Issue #65: ADD govbr to omniauth

782994ec · Richard Fernando Heise Ferreira · 3b4e7225 · 782994ec · 782994ec · 782994ec
Commit 782994ec authored 8 months ago by Richard Fernando Heise Ferreira
--- a/.env.dev
+++ b/.env.dev
@@ -37,5 +37,10 @@ RAILS_MAX_THREADS=8

 REDIS_HOST=redis

+#google
 GOOGLE_KEY=
 GOOGLE_SECRET=
+
+# govbr
+client_id=
+client_secret=
--- a/.gitignore
+++ b/.gitignore
@@ -40,3 +40,5 @@ autocomplete-server.service
 /config/sidekiq.yml
 .env
 .env.prod
+public/*
+tmp/*
--- a/Gemfile
+++ b/Gemfile
@@ -148,6 +148,12 @@ gem 'omniauth-facebook'
 gem 'omniauth-twitter'
 gem 'omniauth-google-oauth2', '0.8.2'

+# govbr
+gem 'omniauth', '1.9.1'
+gem "omniauth-rails_csrf_protection", '0.1.2'
+gem 'omniauth-oauth2'
+gem 'omniauth-gov', '~> 0.1.8'
+
 gem 'faraday'
 gem 'net-http-persistent'

@@ -186,5 +192,3 @@ gem 'multipart-post', '~> 2.0'

 gem 'faraday-multipart', '~> 1.0', '>= 1.0.4'
 gem 'tzinfo-data'
\ No newline at end of file
-
-
--- a/app/controllers/concerns/downloadable_controller.rb
+++ b/app/controllers/concerns/downloadable_controller.rb
@@ -32,7 +32,7 @@ module DownloadableController
    attachment_name = attachment["name"]

    link = attachment["retrieve_link"]
-    source = "https://mecdb4.c3sl.ufpr.br:8443" + link
+    source = "https://mecdb4.c3sl.ufpr.br" + link
    
    require 'open-uri'
   

--- a/app/controllers/v1/learning_objects_controller.rb
+++ b/app/controllers/v1/learning_objects_controller.rb
@@ -96,7 +96,7 @@ class V1::LearningObjectsController < ApplicationController
      publisher = LearningObjectPublisher.new(DspaceService.create_client)
      publisher.update_dspace(@learning_object)

-      render json: @learning_object, status: :ok
+      render status: :ok
    else
        render json: @learning_object.errors, status: :unprocessable_entity
    end

--- a/app/controllers/v1/omniauth_callbacks_controller.rb
+++ b/app/controllers/v1/omniauth_callbacks_controller.rb
@@ -35,3 +35,24 @@ require 'open-uri'
    end

  end
+
+# frozen_string_literal: true
+
+class Auth::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+	skip_before_action :verify_authenticity_token
+
+	def gov
+		@user = User.from_gov_br_omniauth(request.env["omniauth.auth"]["info"])
+
+		if @user.id.present?
+			sign_in_and_redirect @user, :event => :authentication
+			set_flash_message(:notice, :success, :kind => "Login Unico") if is_navigational_format?	  
+		else
+		end
+	end
+	
+	def failure
+    redirect_to root_path
+	end
+
+end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -615,4 +615,39 @@ class User < ApplicationRecord
  def complaint_reject(params)
  end

+  devise :database_authenticatable,
+  # ...
+  :omniauthable, omniauth_providers: %i[gov]
+
+  # ...
+  def self.from_gov_br_omniauth(info)
+    # Exemplo hash info
+    # {
+    #   "id": 1702579345,
+    #   "cpf": '99999999999',
+    #   "nome_social": 'Nome Social',
+    #   "email_verified": true,
+    #   "profile": 'https://servicos.staging.acesso.gov.br/',
+    #   "username": '99999999999',
+    #   "picture": raw_info["picture"],
+    #   "name": raw_info["name"],
+    #   "email": raw_info["email"],
+    # }    
+    user = User.find_by_email(info["email"]) # ou outra chave
+
+    unless user.nil?
+      user.update_attributes(provider: 'login-unico', uid: info["id"])
+    else
+      name = info["name"]
+      email = info["email"]
+      user = User.new do |user|
+        user.name = name
+        user.email = email
+      end
+      user.skip_confirmation!
+      user.save
+    end
+
+    return user
+  end
 end
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -288,4 +288,17 @@ Devise.setup do |config|
  # middleware b/c rails-api does not include it.
  # See: http://stackoverflow.com/q/19600905/806956
  config.navigational_formats = [:json]
+
+  config.omniauth :gov,
+      ENV['client_id'],
+      ENV['client_secret'],
+    scope: 'openid+email+profile+govbr_confiabilidades+',
+    callback_path: '/callback-da-aplicacao',
+    client_options: {
+      site: 'https://sso.acesso.gov.br', # Ambiente de produção.
+      authorize_url: 'https://sso.acesso.gov.br/authorize', # Ambiente de produção.
+      token_url: 'https://sso.acesso.gov.br/token' # Ambiente de produção.
+    }
+
+    config.omniauth_path_prefix = '/prefixo-devise/prefixo-omniauth'
 end
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@@ -29,4 +29,5 @@ Rails.application.config.middleware.use OmniAuth::Builder do
 end

 OmniAuth.config.allowed_request_methods = [:post, :get]
-OmniAuth.config.full_host = Rails.env.production? ? 'https://api.portalmec.c3sl.ufpr.br' : 'https://api.portlmec.c3sl.ufpr.br'
+OmniAuth.config.full_host = Rails.env.production? ? 'https://api.mecred.c3sl.ufpr.br' : 'https://api.mecred.c3sl.ufpr.br'
+OmniAuth.config.logger = Rails.logger
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -27,7 +27,7 @@ services:
    depends_on:
      - redis
    ports:
-      - "3000:3000"
+      - "3001:3000"
    volumes:
      - .:/app
      - gem_cache:/usr/local/bundle/gems