Merge b9d89fa into 640f2f2

ZeusWPI · Aug 2, 2017 · 59a3dd6 · 59a3dd6
2 parents 640f2f2 + b9d89fa
commit 59a3dd6
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 26 deletions.
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -37,22 +37,24 @@ def digest(*args)
     end
 
     # using httparty because it is much easier to read than net/http code
-    resp = HTTParty.get(Rails.application.secrets.fk_auth_url, :query => {
-              :k => digest(username, Rails.application.secrets.fk_auth_key),
-              :u => username
-           })
+    resp = HTTParty.get("#{ Rails.application.secrets.fk_auth_url }/#{ username }/Gandalf",
+                        :headers => {
+                            'X-Authorization' => Rails.application.secrets.fk_auth_key,
+                            'Accept' => 'application/json'
+                        })
 
-    # this will only return the club name if control-hash matches
-    if resp.body != 'FAIL'
+    # this will only return the club names if control-hash matches
+    # and timestamp roughly around our current server time (5 minute tolerance)
+    if resp.success?
       hash = JSON[resp.body]
+      clubs = hash['clubs'].map { |club| club['internal_name'] }
+      timestamp = hash['timestamp']
 
-      clubs_dig = hash['data'].map { |c| c['internalName'] }
-      dig = digest(Rails.application.secrets.fk_auth_salt, username, clubs_dig)
-
-      # Process clubs if the controle is correct
-      if hash['controle'] == dig
-        self.clubs = Club.where(internal_name: clubs_dig)
+      dig = digest(Rails.application.secrets.fk_auth_salt, ugent_login, timestamp, clubs)
+      if (Time.now - DateTime.parse(timestamp)).abs < 5.minutes && hash['sign'] == dig
+        self.clubs = Club.where internal_name: clubs
       end
+
       self.save!
     end
   end

diff --git a/db/seeds.rb b/db/seeds.rb
@@ -8,7 +8,7 @@
 #
 require 'webmock'
 WebMock.allow_net_connect!
-url = 'https://raw.githubusercontent.com/ZeusWPI/hydra/master/iOS/Resources/Associations.json'
+url = 'https://raw.githubusercontent.com/ZeusWPI/hydra/62c7a07f7c3db3fc4460929338d3a3b1bbd06bdb/iOS/Resources/Associations.json'
 hash = JSON(HTTParty.get(url).body)
 WebMock.disable_net_connect!
 

diff --git a/test/models/user_test.rb b/test/models/user_test.rb
@@ -25,25 +25,22 @@
 class UserTest < ActiveSupport::TestCase
 
   def setup
-    stub_request(:get, "http://fkgent.be/api_isengard_v2.php").
-      with(query: hash_including(u: 'tnnaesse')).
-      to_return(body: '{"data":[{"internalName":"zeus","displayName":"Zeus WPI"},{"internalName":"zeus2","displayName":"Zeus WPI2"}],"controle":"78b385b6d773b180deddee6d5f9819771d6f75031c3ae9ea84810fa6869e1547"}')
+    stub_request(:get, "http://fkgent.be/clubs/tnnaesse/Gandalf").
+        to_return(body: build_fk_response(:tnnaesse, %w(zeus zeus2)))
 
-    stub_request(:get, "http://fkgent.be/api_isengard_v2.php").
-      with(query: hash_including(u: 'mherthog')).
-      to_return(body: '{"data":[{"internalName":"fkcentraal","displayName":"FaculteitenKonvent Gent"}],"controle":"aaa8c58fe85af272b980be8f0343bc2bb5b476b9a4917ba5ce9d1a1007436895"}')
+    stub_request(:get, "http://fkgent.be/clubs/mherthog/Gandalf").
+        to_return(body: build_fk_response(:mherthog, %w(fkcentraal)))
 
-    stub_request(:get, "http://fkgent.be/api_isengard_v2.php").
-      with(query: hash_including(u: 'tvwillem')).
-      to_return(body: 'FAIL')
+    stub_request(:get, "http://fkgent.be/clubs/tvwillem/Gandalf").
+       to_return(body: build_fk_response(:tvwillem, []))
 
     stub_request(:get, "http://registratie.fkgent.be/api/v2/members/clubs_for_ugent_nr.json").
-      with(query: {ugent_nr: "00800857", key: "#development#"}).
-      to_return(body: '["zeus"]')
+        with(query: {ugent_nr: "00800857", key: "#development#"}).
+        to_return(body: '["zeus"]')
 
     stub_request(:get, "http://registratie.fkgent.be/api/v2/members/clubs_for_ugent_nr.json").
-      with(query: {ugent_nr: "", key: "#development#"}).
-      to_return(body: '[]')
+        with(query: {ugent_nr: "", key: "#development#"}).
+        to_return(body: '[]')
   end
 
   verify_fixtures User
@@ -82,4 +79,31 @@ def setup
     assert_equal tom.enrolled_clubs, [clubs(:zeus)]
   end
 
+  private
+  def build_fk_response(casname, clubs)
+    timestamp = Time.now
+    sign = Digest::SHA256.hexdigest(
+        [
+            Rails.application.secrets.fk_auth_salt,
+            casname,
+            clean_json(@timestamp),
+            clubs
+        ].join('-')
+    )
+
+    return {
+        timestamp: timestamp,
+        casname: casname,
+        sign: sign,
+        clubs: clubs.map { |club| {
+            internal_name: club
+        }}
+    }
+  end
+
+  # Converts input to it's json representation with beginning and starting quote stripped
+  def clean_json(str)
+    str.to_json.sub(/^\A"(.*)"\z$/, '\\1') # Make sure this is the same string that is sent in the JSON
+  end
+
 end