TheDude
/
openproject
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[40511] Retrieve user from login instead of passing it to session

Browse Source 
https://community.openproject.org/wp/40511
pull/10028/head
Oliver Günther 3 years ago
parent b6559273a7
commit 62c646af50
No known key found for this signature in database
GPG Key ID: A3A8BDAD7C0C552C
2 changed files with 23 additions and 24 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      app/controllers/account_controller.rb
  2. 44
      app/controllers/concerns/auth_source_sso.rb

3
app/controllers/account_controller.rb
Unescape View File

@ -269,7 +269,8 @@ class AccountController < ApplicationController
def auth_source_sso_failed
failure = session.delete :auth_source_sso_failure
user = failure[:user]
login = failure[:login]
user = find_user_from_auth_source(login) || create_user_from_auth_source(login)
if user.try(:new_record?)
return onthefly_creation_failed user, login: user.login, auth_source_id: user.auth_source_id

44
app/controllers/concerns/auth_source_sso.rb
Unescape View File

@ -114,30 +114,27 @@ module AuthSourceSSO
end
def create_user_from_auth_source(login)
if attrs = AuthSource.find_user(login)
# login is both safe and protected in chilis core code
# in case it's intentional we keep it that way
user = User.new attrs.except(:login)
user.login = login
user.language = Setting.default_language
attrs = AuthSource.find_user(login)
return unless attrs
save_user! user
call = Users::CreateService
.new(user: User.system)
.call(attrs.merge(login: login))
user
end
end
user = call.result
def save_user!(user)
if user.save
user.reload
call.on_success do
logger.info(
"User '#{user.login}' created from external auth source: " +
"#{user.auth_source.type} - #{user.auth_source.name}"
)
end
if logger && user.auth_source
logger.info(
"User '#{user.login}' created from external auth source: " +
"#{user.auth_source.type} - #{user.auth_source.name}"
)
end
call.on_failure do
logger.error "Tried to create user '#{login}' from external auth source but failed: #{call.message}"
end
user
end
def sso_in_progress!
@ -164,7 +161,7 @@ module AuthSourceSSO
def handle_sso_for!(user, login)
if sso_login_failed?(user)
handle_sso_failure!({ user: user, login: login })
handle_sso_failure!(login: login)
else
# valid user
# If a user is invited, ensure it gets activated
@ -196,11 +193,12 @@ module AuthSourceSSO
end
end
def handle_sso_failure!(session_args = {})
session[:auth_source_sso_failure] = session_args.merge(
def handle_sso_failure!(login: nil)
session[:auth_source_sso_failure] = {
login: login,
back_url: request.base_url + request.original_fullpath,
ttl: 1
)
}
redirect_to sso_failure_path
end

Write Preview
Loading…
Cancel
Save