2011-09-26 12:44:17 -04:00
|
|
|
require 'hashie/mash'
|
2011-09-03 14:08:07 -04:00
|
|
|
|
|
|
|
module OmniAuth
|
|
|
|
class NoSessionError < StandardError; end
|
|
|
|
# The Strategy is the base unit of OmniAuth's ability to
|
|
|
|
# wrangle multiple providers. Each strategy provided by
|
|
|
|
# OmniAuth includes this mixin to gain the default functionality
|
|
|
|
# necessary to be compatible with the OmniAuth library.
|
2015-05-25 05:25:12 -04:00
|
|
|
module Strategy # rubocop:disable ModuleLength
|
2011-09-03 14:08:07 -04:00
|
|
|
def self.included(base)
|
|
|
|
OmniAuth.strategies << base
|
2011-09-27 20:52:43 -04:00
|
|
|
|
|
|
|
base.extend ClassMethods
|
2011-09-03 14:08:07 -04:00
|
|
|
base.class_eval do
|
2011-09-27 20:52:43 -04:00
|
|
|
option :setup, false
|
|
|
|
option :skip_info, false
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2011-09-26 12:44:17 -04:00
|
|
|
module ClassMethods
|
|
|
|
# Returns an inherited set of default options set at the class-level
|
|
|
|
# for each strategy.
|
|
|
|
def default_options
|
2013-01-10 12:13:52 -05:00
|
|
|
return @default_options if instance_variable_defined?(:@default_options) && @default_options
|
2011-09-26 12:44:17 -04:00
|
|
|
existing = superclass.respond_to?(:default_options) ? superclass.default_options : {}
|
|
|
|
@default_options = OmniAuth::Strategy::Options.new(existing)
|
|
|
|
end
|
|
|
|
|
|
|
|
# This allows for more declarative subclassing of strategies by allowing
|
|
|
|
# default options to be set using a simple configure call.
|
|
|
|
#
|
|
|
|
# @param options [Hash] If supplied, these will be the default options (deep-merged into the superclass's default options).
|
|
|
|
# @yield [Options] The options Mash that allows you to set your defaults as you'd like.
|
|
|
|
#
|
|
|
|
# @example Using a yield to configure the default options.
|
|
|
|
#
|
|
|
|
# class MyStrategy
|
|
|
|
# include OmniAuth::Strategy
|
|
|
|
#
|
|
|
|
# configure do |c|
|
|
|
|
# c.foo = 'bar'
|
|
|
|
# end
|
|
|
|
# end
|
|
|
|
#
|
|
|
|
# @example Using a hash to configure the default options.
|
|
|
|
#
|
|
|
|
# class MyStrategy
|
|
|
|
# include OmniAuth::Strategy
|
|
|
|
# configure foo: 'bar'
|
|
|
|
# end
|
|
|
|
def configure(options = nil)
|
2013-03-14 12:38:21 -04:00
|
|
|
if block_given?
|
|
|
|
yield default_options
|
|
|
|
else
|
|
|
|
default_options.deep_merge!(options)
|
|
|
|
end
|
2011-09-26 12:44:17 -04:00
|
|
|
end
|
2011-09-26 13:11:41 -04:00
|
|
|
|
|
|
|
# Directly declare a default option for your class. This is a useful from
|
|
|
|
# a documentation perspective as it provides a simple line-by-line analysis
|
|
|
|
# of the kinds of options your strategy provides by default.
|
|
|
|
#
|
|
|
|
# @param name [Symbol] The key of the default option in your configuration hash.
|
|
|
|
# @param value [Object] The value your object defaults to. Nil if not provided.
|
|
|
|
#
|
|
|
|
# @example
|
|
|
|
#
|
|
|
|
# class MyStrategy
|
|
|
|
# include OmniAuth::Strategy
|
|
|
|
#
|
|
|
|
# option :foo, 'bar'
|
2013-01-25 13:24:52 -05:00
|
|
|
# option
|
2011-09-26 13:11:41 -04:00
|
|
|
# end
|
|
|
|
def option(name, value = nil)
|
|
|
|
default_options[name] = value
|
|
|
|
end
|
2011-09-26 23:44:52 -04:00
|
|
|
|
|
|
|
# Sets (and retrieves) option key names for initializer arguments to be
|
|
|
|
# recorded as. This takes care of 90% of the use cases for overriding
|
|
|
|
# the initializer in OmniAuth Strategies.
|
|
|
|
def args(args = nil)
|
2013-01-10 12:13:52 -05:00
|
|
|
if args
|
|
|
|
@args = Array(args)
|
|
|
|
return
|
|
|
|
end
|
2011-09-28 11:26:27 -04:00
|
|
|
existing = superclass.respond_to?(:args) ? superclass.args : []
|
2014-01-15 23:00:46 -05:00
|
|
|
(instance_variable_defined?(:@args) && @args) || existing
|
2011-09-26 23:44:52 -04:00
|
|
|
end
|
2011-09-28 13:41:06 -04:00
|
|
|
|
2011-09-30 11:36:57 -04:00
|
|
|
%w(uid info extra credentials).each do |fetcher|
|
2011-09-28 13:41:06 -04:00
|
|
|
class_eval <<-RUBY
|
|
|
|
def #{fetcher}(&block)
|
|
|
|
return @#{fetcher}_proc unless block_given?
|
|
|
|
@#{fetcher}_proc = block
|
|
|
|
end
|
|
|
|
|
2011-09-28 14:06:03 -04:00
|
|
|
def #{fetcher}_stack(context)
|
|
|
|
compile_stack(self.ancestors, :#{fetcher}, context)
|
2011-09-28 13:41:06 -04:00
|
|
|
end
|
|
|
|
RUBY
|
|
|
|
end
|
|
|
|
|
2011-09-28 14:06:03 -04:00
|
|
|
def compile_stack(ancestors, method, context)
|
2011-09-30 11:36:57 -04:00
|
|
|
stack = ancestors.inject([]) do |a, ancestor|
|
2011-09-28 14:06:03 -04:00
|
|
|
a << context.instance_eval(&ancestor.send(method)) if ancestor.respond_to?(method) && ancestor.send(method)
|
2011-09-28 13:41:06 -04:00
|
|
|
a
|
|
|
|
end
|
2011-09-30 11:36:57 -04:00
|
|
|
stack.reverse!
|
2011-09-28 13:41:06 -04:00
|
|
|
end
|
2011-09-26 12:44:17 -04:00
|
|
|
end
|
|
|
|
|
2013-01-10 12:06:11 -05:00
|
|
|
attr_reader :app, :env, :options, :response
|
|
|
|
|
2011-09-26 12:44:17 -04:00
|
|
|
# Initializes the strategy by passing in the Rack endpoint,
|
|
|
|
# the unique URL segment name for this strategy, and any
|
|
|
|
# additional arguments. An `options` hash is automatically
|
|
|
|
# created from the last argument if it is a hash.
|
|
|
|
#
|
|
|
|
# @param app [Rack application] The application on which this middleware is applied.
|
2011-09-26 23:44:52 -04:00
|
|
|
#
|
|
|
|
# @overload new(app, options = {})
|
|
|
|
# If nothing but a hash is supplied, initialized with the supplied options
|
|
|
|
# overriding the strategy's default options via a deep merge.
|
|
|
|
# @overload new(app, *args, options = {})
|
|
|
|
# If the strategy has supplied custom arguments that it accepts, they may
|
|
|
|
# will be passed through and set to the appropriate values.
|
|
|
|
#
|
|
|
|
# @yield [Options] Yields options to block for further configuration.
|
2014-05-30 14:42:00 -04:00
|
|
|
def initialize(app, *args, &block) # rubocop:disable UnusedMethodArgument
|
2011-09-03 14:08:07 -04:00
|
|
|
@app = app
|
2013-01-10 12:13:52 -05:00
|
|
|
@env = nil
|
2011-09-26 23:44:52 -04:00
|
|
|
@options = self.class.default_options.dup
|
|
|
|
|
|
|
|
options.deep_merge!(args.pop) if args.last.is_a?(Hash)
|
2011-09-27 14:18:08 -04:00
|
|
|
options.name ||= self.class.to_s.split('::').last.downcase
|
2011-09-03 14:08:07 -04:00
|
|
|
|
2011-09-26 23:44:52 -04:00
|
|
|
self.class.args.each do |arg|
|
2013-09-29 18:03:20 -04:00
|
|
|
break if args.empty?
|
2011-09-26 23:44:52 -04:00
|
|
|
options[arg] = args.shift
|
|
|
|
end
|
|
|
|
|
|
|
|
# Make sure that all of the args have been dealt with, otherwise error out.
|
2014-01-25 06:19:24 -05:00
|
|
|
fail(ArgumentError.new("Received wrong number of arguments. #{args.inspect}")) unless args.empty?
|
2011-09-26 23:44:52 -04:00
|
|
|
|
|
|
|
yield options if block_given?
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def inspect
|
2014-03-15 15:44:30 -04:00
|
|
|
"#<#{self.class}>"
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
2012-04-12 16:50:13 -04:00
|
|
|
# Direct access to the OmniAuth logger, automatically prefixed
|
|
|
|
# with this strategy's name.
|
|
|
|
#
|
|
|
|
# @example
|
|
|
|
# log :warn, "This is a warning."
|
|
|
|
def log(level, message)
|
|
|
|
OmniAuth.logger.send(level, "(#{name}) #{message}")
|
|
|
|
end
|
|
|
|
|
2011-09-26 12:44:17 -04:00
|
|
|
# Duplicates this instance and runs #call! on it.
|
|
|
|
# @param [Hash] The Rack environment.
|
2011-09-03 14:08:07 -04:00
|
|
|
def call(env)
|
|
|
|
dup.call!(env)
|
|
|
|
end
|
|
|
|
|
2011-09-26 12:44:17 -04:00
|
|
|
# The logic for dispatching any additional actions that need
|
|
|
|
# to be taken. For instance, calling the request phase if
|
|
|
|
# the request path is recognized.
|
|
|
|
#
|
|
|
|
# @param env [Hash] The Rack environment.
|
2014-08-18 07:21:39 -04:00
|
|
|
def call!(env) # rubocop:disable CyclomaticComplexity, PerceivedComplexity
|
2014-01-15 23:00:46 -05:00
|
|
|
unless env['rack.session']
|
|
|
|
error = OmniAuth::NoSessionError.new('You must provide a session to use OmniAuth.')
|
|
|
|
fail(error)
|
|
|
|
end
|
2011-09-03 14:08:07 -04:00
|
|
|
|
|
|
|
@env = env
|
|
|
|
@env['omniauth.strategy'] = self if on_auth_path?
|
|
|
|
|
|
|
|
return mock_call!(env) if OmniAuth.config.test_mode
|
2011-09-03 20:26:57 -04:00
|
|
|
return options_call if on_auth_path? && options_request?
|
2011-09-03 14:08:07 -04:00
|
|
|
return request_call if on_request_path? && OmniAuth.config.allowed_request_methods.include?(request.request_method.downcase.to_sym)
|
|
|
|
return callback_call if on_callback_path?
|
|
|
|
return other_phase if respond_to?(:other_phase)
|
|
|
|
@app.call(env)
|
|
|
|
end
|
|
|
|
|
2011-09-03 20:26:57 -04:00
|
|
|
# Responds to an OPTIONS request.
|
|
|
|
def options_call
|
2014-01-15 23:00:46 -05:00
|
|
|
OmniAuth.config.before_options_phase.call(env) if OmniAuth.config.before_options_phase
|
|
|
|
verbs = OmniAuth.config.allowed_request_methods.collect(&:to_s).collect(&:upcase).join(', ')
|
|
|
|
[200, {'Allow' => verbs}, []]
|
2011-09-03 20:26:57 -04:00
|
|
|
end
|
|
|
|
|
2011-09-03 14:08:07 -04:00
|
|
|
# Performs the steps necessary to run the request phase of a strategy.
|
2014-08-18 07:21:39 -04:00
|
|
|
def request_call # rubocop:disable CyclomaticComplexity, MethodLength, PerceivedComplexity
|
2011-09-03 14:08:07 -04:00
|
|
|
setup_phase
|
2014-01-15 23:00:46 -05:00
|
|
|
log :info, 'Request phase initiated.'
