48 lines
2.0 KiB
Ruby
48 lines
2.0 KiB
Ruby
class SsoLoginBoxController < SessionsController
|
|
require 'openssl'
|
|
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
|
|
def oauth2_auth_page
|
|
session[:referer_url] = params[:referer_url]
|
|
redirect_to "https://portal.ncu.edu.tw/oauth2/authorization?response_type=#{ENV['RESPONSE_TYPE']}&client_id=#{ENV['APP_ID']}&redirect_uri=#{ENV['REDIRECT_URI']}&scope=identifier"
|
|
end
|
|
def oauth2_sign_in
|
|
# receive code from ncu
|
|
code = params[:code]
|
|
# request token by code
|
|
token_connection = Faraday.new('https://portal.ncu.edu.tw/oauth2/token') do |conn|
|
|
#conn.request(:basic_auth, ENV['APP_ID'], ENV['APP_SECRET'])
|
|
conn.basic_auth(ENV['APP_ID'], ENV['APP_SECRET'])
|
|
conn.adapter Faraday.default_adapter
|
|
end
|
|
token_response = token_connection.post do |request|
|
|
request.params['grant_type'] = 'authorization_code'
|
|
request.params['code'] = code
|
|
request.params['redirect_uri'] = ENV['REDIRECT_URI']
|
|
request.headers['Accept'] = 'application/json'
|
|
request.headers['Content-Type'] = 'application/x-www-form-urlencoded'
|
|
end
|
|
token_response_json = JSON.parse(token_response.body)
|
|
token = token_response_json['access_token']
|
|
# request user id by token
|
|
account_connection = Faraday.new 'https://portal.ncu.edu.tw/apis/oauth/v1/info'
|
|
account_response = account_connection.get do |request|
|
|
request.headers['Accept'] = 'application/json'
|
|
request.headers['Authorization'] = "#{token_response_json['token_type']} " + token
|
|
end
|
|
user_name = JSON.parse(account_response.body)['identifier']
|
|
user = User.find_by(user_name: user_name) rescue nil
|
|
if !user.nil?
|
|
session[:user_id] = user.id
|
|
session[:login_referer] = nil
|
|
if session[:referer_url].present?
|
|
redirect_to URI.parse(session[:referer_url]).path
|
|
else
|
|
redirect_to admin_dashboards_path
|
|
end
|
|
else
|
|
@login_referer = session[:referer_url]
|
|
flash.now.alert = I18n.t("sso_login_box_for_ncu.user_not_in_database",:user_id=>user_name)
|
|
render "new"
|
|
end
|
|
end
|
|
end |