Fix bug.

Add logout url.
Update oauth2 url.
2022-05-14 12:04:43 +08:00 · 2021-10-28 09:06:52 +08:00 · 2021-10-08 17:19:47 +08:00
3 changed files with 21 additions and 4 deletions
--- a/app/controllers/sso_login_box_controller.rb
+++ b/app/controllers/sso_login_box_controller.rb
@ -1,15 +1,25 @@
 class SsoLoginBoxController < SessionsController
  require 'openssl'
  OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
+  def self.logout #Token Revocation
+    session = OrbitHelper.request.session
+    if session[:sso_token]
+      token_connection = Faraday.new 'https://cas.ccu.edu.tw/oauth2.0/revoke'
+      token_response = token_connection.post do |request|
+        request.params['token'] = session[:sso_token]
+        request.params['token_type_hint'] = 'access_token'
+      end
+    end
+  end
  def oauth2_auth_page
    session[:referer_url] = params[:referer_url]
-    redirect_to "https://nu04.ccu.edu.tw/oauth2.0/authorize?response_type=#{ENV['RESPONSE_TYPE']}&client_id=#{ENV['APP_ID']}&redirect_uri=#{ENV['REDIRECT_URI']}"
+    redirect_to "https://cas.ccu.edu.tw/oauth2.0/authorize?response_type=#{ENV['RESPONSE_TYPE']}&client_id=#{ENV['APP_ID']}&redirect_uri=#{ENV['REDIRECT_URI']}"
  end
  def oauth2_sign_in
    # receive code from ntnu
    code = params[:code]
    # request token by code
-    token_connection = Faraday.new 'https://nu04.ccu.edu.tw/oauth2.0/accessToken'
+    token_connection = Faraday.new 'https://cas.ccu.edu.tw/oauth2.0/accessToken'
    token_response = token_connection.post do |request|
      request.params['grant_type'] = 'authorization_code'
      request.params['client_id'] = ENV['APP_ID']
@ -22,13 +32,14 @@ class SsoLoginBoxController < SessionsController
    # render :html => {:code => code,:token => token, :response => token_response.body}

    # request user id by token
-    account_connection = Faraday.new 'https://nu04.ccu.edu.tw/oauth2.0/profile'
+    account_connection = Faraday.new 'https://cas.ccu.edu.tw/oauth2.0/profile'
    account_response = account_connection.get do |request|
      request.params['access_token'] = token
    end
    user_name = JSON.parse(account_response.body)['id']
    user = User.find_by(user_name: user_name) rescue nil
    if !user.nil?
+      session[:sso_token] = token
      session[:user_id] = user.id
      session[:login_referer] = nil
      if session[:referer_url].present?
--- a/lib/sso_login_box.rb
+++ b/lib/sso_login_box.rb
@ -1,4 +1,10 @@
 require "sso_login_box/engine"

 module SsoLoginBox
+	# def self.controller_name #if defined, call controller's logout method
+	# 	"SsoLoginBoxController"
+	# end
+	def self.logout_url
+		"https://cas.ccu.edu.tw/logout"
+	end
 end
--- a/lib/sso_login_box/login_tag.rb
+++ b/lib/sso_login_box/login_tag.rb
@ -6,7 +6,7 @@ module SsoLoginBox::LoginTag
      }
    </style>
    <div class=\"pull-right\">
-        <a class=\"sso_login_button btn\" href=\"/oauth2_service/auth_page?referer_url=#{(URI.encode(OrbitHelper.request.original_url) rescue "")}\" style=\"border: 0.1em solid black;\">
+        <a class=\"sso_login_button btn\" href=\"/oauth2_service/auth_page?referer_url=#{(URI.encode(OrbitHelper.request.original_url.gsub('?','&')) rescue "")}\" style=\"border: 0.1em solid black;\">
          CCU SSO Login
        </a>
    </div>"
Author	SHA1	Message	Date
BoHung Chiu	69a4f976b5	Fix bug.	2022-05-14 12:04:43 +08:00
BoHung Chiu	059cddf9bb	Add logout url.	2021-10-28 09:06:52 +08:00
BoHung Chiu	1311d8fd66	Update oauth2 url.	2021-10-08 17:19:47 +08:00