feat: update the engine to create users and apps in an isolated

Author: denissellu

Gemfile

@@ -1,11 +1,15 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
 # Specify your gem's dependencies in coco_auth.gemspec.
 gemspec
 
 group :development do
-  gem 'sqlite3'
+  gem 'bcrypt', '~> 3.1.7'
+  gem 'bootsnap', require: false
+  gem 'sqlite3', '~> 1.4'
 end
 
 # To use a debugger

Gemfile.lock

@@ -0,0 +1,174 @@
+PATH
+  remote: .
+  specs:
+    coco_auth (0.1.0)
+      rails (~> 6.1.7, >= 6.1.7.7)
+      ruby-saml (~> 1.11)
+      sqlite3 (~> 1.4)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (6.1.7.7)
+      actionpack (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+    actionmailbox (6.1.7.7)
+      actionpack (= 6.1.7.7)
+      activejob (= 6.1.7.7)
+      activerecord (= 6.1.7.7)
+      activestorage (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+      mail (>= 2.7.1)
+    actionmailer (6.1.7.7)
+      actionpack (= 6.1.7.7)
+      actionview (= 6.1.7.7)
+      activejob (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (6.1.7.7)
+      actionview (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+      rack (~> 2.0, >= 2.0.9)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actiontext (6.1.7.7)
+      actionpack (= 6.1.7.7)
+      activerecord (= 6.1.7.7)
+      activestorage (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+      nokogiri (>= 1.8.5)
+    actionview (6.1.7.7)
+      activesupport (= 6.1.7.7)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activejob (6.1.7.7)
+      activesupport (= 6.1.7.7)
+      globalid (>= 0.3.6)
+    activemodel (6.1.7.7)
+      activesupport (= 6.1.7.7)
+    activerecord (6.1.7.7)
+      activemodel (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+    activestorage (6.1.7.7)
+      actionpack (= 6.1.7.7)
+      activejob (= 6.1.7.7)
+      activerecord (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+      marcel (~> 1.0)
+      mini_mime (>= 1.1.0)
+    activesupport (6.1.7.7)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    bcrypt (3.1.20)
+    bootsnap (1.18.3)
+      msgpack (~> 1.2)
+    builder (3.2.4)
+    concurrent-ruby (1.2.3)
+    crass (1.0.6)
+    date (3.3.4)
+    erubi (1.12.0)
+    globalid (1.2.1)
+      activesupport (>= 6.1)
+    i18n (1.14.5)
+      concurrent-ruby (~> 1.0)
+    loofah (2.22.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.12.0)
+    mail (2.8.1)
+      mini_mime (>= 0.1.1)
+      net-imap
+      net-pop
+      net-smtp
+    marcel (1.0.4)
+    method_source (1.1.0)
+    mini_mime (1.1.5)
+    minitest (5.23.1)
+    msgpack (1.7.2)
+    net-imap (0.4.11)
+      date
+      net-protocol
+    net-pop (0.1.2)
+      net-protocol
+    net-protocol (0.2.2)
+      timeout
+    net-smtp (0.5.0)
+      net-protocol
+    nio4r (2.7.3)
+    nokogiri (1.16.5-arm64-darwin)
+      racc (~> 1.4)
+    racc (1.8.0)
+    rack (2.2.9)
+    rack-test (2.1.0)
+      rack (>= 1.3)
+    rails (6.1.7.7)
+      actioncable (= 6.1.7.7)
+      actionmailbox (= 6.1.7.7)
+      actionmailer (= 6.1.7.7)
+      actionpack (= 6.1.7.7)
+      actiontext (= 6.1.7.7)
+      actionview (= 6.1.7.7)
+      activejob (= 6.1.7.7)
+      activemodel (= 6.1.7.7)
+      activerecord (= 6.1.7.7)
+      activestorage (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+      bundler (>= 1.15.0)
+      railties (= 6.1.7.7)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.2.0)
+      activesupport (>= 5.0.0)
+      minitest
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
+    railties (6.1.7.7)
+      actionpack (= 6.1.7.7)
+      activesupport (= 6.1.7.7)
+      method_source
+      rake (>= 12.2)
+      thor (~> 1.0)
+    rake (13.2.1)
+    rexml (3.2.8)
+      strscan (>= 3.0.9)
+    ruby-saml (1.16.0)
+      nokogiri (>= 1.13.10)
+      rexml
+    sprockets (4.2.1)
+      concurrent-ruby (~> 1.0)
+      rack (>= 2.2.4, < 4)
+    sprockets-rails (3.4.2)
+      actionpack (>= 5.2)
+      activesupport (>= 5.2)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.7.3-arm64-darwin)
+    strscan (3.1.0)
+    thor (1.3.1)
+    timeout (0.4.1)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
+    websocket-driver (0.7.6)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.5)
+    zeitwerk (2.6.14)
+
+PLATFORMS
+  arm64-darwin
+
+DEPENDENCIES
+  bcrypt (~> 3.1.7)
+  bootsnap
+  coco_auth!
+  sqlite3 (~> 1.4)
+
+BUNDLED WITH
+   2.5.9

