@@ -12,11 +12,8 @@ def redirect_callbacks
1212
1313 # derive target redirect route from 'resource_class' param, which was set
1414 # before authentication.
15- devise_mapping = [ request . env [ 'omniauth.params' ] [ 'namespace_name' ] ,
16- request . env [ 'omniauth.params' ] [ 'resource_class' ] . underscore . gsub ( '/' , '_' ) ] . compact . join ( '_' )
17- path = "#{ Devise . mappings [ devise_mapping . to_sym ] . fullpath } #{ params [ :provider ] }
18- klass = request . scheme == 'https' ? URI ::HTTPS : URI ::HTTP
19- redirect_route = klass . build ( host : request . host , port : request . port , path : path ) . to_s
15+ devise_mapping = get_devise_mapping
16+ redirect_route = get_redirect_route ( devise_mapping )
2017
2118 # preserve omniauth info for success route. ignore 'extra' in twitter
2219 # auth response to avoid CookieOverflow.
@@ -26,6 +23,34 @@ def redirect_callbacks
2623 redirect_to redirect_route
2724 end
2825
26+ def get_redirect_route ( devise_mapping )
27+ path = "#{ Devise . mappings [ devise_mapping . to_sym ] . fullpath } #{ params [ :provider ] }
28+ klass = request . scheme == 'https' ? URI ::HTTPS : URI ::HTTP
29+ redirect_route = klass . build ( host : request . host , port : request . port , path : path ) . to_s
30+ end
31+
32+ def get_devise_mapping
33+ # derive target redirect route from 'resource_class' param, which was set
34+ # before authentication.
35+ devise_mapping = [ request . env [ 'omniauth.params' ] [ 'namespace_name' ] ,
36+ request . env [ 'omniauth.params' ] [ 'resource_class' ] . underscore . gsub ( '/' , '_' ) ] . compact . join ( '_' )
37+ rescue NoMethodError => err
38+ default_devise_mapping
39+ end
40+
41+ # This method will only be called if `get_devise_mapping` cannot
42+ # find the mapping in `omniauth.params`.
43+ #
44+ # One example use-case here is for IDP-initiated SAML login. In that
45+ # case, there will have been no initial request in which to save
46+ # the devise mapping. If you are in a situation like that, and
47+ # your app allows for you to determine somehow what the devise
48+ # mapping should be (because, for example, it is always the same),
49+ # then you can handle it by overriding this method.
50+ def default_devise_mapping
51+ raise NotImplementedError . new ( 'no default_devise_mapping set' )
52+ end
53+
2954 def omniauth_success
3055 get_resource_from_auth_hash
3156 set_token_on_resource
@@ -136,16 +161,6 @@ def assert_is_devise_resource!
136161 true
137162 end
138163
139- # necessary for access to devise_parameter_sanitizers
140- def devise_mapping
141- if omniauth_params
142- Devise . mappings [ [ omniauth_params [ 'namespace_name' ] ,
143- omniauth_params [ 'resource_class' ] . underscore ] . compact . join ( '_' ) . to_sym ]
144- else
145- request . env [ 'devise.mapping' ]
146- end
147- end
148-
149164 def set_random_password
150165 # set crazy password for new oauth users. this is only used to prevent
151166 # access via email sign-in.
@@ -214,6 +229,15 @@ def fallback_render(text)
214229 </html>)
215230 end
216231
232+ def handle_new_resource
233+ @oauth_registration = true
234+ set_random_password
235+ end
236+
237+ def assign_whitelisted_params?
238+ true
239+ end
240+
217241 def get_resource_from_auth_hash
218242 # find or create user by provider and provider uid
219243 @resource = resource_class . where (
@@ -222,16 +246,17 @@ def get_resource_from_auth_hash
222246 ) . first_or_initialize
223247
224248 if @resource . new_record?
225- @oauth_registration = true
226- set_random_password
249+ handle_new_resource
227250 end
228251
229252 # sync user info with provider, update/generate auth token
230253 assign_provider_attrs ( @resource , auth_hash )
231254
232255 # assign any additional (whitelisted) attributes
233- extra_params = whitelisted_params
234- @resource . assign_attributes ( extra_params ) if extra_params
256+ if assign_whitelisted_params?
257+ extra_params = whitelisted_params
258+ @resource . assign_attributes ( extra_params ) if extra_params
259+ end
235260
236261 @resource
237262 end
0 commit comments