Module: Cyclid::API::Plugins::ApiExtension::GithubMethods::OAuth

Included in:
Cyclid::API::Plugins::ApiExtension::GithubMethods
Defined in:
app/cyclid/plugins/api/github/oauth.rb

Overview

OAuth related methods

Instance Method Summary collapse

Instance Method Details

#oauth_callback(_headers, _config) ⇒ Object

OAuth authentication callback



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
# File 'app/cyclid/plugins/api/github/oauth.rb', line 56

def oauth_callback(_headers, _config)
  Cyclid.logger.debug('OAuth callback')

  return_failure(500, 'Github OAuth response does not provide a code') \
    unless params.key? 'code'

  state = oauth_state

  return_failure(500, 'Github OAuth response does not provide a valid state') \
    unless params.key? 'state' or params['state'] != state

  begin
    # Retrieve the plugin configuration
    plugins_config = Cyclid.config.plugins
    github_config = load_github_config(plugins_config)

    # Exchange the code for a bearer token
    u = URI.parse('https://github.com/login/oauth/access_token')
    u.query = URI.encode_www_form(client_id: github_config[:client_id],
                                  client_secret: github_config[:client_secret],
                                  state: state,
                                  code: params['code'])

    request = Net::HTTP::Post.new(u)
    request['Accept'] = 'application/json'
    http = Net::HTTP.new(u.hostname, u.port)
    http.use_ssl = (u.scheme == 'https')
    response = http.request(request)
  rescue StandardError => ex
    Cyclid.logger.debug "failed to request OAuth token: #{ex}"
    return_failure(500, 'could not complete OAuth token exchange')
  end

  return_failure(500, "couldn't get OAuth token") \
    unless response.code == '200'

  # Parse the response and extract the OAuth token
  begin
    token = JSON.parse(response.body, symbolize_names: true)
    access_token = token[:access_token]
  rescue StandardError => ex
    Cyclid.logger.debug "failed to parse OAuth response: #{ex}"
    return_failure(500, 'failed to parse OAuth response')
  end

  # XXX Encrypt the token
  begin
    org = retrieve_organization
    controller_plugin.set_config({ oauth_token: access_token }, org)
  rescue StandardError => ex
    Cyclid.logger.debug "failed to set plugin configuration: #{ex}"
  end

  # Redirect to something worth looking at
  redirect github_config[:ui_url]
end

#oauth_request(_headers, _config) ⇒ Object

Begin the OAuth authentication flow



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'app/cyclid/plugins/api/github/oauth.rb', line 29

def oauth_request(_headers, _config)
  Cyclid.logger.debug('OAuth request')
  # authorize('get')

  begin
    # Retrieve the plugin configuration
    plugins_config = Cyclid.config.plugins
    github_config = load_github_config(plugins_config)

    api_url = github_config[:api_url]
    redirect_uri = "#{api_url}/organizations/#{organization_name}" \
                   '/plugins/github/oauth/callback'

    # Redirect the user to the Github OAuth authorization endpoint
    u = URI.parse('https://github.com/login/oauth/authorize')
    u.query = URI.encode_www_form(client_id: github_config[:client_id],
                                  scope: 'repo',
                                  state: oauth_state,
                                  redirect_uri: redirect_uri)
    redirect u
  rescue StandardError => ex
    Cyclid.logger.debug "OAuth redirect failed: #{ex}"
    return_failure(500, 'OAuth redirect failed')
  end
end