|
|
|
|
# store query params from the request url, extracted in the callback_phase
|
2011-11-25 08:56:15 -05:00
|
|
|
session['omniauth.params'] = request.params
|
2014-01-15 23:00:46 -05:00
|
|
|
OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
|
2011-10-03 15:24:39 -04:00
|
|
|
if options.form.respond_to?(:call)
|
2014-01-15 23:00:46 -05:00
|
|
|
log :info, 'Rendering form from supplied Rack endpoint.'
|
2011-10-03 15:24:39 -04:00
|
|
|
options.form.call(env)
|
|
|
|
elsif options.form
|
2014-01-15 23:00:46 -05:00
|
|
|
log :info, 'Rendering form from underlying application.'
|
2011-10-03 15:24:39 -04:00
|
|
|
call_app!
|
2011-09-03 14:08:07 -04:00
|
|
|
else
|
|
|
|
if request.params['origin']
|
2011-10-03 15:24:39 -04:00
|
|
|
env['rack.session']['omniauth.origin'] = request.params['origin']
|
2011-09-03 14:08:07 -04:00
|
|
|
elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
|
2011-10-03 15:24:39 -04:00
|
|
|
env['rack.session']['omniauth.origin'] = env['HTTP_REFERER']
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
request_phase
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Performs the steps necessary to run the callback phase of a strategy.
|
|
|
|
def callback_call
|
|
|
|
setup_phase
|
2014-01-15 23:00:46 -05:00
|
|
|
log :info, 'Callback phase initiated.'
|
2011-09-03 14:08:07 -04:00
|
|
|
@env['omniauth.origin'] = session.delete('omniauth.origin')
|
|
|
|
@env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
|
2011-11-25 08:56:15 -05:00
|
|
|
@env['omniauth.params'] = session.delete('omniauth.params') || {}
|
2013-09-02 21:05:18 -04:00
|
|
|
OmniAuth.config.before_callback_phase.call(@env) if OmniAuth.config.before_callback_phase
|
2011-09-03 14:08:07 -04:00
|
|
|
callback_phase
|
|
|
|
end
|
|
|
|
|
2013-01-25 13:24:52 -05:00
|
|
|
# Returns true if the environment recognizes either the
|
2011-09-26 12:44:17 -04:00
|
|
|
# request or callback path.
|
2011-09-03 14:08:07 -04:00
|
|
|
def on_auth_path?
|
|
|
|
on_request_path? || on_callback_path?
|
|
|
|
end
|
|
|
|
|
|
|
|
def on_request_path?
|
2012-04-12 17:44:35 -04:00
|
|
|
if options.request_path.respond_to?(:call)
|
|
|
|
options.request_path.call(env)
|
|
|
|
else
|
|
|
|
on_path?(request_path)
|
|
|
|
end
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def on_callback_path?
|
2013-04-10 06:07:00 -04:00
|
|
|
on_path?(callback_path)
|
2011-09-03 20:26:57 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def on_path?(path)
|
|
|
|
current_path.casecmp(path) == 0
|
|
|
|
end
|
|
|
|
|
|
|
|
def options_request?
|
|
|
|
request.request_method == 'OPTIONS'
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
2011-09-26 12:44:17 -04:00
|
|
|
# This is called in lieu of the normal request process
|
|
|
|
# in the event that OmniAuth has been configured to be
|
|
|
|
# in test mode.
|
2014-05-30 14:42:00 -04:00
|
|
|
def mock_call!(*)
|
2011-09-03 14:08:07 -04:00
|
|
|
return mock_request_call if on_request_path?
|
|
|
|
return mock_callback_call if on_callback_path?
|
|
|
|
call_app!
