Matchu
f80d220a62
Some tricks required here to get the dependencies to work out, but we got it!! Oh also, we move away from the rbenv in Ubuntu's package manager, because it doesn't support more recent Rubies like 2.4.10.
87 lines
2.2 KiB
Ruby
87 lines
2.2 KiB
Ruby
require 'active_support/core_ext/hash'
|
|
require 'msgpack'
|
|
require 'openneo-auth-signatory'
|
|
|
|
module Openneo
|
|
module Auth
|
|
class Session
|
|
REMOTE_MSG_KEYS = %w(session_id source user)
|
|
TMP_STORAGE_DIR = Rails.root.join('tmp', 'openneo-auth-sessions')
|
|
|
|
attr_writer :id
|
|
|
|
def save!
|
|
content = +MessagePack.pack(@message)
|
|
FileUtils.mkdir_p TMP_STORAGE_DIR
|
|
File.open(tmp_storage_path, 'w') do |file|
|
|
file.write content
|
|
end
|
|
end
|
|
|
|
def destroy!
|
|
File.delete(tmp_storage_path)
|
|
end
|
|
|
|
def load_message!
|
|
raise NotFound, "Session #{id} not found" unless File.exists?(tmp_storage_path)
|
|
@message = File.open(tmp_storage_path, 'r') do |file|
|
|
MessagePack.unpack file.read
|
|
end
|
|
end
|
|
|
|
def params=(params)
|
|
unless Auth.config.secret
|
|
raise "Must set config.secret to the remote auth server's secret"
|
|
end
|
|
given_signature = params['signature']
|
|
secret = +Auth.config.secret
|
|
signatory = Auth::Signatory.new(secret)
|
|
REMOTE_MSG_KEYS.each do |key|
|
|
unless params.include?(key)
|
|
raise MissingParam, "Missing required param #{key.inspect}"
|
|
end
|
|
end
|
|
@message = params.slice(*REMOTE_MSG_KEYS)
|
|
correct_signature = signatory.sign(@message)
|
|
unless given_signature == correct_signature
|
|
raise InvalidSignature, "Signature (#{given_signature}) " +
|
|
"did not match message #{@message.inspect} (#{correct_signature})"
|
|
end
|
|
end
|
|
|
|
def user
|
|
Auth.config.find_user_with_remote_auth(@message['user'])
|
|
end
|
|
|
|
def self.from_params(params)
|
|
session = new
|
|
session.params = params
|
|
session
|
|
end
|
|
|
|
def self.find(id)
|
|
session = new
|
|
session.id = id
|
|
session.load_message!
|
|
session
|
|
end
|
|
|
|
private
|
|
|
|
def id
|
|
@id ||= @message[:session_id]
|
|
end
|
|
|
|
def tmp_storage_path
|
|
name = "#{id}.mpac"
|
|
File.join TMP_STORAGE_DIR, name
|
|
end
|
|
|
|
class InvalidSession < ArgumentError;end
|
|
class InvalidSignature < InvalidSession;end
|
|
class MissingParam < InvalidSession;end
|
|
class NotFound < StandardError;end
|
|
end
|
|
end
|
|
end
|
|
|