Versions Compared

Old Version 18

changes.mady.by.user Arnaud Lachaume

Saved on

compared with

New Version 19

changes.mady.by.user Arnaud Lachaume

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languageruby
titleApp Routes
linenumberstrue
#
# Let's create parameterized routes
#
# The metadata route will be fetched by the enterprise tenants to retrieve your configuration
route "/mno-enterprise/:tenant_key/metadata" to "MetadataController" on action "show"
 
# The single sign-on routes will be used by enterprise tenants to 
route "/mno-enterprise/:tenant_key/saml/initialize" to "SamlSsoController" on action "initialize"
route "/mno-enterprise/:tenant_key/saml/consume" to "SamlSsoController" on action "consume"
 
# The Account Webhook routes notify you of groups being removed or users being removed from groups
route "/mno-enterprise/:tenant_key/account/group/:id" to "AccountWebhookController" on action "destroy_group"
route "/mno-enterprise/:tenant_key/account/group/:group_id/user/:id" to "AccountWebhookController" on action "remove_user"

# The Connec!™ webhook route will be used by enterprise tenants to POST data sharing notifications
route "/mno-enterpise/:tenant_key/connec/receive" to "ConnecWebhookController" with action "receive"
 
Code Block
languageruby
titleMetadataController
linenumberstrue
# The metadata controller exposes my configuration to the requesting tenant
# Thanks to this metadata controller, the tenant will be able to discover my configuration
# and send webhook notifications to the right endpoint.
class MetadataController
  
	# The show action responds to the following route
	# GET /mno-enterprise/:tenant_key/metadata
  	function show
    	# Because the URL was parameterized, we can retrieve the tenant key
    	# from the URL parameters
    	tenant_key = params['tenant_key']
 
    	# Next step to make sure we authenticate the tenant. Authentication is
    	# tenant specific
    	unless Maestrano.with(tenant_key).authenticate(http_basic['login'],http_basic['password'])
      		render_json("Unauthorized, code: '401')
    	end     
    
    	# Eventually, we render our configuration manifest for this specific tenant
    	render_json(Maestrano.with(tenant_key).to_metadata)
  	end
  
end

...

Code Block
languageruby
titleSamlSSOController
linenumberstrue
#
# This controller handles the Single Sign-On handshake
#
class SamlSsoController
  
  	# The 'initialize' controller action responds the following route
  	# GET /mno-enterprise/:tenant_key/saml/initialize
  	#
  	# The goal of this action is to trigger the Single Sign-On handshake
  	# between the tenant platform and your application
  	function initialize
		# Retrieve the tenant key from the URL parameters
    	tenant_key = params['tenant_key']
	
		redirect_to MaestranoSamlRequest.with(tenant_key).new(params).redirect_url
  	end
  
  	# The 'initialize' controller action responds to the following route
  	# POST /mno-enterprise/:tenant_key/saml/consume
  	function consume
    	# Retrieve the tenant key from the URL parameters
    	tenant_key = params['tenant_key']
    
		# Process the response
		saml_response = Maestrano::Saml::Response.with(tenant_key).new(params[:SAMLResponse])
    
    	# Reject if invalid
    	unless saml_response.is_valid?
      		redirect_to "/some/error/path"
    	end
 
    	# Extract information from the response
  		user_attributes = Maestrano::SSO::BaseUser.new(saml_response).to_hash_or_associative_array
  		group_attributes = Maestrano::SSO::BaseGroup.new(saml_response).to_hash_or_associative_array

  		# Find/create the user and the organization
    	# The creation or retrieval of records should be scoped to a specific provider (tenant_key)
  		user = User.find_or_create_for_maestrano_tenant(user_attributes,tenant_key)
  		organization = Organization.find_or_create_for_maestrano_tenant(group_attributes,tenant_key)

  		# Add user to the organization if not there already
  		unless organization.has_member?(user)
    		organization.add_member(user)
  		end

		# Sign the user in and redirect to application root
		# To be customised depending on how you handle user
  		# sign in and 
  		sign_user_in(user)
  		redirect_to "/some/post-login/path"
	end
 
end

...

Code Block
languageruby
titleInvoiceModel
linenumberstrue
class InvoiceModel
  
	function save
    	return false unless this.save_to_db
	    if this.maestrano_uid
			client = MaestranoConnecClient.with(this.maestrano_tenant_key).new(this.maestrano_group_uid)
      		client.post('/invoices', this.to_maestrano_json)
    	end
	end
end

...

Code Block
languageruby
titleConnecWebhookController
linenumberstrue
# This controller processes any data sharing notifications sent by tenants via
# Connec!
# E.g.: I receive a new invoice from Connec!™ that was created in another application
class WebhookConnecController
  
	# The 'receive' controller action responds to the following route
  	# POST /mno-enterprise/acme-corp/connec/receive
  	function receive
  		# Retrieve the tenant key from the URL parameters
	    tenant_key = params['tenant_key']

    	# Authenticate request as usual
	    unless Maestrano.with(tenant_key).authenticate(http_basic['login'],http_basic['password'])
    		render json: "Unauthorized, code: '401'
    	end
    
    	# Finally, process the request for a specific tenant
    	MyConnecWrapperClass.process_invoice_updates(params['invoices'],tenant_key)
  	end
  
end

...