|
|
|
|
end
|
|
|
|
|
|
|
|
def mock_request_call
|
|
|
|
setup_phase
|
|
|
|
|
2012-06-04 08:46:25 -04:00
|
|
|
session['omniauth.params'] = request.params
|
2014-01-15 23:00:46 -05:00
|
|
|
OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
|
2011-09-03 14:08:07 -04:00
|
|
|
if request.params['origin']
|
|
|
|
@env['rack.session']['omniauth.origin'] = request.params['origin']
|
|
|
|
elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
|
|
|
|
@env['rack.session']['omniauth.origin'] = env['HTTP_REFERER']
|
|
|
|
end
|
2013-09-24 17:42:39 -04:00
|
|
|
|
|
|
|
redirect(callback_url)
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def mock_callback_call
|
|
|
|
setup_phase
|
2015-02-21 12:55:37 -05:00
|
|
|
@env['omniauth.origin'] = session.delete('omniauth.origin')
|
|
|
|
@env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
|
2011-09-26 12:44:17 -04:00
|
|
|
mocked_auth = OmniAuth.mock_auth_for(name.to_s)
|
2011-09-03 14:08:07 -04:00
|
|
|
if mocked_auth.is_a?(Symbol)
|
|
|
|
fail!(mocked_auth)
|
|
|
|
else
|
|
|
|
@env['omniauth.auth'] = mocked_auth
|
2012-06-04 08:46:25 -04:00
|
|
|
@env['omniauth.params'] = session.delete('omniauth.params') || {}
|
2013-09-02 21:05:18 -04:00
|
|
|
OmniAuth.config.before_callback_phase.call(@env) if OmniAuth.config.before_callback_phase
|
2011-09-03 14:08:07 -04:00
|
|
|
call_app!
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2011-09-26 12:44:17 -04:00
|
|
|
# The setup phase looks for the `:setup` option to exist and,
|
|
|
|
# if it is, will call either the Rack endpoint supplied to the
|
|
|
|
# `:setup` option or it will call out to the setup path of the
|
|
|
|
# underlying application. This will default to `/auth/:provider/setup`.
|
2011-09-03 14:08:07 -04:00
|
|
|
def setup_phase
|
|
|
|
if options[:setup].respond_to?(:call)
|
2014-01-15 23:00:46 -05:00
|
|
|
log :info, 'Setup endpoint detected, running now.'
|
2011-09-03 14:08:07 -04:00
|
|
|
options[:setup].call(env)
|
2011-09-26 23:44:52 -04:00
|
|
|
elsif options.setup?
|
2014-01-15 23:00:46 -05:00
|
|
|
log :info, 'Calling through to underlying application for setup.'
|
2011-09-03 14:08:07 -04:00
|
|
|
setup_env = env.merge('PATH_INFO' => setup_path, 'REQUEST_METHOD' => 'GET')
|
|
|
|
call_app!(setup_env)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2011-09-27 20:52:43 -04:00
|
|
|
# @abstract This method is called when the user is on the request path. You should
|
|
|
|
# perform any information gathering you need to be able to authenticate
|
|
|
|
# the user in this phase.
|
2011-09-03 14:08:07 -04:00
|
|
|
def request_phase
|
2014-01-15 23:00:46 -05:00
|
|
|
fail(NotImplementedError)
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
2011-09-27 14:18:08 -04:00
|
|
|
def uid
|
2011-09-28 14:06:03 -04:00
|
|
|
self.class.uid_stack(self).last
|
2011-09-27 14:18:08 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def info
|
2011-09-28 14:06:03 -04:00
|
|
|
merge_stack(self.class.info_stack(self))
|
2011-09-27 14:18:08 -04:00
|
|
|
end
|
|
|
|
|
2011-09-27 21:20:58 -04:00
|
|
|
def credentials
|
2011-09-28 14:06:03 -04:00
|
|
|
merge_stack(self.class.credentials_stack(self))
|
2011-09-27 21:20:58 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def extra
|
2011-09-28 14:06:03 -04:00
|
|
|
merge_stack(self.class.extra_stack(self))
|
2011-09-27 21:20:58 -04:00
|
|
|
end
|
|
|
|
|
2011-09-27 15:59:26 -04:00
|
|
|
def auth_hash
|
|
|
|
hash = AuthHash.new(:provider => name, :uid => uid)
|
2011-09-27 20:52:43 -04:00
|
|
|
hash.info = info unless skip_info?
|
2011-09-27 21:20:58 -04:00
|
|
|
hash.credentials = credentials if credentials
|
|
|
|
hash.extra = extra if extra
|
2011-09-27 15:59:26 -04:00
|
|
|
hash
|
|
|
|
end
|
|
|
|
|
2011-09-27 20:52:43 -04:00
|
|
|
# Determines whether or not user info should be retrieved. This
|
|
|
|
# allows some strategies to save a call to an external API service
|
|
|
|
# for existing users. You can use it either by setting the `:skip_info`
|
|
|
|
# to true or by setting `:skip_info` to a Proc that takes a uid and
|
|
|
|
# evaluates to true when you would like to skip info.
|
|
|
|
#
|
|
|
|
# @example
|
|
|
|
#
|
|
|
|
# use MyStrategy, :skip_info => lambda{|uid| User.find_by_uid(uid)}
|
|
|
|
def skip_info?
