Created
March 8, 2012 09:21
-
-
Save arkadiyk/1999885 to your computer and use it in GitHub Desktop.
Pure Ruby OpenSSO client
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'net/http' | |
require 'uri' | |
module SSOAuth | |
def opensso_location | |
'http://<SSO-SERVER.com>:8080/opensso' | |
end | |
# main method | |
def get_sso_user | |
@opensso_uri = URI.parse(opensso_location) | |
@http = Net::HTTP.new(@opensso_uri.host, @opensso_uri.port) | |
token_cookie_names = get_cookie_names_for_token | |
token_cookies = get_token_cookies(token_cookie_names) | |
return nil unless validate_token(token_cookies) | |
opensso_user = get_opensso_user(token_cookies) | |
opensso_user.has_key?('uid') ? opensso_user['uid'].at(0) : nil | |
end | |
def get_cookie_names_for_token | |
req = Net::HTTP::Post.new "#{@opensso_uri.path}/identity/getCookieNamesToForward" | |
res = @http.request(req, '') | |
cookie_names = res.body.split("\n").map{ |e| e.split('=')[1].chomp } | |
req = Net::HTTP::Post.new "#{@opensso_uri.path}/identity/getCookieNameForToken" | |
res = @http.request(req, '') | |
cname = res.body.split('=').at(1).chomp | |
cookie_names << cname unless cookie_names.include?(cname) | |
cookie_names | |
end | |
def get_token_cookies(token_cookie_names) | |
cs = [] | |
token_cookie_names.each do |cn| | |
cs << cn + "=" + cookies[cn].gsub(' ', '+') if cookies[cn] | |
end | |
cs.join('; ') | |
end | |
def validate_token(token_cookies) | |
return unless token_cookies | |
req = Net::HTTP::Get.new "#{@opensso_uri.path}/identity/isTokenValid" | |
req['Cookie'] = token_cookies | |
res = @http.request(req, '') | |
res.body.split('=').at(1).chomp == 'true' | |
end | |
def get_opensso_user(token_cookies) | |
opensso_user = Hash[] | |
attribute_name = '' | |
req = Net::HTTP::Post.new "#{@opensso_uri.path}/identity/attributes" | |
req['Cookie'] = token_cookies | |
res = @http.request(req, '') | |
lines = res.body.split(/\n/) | |
lines.each do |line| | |
if line.match(/^userdetails.attribute.name=/) | |
attribute_name = line.gsub(/^userdetails.attribute.name=/, '') | |
opensso_user[attribute_name] = Array.new | |
elsif line.match(/^userdetails.attribute.value=/) | |
opensso_user[attribute_name] << line.gsub(/^userdetails.attribute.value=/, '') | |
end | |
end | |
return opensso_user | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment