diff --git a/.env.dev b/.env.dev
index 75723cce1ef9a38e5340957170cf567c4b46346f..b3e60250685b3f5a74fc9654de9f63bcec80f952 100644
--- a/.env.dev
+++ b/.env.dev
@@ -37,5 +37,10 @@ RAILS_MAX_THREADS=8
REDIS_HOST=redis
+#google
GOOGLE_KEY=
GOOGLE_SECRET=
+
+# govbr
+client_id=
+client_secret=
diff --git a/.gitignore b/.gitignore
index 0c0352a5b475ef0a6c3d4778850d35d882584f2f..d0a879d3d7bcfa4173632fe9adc0758fbabc1044 100644
--- a/.gitignore
+++ b/.gitignore
@@ -40,3 +40,5 @@ autocomplete-server.service
/config/sidekiq.yml
.env
.env.prod
+public/*
+tmp/*
diff --git a/Gemfile b/Gemfile
index bb639a56af932a488291be40fbbde06ba813d90a..cd8759d33e3fb4952d2658c39aedb1c3488bd397 100644
--- a/Gemfile
+++ b/Gemfile
@@ -148,6 +148,12 @@ gem 'omniauth-facebook'
gem 'omniauth-twitter'
gem 'omniauth-google-oauth2', '0.8.2'
+# govbr
+gem 'omniauth', '1.9.1'
+gem "omniauth-rails_csrf_protection", '0.1.2'
+gem 'omniauth-oauth2'
+gem 'omniauth-gov', '~> 0.1.8'
+
gem 'faraday'
gem 'net-http-persistent'
@@ -185,6 +191,4 @@ gem 'elasticsearch', '~> 8.6'
gem 'multipart-post', '~> 2.0'
gem 'faraday-multipart', '~> 1.0', '>= 1.0.4'
-gem 'tzinfo-data'
-
-
+gem 'tzinfo-data'
\ No newline at end of file
diff --git a/app/controllers/concerns/downloadable_controller.rb b/app/controllers/concerns/downloadable_controller.rb
index e7e872cfeac592c2fa8e506dab3674c567d1b14c..79e4698708ff3b2123656e159a3ce0529e5c98d7 100644
--- a/app/controllers/concerns/downloadable_controller.rb
+++ b/app/controllers/concerns/downloadable_controller.rb
@@ -32,7 +32,7 @@ module DownloadableController
attachment_name = attachment["name"]
link = attachment["retrieve_link"]
- source = "https://mecdb4.c3sl.ufpr.br:8443" + link
+ source = "https://mecdb4.c3sl.ufpr.br" + link
require 'open-uri'
diff --git a/app/controllers/v1/learning_objects_controller.rb b/app/controllers/v1/learning_objects_controller.rb
index 3030d4552228d79be70d0833a76846d720452243..88326705839ae2d1f63e493e91ad935addf66172 100644
--- a/app/controllers/v1/learning_objects_controller.rb
+++ b/app/controllers/v1/learning_objects_controller.rb
@@ -96,7 +96,7 @@ class V1::LearningObjectsController < ApplicationController
publisher = LearningObjectPublisher.new(DspaceService.create_client)
publisher.update_dspace(@learning_object)
- render json: @learning_object, status: :ok
+ render status: :ok
else
render json: @learning_object.errors, status: :unprocessable_entity
end
diff --git a/app/controllers/v1/omniauth_callbacks_controller.rb b/app/controllers/v1/omniauth_callbacks_controller.rb
index 7d00b05286fb0e70802e9d2f0a13201ada3fa03e..e339e455654e1349827d72e303f180a41256c730 100644
--- a/app/controllers/v1/omniauth_callbacks_controller.rb
+++ b/app/controllers/v1/omniauth_callbacks_controller.rb
@@ -35,3 +35,24 @@ require 'open-uri'
end
end
+
+# frozen_string_literal: true
+
+class Auth::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+ skip_before_action :verify_authenticity_token
+
+ def gov
+ @user = User.from_gov_br_omniauth(request.env["omniauth.auth"]["info"])
+
+ if @user.id.present?
+ sign_in_and_redirect @user, :event => :authentication
+ set_flash_message(:notice, :success, :kind => "Login Unico") if is_navigational_format?
+ else
+ end
+ end
+
+ def failure
+ redirect_to root_path
+ end
+
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index e2c2ec53d1fa0a77af31a11b282549d468e502f9..81f001708b34b23d7d303c780ed333fe72ae15ee 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -615,4 +615,39 @@ class User < ApplicationRecord
def complaint_reject(params)
end
+ devise :database_authenticatable,
+ # ...
+ :omniauthable, omniauth_providers: %i[gov]
+
+ # ...
+ def self.from_gov_br_omniauth(info)
+ # Exemplo hash info
+ # {
+ # "id": 1702579345,
+ # "cpf": '99999999999',
+ # "nome_social": 'Nome Social',
+ # "email_verified": true,
+ # "profile": 'https://servicos.staging.acesso.gov.br/',
+ # "username": '99999999999',
+ # "picture": raw_info["picture"],
+ # "name": raw_info["name"],
+ # "email": raw_info["email"],
+ # }
+ user = User.find_by_email(info["email"]) # ou outra chave
+
+ unless user.nil?
+ user.update_attributes(provider: 'login-unico', uid: info["id"])
+ else
+ name = info["name"]
+ email = info["email"]
+ user = User.new do |user|
+ user.name = name
+ user.email = email
+ end
+ user.skip_confirmation!
+ user.save
+ end
+
+ return user
+ end
end
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index cfc6ce62b5514cb7ffc0ce84d711ccf21613e7b3..6f272e8ae7cf66860fbe3b831ebf140334ec6e54 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -288,4 +288,17 @@ Devise.setup do |config|
# middleware b/c rails-api does not include it.
# See: http://stackoverflow.com/q/19600905/806956
config.navigational_formats = [:json]
+
+ config.omniauth :gov,
+ ENV['client_id'],
+ ENV['client_secret'],
+ scope: 'openid+email+profile+govbr_confiabilidades+',
+ callback_path: '/callback-da-aplicacao',
+ client_options: {
+ site: 'https://sso.acesso.gov.br', # Ambiente de produção.
+ authorize_url: 'https://sso.acesso.gov.br/authorize', # Ambiente de produção.
+ token_url: 'https://sso.acesso.gov.br/token' # Ambiente de produção.
+ }
+
+ config.omniauth_path_prefix = '/prefixo-devise/prefixo-omniauth'
end
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
index 0b25772428a7faefdc0c0065918cddf6726b35fb..0652075e2e2aedbc9a86ed546e43bb85628ee49b 100644
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@@ -29,4 +29,5 @@ Rails.application.config.middleware.use OmniAuth::Builder do
end
OmniAuth.config.allowed_request_methods = [:post, :get]
-OmniAuth.config.full_host = Rails.env.production? ? 'https://api.portalmec.c3sl.ufpr.br' : 'https://api.portlmec.c3sl.ufpr.br'
+OmniAuth.config.full_host = Rails.env.production? ? 'https://api.mecred.c3sl.ufpr.br' : 'https://api.mecred.c3sl.ufpr.br'
+OmniAuth.config.logger = Rails.logger
diff --git a/docker-compose.yml b/docker-compose.yml
index 23ace3b3ac30641dcf691a40f335c532db817b42..922249d96e56e5389b8f8b05730acc68d39dda4c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -27,7 +27,7 @@ services:
depends_on:
- redis
ports:
- - "3000:3000"
+ - "3001:3000"
volumes:
- .:/app
- gem_cache:/usr/local/bundle/gems