|
|
|
|
if options.skip_info?
|
|
|
|
if options.skip_info.respond_to?(:call)
|
|
|
|
return options.skip_info.call(uid)
|
|
|
|
else
|
|
|
|
return true
|
|
|
|
end
|
|
|
|
end
|
|
|
|
false
|
|
|
|
end
|
|
|
|
|
2011-09-03 14:08:07 -04:00
|
|
|
def callback_phase
|
2014-01-15 23:00:46 -05:00
|
|
|
env['omniauth.auth'] = auth_hash
|
2011-09-03 14:08:07 -04:00
|
|
|
call_app!
|
|
|
|
end
|
|
|
|
|
|
|
|
def path_prefix
|
|
|
|
options[:path_prefix] || OmniAuth.config.path_prefix
|
|
|
|
end
|
|
|
|
|
2012-04-12 17:44:35 -04:00
|
|
|
def custom_path(kind)
|
|
|
|
if options[kind].respond_to?(:call)
|
2013-01-25 13:24:52 -05:00
|
|
|
result = options[kind].call(env)
|
2012-04-12 17:44:35 -04:00
|
|
|
return nil unless result.is_a?(String)
|
|
|
|
result
|
|
|
|
else
|
|
|
|
options[kind]
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2011-09-03 14:08:07 -04:00
|
|
|
def request_path
|
2014-10-01 14:36:20 -04:00
|
|
|
@request_path ||= options[:request_path].is_a?(String) ? options[:request_path] : "#{path_prefix}/#{name}"
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def callback_path
|
2014-10-01 14:36:20 -04:00
|
|
|
@callback_path ||= begin
|
|
|
|
path = options[:callback_path] if options[:callback_path].is_a?(String)
|
|
|
|
path ||= current_path if options[:callback_path].respond_to?(:call) && options[:callback_path].call(env)
|
|
|
|
path ||= custom_path(:request_path)
|
|
|
|
path ||= "#{path_prefix}/#{name}/callback"
|
|
|
|
path
|
|
|
|
end
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def setup_path
|
|
|
|
options[:setup_path] || "#{path_prefix}/#{name}/setup"
|
|
|
|
end
|
|
|
|
|
2015-05-25 05:24:12 -04:00
|
|
|
CURRENT_PATH_REGEX = %r{/$}
|
2014-10-01 14:36:20 -04:00
|
|
|
EMPTY_STRING = ''.freeze
|
2011-09-03 14:08:07 -04:00
|
|
|
def current_path
|
2014-10-01 14:36:20 -04:00
|
|
|
@current_path ||= request.path_info.downcase.sub(CURRENT_PATH_REGEX, EMPTY_STRING)
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def query_string
|
2014-01-15 23:00:46 -05:00
|
|
|
request.query_string.empty? ? '' : "?#{request.query_string}"
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def call_app!(env = @env)
|
|
|
|
@app.call(env)
|
|
|
|
end
|
|
|
|
|
|
|
|
def full_host
|
|
|
|
case OmniAuth.config.full_host
|
2013-09-24 17:42:39 -04:00
|
|
|
when String
|
|
|
|
OmniAuth.config.full_host
|
|
|
|
when Proc
|
|
|
|
OmniAuth.config.full_host.call(env)
|
|
|
|
else
|
|
|
|
# in Rack 1.3.x, request.url explodes if scheme is nil
|
|
|
|
if request.scheme && request.url.match(URI::ABS_URI)
|
2014-01-15 23:00:46 -05:00
|
|
|
uri = URI.parse(request.url.gsub(/\?.*$/, ''))
|
2011-09-03 14:08:07 -04:00
|
|
|
uri.path = ''
|
2014-01-15 23:00:46 -05:00
|
|
|
# sometimes the url is actually showing http inside rails because the
|
|
|
|
# other layers (like nginx) have handled the ssl termination.
|
|
|
|
uri.scheme = 'https' if ssl? # rubocop:disable BlockNesting
|
2011-09-03 14:08:07 -04:00
|
|
|
uri.to_s
|
2014-01-15 23:00:46 -05:00
|
|
|
else ''
|
2013-09-24 17:42:39 -04:00
|
|
|
end
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def callback_url
|
|
|
|
full_host + script_name + callback_path + query_string
|
|
|
|
end
|
|
|
|
|
|
|
|
def script_name
|
|
|
|
@env['SCRIPT_NAME'] || ''
|
|
|
|
end
|
|
|
|
|
|
|
|
def session
|
|
|
|
@env['rack.session']
|
|
|
|
end
|
|
|
|
|
|
|
|
def request
|
|
|
|
@request ||= Rack::Request.new(@env)
|
|
|
|
end
|
|
|
|
|
2011-09-26 23:44:52 -04:00
|
|
|
def name
|
|
|
|
options.name
|
|
|
|
end
|
|
|
|
|
2011-09-03 14:08:07 -04:00
|
|
|
def redirect(uri)
|
|
|
|
r = Rack::Response.new
|
|
|
|
|
|
|
|
if options[:iframe]
|
|
|
|
r.write("<script type='text/javascript' charset='utf-8'>top.location.href = '#{uri}';</script>")
|
|
|
|
else
|
|
|
|
r.write("Redirecting to #{uri}...")
|
|
|
|
r.redirect(uri)
|
|
|
|
end
|
|
|
|
|
|
|
|
r.finish
|
|
|
|
end
|
|
|
|
|
2014-01-15 23:00:46 -05:00
|
|
|
def user_info
|
|
|
|
{}
|
|
|
|
end
|
2011-09-03 14:08:07 -04:00
|
|
|
|
|
|
|
def fail!(message_key, exception = nil)
|
2014-01-15 23:00:46 -05:00
|
|
|
env['omniauth.error'] = exception
|
|
|
|
env['omniauth.error.type'] = message_key.to_sym
|
|
|
|
env['omniauth.error.strategy'] = self
|
2011-09-03 14:08:07 -04:00
|
|
|
|
2012-04-12 16:50:13 -04:00
|
|
|
if exception
|
2014-03-15 15:44:30 -04:00
|
|
|
log :error, "Authentication failure! #{message_key}: #{exception.class}, #{exception.message}"
|
2012-04-12 16:50:13 -04:00
|
|
|
else
|
|
|
|
log :error, "Authentication failure! #{message_key} encountered."
|
|
|
|
end
|
|
|
|
|
2014-01-15 23:00:46 -05:00
|
|
|
OmniAuth.config.on_failure.call(env)
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
2011-09-26 12:44:17 -04:00
|
|
|
|
|
|
|
class Options < Hashie::Mash; end
|
2011-09-28 13:41:06 -04:00
|
|
|
|
2014-01-15 23:00:46 -05:00
|
|
|
protected
|
2011-09-28 13:41:06 -04:00
|
|
|
|
|
|
|
def merge_stack(stack)
|
2014-01-15 23:00:46 -05:00
|
|
|
stack.inject({}) do |a, e|
|
|
|
|
a.merge!(e)
|
|
|
|
a
|
|
|
|
end
|
2011-09-28 13:41:06 -04:00
|
|
|
end
|
2014-01-15 23:00:46 -05:00
|
|
|
|
2013-02-13 14:12:50 -05:00
|
|
|
def ssl?
|
|
|
|
request.env['HTTPS'] == 'on' ||
|
2014-12-25 16:29:22 -05:00
|
|
|
request.env['HTTP_X_FORWARDED_SSL'] == 'on' ||
|
|
|
|
request.env['HTTP_X_FORWARDED_SCHEME'] == 'https' ||
|
|
|
|
(request.env['HTTP_X_FORWARDED_PROTO'] && request.env['HTTP_X_FORWARDED_PROTO'].split(',')[0] == 'https') ||
|
|
|
|
request.env['rack.url_scheme'] == 'https'
|
2013-02-13 14:12:50 -05:00
|
|
|
end
|
2011-09-03 14:08:07 -04:00
|
|
|
end
|
|
|
|
end
|