Skip to content

Commit

Permalink
Merge branch 'master' into snyk-fix-d58d06cc827205e39d83a7ea540c56b4
Browse files Browse the repository at this point in the history
  • Loading branch information
jfederico authored Sep 21, 2023
2 parents 58820bf + 7fe9caa commit d3b4cc0
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 24 deletions.
2 changes: 1 addition & 1 deletion Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ end
group :development do
# Access an interactive console on exception pages or by calling 'console' anywhere in the code.
gem 'listen', '>= 3.0.5', '< 3.2'
gem 'web-console', '>= 4.2.0'
gem 'web-console', '>= 4.2.1'
# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
gem 'spring'
gem 'spring-watcher-listen', '~> 2.0.0'
Expand Down
4 changes: 2 additions & 2 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -385,7 +385,7 @@ GEM
unf_ext (0.0.8.2)
unicode-display_width (2.4.2)
version_gem (1.1.2)
web-console (4.2.0)
web-console (4.2.1)
actionview (>= 6.0.0)
activemodel (>= 6.0.0)
bindex (>= 0.4.0)
Expand Down Expand Up @@ -460,7 +460,7 @@ DEPENDENCIES
turbolinks (~> 5)
tzinfo-data
uglifier (>= 1.3.0)
web-console (>= 4.2.0)
web-console (>= 4.2.1)
webdrivers
webmock
webpacker (~> 6.0.0.rc.5)
Expand Down
65 changes: 44 additions & 21 deletions lib/bbb/credentials.rb
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@

module Bbb
class Credentials
include OmniauthHelper

attr_writer :cache, :cache_enabled, :multitenant_api_endpoint, :multitenant_api_secret # Rails.cache store is assumed. # Enabled by default.

def initialize(endpoint, secret)
Expand All @@ -34,14 +36,10 @@ def initialize(endpoint, secret)
end

def endpoint(tenant)
return fix_bbb_endpoint_format(@endpoint) if tenant.blank?

fix_bbb_endpoint_format(tenant_endpoint(tenant))
end

def secret(tenant)
return @secret if tenant.blank?

tenant_secret(tenant)
end

Expand All @@ -56,29 +54,45 @@ def tenant_secret(tenant)
end

def tenant_info(tenant, key)
info = fetch_tenant_info(tenant)
info = formatted_tenant_info(tenant)
return if info.nil?

info[key]
end

##
# TODO: This new mechanism for tenant_credentials should be discarded when tenant settings are implemented in the brocker (LTI-172).
##
def fetch_tenant_info(tenant)
tenant_credentials = JSON.parse(Rails.configuration.tenant_credentials)[tenant]

raise 'Multitenant API not defined' if (@multitenant_api_endpoint.nil? || @multitenant_api_secret.nil?) && tenant_credentials.nil?

# Check up cached info.
def formatted_tenant_info(tenant)
if @cache_enabled
cached_tenant = @cache.fetch("#{tenant}/api")
cached_tenant = @cache.fetch("#{tenant}/tenantInfo")
return cached_tenant unless cached_tenant.nil?
end

if tenant_credentials
response = { 'apiURL' => tenant_credentials['bigbluebutton_url'], 'secret' => tenant_credentials['bigbluebutton_secret'] }
else
# Get tenant info from broker
tenant_info = fetch_tenant_info(tenant)

# Get tenant credentials from TENANT_CREDENTIALS environment variable
tenant_credentials = JSON.parse(Rails.configuration.tenant_credentials)[tenant]

raise 'Tenant does not exist' if tenant_info.nil? && tenant_credentials.nil? && tenant.present?

# use credentials from broker first, if not found then use env variable, and then use bbb_endpoint & bbb_secret if single tenant
tenant_settings = tenant_info&.[]('settings')

api_url = tenant_settings&.[]('bigbluebutton_url') ||
tenant_credentials&.[]('bigbluebutton_url') ||
(@endpoint if tenant.blank?)

secret = tenant_settings&.[]('bigbluebutton_secret') ||
tenant_credentials&.[]('bigbluebutton_secret') ||
(@secret if tenant.blank?)

missing_creds = !(api_url && secret)

raise 'Bigbluebutton credentials not found' if tenant.blank? && missing_creds

raise 'Multitenant API not defined' if tenant.present? && missing_creds && (@multitenant_api_endpoint.nil? || @multitenant_api_secret.nil?)

# get the api URL and secret from the LB if not defined in tenant settings
if missing_creds
# Build the URI.
uri = encoded_url(
"#{@multitenant_api_endpoint}api/getUser",
Expand All @@ -88,14 +102,23 @@ def fetch_tenant_info(tenant)

http_response = http_request(uri)
response = parse_response(http_response)
response['settings'] = tenant_settings
end

# Return the user credentials if the request succeeded on the External Tenant Manager.
@cache.fetch("#{tenant}/api", expires_in: 1.hour) do
response
@cache.fetch("#{tenant}/tenantInfo", expires_in: 1.hour) do
response || { 'apiURL' => api_url, 'secret' => secret, 'settings' => tenant_settings }
end
end

def fetch_tenant_info(tenant)
bbbltibroker_url = omniauth_bbbltibroker_url("/api/v1/tenants/#{tenant}")
get_response = RestClient.get(bbbltibroker_url, 'Authorization' => "Bearer #{omniauth_client_token(omniauth_bbbltibroker_url)}")
JSON.parse(get_response)
rescue StandardError
Rails.logger.error('Could not fetch tenant credentials from broker')
nil
end

def http_request(uri)
# Make the request.
http = Net::HTTP.new(uri.host, uri.port)
Expand Down

0 comments on commit d3b4cc0

Please sign in to comment.