send user data with post message
This commit is contained in:
Konstantin Haase
parent
759ad4d113
commit
3a64c87a7f
|
|
@ -13,14 +13,13 @@ class Travis::Api::App
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def service(key)
|
def service(key, user = current_user)
|
||||||
const = Travis.services[key] || raise("no service registered for #{key}")
|
const = Travis.services[key] || raise("no service registered for #{key}")
|
||||||
const.new(current_user)
|
const.new(user)
|
||||||
end
|
end
|
||||||
|
|
||||||
def current_user
|
def current_user
|
||||||
# TODO
|
env['travis.access_token'].user if env['travis.access_token']
|
||||||
User.where(:login => 'svenfuchs').first
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def redis
|
def redis
|
||||||
|
|
|
||||||
|
|
@ -92,8 +92,10 @@ class Travis::Api::App
|
||||||
values[:code] = params[:code]
|
values[:code] = params[:code]
|
||||||
values[:client_secret] = config.client_secret
|
values[:client_secret] = config.client_secret
|
||||||
github_token = get_token(endpoint.to_s, values)
|
github_token = get_token(endpoint.to_s, values)
|
||||||
token = github_to_travis(github_token, app_id: 0)
|
user = user_for_github_token(github_token)
|
||||||
post_message(token: token)
|
token = generate_token(user: user, app_id: 0)
|
||||||
|
rendered_user = service(:user, user).find_one
|
||||||
|
post_message(token: token, user: rendered_user)
|
||||||
else
|
else
|
||||||
values[:state] = create_state
|
values[:state] = create_state
|
||||||
endpoint.path = config.authorize_path
|
endpoint.path = config.authorize_path
|
||||||
|
|
@ -120,14 +122,17 @@ class Travis::Api::App
|
||||||
end
|
end
|
||||||
|
|
||||||
def github_to_travis(token, options = {})
|
def github_to_travis(token, options = {})
|
||||||
|
generate_token options.merge(user: user_for_github_token(token))
|
||||||
|
end
|
||||||
|
|
||||||
|
def user_for_github_token(token)
|
||||||
data = GH.with(token: token.to_s) { GH['user'] }
|
data = GH.with(token: token.to_s) { GH['user'] }
|
||||||
scopes = parse_scopes data.headers['x-oauth-scopes']
|
scopes = parse_scopes data.headers['x-oauth-scopes']
|
||||||
user = User.find_by_login(data['login'])
|
user = User.find_by_login(data['login'])
|
||||||
|
|
||||||
halt 403, 'not a Travis user' if user.nil?
|
halt 403, 'not a Travis user' if user.nil?
|
||||||
halt 403, 'insufficient access' unless acceptable? scopes
|
halt 403, 'insufficient access' unless acceptable? scopes
|
||||||
|
user
|
||||||
generate_token options.merge(user: user)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def get_token(endoint, values)
|
def get_token(endoint, values)
|
||||||
|
|
@ -160,9 +165,9 @@ __END__
|
||||||
|
|
||||||
@@ post_message
|
@@ post_message
|
||||||
<script>
|
<script>
|
||||||
|
var payload = <%= render_json(user) %>;
|
||||||
|
payload.token = <%= token.inspect %>;
|
||||||
<% settings.target_origins.each do |target| %>
|
<% settings.target_origins.each do |target| %>
|
||||||
window.parent.postMessage(<%= token.inspect %>, <%= target.inspect %>);
|
window.parent.postMessage(payload, <%= target.inspect %>);
|
||||||
<% end %>
|
<% end %>
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
SENT
|
|
||||||
Loading…
Reference in New Issue
Block a user