Class: Auth::GithubAuthenticator

Inherits:
ManagedAuthenticator show all
Defined in:
lib/auth/github_authenticator.rb

Instance Method Summary collapse

Methods inherited from ManagedAuthenticator

#after_create_account, #always_update_user_email?, #can_connect_existing_user?, #can_revoke?, #description_for_auth_hash, #description_for_user, #find_user_by_username, #is_managed?, #match_by_email, #match_by_username, #retrieve_avatar, #retrieve_profile, #revoke

Methods inherited from Authenticator

#after_create_account, #can_connect_existing_user?, #can_revoke?, #description_for_auth_hash, #description_for_user, #provides_groups?, #revoke

Instance Method Details

#after_authenticate(auth_token, existing_account: nil) ⇒ Object



14
15
16
17
18
19
20
21
22
23
24
25
26
27
# File 'lib/auth/github_authenticator.rb', line 14

def after_authenticate(auth_token, existing_account: nil)
  result = super
  return result if result.user
  # If email domain restrictions are configured,
  # pick a secondary email which is allowed
  all_github_emails(auth_token).each do |candidate|
    next if !EmailValidator.allowed?(candidate[:email])
    result.email = candidate[:email]
    result.email_valid = !!candidate[:verified]
    break
  end

  result
end

#all_github_emails(auth_token) ⇒ Object



40
41
42
43
44
45
46
47
48
# File 'lib/auth/github_authenticator.rb', line 40

def all_github_emails(auth_token)
  emails = Array.new(auth_token[:extra][:all_emails])
  primary_email = emails.find { |email| email[:primary] }
  if primary_email
    emails.delete(primary_email)
    emails.unshift(primary_email)
  end
  emails
end

#enabled?Boolean

Returns:

  • (Boolean)


10
11
12
# File 'lib/auth/github_authenticator.rb', line 10

def enabled?
  SiteSetting.enable_github_logins
end

#find_user_by_email(auth_token) ⇒ Object



29
30
31
32
33
34
35
36
37
38
# File 'lib/auth/github_authenticator.rb', line 29

def find_user_by_email(auth_token)
  # Use verified secondary emails to find a match
  all_github_emails(auth_token).each do |candidate|
    next if !candidate[:verified]
    if user = User.find_by_email(candidate[:email])
      return user
    end
  end
  nil
end

#nameObject



6
7
8
# File 'lib/auth/github_authenticator.rb', line 6

def name
  "github"
end

#primary_email_verified?(auth_token) ⇒ Boolean

Returns:

  • (Boolean)


63
64
65
# File 'lib/auth/github_authenticator.rb', line 63

def primary_email_verified?(auth_token)
  true
end

#register_middleware(omniauth) ⇒ Object



50
51
52
53
54
55
56
57
58
59
# File 'lib/auth/github_authenticator.rb', line 50

def register_middleware(omniauth)
  omniauth.provider :github,
                    setup:
                      lambda { |env|
                        strategy = env["omniauth.strategy"]
                        strategy.options[:client_id] = SiteSetting.github_client_id
                        strategy.options[:client_secret] = SiteSetting.github_client_secret
                      },
                    scope: "user:email"
end