USERNAME] = nil
assert !apache.authenticated?
apache.controller.request.env[SSO::Apache::CAS_USERNAME] = 'ares'
assert apache.authenticated?
end
def test_authenticated_passes_attributes
Setting['authorize_login_delegation_auth_source_user_autocreate'] = 'apache'
apache = get_apache_method
apache.controller.request.env[SSO::Apache::CAS_USERNAME] = 'ares'
apache.controller.request.env['REMOTE_USER_EMAIL'] = 'foobar@example.com'
apache.controller.request.env['REMOTE_USER_FIRSTNAME'] = 'Foo'
apache.controller.request.env['REMOTE_USER_LASTNAME'] = 'Bar'
User.expects(:find_or_create_external_user).
with({:login => 'ares', :mail => 'foobar@example.com', :firstname => 'Foo', :lastname => 'Bar'}, 'apache').
returns(true)
assert apache.authenticated?
end
def test_convert_encoding
apache = get_apache_method
assert apache.send(:convert_encoding, 'fó✗@e✗amp✓e.com')
end
def test_authenticate!
apache = get_apache_method
controller = apache.controller
test/unit/user_test.rb
test ".find_or_create_external_user" do
count = User.count
# existing user
assert User.find_or_create_external_user(users(:one).login, nil)
assert User.find_or_create_external_user({:login => users(:one).login}, nil)
assert_equal count, User.count
# not existing user without auth source specified
assert !User.find_or_create_external_user('not_existing_user', nil)
assert !User.find_or_create_external_user({:login => 'not_existing_user'}, nil)
assert_equal count, User.count
# not existing user with existing AuthSource
apache_source = AuthSourceExternal.find_or_create_by_name('apache_module')
source_count = AuthSource.count
assert User.find_or_create_external_user('not_existing_user', apache_source.name)
assert User.find_or_create_external_user({:login => 'not_existing_user'}, apache_source.name)
assert_equal count + 1, User.count
assert_equal source_count, AuthSource.count
user = User.find_by_login('not_existing_user')
assert_equal apache_source.name, user.auth_source.name
count = User.count
assert User.find_or_create_external_user('not_existing_user_2', 'new_external_source')
assert User.find_or_create_external_user({:login => 'not_existing_user_2'}, 'new_external_source')
assert_equal count + 1, User.count
assert_equal source_count + 1, AuthSource.count
user = User.find_by_login('not_existing_user_2')
new_source = AuthSourceExternal.find_by_name('new_external_source')
assert_equal new_source.name, user.auth_source.name
# with other attributes which gets saved as well
apache_source = AuthSourceExternal.find_or_create_by_name('apache_module')
assert User.find_or_create_external_user({:login => 'not_existing_user_3',
:mail => 'foobar@example.com',
:firstname => 'Foo',
:lastname => 'Bar'},
apache_source.name)
user = User.find_by_login('not_existing_user_3')
assert_equal 'foobar@example.com', user.mail
assert_equal 'Foo', user.firstname
assert_equal 'Bar', user.lastname
end

Also available in: Unified diff