metavida · April 16, 2015 21:54
diff --git a/federated_auth.rb b/federated_auth.rb
 # A simple web service that can be used to test Haiku's Federated Login system.
 #
 # Since there's no real data backing this authentication script, it will authorize
 # any username given as long as the password matches the default_password (set below).
 #
 # In order to simulate "SSO via a Signed Link" this script will authorize any session_key
 # given to it, removing any non-login-safe characters.
 #
 # Use the following commands to start this authentication service:
 #    gem install sinatra
 #    ruby -rubygems federated_auth.rb
 default_password = 'qwerqwer'
 begin
  require 'sinatra'
 rescue LoadError
  puts "!!! Sinatra could not be loaded !!!"
  puts "Make sure that the sinatra gem is installed, then"
  puts "run this script using `ruby -rubygems ...`"
  exit 1
 end
 case settings.environment.to_s
 when /^(fast)?dev/
  set :bind, 'localhost'
 end
 set :port, 2884 # AUTH = 2884 on a phone keypad
 puts <<-Desc
 Auth requests should go to http://#{settings.bind}:#{settings.port}/auth"
 If #{default_password.inspect} is given as the password, the given username will be returned.
 Desc
 # Renders
 check_default_password_and_key = lambda do
  puts env.inject({}){|acc, (k,v)| acc[$1.downcase] = v if k =~ /^http_(.*)/i; acc}.inspect
  puts params.inspect

  value_to_return = " "
  if params['username'].is_a?(String) && !params['username'].empty?
    params['session_key'] = nil
    value_to_return = params['username']
  elsif params['session_key'].is_a?(String) && !params['session_key'].empty?
    value_to_return = params['session_key'].gsub(/[^a-z0-9._-]/,'')
    params['session_key'] = true
  end
  puts value_to_return.inspect

  if !params['session_key'] && params['password'] != default_password
    status 403
  end
  value_to_return
 end
 get '/auth', &check_default_password_and_key
 post '/auth', &check_default_password_and_key
	# A simple web service that can be used to test Haiku's Federated Login system.
	#
	# Since there's no real data backing this authentication script, it will authorize
	# any username given as long as the password matches the default_password (set below).
	#
	# In order to simulate "SSO via a Signed Link" this script will authorize any session_key
	# given to it, removing any non-login-safe characters.
	#
	# Use the following commands to start this authentication service:
	# gem install sinatra
	# ruby -rubygems federated_auth.rb
	default_password = 'qwerqwer'
	begin
	require 'sinatra'
	rescue LoadError
	puts "!!! Sinatra could not be loaded !!!"
	puts "Make sure that the sinatra gem is installed, then"
	puts "run this script using `ruby -rubygems ...`"
	exit 1
	end
	case settings.environment.to_s
	when /^(fast)?dev/
	set :bind, 'localhost'
	end
	set :port, 2884 # AUTH = 2884 on a phone keypad
	puts <<-Desc
	Auth requests should go to http://#{settings.bind}:#{settings.port}/auth"
	If #{default_password.inspect} is given as the password, the given username will be returned.
	Desc
	# Renders
	check_default_password_and_key = lambda do
	puts env.inject({}){\|acc, (k,v)\| acc[$1.downcase] = v if k =~ /^http_(.*)/i; acc}.inspect
	puts params.inspect

	value_to_return = " "
	if params['username'].is_a?(String) && !params['username'].empty?
	params['session_key'] = nil
	value_to_return = params['username']
	elsif params['session_key'].is_a?(String) && !params['session_key'].empty?
	value_to_return = params['session_key'].gsub(/[^a-z0-9._-]/,'')
	params['session_key'] = true
	end
	puts value_to_return.inspect

	if !params['session_key'] && params['password'] != default_password
	status 403
	end
	value_to_return
	end
	get '/auth', &check_default_password_and_key
	post '/auth', &check_default_password_and_key