FEATURE: admin end point to sync sso /admin/users/sync_sso
Must be admin to invoke (api is fine too), uses same sso payload nonce is ignored
This commit is contained in:
Sam
parent
a438f35478
commit
7d6d8bd0a3
|
|
@ -258,6 +258,18 @@ class Admin::UsersController < Admin::AdminController
|
||||||
render json: location
|
render json: location
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def sync_sso
|
||||||
|
unless SiteSetting.enable_sso
|
||||||
|
render nothing: true, status: 404
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
|
sso = DiscourseSingleSignOn.parse(request.query_string)
|
||||||
|
user = sso.lookup_or_create_user
|
||||||
|
|
||||||
|
render_serialized(user, AdminDetailedUserSerializer, root: false)
|
||||||
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def fetch_user
|
def fetch_user
|
||||||
|
|
|
||||||
|
|
@ -81,6 +81,9 @@ Discourse::Application.routes.draw do
|
||||||
get "tl3_requirements"
|
get "tl3_requirements"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
|
post "users/sync_sso" => "users#sync_sso", constraints: AdminConstraint.new
|
||||||
|
|
||||||
resources :impersonate, constraints: AdminConstraint.new
|
resources :impersonate, constraints: AdminConstraint.new
|
||||||
|
|
||||||
resources :email do
|
resources :email do
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
require 'spec_helper'
|
require 'spec_helper'
|
||||||
|
require_dependency 'single_sign_on'
|
||||||
|
|
||||||
describe Admin::UsersController do
|
describe Admin::UsersController do
|
||||||
|
|
||||||
|
|
@ -314,7 +315,7 @@ describe Admin::UsersController do
|
||||||
before do
|
before do
|
||||||
@user = Fabricate(:user)
|
@user = Fabricate(:user)
|
||||||
topic = create_topic(user: @user)
|
topic = create_topic(user: @user)
|
||||||
post = create_post(topic: topic, user: @user)
|
_post = create_post(topic: topic, user: @user)
|
||||||
@user.stubs(:first_post_created_at).returns(Time.zone.now)
|
@user.stubs(:first_post_created_at).returns(Time.zone.now)
|
||||||
User.expects(:find_by).with(id: @delete_me.id).returns(@user)
|
User.expects(:find_by).with(id: @delete_me.id).returns(@user)
|
||||||
end
|
end
|
||||||
|
|
@ -394,4 +395,39 @@ describe Admin::UsersController do
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'can sync up sso' do
|
||||||
|
log_in(:admin)
|
||||||
|
|
||||||
|
SiteSetting.enable_sso = true
|
||||||
|
SiteSetting.sso_overrides_email = true
|
||||||
|
SiteSetting.sso_overrides_name = true
|
||||||
|
SiteSetting.sso_overrides_username = true
|
||||||
|
|
||||||
|
SiteSetting.sso_secret = "sso secret"
|
||||||
|
|
||||||
|
sso = SingleSignOn.new
|
||||||
|
sso.sso_secret = "sso secret"
|
||||||
|
sso.name = "Bob The Bob"
|
||||||
|
sso.username = "bob"
|
||||||
|
sso.email = "bob@bob.com"
|
||||||
|
sso.external_id = "1"
|
||||||
|
|
||||||
|
user = DiscourseSingleSignOn.parse(sso.payload)
|
||||||
|
.lookup_or_create_user
|
||||||
|
|
||||||
|
|
||||||
|
sso.name = "Bill"
|
||||||
|
sso.username = "Hokli$$!!"
|
||||||
|
sso.email = "bob2@bob.com"
|
||||||
|
|
||||||
|
xhr :post, :sync_sso, Rack::Utils.parse_query(sso.payload)
|
||||||
|
response.should be_success
|
||||||
|
|
||||||
|
user.reload
|
||||||
|
user.email.should == "bob2@bob.com"
|
||||||
|
user.name.should == "Bill"
|
||||||
|
user.username.should == "Hokli"
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue