search

robdimarco / omniauth_crowd

An OmniAuth provider for Atlassian Crowd REST API
MIT License
30 stars 21 forks source link

Problem with being redirected to reauthenticate after login #1

Open robdimarco opened 13 years ago

robdimarco commented 13 years ago

I could successfully login into crowd using this plugin, but if I will login in some other our crowd resource and then will try to redirect on /auth/crowd/ in my application then I will have the 'login into crowd' screen again, while I expecting already being logged (like using twitter provider for omniauth).

No matter logged I somewhere on not in crowd it everytimes asks me to login again from my app. Is this is a limitation of this plugin or I am doing something wrong ?

robdimarco commented 13 years ago

I am only using :crowd as provider in my project, twitter was used in test purposes, I just wanted to check differenses with crawd login behavior and twitter.

I will copy few code samples, may be you could point me in the source of the problem.

omniauth.rb:

require 'net/http'

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :crowd, :crowd_server_url=>"http://xx.xx.xx.xx:17004/crowd", :application_name=>"bama", :application_password=>"bama"
end

routes.rb:

get '/auth/:provider/callback' => "login#callback"
get '/auth/:provider/failure' => "login#failed"

LoginController.rb

def index
  @msg = request.env['omniauth.auth']

  render "index"
end

def failed
  @msg = "failed"
  render "index"
end

View for controller just rendering the @msg property. So it is easy as a pie and I have no idea what is wrong with this code. English is not my native language, may be I am not too strict, I will try to explain again :)

When I am logging into crowd from my application (/crowd/auth/, then entering the credentials) - I am getting next data from request.env['omniauth.auth']:

{"provider"=>"crowd", "uid"=>"bama1", "user_info"=>{"name"=>"Bama 1", "first_name"=>"Bama", "last_name"=>"1", "email"=>"bama1@test123.com"}}

If I am entering wrong credentials, '/auth/:provider/failure' triggers, so I have assumed that when I getting the above callback -> user is logged.

But next time I am logging again in few seconds - I got rendered 'crowd login page again'. Even if I logging into crowd console from web and then again accessing /crowd/auth while being logged - I still getting 'enter credentials' page. In such situation , when testing twitter - I was not redirected on login page and there was oauth token param proveded in request automatically.