GRN2-30: Add custom ldap sign in page (#619)

* Add custom ldap signin page

* Remove old omniauth-ldap gem

* Use new bn gems

app/controllers/sessions_controller.rb

@@ -19,6 +19,7 @@
 class SessionsController < ApplicationController
   include Registrar
   include Emailer
+  include LdapAuthenticator
 
   skip_before_action :verify_authenticity_token, only: [:omniauth, :fail]
 
@@ -47,8 +48,65 @@ class SessionsController < ApplicationController
 
   # GET/POST /auth/:provider/callback
   def omniauth
+    @auth = request.env['omniauth.auth']
+
+    process_signin
+  end
+
+  # POST /auth/failure
+  def omniauth_fail
+    redirect_to root_path, alert: I18n.t(params[:message], default: I18n.t("omniauth_error"))
+  end
+
+  # GET /auth/ldap
+  def ldap
+    ldap_config = {}
+    ldap_config[:host] = ENV['LDAP_SERVER']
+    ldap_config[:port] = ENV['LDAP_PORT'].to_i != 0 ? ENV['LDAP_PORT'].to_i : 389
+    ldap_config[:bind_dn] = ENV['LDAP_BIND_DN']
+    ldap_config[:password] = ENV['LDAP_PASSWORD']
+    ldap_config[:encryption] = if ENV['LDAP_METHOD'] == 'ssl'
+                                    'simple_tls'
+                                elsif ENV['LDAP_METHOD'] == 'tls'
+                                    'start_tls'
+                                end
+    ldap_config[:base] = ENV['LDAP_BASE']
+    ldap_config[:uid] = ENV['LDAP_UID']
+
+    result = send_ldap_request(params[:session], ldap_config)
+
+    if result
+      result = result.first
+    else
+      return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials"))
+    end
+
+    @auth = parse_auth(result)
+
+    process_signin
+  end
+
+  private
+
+  def session_params
+    params.require(:session).permit(:email, :password)
+  end
+
+  def check_user_exists
+    provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider']
+    User.exists?(social_uid: @auth['uid'], provider: provider)
+  end
+
+  # Check if the user already exists, if not then check for invitation
+  def passes_invite_reqs
+    return true if @user_exists
+
+    invitation = check_user_invited("", session[:invite_token], @user_domain)
+    invitation[:present]
+  end
+
+  def process_signin
     begin
-      @auth = request.env['omniauth.auth']
       @user_exists = check_user_exists
 
       if !@user_exists && @auth['provider'] == "twitter"
@@ -89,28 +147,4 @@ class SessionsController < ApplicationController
         omniauth_fail
     end
   end
-
-  # POST /auth/failure
-  def omniauth_fail
-    redirect_to root_path, alert: I18n.t(params[:message], default: I18n.t("omniauth_error"))
-  end
-
-  private
-
-  def session_params
-    params.require(:session).permit(:email, :password)
-  end
-
-  def check_user_exists
-    provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider']
-    User.exists?(social_uid: @auth['uid'], provider: provider)
-  end
-
-  # Check if the user already exists, if not then check for invitation
-  def passes_invite_reqs
-    return true if @user_exists
-
-    invitation = check_user_invited("", session[:invite_token], @user_domain)
-    invitation[:present]
-  end
 end

app/controllers/users_controller.rb

@@ -68,6 +68,10 @@ class UsersController < ApplicationController
     end
   end
 
+  # GET /ldap_signin
+  def ldap_signin
+  end
+
   # GET /signup
   def new
     return redirect_to root_path unless Rails.configuration.allow_user_signup