Class: OmniAuth::Strategies::Discourse::SSO

Inherits:

Object

• Object
• OmniAuth::Strategies::Discourse::SSO

Defined in:

lib/omniauth/strategies/discourse/sso.rb

Instance Attribute Summary

• #message ⇒ Object

  Returns the value of attribute message.

• #nonce ⇒ Object

  Returns the value of attribute nonce.

• #status ⇒ Object

  Returns the value of attribute status.

• #user_info ⇒ Object

  Returns the value of attribute user_info.

Instance Method Summary

• #generate_nonce! ⇒ Object
• #initialize(sso_secret, sso_url, return_url, nonce = nil) ⇒ SSO constructor

  A new instance of SSO.

• #parse(params) ⇒ Object
• #request_url ⇒ Object

Constructor Details

#initialize(sso_secret, sso_url, return_url, nonce = nil) ⇒ SSO

Returns a new instance of SSO.

# File 'lib/omniauth/strategies/discourse/sso.rb', line 9

def initialize(sso_secret, sso_url, return_url, nonce = nil)
  @sso_secret, @sso_url, @return_url = sso_secret, sso_url, return_url
  @nonce = nonce ? nonce : generate_nonce!
end

Instance Attribute Details

#message ⇒ Object

Returns the value of attribute message.

# File 'lib/omniauth/strategies/discourse/sso.rb', line 7

def message
  @message
end

#nonce ⇒ Object

Returns the value of attribute nonce.

# File 'lib/omniauth/strategies/discourse/sso.rb', line 7

def nonce
  @nonce
end

#status ⇒ Object

Returns the value of attribute status.

# File 'lib/omniauth/strategies/discourse/sso.rb', line 7

def status
  @status
end

#user_info ⇒ Object

Returns the value of attribute user_info.

# File 'lib/omniauth/strategies/discourse/sso.rb', line 7

def user_info
  @user_info
end

Instance Method Details

#generate_nonce! ⇒ Object

# File 'lib/omniauth/strategies/discourse/sso.rb', line 14

def generate_nonce!
  SecureRandom.hex()
end

#parse(params) ⇒ Object

# File 'lib/omniauth/strategies/discourse/sso.rb', line 22

def parse(params)
  #params should be something that looks like: {"sso": "xxxxxx", "sig": "yyyyyy"} 
  if get_hmac_hex_string(params["sso"]) == params["sig"] 
    if base64? params["sso"]
      decoded_hash = Rack::Utils.parse_query(Base64.decode64(params["sso"]))
      decoded_hash.symbolize_keys!
      if decoded_hash[:nonce] == @nonce   
        @status = "success"
        decoded_hash.delete(:nonce)
        @user_info = decoded_hash
        @message = "SSO verification passed."
        return self
      else
        @status = "error"
        @user_info = nil
        @message = "SSO verification failed. Nonce mismatch."
        return nil
      end  
    else
      @status = "error"
      @user_info = nil
      @message = "The sso string is supposed to be encoded in Base64."
      return nil       
    end
  else
    @status = "error"
    @user_info = nil
    @message = "HMAC mismatch. The message may have been tampered with."
    return nil          
  end
end

#request_url ⇒ Object

# File 'lib/omniauth/strategies/discourse/sso.rb', line 18

def request_url
  "#{ @sso_url }?sso=#{ url_encoded_payload }&sig=#{ hex_signature }"
end