extract auth to plugins, starting with ldap #3001
Conversation
not everyone should have to include all the various gems for auth, so let's move them into plugins and also make it possible to write a new auth method as plugin
| get '/auth/gitlab/callback', to: 'sessions#gitlab' | ||
| get '/auth/bitbucket/callback', to: 'sessions#bitbucket' | ||
| get '/auth/:type/callback', to: 'sessions#omniauth_callback' | ||
| post '/auth/:type/callback', to: 'sessions#omniauth_callback' |
There was a problem hiding this comment.
any did not work and using match with a placeholder did not work either 🤷♂️
|
|
||
| <% providers.each do |provider| %> | ||
| <%= link_to omniauth_path(provider.downcase.to_sym), class: "action #{provider.downcase}" do %> | ||
| <%= image_tag image_url("auth/#{provider.downcase}.png") %> Login with <%= provider %> |
There was a problem hiding this comment.
could also be a plugin view, but this way the UI stays consistent ...
| end | ||
|
|
||
| def bitbucket | ||
| def omniauth_callback |
There was a problem hiding this comment.
github is 1-off so keeping it separate for now, but eventually it should go through here too
|
Hey @grosser 👋 I tested it and it is returning And I don't know why 😄 .. I need to investigate it better. To easily setup LDAP locally, you can use a docker image from OpenLDAP. make these changes: and do a you can manage your LDAP at: https://localhost:8043 using these login info: Login DN: cn=admin,dc=example,dc=org After authenticating, you should create a Generic: Posix Group and after a Generic: User Account. I will try to investigate it more. If you have more doubts, please ping me. |
|
awesome, I'll put that into the ldap readme :D
…On Mon, Oct 15, 2018 at 4:51 PM Kadu Ribeiro ***@***.***> wrote:
Hey @grosser <https://github.com/grosser> 👋
I tested it and it is returning No route matches [GET] "/auth/ldap"
And I don't know why 😄 .. I need to investigate it better.
To easily setup LDAP locally, you can use a docker image from OpenLDAP.
make these changes:
diff --git a/docker-compose.yml b/docker-compose.yml
index a1cbd5708..d6ad08390 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,12 +1,34 @@
version: "2"
services:
samson:
- image: zendesk/samson:latest
+ build: .
ports:
- "3000:9080"
volumes:
- .:/app/
environment:
DATABASE_URL: "sqlite3:///app/db/development.sqlite3"
+ LDAP_HOST: ldap
RAILS_LOG_TO_STDOUT: 1
+ links:
+ - ldap
command: ["./script/docker_dev_server"]
+
+ ldap:
+ image: osixia/openldap
+ ports:
+ - "389"
+ - "636"
+ volumes:
+ - ./tmp/ldap_data:/var/lib/ldap
+ - ./tmp/slapd_data:/etc/ldap/slapd.d
+
+ phpldapadmin:
+ image: osixia/phpldapadmin
+ links:
+ - ldap
+ ports:
+ - "8080:80"
+ - "8043:443"
+ environment:
+ PHPLDAPADMIN_LDAP_HOSTS: ldap
and do a
docker-compose up
you can manage your LDAP at: https://localhost:8043
using these login info:
Login DN: cn=admin,dc=example,dc=org
Password: admin
After authenticating, you should create a Generic: Posix Group and after a
Generic: User Account.
I will try to investigate it more. If you have more doubts, please ping me.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3001 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAAsZ2axyFgp_qxmDIMEc0oxOErHs4Cwks5ulR9tgaJpZM4Xbkdz>
.
|
|
the /auth/ldap comes from calling |
1 similar comment
|
the /auth/ldap comes from calling |
not everyone should have to include all the various gems for auth,
so let's move them into plugins and also make it possible to write a new auth method as plugin
WIP feedback welcome, still need to move tests around, but basics seem to work / code did not get too ugly
@samson/bre
@duduribeiro @jgoerz I need someone to test this so I don't break stuff ... I don't have ldap ... ideally comment on how to get a test setup going ...
Risks