BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
f11caaf4
Commit
f11caaf4
authored
Dec 12, 2016
by
Z.J. van de Weg
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Setup mattermost session
parent
0a645009
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
144 additions
and
0 deletions
+144
-0
mattermost.rb
lib/mattermost/mattermost.rb
+102
-0
mattermost_spec.rb
spec/lib/mattermost/mattermost_spec.rb
+42
-0
No files found.
lib/mattermost/mattermost.rb
0 → 100644
View file @
f11caaf4
module
Mattermost
class
NoSessionError
<
StandardError
;
end
# This class' prime objective is to obtain a session token on a Mattermost
# instance with SSO configured where this GitLab instance is the provider.
#
# The process depends on OAuth, but skips a step in the authentication cycle.
# For example, usually a user would click the 'login in GitLab' button on
# Mattermost, which would yield a 302 status code and redirects you to GitLab
# to approve the use of your account on Mattermost. Which would trigger a
# callback so Mattermost knows this request is approved and gets the required
# data to create the user account etc.
#
# This class however skips the button click, and also the approval phase to
# speed up the process and keep it without manual action and get a session
# going.
class
Mattermost
include
Doorkeeper
::
Helpers
::
Controller
include
HTTParty
attr_accessor
:current_resource_owner
def
initialize
(
uri
,
current_user
)
self
.
class
.
base_uri
(
uri
)
@current_resource_owner
=
current_user
end
def
with_session
raise
NoSessionError
unless
create
yield
destroy
end
# Next methods are needed for Doorkeeper
def
pre_auth
@pre_auth
||=
Doorkeeper
::
OAuth
::
PreAuthorization
.
new
(
Doorkeeper
.
configuration
,
server
.
client_via_uid
,
params
)
end
def
authorization
@authorization
||=
strategy
.
request
end
def
strategy
@strategy
||=
server
.
authorization_request
(
pre_auth
.
response_type
)
end
def
request
@request
||=
OpenStruct
.
new
(
parameters:
params
)
end
def
params
Rack
::
Utils
.
parse_query
(
@oauth_uri
.
query
).
symbolize_keys
end
private
def
create
return
unless
oauth_uri
return
unless
token_uri
self
.
class
.
headers
(
"Cookie"
=>
"MMAUTHTOKEN=
#{
request_token
}
"
)
request_token
end
def
destroy
post
(
'/api/v3/users/logout'
)
end
def
oauth_uri
response
=
get
(
"/api/v3/oauth/gitlab/login"
,
follow_redirects:
false
)
return
unless
300
<=
response
.
code
&&
response
.
code
<
400
redirect_uri
=
response
.
headers
[
'location'
]
return
unless
redirect_uri
@oauth_uri
||=
URI
.
parse
(
redirect_uri
)
end
def
token_uri
@token_uri
||=
if
@oauth_uri
authorization
.
authorize
.
redirect_uri
if
pre_auth
.
authorizable?
end
end
def
request_token
@request_token
||=
if
@token_uri
response
=
get
(
@token_uri
,
follow_redirects:
false
)
response
.
headers
[
'token'
]
if
200
<=
response
.
code
&&
response
.
code
<
400
end
end
def
get
(
path
,
options
=
{})
self
.
class
.
get
(
path
,
options
)
end
def
post
(
path
,
options
=
{})
self
.
class
.
post
(
path
,
options
)
end
end
end
spec/lib/mattermost/mattermost_spec.rb
0 → 100644
View file @
f11caaf4
require
'spec_helper'
describe
Mattermost
::
Mattermost
do
let
(
:user
)
{
create
(
:user
)
}
subject
{
described_class
.
new
(
'http://localhost:8065'
,
user
)
}
# Needed for doorman to function
it
{
is_expected
.
to
respond_to
(
:current_resource_owner
)
}
it
{
is_expected
.
to
respond_to
(
:request
)
}
it
{
is_expected
.
to
respond_to
(
:authorization
)
}
it
{
is_expected
.
to
respond_to
(
:strategy
)
}
describe
'#with session'
do
let!
(
:stub
)
do
WebMock
.
stub_request
(
:get
,
'http://localhost:8065/api/v3/oauth/gitlab/login'
).
to_return
(
headers:
{
'location'
=>
'http://mylocation.com'
},
status:
307
)
end
context
'without oauth uri'
do
it
'makes a request to the oauth uri'
do
expect
{
subject
.
with_session
}.
to
raise_error
(
Mattermost
::
NoSessionError
)
end
context
'with oauth_uri'
do
let!
(
:doorkeeper
)
do
Doorkeeper
::
Application
.
create
(
name:
"GitLab Mattermost"
,
redirect_uri:
"http://localhost:8065/signup/gitlab/complete
\n
http://localhost:8065/login/gitlab/complete"
,
scopes:
""
)
end
context
'without token_uri'
do
it
'can not create a session'
do
expect
do
subject
.
with_session
end
.
to
raise_error
(
Mattermost
::
NoSessionError
)
end
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment