Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #3 from cased/guard
Cased CLI integration
- Loading branch information
Showing
65 changed files
with
719 additions
and
59 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
//= link_tree ../../images/cased | ||
//= link_directory ../../javascripts/cased .js |
Binary file not shown.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
//= require rails-ujs | ||
|
||
let windowReference = null; | ||
let previousUrl = null; | ||
let casedCreateSession = null; | ||
let casedLoggedInContainer = null; | ||
let casedLoggedOutContainer = null; | ||
let casedUser = null; | ||
|
||
// receiveMessage is the callback that is triggered when an authentication | ||
// response is received from the new window we opened. | ||
// | ||
// We use this callback to update the user information in the UI and show the | ||
// logged in container. | ||
const receiveMessage = (event) => { | ||
if (!event.isTrusted) { | ||
return; | ||
} | ||
|
||
const { user } = event.data; | ||
casedUser.innerText = user; | ||
if (casedCreateSession) { | ||
casedCreateSession.submit(); | ||
} else { | ||
casedLoggedInContainer.classList.remove("hidden"); | ||
casedLoggedOutContainer.classList.add("hidden"); | ||
} | ||
}; | ||
|
||
// openSignInWindow is used to present the Cased sign in window. | ||
const openSignInWindow = (url) => { | ||
window.removeEventListener("message", receiveMessage); | ||
const windowFeatures = | ||
"toolbar=no, menubar=no, width=600, height=700, top=50, left=200"; | ||
|
||
if (windowReference === null || windowReference.closed) { | ||
windowReference = window.open(url, "Cased", windowFeatures); | ||
} else if (previousUrl !== url) { | ||
// If the window is already open and the previous URL was different, we need | ||
// to load a new URL and refocus. | ||
windowReference = window.open(url, "Cased", windowFeatures); | ||
windowReference.focus(); | ||
} else { | ||
windowReference.focus(); | ||
} | ||
|
||
window.addEventListener("message", (event) => receiveMessage(event), false); | ||
previousUrl = url; | ||
}; | ||
|
||
window.addEventListener("DOMContentLoaded", (event) => { | ||
// Global elements | ||
casedCreateSession = document.getElementById("cased-create-session"); | ||
casedLoggedInContainer = document.getElementById("cased-logged-in"); | ||
casedLoggedOutContainer = document.getElementById("cased-logged-out"); | ||
casedUser = document.getElementById("cased-user"); | ||
|
||
// Local elements | ||
const casedAuthenticate = document.getElementById("cased-authenticate"); | ||
if (casedAuthenticate) { | ||
casedAuthenticate.addEventListener("click", (event) => { | ||
event.preventDefault(); | ||
|
||
openSignInWindow(event.currentTarget.href); | ||
}); | ||
} | ||
|
||
const casedLogout = document.getElementById("cased-logout"); | ||
if (casedLogout) { | ||
casedLogout.addEventListener("ajax:success", (_event) => { | ||
casedLoggedInContainer.classList.add("hidden"); | ||
casedLoggedOutContainer.classList.remove("hidden"); | ||
}); | ||
} | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
# frozen_string_literal: true | ||
|
||
module Cased | ||
class AuthorizationsController < ApplicationController | ||
def create | ||
self.cased_authorization = params[:token] | ||
end | ||
|
||
def destroy | ||
self.cased_authorization = nil | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
# frozen_string_literal: true | ||
|
||
module Cased | ||
module CLI | ||
class SessionsController < ApplicationController | ||
def show | ||
guard_session = Cased::CLI::Session.find(params[:guard_session_id]) | ||
|
||
respond_to do |format| | ||
format.html do | ||
render partial: 'cased/cli/sessions/form', locals: { guard_session: guard_session } | ||
end | ||
|
||
format.json do | ||
render partial: 'cased/cli/sessions/guard_session', locals: { guard_session: guard_session } | ||
end | ||
end | ||
end | ||
|
||
def cancel | ||
guard_session = Cased::CLI::Session.find(params[:guard_session_id]) | ||
guard_session.cancel | ||
|
||
respond_to do |format| | ||
format.html do | ||
safe_redirect_back | ||
end | ||
|
||
format.json do | ||
render partial: 'cased/cli/sessions/guard_session', locals: { guard_session: guard_session } | ||
end | ||
end | ||
end | ||
|
||
private | ||
|
||
def safe_redirect_back(allow_other_host: false, **args) | ||
referer = params[:referer] | ||
redirect_to_referer = referer && (allow_other_host || url_host_allowed?(referer)) | ||
redirect_to redirect_to_referer ? referer : guard_fallback_location, **args | ||
end | ||
|
||
def url_host_allowed?(url) | ||
uri = URI(url.to_s) | ||
|
||
# We're redirecting to a path on app.cased.com, that is okay. | ||
return true if uri.host.blank? | ||
|
||
uri.host == request.host | ||
rescue ArgumentError, URI::Error | ||
false | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# frozen_string_literal: true | ||
|
||
module CasedHelper | ||
# Guarded parameters are the original parameters when the form was first | ||
# submitted. These parameters need to be preserved. | ||
def guarded_parameters(form) | ||
form_params = params.except(:authenticity_token, :controller, :action) | ||
|
||
safe_join render_guarded_parameters(form, form_params.to_unsafe_h) | ||
end | ||
|
||
def render_guarded_parameters(form, form_params, prefix = nil) | ||
form_params.collect do |key, value| | ||
case value | ||
when Hash | ||
render_guarded_parameters(form, value, key) | ||
else | ||
name = prefix ? "#{prefix}[#{key}]" : key | ||
hidden_field_tag(name, value) | ||
end | ||
end | ||
end | ||
end |
Oops, something went wrong.