Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: redirect to return_url when working as SSO provider

This commit is contained in:
Arpit Jalan 2015-10-25 10:30:19 +05:30
parent d49ea33465
commit c28843e87b
3 changed files with 58 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/assets/javascripts/discourse/controllers/login.js.es6
View File

@ -78,9 +78,15 @@ export default Ember.Controller.extend(ModalFunctionality, {
const $hidden_login_form = $('#hidden-login-form'); const $hidden_login_form = $('#hidden-login-form');
const destinationUrl = $.cookie('destination_url'); const destinationUrl = $.cookie('destination_url');
const shouldRedirectToUrl = self.session.get("shouldRedirectToUrl"); const shouldRedirectToUrl = self.session.get("shouldRedirectToUrl");
const ssoDestinationUrl = $.cookie('sso_destination_url');
$hidden_login_form.find('input[name=username]').val(self.get('loginName')); $hidden_login_form.find('input[name=username]').val(self.get('loginName'));
$hidden_login_form.find('input[name=password]').val(self.get('loginPassword')); $hidden_login_form.find('input[name=password]').val(self.get('loginPassword'));
if (destinationUrl) {
if (ssoDestinationUrl) {
$.cookie('sso_destination_url', null);
window.location.assign(ssoDestinationUrl);
return;
} else if (destinationUrl) {
// redirect client to the original URL // redirect client to the original URL
$.cookie('destination_url', null); $.cookie('destination_url', null);
$hidden_login_form.find('input[name=redirect]').val(destinationUrl); $hidden_login_form.find('input[name=redirect]').val(destinationUrl);

9
app/controllers/session_controller.rb
View File

@ -37,7 +37,11 @@ class SessionController < ApplicationController
sso.external_id = current_user.id.to_s sso.external_id = current_user.id.to_s
sso.admin = current_user.admin? sso.admin = current_user.admin?
sso.moderator = current_user.moderator? sso.moderator = current_user.moderator?
redirect_to sso.to_url(sso.return_sso_url) if request.xhr?
cookies[:sso_destination_url] = sso.to_url(sso.return_sso_url)
else
redirect_to sso.to_url(sso.return_sso_url)
end
else else
session[:sso_payload] = request.query_string session[:sso_payload] = request.query_string
redirect_to path('/login') redirect_to path('/login')
@ -266,9 +270,8 @@ class SessionController < ApplicationController
if payload = session.delete(:sso_payload) if payload = session.delete(:sso_payload)
sso_provider(payload) sso_provider(payload)
else
render_serialized(user, UserSerializer)
end end
render_serialized(user, UserSerializer)
end end
end end

69
spec/controllers/session_controller_spec.rb
View File

@ -264,40 +264,61 @@ describe SessionController do
expect(response.code).to eq('419') expect(response.code).to eq('419')
end end
it 'can act as an SSO provider' do describe 'can act as an SSO provider' do
SiteSetting.enable_sso_provider = true before do
SiteSetting.enable_sso = false SiteSetting.enable_sso_provider = true
SiteSetting.enable_local_logins = true SiteSetting.enable_sso = false
SiteSetting.sso_secret = "topsecret" SiteSetting.enable_local_logins = true
SiteSetting.sso_secret = "topsecret"
sso = SingleSignOn.new @sso = SingleSignOn.new
sso.nonce = "mynonce" @sso.nonce = "mynonce"
sso.sso_secret = SiteSetting.sso_secret @sso.sso_secret = SiteSetting.sso_secret
sso.return_sso_url = "http://somewhere.over.rainbow/sso" @sso.return_sso_url = "http://somewhere.over.rainbow/sso"
get :sso_provider, Rack::Utils.parse_query(sso.payload) @user = Fabricate(:user, password: "frogs", active: true, admin: true)
EmailToken.update_all(confirmed: true)
end
expect(response).to redirect_to("/login") it "successfully logs in and redirects user to return_sso_url when the user is not logged in" do
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
expect(response).to redirect_to("/login")
user = Fabricate(:user, password: "frogs", active: true, admin: true) xhr :post, :create, login: @user.username, password: "frogs", format: :json
EmailToken.update_all(confirmed: true)
xhr :post, :create, login: user.username, password: "frogs", format: :json location = cookies[:sso_destination_url]
# javascript code will handle redirection of user to return_sso_url
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
location = response.header["Location"] payload = location.split("?")[1]
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/) sso2 = SingleSignOn.parse(payload, "topsecret")
payload = location.split("?")[1] expect(sso2.email).to eq(@user.email)
expect(sso2.name).to eq(@user.name)
expect(sso2.username).to eq(@user.username)
expect(sso2.external_id).to eq(@user.id.to_s)
expect(sso2.admin).to eq(true)
expect(sso2.moderator).to eq(false)
end
sso2 = SingleSignOn.parse(payload, "topsecret") it "successfully redirects user to return_sso_url when the user is logged in" do
log_in_user(@user)
expect(sso2.email).to eq(user.email) get :sso_provider, Rack::Utils.parse_query(@sso.payload)
expect(sso2.name).to eq(user.name)
expect(sso2.username).to eq(user.username)
expect(sso2.external_id).to eq(user.id.to_s)
expect(sso2.admin).to eq(true)
expect(sso2.moderator).to eq(false)
location = response.header["Location"]
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
payload = location.split("?")[1]
sso2 = SingleSignOn.parse(payload, "topsecret")
expect(sso2.email).to eq(@user.email)
expect(sso2.name).to eq(@user.name)
expect(sso2.username).to eq(@user.username)
expect(sso2.external_id).to eq(@user.id.to_s)
expect(sso2.admin).to eq(true)
expect(sso2.moderator).to eq(false)
end
end end
describe 'local attribute override from SSO payload' do describe 'local attribute override from SSO payload' do