app/controllers/coco_auth/admin/apps_controller.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require_dependency 'coco_auth/application_controller'
+
+module CocoAuth
+  module Admin
+    class AppsController < ApplicationController
+      def index
+        @apps = App.all
+      end
+
+      def new
+        @app = App.new
+      end
+
+      def create
+        @app = App.new(app_params)
+        if @app.save
+          redirect_to admin_apps_path
+        else
+          render :new
+        end
+      end
+
+      private
+
+      def app_params
+        params.require(:app).permit(:name, :description, :entity_id, :assertion_consumer_service_url, :sso_url,
+                                    :slo_url, :certificate)
+      end
+    end
+  end
+end

app/controllers/coco_auth/admin/users_controller.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+require_dependency 'coco_auth/application_controller'
+
+module CocoAuth
+  module Admin
+    class UsersController < ApplicationController
+      def index
+        @users = User.all
+      end
+
+      def new
+        @user = User.new
+      end
+
+      def create
+        @user = User.new(user_params)
+        if @user.save
+          redirect_to admin_users_path
+        else
+          render :new
+        end
+      end
+
+      private
+
+      def user_params
+        params.require(:user).permit(:email, :password, :password_confirmation, :first_name, :last_name)
+      end
+    end
+  end
+end

app/controllers/coco_auth/saml_controller.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module CocoAuth
+  class SamlController < ApplicationController
+    skip_before_action :verify_authenticity_token, only: [:acs]
+
+    def auth
+      settings = SamlSettings.get_saml_settings
+      request = OneLogin::RubySaml::Authrequest.new
+      redirect_to(request.create(settings))
+    end
+
+    def acs
+      settings = SamlSettings.get_saml_settings
+      response = OneLogin::RubySaml::Response.new(params[:SAMLResponse], settings:)
+
+      if response.is_valid?
+        user = User.find_by(email: response.name_id)
+        sign_in(user)
+        redirect_to main_app.root_url
+      else
+        render plain: 'Invalid SAML Response'
+      end
+    end
+  end
+end

app/models/coco_auth/app.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module CocoAuth
+  class App < ApplicationRecord
+    validates :name, presence: true
+    validates :entity_id, presence: true, uniqueness: true
+    validates :assertion_consumer_service_url, presence: true
+    validates :sso_url, presence: true
+    validates :certificate, presence: true
+  end
+end

app/models/coco_auth/application_record.rb

@@ -1,5 +1,5 @@
 module CocoAuth
-  class ApplicationRecord < ActiveRecord::Base
+  class ApplicationRecord < ::ActiveRecord::Base
     self.abstract_class = true
   end
 end

app/models/coco_auth/user.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module CocoAuth
+  class User < ApplicationRecord
+    has_secure_password
+
+    validates :email, presence: true, uniqueness: true
+  end
+end

app/views/coco_auth/admin/apps/index.html.erb

@@ -0,0 +1,8 @@
+<h1>Apps</h1>
+<%= link_to 'New App', new_admin_app_path %>
+<ul>
+  <% @apps.each do |app| %>
+    <li><%= app.name %></li>
+  <% end %>
+</ul>
+

app/views/coco_auth/admin/apps/new.html.erb

@@ -0,0 +1,53 @@
+<%= form_with(model: [:admin, @app], local: true) do |form| %>
+  <% if @app.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(@app.errors.count, "error") %> prohibited this app from being saved:</h2>
+
+      <ul>
+        <% @app.errors.full_messages.each do |message| %>
+          <li><%= message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="field">
+    <%= form.label :name %>
+    <%= form.text_field :name %>
+  </div>
+
+  <div class="field">
+    <%= form.label :description %>
+    <%= form.text_area :description %>
+  </div>
+
+  <div class="field">
+    <%= form.label :entity_id %>
+    <%= form.text_field :entity_id %>
+  </div>
+
+  <div class="field">
+    <%= form.label :assertion_consumer_service_url %>
+    <%= form.text_field :assertion_consumer_service_url %>
+  </div>
+
+  <div class="field">
+    <%= form.label :sso_url %>
+    <%= form.text_field :sso_url %>
+  </div>
+
+  <div class="field">
+    <%= form.label :slo_url %>
+    <%= form.text_field :slo_url %>
+  </div>
+
+  <div class="field">
+    <%= form.label :certificate %>
+    <%= form.text_area :certificate %>
+  </div>
+
+  <div class="actions">
+    <%= form.submit %>
+  </div>
+<% end %>
+

app/views/coco_auth/admin/users/index.html.erb

@@ -0,0 +1,8 @@
+<h1>Users</h1>
+<%= link_to 'New User', new_admin_user_path %>
+<ul>
+  <% @users.each do |user| %>
+    <li><%= user.email %></li>
+  <% end %>
+</ul>
+