greenlight/lib/omniauth_options.rb

# frozen_string_literal: true

# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.

module OmniauthOptions
  module_function

  def omniauth_options(env)
    case env['omniauth.strategy'].options[:name]
    when "bn_launcher"
      protocol = Rails.env.production? ? "https" : env["rack.url_scheme"]

      customer_redirect_url = "#{protocol}://#{env['SERVER_NAME']}:#{env['SERVER_PORT']}"
      user_domain = parse_user_domain(env["SERVER_NAME"])
      env['omniauth.strategy'].options[:customer] = user_domain
      env['omniauth.strategy'].options[:customer_redirect_url] = customer_redirect_url
      env['omniauth.strategy'].options[:default_callback_url] = Rails.configuration.gl_callback_url

      # This is only used in the old launcher and should eventually be removed
      env['omniauth.strategy'].options[:checksum] = generate_checksum(user_domain, customer_redirect_url,
        Rails.configuration.launcher_secret)
    when "google"
      set_hd(env, ENV['GOOGLE_OAUTH2_HD'])
    when "office365"
      set_hd(env, ENV['OFFICE365_HD'])
    when "openid_connect"
      set_hd(env, ENV['OPENID_CONNECT_HD'])
    end
  end

  # Limits the domain that can be used with the provider
  def set_hd(env, hd)
    if hd
      hd_opts = hd.split(',')
      env['omniauth.strategy'].options[:hd] = if hd_opts.empty?
        nil
      elsif hd_opts.length == 1
        hd_opts[0]
      else
        hd_opts
      end
    end
  end

  # Parses the url for the user domain
  def parse_user_domain(hostname)
    return hostname.split('.').first if Rails.configuration.url_host.empty?
    Rails.configuration.url_host.split(',').each do |url_host|
      return hostname.chomp(url_host).chomp('.') if hostname.include?(url_host)
    end
    ''
  end

  # Generates a checksum to use alongside the omniauth request
  def generate_checksum(user_domain, redirect_url, secret)
    string = user_domain + redirect_url + secret
    OpenSSL::Digest.digest('sha1', string).unpack1("H*")
  end
end
adhere to rubocop guidelines 2018-06-26 10:29:46 -04:00			`# frozen_string_literal: true`

add LGPL 3.0 headers 2018-08-01 09:45:12 -04:00			`# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.`
			`#`
			`# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).`
			`#`
			`# This program is free software; you can redistribute it and/or modify it under the`
			`# terms of the GNU Lesser General Public License as published by the Free Software`
			`# Foundation; either version 3.0 of the License, or (at your option) any later`
			`# version.`
			`#`
			`# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY`
			`# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A`
			`# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU Lesser General Public License along`
			`# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.`

GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`module OmniauthOptions`
			`module_function`
passing params to the launcher gem 2018-07-09 13:17:23 -04:00
fixing rubocop errors 2018-07-10 15:05:50 -04:00			`def omniauth_options(env)`
Complete refactor of Gemfile and upgraded gems (#2553) 2021-02-26 17:34:07 -05:00			`case env['omniauth.strategy'].options[:name]`
			`when "bn_launcher"`
GRN2-175: Update Greenlight to work with the new launcher (#614) * Update greenlight to support the new launcher * Update comments to indicate that checksum should eventually be removed * Fix spelling mistake * Fix rubocop * Missed variable name change * Support old environment variable 2019-07-09 16:46:25 -04:00			`protocol = Rails.env.production? ? "https" : env["rack.url_scheme"]`

Complete refactor of Gemfile and upgraded gems (#2553) 2021-02-26 17:34:07 -05:00			`customer_redirect_url = "#{protocol}://#{env['SERVER_NAME']}:#{env['SERVER_PORT']}"`
GRN2-107: Add office365 auth (#616) * add office365 auth * Delete conflicting file 2019-07-09 13:54:15 -04:00			`user_domain = parse_user_domain(env["SERVER_NAME"])`
			`env['omniauth.strategy'].options[:customer] = user_domain`
GRN2-175: Update Greenlight to work with the new launcher (#614) * Update greenlight to support the new launcher * Update comments to indicate that checksum should eventually be removed * Fix spelling mistake * Fix rubocop * Missed variable name change * Support old environment variable 2019-07-09 16:46:25 -04:00			`env['omniauth.strategy'].options[:customer_redirect_url] = customer_redirect_url`
GRN2-107: Add office365 auth (#616) * add office365 auth * Delete conflicting file 2019-07-09 13:54:15 -04:00			`env['omniauth.strategy'].options[:default_callback_url] = Rails.configuration.gl_callback_url`
GRN2-175: Update Greenlight to work with the new launcher (#614) * Update greenlight to support the new launcher * Update comments to indicate that checksum should eventually be removed * Fix spelling mistake * Fix rubocop * Missed variable name change * Support old environment variable 2019-07-09 16:46:25 -04:00
			`# This is only used in the old launcher and should eventually be removed`
			`env['omniauth.strategy'].options[:checksum] = generate_checksum(user_domain, customer_redirect_url,`
GRN2-107: Add office365 auth (#616) * add office365 auth * Delete conflicting file 2019-07-09 13:54:15 -04:00			`Rails.configuration.launcher_secret)`
Complete refactor of Gemfile and upgraded gems (#2553) 2021-02-26 17:34:07 -05:00			`when "google"`
GRN2-107: Add office365 auth (#616) * add office365 auth * Delete conflicting file 2019-07-09 13:54:15 -04:00			`set_hd(env, ENV['GOOGLE_OAUTH2_HD'])`
Complete refactor of Gemfile and upgraded gems (#2553) 2021-02-26 17:34:07 -05:00			`when "office365"`
GRN2-107: Add office365 auth (#616) * add office365 auth * Delete conflicting file 2019-07-09 13:54:15 -04:00			`set_hd(env, ENV['OFFICE365_HD'])`
Complete refactor of Gemfile and upgraded gems (#2553) 2021-02-26 17:34:07 -05:00			`when "openid_connect"`
Refine OpenID Connect Authentication from #1194 (#1399) * Adds OpenID Connect. * Add CSS class for openid_connect omniauth provider * Add translation (de_DE and en) for openid_connect omniauth provider label * Make uid_field configurable for openid_connect omniauth provider * updates to support for openid * updates to support for openid * updated ldap gem * updated sample.env Co-authored-by: mapidentity <git@mapidentity.com> Co-authored-by: Jesus Federico <jesus@123it.ca> Co-authored-by: mapidentity <49822181+mapidentity@users.noreply.github.com> 2021-01-07 15:11:17 -05:00			`set_hd(env, ENV['OPENID_CONNECT_HD'])`
GRN2-107: Add office365 auth (#616) * add office365 auth * Delete conflicting file 2019-07-09 13:54:15 -04:00			`end`
passing params to the launcher gem 2018-07-09 13:17:23 -04:00			`end`
Fixed #318 Allow multiple domains when using Google as OAuth provider (GRN-38) (#319) * <Added muli_domain restriction with google_oauth> * <Fixed code style> * <Added some rspec tests> 2018-11-15 15:01:53 -05:00
GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`# Limits the domain that can be used with the provider`
GRN2-107: Add office365 auth (#616) * add office365 auth * Delete conflicting file 2019-07-09 13:54:15 -04:00			`def set_hd(env, hd)`
Fix office365 if hd environment variable isn't set (#629) 2019-07-11 11:14:43 -04:00			`if hd`
			`hd_opts = hd.split(',')`
GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`env['omniauth.strategy'].options[:hd] = if hd_opts.empty?`
			`nil`
			`elsif hd_opts.length == 1`
			`hd_opts[0]`
			`else`
			`hd_opts`
Fixed #318 Allow multiple domains when using Google as OAuth provider (GRN-38) (#319) * <Added muli_domain restriction with google_oauth> * <Fixed code style> * <Added some rspec tests> 2018-11-15 15:01:53 -05:00			`end`
GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`end`
Fixed #318 Allow multiple domains when using Google as OAuth provider (GRN-38) (#319) * <Added muli_domain restriction with google_oauth> * <Fixed code style> * <Added some rspec tests> 2018-11-15 15:01:53 -05:00			`end`
GRN2-155: Begin preparing for removal of Twitter accounts (#615) * Add twitter deprecation message * Fix rspec test * Extract room switch to its own method * update method name 2019-07-09 13:06:07 -04:00
GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`# Parses the url for the user domain`
			`def parse_user_domain(hostname)`
			`return hostname.split('.').first if Rails.configuration.url_host.empty?`
			`Rails.configuration.url_host.split(',').each do \|url_host\|`
			`return hostname.chomp(url_host).chomp('.') if hostname.include?(url_host)`
GRN2-155: Begin preparing for removal of Twitter accounts (#615) * Add twitter deprecation message * Fix rspec test * Extract room switch to its own method * update method name 2019-07-09 13:06:07 -04:00			`end`
GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`''`
			`end`

			`# Generates a checksum to use alongside the omniauth request`
			`def generate_checksum(user_domain, redirect_url, secret)`
			`string = user_domain + redirect_url + secret`
			`OpenSSL::Digest.digest('sha1', string).unpack1("H*")`
GRN2-155: Begin preparing for removal of Twitter accounts (#615) * Add twitter deprecation message * Fix rspec test * Extract room switch to its own method * update method name 2019-07-09 13:06:07 -04:00			`end`
initial commit 2018-05-07 16:06:01 -04:00			`end`