nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Finish setting up sesssions#new prefill when logged out by authorizationsControlelr

Browse source
This commit is contained in:
Raphael Sofaer 2011-08-16 11:26:25 -07:00 committed by Maxwell Salzberg
parent 89edfb7ed6
commit dec10e3de9
4 changed files with 21 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
app/controllers/authorizations_controller.rb
View file

@ -11,9 +11,7 @@ class AuthorizationsController < ApplicationController
def new def new
if params[:uid].present? && params[:uid] != current_user.username if params[:uid].present? && params[:uid] != current_user.username
sign_out current_user sign_out current_user
redirect_url = Addressable::URI.parse(request.url) redirect_to url_with_prefilled_session_form
redirect_url.query_values = redirect_url.query_values.merge("uid" => nil)
redirect_to redirect_url.to_s
end end
@requested_scopes = params["scope"].split(',') @requested_scopes = params["scope"].split(',')
@client = oauth2_authorization_request.client @client = oauth2_authorization_request.client
@ -24,6 +22,18 @@ class AuthorizationsController < ApplicationController
end end
end end
# When diaspora detects that a user is trying to authorize to an application
# as someone other than the logged in user, we want to log out current_user,
# and prefill the session form with the user that is trying to authorize
def url_with_prefilled_session_form
redirect_url = Addressable::URI.parse(request.url)
query_values = redirect_url.query_values
query_values.delete("uid")
query_values.merge!("username" => params[:uid])
redirect_url.query_values = query_values
redirect_url.to_s
end
def create def create
if params[:commit] == "Authorize" if params[:commit] == "Authorize"
grant_authorization_code(current_user) grant_authorization_code(current_user)

8
app/helpers/sessions_helper.rb
View file

@ -1,6 +1,10 @@
module SessionsHelper module SessionsHelper
def prefilled_username def prefilled_username
uri = Addressable::URI.parse(session["user_return_to"]) uri = Addressable::URI.parse(session['user_return_to'])
uri ? uri.query_values["uid"] : nil if uri && uri.query_values
uri.query_values["username"]
else
nil
end
end end
end end

3
features/oauth.feature
View file

@ -32,8 +32,7 @@ Feature: oauth
And I fill in "Diaspora ID" with "bob@localhost:9887" And I fill in "Diaspora ID" with "bob@localhost:9887"
And I press "Connect to Diaspora" And I press "Connect to Diaspora"
Then I should be on the new user session page Then I should be on the new user session page
And I debug And the "Username" field within "#user_new" should contain "bob"
And I should see "bob" within "#user_username"
Scenario: Not authorize Chubbies Scenario: Not authorize Chubbies
When I try to authorize Chubbies When I try to authorize Chubbies