add ldap support

Achtung dieses diff benötigt einen neuen Eintrag im secrets config file

Gemfile

@@ -55,6 +55,7 @@ gem "paper_trail" , '>=2.7.0'
 gem "devise" ,'~>2.2.3'
 gem "omniauth"
 gem "omniauth-facebook"
+gem "omniauth-ldap"
 
 # Roles for users
 gem "rolify"

app/controllers/users/omniauth_callbacks_controller.rb

@@ -1,10 +1,17 @@
 
 class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+skip_before_filter :verify_authenticity_token
+def failure
+  
+ # flash[:notice] = "Failure #{Hash.new(request.env)} #{Hash.new(params)}"
+#redirect_to new_user_registration_url , :notice=>"Omniauth Login failed" 
+super
+end  
 def facebook
     # You need to implement the method below in your model (e.g. app/models/user.rb)
     @user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
 
-    if @user.persisted?
+    if @user
       sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
       set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
     else
@@ -12,4 +19,25 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
       redirect_to new_user_registration_url
     end
   end
+
+  def ldap
+logger.debug current_user.to_s
+    @user=User.find_for_ldap_oauth(request.env["omniauth.auth"],current_user) 
+ #  @user=User.find_for_ldap_oauth(session["devise.ldap_data"],current_user)
+   # @user=User.first
+#    flash[:notice]="#{request.env}"
+    #  sign_in_and_redirect @user, :event=>:authentication
+# debug @user
+#debug 
+ #   logger.info "Request  attributes hash: #{request.env}"
+    if @user
+      sign_in_and_redirect @user, :event => :authentication
+      set_flash_message(:notice,:success,:kind=>"Ldap") if is_navigational_format?
+    else
+      session["devise.ldap_data"]=request.env["omniauth.auth"]
+      # set_flash_message(:notice, "sdfsdf")
+      flash[:notice]=flash[:notice] + "Still not logged in "
+     redirect_to new_user_registration_url
+    end
+  end
 end

app/models/user.rb

@@ -29,24 +29,49 @@ class User < ActiveRecord::Base
   # Include default devise modules. Others available are:
   # :token_authenticatable, :confirmable,
   # :lockable, :timeoutable and :omniauthable
-  devise :database_authenticatable, :registerable,:confirmable,
-         :recoverable, :rememberable, :trackable, :validatable,:omniauthable, :omniauth_providers => [:facebook]
+  devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable,:omniauthable, :omniauth_providers => [:facebook,:ldap]
 
   # Setup accessible (or protected) attributes for your model
   attr_accessible :email, :password, :password_confirmation, :remember_me, :provider, :uid, :name
   # attr_accessible :title, :body
   def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
-		user = User.where(:provider => auth.provider, :uid => auth.uid).first
+logger.debug auth.to_s
+    logger.debug "DDD Username= #{auth.username}"
+   # user = User.where(:provider => auth.provider, :uid => auth.uid).first
     unless user
-			user = User.create(name:auth.extra.raw_info.name,
+      user = User.create(name:auth.uid,
                          provider:auth.provider,
                          uid:auth.uid,
                          email:auth.info.email,
                          password:Devise.friendly_token[0,20]
                          )
     end
+
     user
   end
+ def self.find_for_ldap_oauth(auth,signed_in_resource=nil)
+  # debug "sdfg"
+
+   user= User.where(:provider=>auth.provider,:uid=>auth.extra.raw_info.uid).first
+   unless user
+     user= User.create(name:auth.extra.raw_info.uid.first,
+                       provider:auth.provider,
+                       uid:auth.extra.raw_info.uid.first,
+                       email:auth.extra.raw_info.uid.first.to_s+"@ldapfet.at",
+                       password:Devise.friendly_token[0,20])
+    user.add_role("fetuser")
+   end
+   unless user
+    # user=User.create(name:"fail",
+    #                  provider:"ldap",
+    #                  uid:"sdf",
+    #                  email:"sdf@fet.at",
+    #                  password:Devise.friendly_token[0,20])
+   
+   end
+   user
+ end
+
  def self.new_with_session(params, session)
    super.tap do |user|
      if data = session["devise.facebook_data"] && session["devise.facebook_data"]["extra"]["raw_info"]

config/initializers/devise.rb

@@ -226,7 +226,17 @@ Devise.setup do |config|
   #config.omniauth :facebook, 'appid', 'secret'
   secrets = YAML.load_file("#{::Rails.root.to_s}/config/omniauth_secrets.yml")
   config.omniauth :facebook, secrets["facebook"]["appid"], secrets["facebook"]["secret"]
-  # ==> Warden configuration
+  config.omniauth :ldap, :title => "My LDAP", 
+    :host => secrets["ldap"]["host"],
+    :port => secrets["ldap"]["port"],
+  :method => secrets["ldap"]["method"],
+    :base => secrets["ldap"]["base"],
+    :uid => secrets["ldap"]['uid'],
+    :name_proc => Proc.new {|name| name.gsub(/@.*$/,'')},
+  :bind_dn =>secrets["ldap"]['bind'],
+  :password => secrets["ldap"]['password']
+
+  # ==> Warden configuration<<
   # If you want to use other strategies, that are not supported by Devise, or
   # change the failure app, you can configure them inside the config.warden block.
   #

config/routes.rb

@@ -10,7 +10,7 @@
 
     end
 
-   devise_for :users
+   devise_for :users , :controllers=>{:omniauth_callbacks=> "users/omniauth_callbacks"}
 
    scope '(:locale)' do