discourse/lib/discourse_connect_base.rb
David Taylor aba0df7cf7
FEATURE: Increase default DiscourseConnect session length (#26261)
For some identity providers, 10 minutes isn't much time for a user to complete authentication/registration on the identity provider. Increasing the default to 30 minutes should help in those situations. The nonce is still tied to a single browser session, so there is no material impact on security.
2024-03-20 14:02:12 +00:00

183 lines
3.7 KiB
Ruby

# frozen_string_literal: true
class DiscourseConnectBase
class ParseError < RuntimeError
end
class PayloadParseError < ParseError
end
class SignatureError < ParseError
end
ACCESSORS = %i[
add_groups
admin
avatar_force_update
avatar_url
bio
card_background_url
confirmed_2fa
email
external_id
failed
groups
locale
locale_force_update
location
logout
moderator
name
no_2fa_methods
nonce
prompt
profile_background_url
remove_groups
require_2fa
require_activation
return_sso_url
suppress_welcome_message
title
username
website
]
FIXNUMS = []
BOOLS = %i[
admin
avatar_force_update
confirmed_2fa
failed
locale_force_update
logout
moderator
no_2fa_methods
require_2fa
require_activation
suppress_welcome_message
]
def self.nonce_expiry_time
@nonce_expiry_time ||= 30.minutes
end
def self.nonce_expiry_time=(v)
@nonce_expiry_time = v
end
def self.used_nonce_expiry_time
24.hours
end
attr_accessor(*ACCESSORS)
attr_writer :sso_secret, :sso_url
def self.sso_secret
raise RuntimeError, "sso_secret not implemented on class, be sure to set it on instance"
end
def self.sso_url
raise RuntimeError, "sso_url not implemented on class, be sure to set it on instance"
end
def self.parse(payload, sso_secret = nil, **init_kwargs)
sso = new(**init_kwargs)
sso.sso_secret = sso_secret if sso_secret
parsed = Rack::Utils.parse_query(payload)
raise PayloadParseError.new(<<~MSG) if parsed["sso"] =~ %r{[^a-zA-Z0-9=\r\n/+]}m
The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters.
Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64.
sso: #{parsed["sso"]}
MSG
decoded = Base64.decode64(parsed["sso"])
decoded_hash = Rack::Utils.parse_query(decoded)
raise SignatureError, <<~MSG if sso.sign(parsed["sso"]) != parsed["sig"]
Bad signature for payload
sso: #{parsed["sso"]}
sig: #{parsed["sig"]}
expected sig: #{sso.sign(parsed["sso"])}
MSG
ACCESSORS.each do |k|
val = decoded_hash[k.to_s]
val = val.to_i if FIXNUMS.include? k
val = %w[true false].include?(val) ? val == "true" : nil if BOOLS.include? k
sso.public_send("#{k}=", val)
end
decoded_hash.each do |k, v|
if field = k[/\Acustom\.(.+)\z/, 1]
sso.custom_fields[field] = v
end
end
sso
end
def diagnostics
DiscourseConnectBase::ACCESSORS.map { |a| "#{a}: #{public_send(a)}" }.join("\n")
end
def sso_secret
@sso_secret || self.class.sso_secret
end
def sso_url
@sso_url || self.class.sso_url
end
def custom_fields
@custom_fields ||= {}
end
def self.sign(payload, secret)
OpenSSL::HMAC.hexdigest("sha256", secret, payload)
end
def sign(payload, secret = nil)
secret = secret || sso_secret
self.class.sign(payload, secret)
end
def to_json
self.to_h.to_json
end
def to_url(base_url = nil)
base = "#{base_url || sso_url}"
"#{base}#{base.include?("?") ? "&" : "?"}#{payload}"
end
def payload(secret = nil)
payload = Base64.strict_encode64(unsigned_payload)
"sso=#{CGI.escape(payload)}&sig=#{sign(payload, secret)}"
end
def unsigned_payload
Rack::Utils.build_query(self.to_h)
end
def to_h
payload = {}
ACCESSORS.each do |k|
next if (val = public_send(k)) == nil
payload[k] = val
end
@custom_fields&.each { |k, v| payload["custom.#{k}"] = v.to_s }
payload
end
end