diff --git a/app/controllers/user_identifiers_controller.rb b/app/controllers/user_identifiers_controller.rb index 5ca04f4..6b78c8e 100644 --- a/app/controllers/user_identifiers_controller.rb +++ b/app/controllers/user_identifiers_controller.rb @@ -12,12 +12,12 @@ # If the requested identifier belongs to the current user remove it if user.user_identifiers.include?(identifier) identifier.destroy! - flash[:notice] = _('Successfully unlinked your account from %{is}') % {is: identifier.identifier_scheme.name} + flash[:notice] = _('Successfully unlinked your account from %{is}.') % {is: identifier.identifier_scheme.description} else - flash[:notice] = _('Unable to unlinked your account from %{is}') % {is: identifier.identifier_scheme.name} + flash[:notice] = _('Unable to unlink your account from %{is}.') % {is: identifier.identifier_scheme.description} end redirect_to edit_user_registration_path end -end \ No newline at end of file +end diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb index 16c0516..39fed44 100644 --- a/app/controllers/users/omniauth_callbacks_controller.rb +++ b/app/controllers/users/omniauth_callbacks_controller.rb @@ -43,9 +43,9 @@ identifier: request.env["omniauth.auth"].uid, user: current_user) - flash[:notice] = t('identifier_schemes.connect_success', scheme: scheme.name) + flash[:notice] = _("Your account has been successfully linked to %{scheme}.") % { scheme: scheme.description } else - flash[:notice] = t('identifier_schemes.connect_failure', scheme: scheme.name) + flash[:notice] = _("Unable to link your account to %{scheme}.") % { scheme: scheme.description } end end @@ -53,68 +53,8 @@ redirect_to edit_user_registration_path end end - - - # TODO: We should consider rolling the below function up into the - # generic handler above # ------------------------------------------------------------- - def shibboleth - if user_signed_in? && current_user.shibboleth_id.present? && current_user.shibboleth_id.length > 0 then - flash[:warning] = I18n.t('devise.failure.already_authenticated') - redirect_to root_path - else - auth = request.env['omniauth.auth'] || {} - - eppn = auth['extra']['raw_info']['eppn'] unless auth['extra'].nil? - uid = nil - if !eppn.blank? then - uid = eppn - elsif !auth['uid'].blank? then - uid = auth['uid'] - elsif !auth['extra'].nil? - if !auth['extra']['raw_info']['targeted-id'].blank? then - uid = auth['extra']['raw_info']['targeted-id'] - end - end - - if !uid.nil? && !uid.blank? then - s_user = User.where(shibboleth_id: uid).first - # Take out previous record if was not confirmed. - if !s_user.nil? && s_user.confirmed_at.nil? then - sign_out s_user - User.delete(s_user.id) - s_user = nil - end - # Stops Shibboleth ID being blocked if email incorrectly entered. - if !s_user.nil? && s_user.try(:persisted?) then - flash[:notice] = I18n.t('devise.omniauth_callbacks.success', :kind => 'Shibboleth') - sign_in s_user - redirect_to root_path - else - if user_signed_in? then - current_user.update_attribute('shibboleth_id', uid) - user_id = current_user.id - sign_out current_user - session.delete(:shibboleth_data) - s_user = User.find(user_id) - flash[:notice] = I18n.t('devise.omniauth_callbacks.success', :kind => 'Shibboleth') - - sign_in s_user - redirect_to edit_user_registration_path - else - session[:shibboleth_data] = request.env['omniauth.auth'] - session[:shibboleth_data][:uid] = uid - redirect_to new_user_registration_url(:nosplash => 'true') - end - end - else - redirect_to root_path - end - end - end - - # ------------------------------------------------------------- def failure redirect_to root_path end diff --git a/app/controllers/users/omniauth_shibboleth_request_controller.rb b/app/controllers/users/omniauth_shibboleth_request_controller.rb deleted file mode 100644 index bc0f9f4..0000000 --- a/app/controllers/users/omniauth_shibboleth_request_controller.rb +++ /dev/null @@ -1,26 +0,0 @@ -class Users::OmniauthShibbolethRequestController < ApplicationController - before_filter :authenticate_user!, only: :associate - - def redirect - if !current_user.nil? && !current_user.org.nil? - idp = params[:idp] || current_user.org.wayfless_entity - else - idp = params[:idp] - end - - # briley - April 10 2017 - Replaced the old path with the one currently defined in `rake routes` - #query_params = {target: user_omniauth_callback_path(:shibboleth)} - query_params = {target: user_shibboleth_omniauth_callback_path} - - unless idp.blank? - query_params[:entityID] = idp - end - redirect_to "#{Rails.application.config.shibboleth_login}?#{query_params.to_query}", status: 302 - end - - def associate - # This action is protected - can only be reached if user is already logged in. - # See before_filter - redirect_to user_omniauth_callback_path(:shibboleth) - end -end diff --git a/app/views/devise/registrations/_external_identifier.html.erb b/app/views/devise/registrations/_external_identifier.html.erb index bbc8d75..93c045a 100644 --- a/app/views/devise/registrations/_external_identifier.html.erb +++ b/app/views/devise/registrations/_external_identifier.html.erb @@ -1,27 +1,23 @@
); background-size: 16px 16px;"> + style="background-image: url(<%= "#{scheme.logo_url}" %>); background-size: 16px;"> <% if id.nil? || id.identifier == '' %> - - <%= link_to "#{t("identifier_schemes.schemes.#{scheme.name}.connect")}", - Rails.application.routes.url_helpers.send( - "user_#{scheme.name.downcase}_omniauth_authorize_path" - ), - title: t("identifier_schemes.schemes.#{scheme.name}.connect_tooltip") %> - + <%= link_to "#{_("Create or Link your #{scheme.description} ID")}", + Rails.application.routes.url_helpers.send( + "user_#{scheme.name.downcase}_omniauth_authorize_path" + ), + title: t("identifier_schemes.schemes.#{scheme.name}.connect_tooltip", default: "") + %> <% else %> - <% if t("identifier_schemes.schemes.#{scheme.name}.user_landing_page").nil? %> - <%= t("identifier_schemes.schemes.connect_success").gsub(/%\{scheme\}/, scheme.name.capitalize) %> - - <% else %> - <% uri = t("identifier_schemes.schemes.#{scheme.name}.user_landing_page").gsub(/%\{id\}/, id.identifier) %> - <%= link_to uri, uri, target: '_blank', - title: t("identifier_schemes.schemes.#{scheme.name}.connect_tooltip") %> + <% if scheme.user_landing_url.nil? %> + <%= _("Your account has been linked to #{scheme.description}.") %> + <% else %> + <%= link_to "#{_("Your account has been linked to #{scheme.description}.")}", "#{scheme.user_landing_url}/#{id.identifier}", target: '_blank', + title: t("identifier_schemes.schemes.#{scheme.name}.connect_tooltip", default: "") %> <% end %> - <%= link_to image_tag('remove.png', height: '16px', width: '16px'), destroy_user_identifier_path(id), method: :delete, - title: t("identifier_schemes.schemes.#{scheme.name}.disconnect_tooltip"), - data: {confirm: t("identifier_schemes.schemes.#{scheme.name}.disconnect_confirmation")} %> + title: _("Unlink your account from #{scheme.description}. You can link again at any time."), + data: {confirm: _("Are you sure you want to unlink your #{scheme.description} ID?")} %> <% end %>
diff --git a/app/views/devise/registrations/edit.html.erb b/app/views/devise/registrations/edit.html.erb index a13492c..5acc77e 100644 --- a/app/views/devise/registrations/edit.html.erb +++ b/app/views/devise/registrations/edit.html.erb @@ -65,7 +65,7 @@ <% @identifier_schemes.each do |scheme| %> - <%= scheme.name %> + <%= scheme.description %> <%= render partial: 'external_identifier', locals: {scheme: scheme, @@ -88,9 +88,10 @@

- <% if Rails.application.config.shibboleth_enabled %> +


@@ -140,7 +142,7 @@

<%= _('Unlink institutional credentials alert') %>

- <%= raw _('

You are about to unlink %{application_name} of your institutional credentials, would you like to continue?

') % { :application_name => user_omniauth_shibboleth_path } %> + <%= raw _('

You are about to unlink %{application_name} of your institutional credentials, would you like to continue?

') % { :application_name => user_shibboleth_omniauth_authorize_path } %>
<%= _('Cancel') %> diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb index 5406165..34675a4 100644 --- a/app/views/devise/registrations/new.html.erb +++ b/app/views/devise/registrations/new.html.erb @@ -1,7 +1,7 @@ -

<%= t('helpers.sign_up') %>

+

<%= _('Sign up') %>

<% unless session[:shibboleth_data].nil? %>

- <%= raw t('helpers.sign_up_shibboleth_alert_text_html')%> + <%= (_("%{application_name} doesn't recognise your institutional credentials - either you haven't created an account with us or you haven't linked these details to your existing account.
* If you do not have an account with %{application_name}, please complete the form below.
* If you have an account with %{application_name}, please Sign in so we can link your account to your institutional credentials.
Once you have created and/or linked your account, you'll be able to sign in with your institutional credentials directly.") % { :application_name => Rails.configuration.branding[:application][:name] }).html_safe %>

