41 lines
1.4 KiB
Ruby
41 lines
1.4 KiB
Ruby
class SsoLoginBoxController < SessionsController
|
|
def ntnu_oauth2_sign_in
|
|
# receive code from ntnu
|
|
code = params[:code]
|
|
|
|
# request token by code
|
|
token_connection = Faraday.new 'https://api.ntnu.edu.tw/NtnuCloud/acs'
|
|
token_response = token_connection.post do |request|
|
|
request.params['grant_type'] = 'authorization_code'
|
|
request.params['client_id'] = ENV['APP_ID']
|
|
request.params['client_secret'] = ENV['APP_SECRET']
|
|
request.params['redirect_uri'] = ENV['REDIRECT_URI']
|
|
request.params['code'] = code
|
|
end
|
|
|
|
token = JSON.parse(token_response.body)['access_token']
|
|
|
|
# request user account by token
|
|
account_connection = Faraday.new 'https://api.ntnu.edu.tw/NtnuApi/api'
|
|
account_response = account_connection.get do |request|
|
|
request.params['apiName'] = 'queryUserInfo'
|
|
request.params['accesstoken'] = token
|
|
end
|
|
|
|
user_name = JSON.parse(account_response.body)['account']
|
|
user = User.find_by(user_name: user_name) rescue nil
|
|
if !user.nil?
|
|
session[:user_id] = user.id
|
|
session[:login_referer] = nil
|
|
if params[:referer_url]
|
|
redirect_to URI.parse(params[:referer_url]).path
|
|
else
|
|
redirect_to admin_dashboards_path
|
|
end
|
|
else
|
|
@login_referer = params[:referer_url]
|
|
flash.now.alert = "User not in database. Ask the administrator to add your username first and then try again."
|
|
render "new"
|
|
end
|
|
end
|
|
end |