Skip to content

Commit 76a8a1c

Browse files
cycomacheadclaude
authored andcommitted
refactor: simplify SSO configuration and use standard provider logic
Revert custom provider detection logic in favor of using a placeholder OSEM_DISCOURSE_KEY. This aligns Snap!Cloud SSO with the existing OSEM provider pattern while documenting that only the secret is required for the actual handshake. Co-authored-by: Claude Code <noreply@anthropic.com>
1 parent 7d81a7a commit 76a8a1c

4 files changed

Lines changed: 9 additions & 11 deletions

File tree

app/helpers/users_helper.rb

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -14,12 +14,6 @@ def omniauth_configured
1414

1515
providers = []
1616
Devise.omniauth_providers.each do |provider|
17-
# Discourse SSO (Snap!Cloud) only requires a secret, not a key
18-
if provider == :discourse
19-
providers << provider if ENV.fetch('OSEM_SNAP_SSO_SECRET', ENV.fetch('OSEM_DISCOURSE_SECRET', nil)).present?
20-
next
21-
end
22-
2317
provider_key = "#{provider}_key"
2418
provider_secret = "#{provider}_secret"
2519
unless Rails.application.secrets.send(provider_key).blank? || Rails.application.secrets.send(provider_secret).blank?

config/initializers/devise.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616

1717
config.omniauth :discourse,
1818
sso_url: ENV.fetch('OSEM_SNAP_SSO_URL', 'https://snap.berkeley.edu/api/v1/discourse-sso'),
19-
sso_secret: ENV.fetch('OSEM_SNAP_SSO_SECRET', ENV.fetch('OSEM_DISCOURSE_SECRET', nil))
19+
sso_secret: ENV.fetch('OSEM_DISCOURSE_SECRET', nil)
2020

2121
config.omniauth :facebook,
2222
ENV.fetch('OSEM_FACEBOOK_KEY', Rails.application.secrets.facebook_key),

dotenv.example

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -67,9 +67,12 @@
6767
# OSEM_GITHUB_KEY=1234
6868
# OSEM_GITHUB_SECRET=5678
6969

70-
# Snap!Cloud SSO (Discourse SSO protocol)
71-
# The shared secret must match the DISCOURSE_SSO_SECRET configured in Snap!Cloud
72-
# OSEM_SNAP_SSO_SECRET=your_shared_secret
70+
# Snap!Cloud SSO (uses the Discourse SSO protocol)
71+
# The shared secret must match the DISCOURSE_SSO_SECRET configured in Snap!Cloud.
72+
# OSEM_DISCOURSE_KEY can be any non-empty value; it is only used to signal that
73+
# the Discourse provider is enabled (the SSO flow itself only needs the secret).
74+
# OSEM_DISCOURSE_KEY=snap-cloud
75+
# OSEM_DISCOURSE_SECRET=your_shared_secret
7376
# Optionally override the SSO endpoint URL (defaults to https://snap.berkeley.edu/api/v1/discourse-sso)
7477
# OSEM_SNAP_SSO_URL=https://snap.berkeley.edu/api/v1/discourse-sso
7578

spec/support/omniauth_macros.rb

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ module OmniauthMacros
1212
ENV['OSEM_SUSE_SECRET'] = 'test secret suse'
1313
ENV['OSEM_GITHUB_KEY'] = 'test key github'
1414
ENV['OSEM_GITHUB_SECRET'] = 'test secret github'
15-
ENV['OSEM_SNAP_SSO_SECRET'] = 'test secret snap sso'
15+
ENV['OSEM_DISCOURSE_KEY'] = 'snap-cloud'
16+
ENV['OSEM_DISCOURSE_SECRET'] = 'test secret discourse'
1617

1718
def mock_auth_new_user
1819
OmniAuth.config.mock_auth[:google] =

0 commit comments

Comments
 (0)