omniauth microsoft

corsego · Apr 6, 2023 · 748452e · 748452e
1 parent ef5e60f
commit 748452e
Show file tree

Hide file tree

Showing 8 changed files with 71 additions and 3 deletions.
diff --git a/Gemfile b/Gemfile
@@ -72,3 +72,5 @@ group :test do
 end
 
 gem "devise", "~> 4.9"
+gem 'omniauth-azure-activedirectory-v2'
+gem "omniauth-rails_csrf_protection"
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -95,8 +95,13 @@ GEM
       responders
       warden (~> 1.2.3)
     erubi (1.12.0)
+    faraday (2.7.4)
+      faraday-net_http (>= 2.0, < 3.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-net_http (3.0.2)
     globalid (1.1.0)
       activesupport (>= 5.0)
+    hashie (5.0.0)
     i18n (1.12.0)
       concurrent-ruby (~> 1.0)
     importmap-rails (1.1.5)
@@ -108,6 +113,7 @@ GEM
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
+    jwt (2.7.0)
     loofah (2.20.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
@@ -122,6 +128,7 @@ GEM
     mini_mime (1.1.2)
     minitest (5.18.0)
     msgpack (1.7.0)
+    multi_xml (0.6.0)
     net-imap (0.3.4)
       date
       net-protocol
@@ -134,13 +141,34 @@ GEM
     nio4r (2.5.9)
     nokogiri (1.14.2-arm64-darwin)
       racc (~> 1.4)
+    oauth2 (2.0.9)
+      faraday (>= 0.17.3, < 3.0)
+      jwt (>= 1.0, < 3.0)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
+    omniauth (2.1.1)
+      hashie (>= 3.4.6)
+      rack (>= 2.2.3)
+      rack-protection
+    omniauth-azure-activedirectory-v2 (2.0.1)
+      omniauth-oauth2 (~> 1.8)
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
+    omniauth-rails_csrf_protection (1.0.1)
+      actionpack (>= 4.2)
+      omniauth (~> 2.0)
     orm_adapter (0.5.0)
     pg (1.4.6)
     public_suffix (5.0.1)
     puma (5.6.5)
       nio4r (~> 2.0)
     racc (1.6.2)
     rack (2.2.6.4)
+    rack-protection (3.0.5)
+      rack
     rack-test (2.1.0)
       rack (>= 1.3)
     rails (7.0.4.3)
@@ -178,11 +206,15 @@ GEM
       actionpack (>= 5.2)
       railties (>= 5.2)
     rexml (3.2.5)
+    ruby2_keywords (0.0.5)
     rubyzip (2.3.2)
     selenium-webdriver (4.8.6)
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
     sprockets (4.2.0)
       concurrent-ruby (~> 1.0)
       rack (>= 2.2.4, < 4)
@@ -200,6 +232,7 @@ GEM
       railties (>= 6.0.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
+    version_gem (1.1.2)
     warden (1.2.9)
       rack (>= 2.0.9)
     web-console (4.2.0)
@@ -229,6 +262,8 @@ DEPENDENCIES
   devise (~> 4.9)
   importmap-rails
   jbuilder
+  omniauth-azure-activedirectory-v2
+  omniauth-rails_csrf_protection
   pg (~> 1.1)
   puma (~> 5.0)
   rails (~> 7.0.4, >= 7.0.4.3)

diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -0,0 +1,19 @@
+class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  def azure_activedirectory_v2
+    data = request.env['omniauth.auth']['info']
+    @user = User.find_by(email: data['email'])
+    @user ||= User.create(
+      email: data['email'],
+      password: Devise.friendly_token[0, 20],
+      uid: request.env['omniauth.auth']['uid'],
+      provider: request.env['omniauth.auth']['provider']
+    )
+    if @user.persisted?
+      flash[:notice] = "success"
+      sign_in_and_redirect @user, event: :authentication
+    else
+      flash[:notice] = "failure"
+      redirect_to new_user_registration_url
+    end
+  end
+end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -2,5 +2,6 @@ class User < ApplicationRecord
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
   devise :database_authenticatable, :registerable,
-         :recoverable, :rememberable, :validatable
+         :recoverable, :rememberable, :validatable,
+         :omniauthable, omniauth_providers: %i[azure_activedirectory_v2]
 end
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -272,6 +272,9 @@
   # Add a new OmniAuth provider. Check the wiki for more information on setting
   # up on your models and hooks.
   # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
+  APP_ID = "foo"
+  APP_SECRET = "bar"
+  config.omniauth :azure_activedirectory_v2, client_id: APP_ID, client_secret: APP_SECRET
 
   # ==> Warden configuration
   # If you want to use other strategies, that are not supported by Devise, or

diff --git a/config/routes.rb b/config/routes.rb
@@ -1,5 +1,5 @@
 Rails.application.routes.draw do
-  devise_for :users
+  devise_for :users, controllers: { omniauth_callbacks: 'users/omniauth_callbacks' }
   root to: redirect('/static/landing_page')
   get 'static/landing_page'
   get 'static/dashboard'

diff --git a/db/migrate/20230406160856_add_omniauth_params_to_users.rb b/db/migrate/20230406160856_add_omniauth_params_to_users.rb
@@ -0,0 +1,6 @@
+class AddOmniauthParamsToUsers < ActiveRecord::Migration[7.0]
+  def change
+    add_column :users, :uid, :string
+    add_column :users, :provider, :string
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb