Changes LDAP to a redirection flow, closes #145

omniauth · Jan 14, 2011 · cd95228 · cd95228 · sbfaulkner · Jan 14, 2011
1 parent c220a81
commit cd95228
Showing 1 changed file with 9 additions and 12 deletions.
diff --git a/oa-enterprise/lib/omniauth/strategies/ldap.rb b/oa-enterprise/lib/omniauth/strategies/ldap.rb
@@ -39,40 +39,37 @@ def request_phase
         if env['REQUEST_METHOD'] == 'GET'
           get_credentials
         else
-          perform
+          session['omniauth.ldap'] = {'username' => request['username'], 'password' => request['password']}
+          redirect callback_path
         end
       end
 
-	  def get_credentials
+  	  def get_credentials
         OmniAuth::Form.build(options[:title] || "LDAP Authentication") do
           text_field 'Login', 'username'
           password_field 'Password', 'password'
         end.to_response
       end
 
-      def perform
+      def callback_phase 
       	begin
+        creds = session.delete 'omniauth.ldap'
 				@ldap_user_info = {}
         (@adaptor.bind unless @adaptor.bound?) rescue puts "failed to bind with the default credentials"          
-        @ldap_user_info = @adaptor.search(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @name_proc.call(request.POST['username'])),:limit => 1) if @adaptor.bound?
-				bind_dn = request.POST['username']
+        @ldap_user_info = @adaptor.search(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @name_proc.call(creds['username'])),:limit => 1) if @adaptor.bound?
+				bind_dn = creds['username']
 				bind_dn = @ldap_user_info[:dn].to_a.first if @ldap_user_info[:dn]
-        @adaptor.bind(:bind_dn => bind_dn, :password => request.POST['password'])
-        @ldap_user_info = @adaptor.search(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @name_proc.call(request.POST['username'])),:limit => 1) if @ldap_user_info.empty?
+        @adaptor.bind(:bind_dn => bind_dn, :password => creds['password'])
+        @ldap_user_info = @adaptor.search(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @name_proc.call(creds['username'])),:limit => 1) if @ldap_user_info.empty?
     	  @user_info = self.class.map_user(@@config, @ldap_user_info)
 
         @env['omniauth.auth'] = auth_hash
-	      @env['PATH_INFO'] = "#{OmniAuth.config.path_prefix}/#{name}/callback"
 
 	      call_app!
       	rescue Exception => e
       	  fail!(:invalid_credentials, e)
       	end
       end      
-
-      def callback_phase
-      	fail!(:invalid_request)
-      end
 
       def auth_hash
         OmniAuth::Utils.deep_merge(super, {