projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch '1694-user-agreement'
[arvados.git]
/
services
/
api
/
app
/
controllers
/
user_sessions_controller.rb
diff --git
a/services/api/app/controllers/user_sessions_controller.rb
b/services/api/app/controllers/user_sessions_controller.rb
index 961ab4e8bb00456f25df093ea1bfb7e130a9aa66..eaaf7b5b93598a0d8a173998e7867ff67933a570 100644
(file)
--- a/
services/api/app/controllers/user_sessions_controller.rb
+++ b/
services/api/app/controllers/user_sessions_controller.rb
@@
-1,7
+1,6
@@
class UserSessionsController < ApplicationController
class UserSessionsController < ApplicationController
- before_filter :
login_required
, :only => [ :destroy ]
+ before_filter :
require_auth_scope_all
, :only => [ :destroy ]
- skip_before_filter :uncamelcase_params_hash_keys
skip_before_filter :find_object_by_uuid
respond_to :html
skip_before_filter :find_object_by_uuid
respond_to :html
@@
-14,12
+13,10
@@
class UserSessionsController < ApplicationController
identity_url_ok = (omniauth['info']['identity_url'].length > 0) rescue false
unless identity_url_ok
# Whoa. This should never happen.
identity_url_ok = (omniauth['info']['identity_url'].length > 0) rescue false
unless identity_url_ok
# Whoa. This should never happen.
+ logger.error "UserSessionsController.create: omniauth object missing/invalid"
+ logger.error "omniauth.pretty_inspect():\n\n#{omniauth.pretty_inspect()}"
- @title = "UserSessionsController.create: omniauth object missing/invalid"
- @body = "omniauth.pretty_inspect():\n\n#{omniauth.pretty_inspect()}"
-
- view_context.fatal_error(@title,@body)
- return redirect_to openid_login_error_url
+ return redirect_to login_failure_url
end
user = User.find_by_identity_url(omniauth['info']['identity_url'])
end
user = User.find_by_identity_url(omniauth['info']['identity_url'])
@@
-96,20
+93,22
@@
class UserSessionsController < ApplicationController
# Stub: automatically register all new API clients
api_client_url_prefix = callback_url.match(%r{^.*?://[^/]+})[0] + '/'
# Stub: automatically register all new API clients
api_client_url_prefix = callback_url.match(%r{^.*?://[^/]+})[0] + '/'
- api_client = ApiClient.find_or_create_by_url_prefix(api_client_url_prefix)
+ act_as_system_user do
+ @api_client = ApiClient.find_or_create_by_url_prefix api_client_url_prefix
+ end
api_client_auth = ApiClientAuthorization.
new(user: user,
api_client_auth = ApiClientAuthorization.
new(user: user,
- api_client: api_client,
+ api_client:
@
api_client,
created_by_ip_address: remote_ip)
api_client_auth.save!
if callback_url.index('?')
created_by_ip_address: remote_ip)
api_client_auth.save!
if callback_url.index('?')
- callback_url
<<
'&'
+ callback_url
+=
'&'
else
else
- callback_url
<<
'?'
+ callback_url
+=
'?'
end
end
- callback_url
<< 'api_token=' <<
api_client_auth.api_token
+ callback_url
+= 'api_token=' +
api_client_auth.api_token
redirect_to callback_url
end
end
redirect_to callback_url
end
end