+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
class UserSessionsController < ApplicationController
before_filter :require_auth_scope, :only => [ :destroy ]
return redirect_to login_failure_url
end
- user = User.find_by_identity_url(omniauth['info']['identity_url'])
+ # Only local users can create sessions, hence uuid_like_pattern
+ # here.
+ user = User.unscoped.where('identity_url = ? and uuid like ?',
+ omniauth['info']['identity_url'],
+ User.uuid_like_pattern).first
if not user
# Check for permission to log in to an existing User record with
# a different identity_url
end
end
end
+
if not user
# New user registration
user = User.new(:email => omniauth['info']['email'],
:identity_url => omniauth['info']['identity_url'],
:is_active => Rails.configuration.new_users_are_active,
:owner_uuid => system_user_uuid)
+ if omniauth['info']['username']
+ user.set_initial_username(requested: omniauth['info']['username'])
+ end
act_as_system_user do
user.save or raise Exception.new(user.errors.messages)
end
# First login to a pre-activated account
user.identity_url = omniauth['info']['identity_url']
end
+
+ while (uuid = user.redirect_to_user_uuid)
+ user = User.unscoped.where(uuid: uuid).first
+ if !user
+ raise Exception.new("identity_url #{omniauth['info']['identity_url']} redirects to nonexistent uuid #{uuid}")
+ end
+ end
end
# For the benefit of functional and integration tests:
# Stub: automatically register all new API clients
api_client_url_prefix = callback_url.match(%r{^.*?://[^/]+})[0] + '/'
act_as_system_user do
- @api_client = ApiClient.find_or_create_by_url_prefix api_client_url_prefix
+ @api_client = ApiClient.
+ find_or_create_by(url_prefix: api_client_url_prefix)
end
api_client_auth = ApiClientAuthorization.