Class: Api::V2::Auth::OauthController

Inherits:
ActionController::API
  • Object
show all
Defined in:
app/controllers/api/v2/auth/oauth_controller.rb

Instance Method Summary collapse

Instance Method Details

#callbackObject 



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
# File 'app/controllers/api/v2/auth/oauth_controller.rb', line 3

def callback
  email = params['email']

  user = User.find_or_create_by(email: email) do |u|
    u.name = params['given_name']
    u.surname = params['family_name']
    u.password = u.password_confirmation = ThecoreAuthCommons.generate_secure_password
    u.auth_source = params['provider'] # 'google' or 'microsoft'
    u.admin = true
  end
  unless user
    render json: { error: "User not registered" }, status: :unauthorized
    return
  end

  token = JsonWebToken.encode(user_id: user.id)

  if ENV["ALLOW_MULTISESSIONS"] == "false"
    UsedToken.where(user_id: user.id).update_all(is_valid: false)
    UsedToken.create!(token: token, user_id: user.id)
  end

  # redirect_url = "#{ENV['FRONTEND_URL']}?token=#{token}"
  # redirect_to redirect_url
  response.set_header("Token", JsonWebToken.encode(user_id: user.id))
  render json: user, status: :ok
end

#exchange_tokenObject 



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'app/controllers/api/v2/auth/oauth_controller.rb', line 35

def exchange_token
  provider_token = params[:provider_token]
  provider = params[:provider] # 'google' or 'microsoft'

   = case provider
  when 'google'
    uri = URI("https://www.googleapis.com/oauth2/v3/userinfo")
    res = Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |http|
      req = Net::HTTP::Get.new(uri)
      req["Authorization"] = "Bearer #{provider_token}"
      http.request(req)
    end
    JSON.parse(res.body)
  when 'microsoft'
    uri = URI("https://graph.microsoft.com/v1.0/me")
    res = Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |http|
      req = Net::HTTP::Get.new(uri)
      req["Authorization"] = "Bearer #{provider_token}"
      http.request(req)
    end
    JSON.parse(res.body)
  else
    return render json: { error: "Unknown provider" }, status: :unprocessable_entity
  end

  email = ["mail"] || ["email"] || ["userPrincipalName"]
  user = User.find_by(email: email)

  if user.nil?
    return render json: { error: "User not registered" }, status: :unauthorized
  end

  response.set_header("Token", JsonWebToken.encode(user_id: user.id))
  render json: user, status: :ok
end

#failureObject 



31
32
33
 
# File 'app/controllers/api/v2/auth/oauth_controller.rb', line 31

def failure
  render json: { error: "OAuth authentication failed" }, status: :unauthorized
end