Commit 145a888

mo <mo.khan@gmail.com>
2017-10-22 22:40:25
parse the saml response attributes correctly.
1 parent 0b468b3
Changed files (7)
airport
app
controllers
computers_controller.rb
dashboard_controller.rb
sessions_controller.rb
models
api_client.rb
saml_response.rb
views
computers
index.html.erb
dashboard
show.html.erb
airport/app/controllers/computers_controller.rb
@@ -1,7 +0,0 @@
-class ComputersController < ApplicationController
-  def index
-    @computers = ApiClient.new(session).computers
-  rescue => error
-    @error = error
-  end
-end
airport/app/controllers/dashboard_controller.rb
@@ -2,6 +2,5 @@ class DashboardController < ApplicationController
   def show
     @user_id = session[:user_id]
     @email = session[:email]
-    @access_token = session[:access_token]
   end
 end
airport/app/controllers/sessions_controller.rb
@@ -9,9 +9,8 @@ class SessionsController < ApplicationController
 
   def create
     saml_response = SamlResponse.parse(params[:SAMLResponse])
-    session[:email] = saml_response.email
-    session[:user_id] = saml_response[:user_id]
-    session[:access_token] = ApiClient.new(session).access_token
+    session[:user_id] = saml_response.name_id
+    session[:email] = saml_response[:email]
     redirect_to dashboard_path
   end
airport/app/models/api_client.rb
@@ -1,33 +0,0 @@
-class ApiClient
-  attr_reader :session
-
-  def initialize(session)
-    @session = session
-  end
-
-  def user_id
-    session[:user_id]
-  end
-
-  def access_token
-    return session[:access_token] if session[:access_token].present?
-
-    url = "https://portal.dev/v1/users/#{user_id}/api_credentials"
-    payload = { grant_type: "authorization_code", code: authorization_code }
-    result = RestClient::Resource.new(url, verify_ssl: OpenSSL::SSL::VERIFY_NONE).post(payload.to_json, { content_type: :json, accept: :json })
-    json = JSON.parse(result.body, symbolize_names: true)
-    json[:data][:access_token]
-  end
-
-  def computers
-    url = "https://portal.dev/v1/computers/"
-    result = RestClient::Resource.new(url, verify_ssl: OpenSSL::SSL::VERIFY_NONE).get(content_type: :json, accept: :json, authorization: "Bearer #{access_token}")
-    JSON.parse(result.body, symbolize_names: true)[:data]
-  end
-
-  private
-
-  def authorization_code(username: Rails.configuration.x.api_client_id, password: Rails.configuration.x.api_client_secret)
-    ActionController::HttpAuthentication::Basic.encode_credentials(username, password).split(' ', 2).second
-  end
-end
airport/app/models/saml_response.rb
@@ -4,7 +4,7 @@ class SamlResponse
     @hash = Hash.from_xml(xml)
   end
 
-  def email
+  def name_id
     @hash['Response']['Assertion']['Subject']['NameID']
   end
airport/app/views/computers/index.html.erb
@@ -1,5 +0,0 @@
-<% if @error %>
-  <%= debug @error.response.body.inspect %>
-<% else %>
-  <%= debug @computers %>
-<% end %>
airport/app/views/dashboard/show.html.erb
@@ -1,4 +1,1 @@
 <h1>Welcome <%= @user_id %>:<%= @email %></h1>
-<p>Your AMP API Access token is: <%= @access_token %></p>
-
-<%= link_to "computers", computers_path %>