<% cookies[:show_shib_link] = { value: 'show_shib_link', expires: 3.hours.from_now } %> <% end %> @@ -10,4 +10,4 @@
<%= render :partial => 'shared/register_form', locals: {extended: true} %> -
\ No newline at end of file + diff --git a/app/views/shared/_login_form.html.erb b/app/views/shared/_login_form.html.erb index e5259db..5bf1449 100644 --- a/app/views/shared/_login_form.html.erb +++ b/app/views/shared/_login_form.html.erb @@ -24,7 +24,7 @@ <% if request.fullpath != "/users/sign_up?nosplash=true" && session[:shibboleth_data].nil? then%>
  • - <%= link_to _('Or, sign in with your institutional credentials'), user_omniauth_shibboleth_path, :class => "a-orange" %> + <%= link_to _('Or, sign in with your institutional credentials'), user_shibboleth_omniauth_authorize_path, :class => "a-orange" %> <%= _(' (UK users only)')%>
    • diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb deleted file mode 100644 index ddc6ce1..0000000 --- a/config/initializers/omniauth.rb +++ /dev/null @@ -1,20 +0,0 @@ -Rails.application.config.middleware.use OmniAuth::Builder do - provider :shibboleth, { - # We're using a UK Access Management Federation IdPs here - # Shibboleth server config needs to return eppn and persistent-id attributes - # Priority given to eppn in controller if present, assuming persistent-id always populated - # Doing this the omniauth way rather than using REMOTE_USER - # See controllers/users/omniauth_callbacks_controller.rb - # Shibboleth authentication is enabled in config/application.rb - :uid_field => :"persistent-id", - :fields => [], - :extra_fields => [ - :eppn, - :affiliation, - :entitlement, - :"unscoped-affiliation", - :"targeted-id", - :mail - ], - } -end diff --git a/config/routes.rb b/config/routes.rb index 2f0a5ff..9b4c504 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -32,7 +32,6 @@ devise_for :users, controllers: { registrations: "registrations", - confirmations: 'confirmations', passwords: 'passwords', sessions: 'sessions', omniauth_callbacks: 'users/omniauth_callbacks'} do @@ -41,8 +40,8 @@ end # WAYFless access point - use query param idp - get 'auth/shibboleth' => 'users/omniauth_shibboleth_request#redirect', :as => 'user_omniauth_shibboleth' - get 'auth/shibboleth/assoc' => 'users/omniauth_shibboleth_request#associate', :as => 'user_shibboleth_assoc' + #get 'auth/shibboleth' => 'users/omniauth_shibboleth_request#redirect', :as => 'user_omniauth_shibboleth' + #get 'auth/shibboleth/assoc' => 'users/omniauth_shibboleth_request#associate', :as => 'user_shibboleth_assoc' #post '/auth/:provider/callback' => 'sessions#oauth_create' @@ -130,6 +129,9 @@ delete 'admin_destroy' post 'admin_create' put 'admin_update' + put 'admin_customize' + put 'admin_publish' + put 'admin_unpublish' end end diff --git a/db/migrate/20170427110141_add_logo_url_to_identifier_schemes.rb b/db/migrate/20170427110141_add_logo_url_to_identifier_schemes.rb new file mode 100644 index 0000000..0f3fa50 --- /dev/null +++ b/db/migrate/20170427110141_add_logo_url_to_identifier_schemes.rb @@ -0,0 +1,5 @@ +class AddLogoUrlToIdentifierSchemes < ActiveRecord::Migration + def change + add_column :identifier_schemes, :logo_url, :string + end +end diff --git a/db/migrate/20170428083711_add_user_landing_url_to_identifier_schemes.rb b/db/migrate/20170428083711_add_user_landing_url_to_identifier_schemes.rb new file mode 100644 index 0000000..ac1c680 --- /dev/null +++ b/db/migrate/20170428083711_add_user_landing_url_to_identifier_schemes.rb @@ -0,0 +1,5 @@ +class AddUserLandingUrlToIdentifierSchemes < ActiveRecord::Migration + def change + add_column :identifier_schemes, :user_landing_url, :string + end +end diff --git a/lib/assets/bg.gif b/lib/assets/bg.gif new file mode 120000 index 0000000..12456d2 --- /dev/null +++ b/lib/assets/bg.gif @@ -0,0 +1 @@ +images/bg.gif \ No newline at end of file diff --git a/lib/assets/images/remove.png b/lib/assets/images/remove.png index b2ef137..81ced7f 100644 --- a/lib/assets/images/remove.png +++ b/lib/assets/images/remove.png Binary files differ diff --git a/public/shib_logo.png b/public/shib_logo.png new file mode 100644 index 0000000..191b508 --- /dev/null +++ b/public/shib_logo.png Binary files differ