2017-09-22 01:14:48 +02:00
|
|
|
class DiscourseController < ApplicationController
|
2019-10-28 21:11:35 +01:00
|
|
|
before_action -> { require_plugin_enabled FoodsoftDiscourse }
|
2017-09-22 01:14:48 +02:00
|
|
|
|
2017-09-24 17:27:23 +02:00
|
|
|
protected
|
2017-09-22 01:14:48 +02:00
|
|
|
|
2017-09-24 17:27:23 +02:00
|
|
|
def valid_signature?
|
|
|
|
return false if params[:sso].blank? || params[:sig].blank?
|
2021-03-01 15:27:26 +01:00
|
|
|
|
2017-09-24 17:27:23 +02:00
|
|
|
get_hmac_hex_string(params[:sso]) == params[:sig]
|
2017-09-22 01:14:48 +02:00
|
|
|
end
|
|
|
|
|
2017-09-24 17:27:23 +02:00
|
|
|
def redirect_to_with_payload(url, payload)
|
2018-12-30 02:45:12 +01:00
|
|
|
base64_payload = Base64.strict_encode64 payload.to_query
|
2017-09-24 17:27:23 +02:00
|
|
|
sso = CGI::escape base64_payload
|
|
|
|
sig = get_hmac_hex_string base64_payload
|
|
|
|
redirect_to "#{url}#{url.include?('?') ? '&' : '?'}sso=#{sso}&sig=#{sig}"
|
2017-09-22 01:14:48 +02:00
|
|
|
end
|
|
|
|
|
2017-09-24 17:27:23 +02:00
|
|
|
def parse_payload
|
|
|
|
payload = Rack::Utils.parse_query Base64.decode64(params[:sso])
|
|
|
|
payload.symbolize_keys!
|
|
|
|
end
|
2017-09-22 01:14:48 +02:00
|
|
|
|
|
|
|
def get_hmac_hex_string payload
|
|
|
|
discourse_sso_secret = FoodsoftConfig[:discourse_sso_secret]
|
|
|
|
OpenSSL::HMAC.hexdigest 'sha256', discourse_sso_secret, payload
|
|
|
|
end
|
|
|
|
end
|