X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/fb3c02b38a24cda422de95f2f8b49002b841cc72..b05be6e2d1db4e63074fc28e978c40a271376f1f:/services/api/lib/josh_id.rb

diff --git a/services/api/lib/josh_id.rb b/services/api/lib/josh_id.rb
index 25656a9781..f18c0edda0 100644
--- a/services/api/lib/josh_id.rb
+++ b/services/api/lib/josh_id.rb
@@ -1,3 +1,7 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
 require 'omniauth-oauth2'
 module OmniAuth
   module Strategies
@@ -17,6 +21,7 @@ module OmniAuth
           :last_name => raw_info['info']['last_name'],
           :email => raw_info['info']['email'],
           :identity_url => raw_info['info']['identity_url'],
+          :username => raw_info['info']['username'],
         }
       end
 
@@ -25,21 +30,29 @@ module OmniAuth
           'raw_info' => raw_info
         }
       end
-      
+
+      def authorize_params
+        options.authorize_params[:auth_provider] = request.params['auth_provider']
+        super
+      end
+
       def client
         options.client_options[:site] = options[:custom_provider_url]
         options.client_options[:authorize_url] = "#{options[:custom_provider_url]}/auth/josh_id/authorize"
         options.client_options[:access_token_url] = "#{options[:custom_provider_url]}/auth/josh_id/access_token"
+        if Rails.configuration.TLS.Insecure
+          options.client_options[:ssl] = {verify_mode: OpenSSL::SSL::VERIFY_NONE}
+        end
         ::OAuth2::Client.new(options.client_id, options.client_secret, deep_symbolize(options.client_options))
       end
 
       def callback_url
-        full_host + script_name + callback_path + query_string
+        full_host + script_name + callback_path + "?return_to=" + CGI.escape(request.params['return_to'] || '')
       end
 
       def raw_info
         @raw_info ||= access_token.get("/auth/josh_id/user.json?oauth_token=#{access_token.token}").parsed
       end
-    end 
+    end
   end
 end