From 41551da4bf4356a00d521da165b76bbaad1d6fe3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aitor=20Garc=C3=ADa?= <hello@aitor.is>
Date: Wed, 13 Feb 2013 19:12:50 +0000
Subject: [PATCH] Refactor ssl check to mimic Rack::Request#ssl? behavior as
 stated in #663. I've removed the query assigment since it looked redundant
 just after the gsub and added a few test for a custom full_host that were not
 provided before.

---
 lib/omniauth/strategy.rb       | 10 ++++++++--
 spec/omniauth/strategy_spec.rb | 12 ++++++++++++
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/lib/omniauth/strategy.rb b/lib/omniauth/strategy.rb
index af3b38f..c144556 100644
--- a/lib/omniauth/strategy.rb
+++ b/lib/omniauth/strategy.rb
@@ -403,9 +403,8 @@ module OmniAuth
         else
           uri = URI.parse(request.url.gsub(/\?.*$/,''))
           uri.path = ''
-          uri.query = nil
           #sometimes the url is actually showing http inside rails because the other layers (like nginx) have handled the ssl termination.
-          uri.scheme = 'https' if(request.env['HTTP_X_FORWARDED_PROTO'] == 'https')
+          uri.scheme = 'https' if ssl?
           uri.to_s
       end
     end
@@ -466,5 +465,12 @@ module OmniAuth
     def merge_stack(stack)
       stack.inject({}){|c,h| c.merge!(h); c}
     end
+    def ssl?
+      request.env['HTTPS'] == 'on' ||
+      request.env['HTTP_X_FORWARDED_SSL'] == 'on' ||
+      request.env['HTTP_X_FORWARDED_SCHEME'] == 'https' ||
+      (request.env['HTTP_X_FORWARDED_PROTO'] && request.env['HTTP_X_FORWARDED_PROTO'].split(',')[0] == 'https') ||
+      request.env['rack.url_scheme'] == 'https'
+    end
   end
 end
diff --git a/spec/omniauth/strategy_spec.rb b/spec/omniauth/strategy_spec.rb
index e52173c..c4e91c3 100644
--- a/spec/omniauth/strategy_spec.rb
+++ b/spec/omniauth/strategy_spec.rb
@@ -607,6 +607,18 @@ describe OmniAuth::Strategy do
         expect(strategy.full_host).to eq('my.host.net')
       end
 
+      it "is based on the request if it's not a string nor a proc" do
+        OmniAuth.config.full_host = nil
+        strategy.call(make_env('/whatever', 'rack.url_scheme' => 'http', 'SERVER_NAME' => 'my.host.net', 'SERVER_PORT' => 80))
+        expect(strategy.full_host).to eq('http://my.host.net')
+      end
+
+      it "should honor HTTP_X_FORWARDED_PROTO if present" do
+        OmniAuth.config.full_host = nil
+        strategy.call(make_env('/whatever', 'HTTP_X_FORWARDED_PROTO' => 'https','rack.url_scheme' => 'http', 'SERVER_NAME' => 'my.host.net', 'SERVER_PORT' => 443))
+        expect(strategy.full_host).to eq('https://my.host.net')
+      end
+
       after do
         OmniAuth.config.test_mode = false
       end