Merge pull request #10 from cslzchen/feature/cas-guid-osf

[Improvement] Update fakeCAS to return GUID to OSF and API [#CAS-19]
CenterForOpenScience · Jan 19, 2017 · c2bed39 · c2bed39
2 parents eb9e202 + 47ceacb
commit c2bed39
Showing 1 changed file with 32 additions and 21 deletions.
diff --git a/views.go b/views.go
@@ -112,23 +112,28 @@ func ServiceValidate(c echo.Context) error {
 	result := User{}
 	ticket := c.FormValue("ticket")
 
-	err := DatabaseConnection.QueryRow(`
-		SELECT
-			id
-			, username
-			, given_name
-			, family_name
-		FROM osf_osfuser
+	var queryString = `
+		SELECT DISTINCT
+			osf_guid._id,
+			osf_osfuser.username,
+			osf_osfuser.given_name,
+			osf_osfuser.family_name
+		From osf_guid
+			LEFT JOIN django_content_type
+			ON django_content_type.model = 'osfuser'
+			JOIN osf_osfuser
+			ON django_content_type.id = osf_guid.content_type_id AND object_id = osf_osfuser.id
 		WHERE username = $1 OR $1 = ANY(emails)
-	`, ticket).Scan(&result.Id, &result.Username, &result.GivenName, &result.Username)
-
+	`
+	err := DatabaseConnection.QueryRow(queryString, ticket).Scan(&result.Id, &result.Username, &result.GivenName, &result.FamilyName)
 	if err != nil {
 		if err != sql.ErrNoRows {
 			panic(err)
 		}
 		fmt.Println("User", ticket, "not found.")
 		return c.NoContent(http.StatusNotFound)
 	}
+	fmt.Println("User found: username =", result.Username, ", guid =", result.Id,)
 
 	response := ServiceResponse{
 		Xmlns:       "http://www.yale.edu/tp/cas",
@@ -140,7 +145,6 @@ func ServiceValidate(c echo.Context) error {
 		AccessToken: result.Id,
 		UserName:    result.Username,
 	}
-
 	return c.XML(http.StatusOK, response)
 }
 
@@ -152,24 +156,31 @@ func OAuth(c echo.Context) error {
 
 	tokenId := strings.Replace(c.Request().Header.Get("Authorization"), "Bearer ", "", 1)
 
-	err := DatabaseConnection.QueryRow(`
-		SELECT
-			user.id
-			, user.given_name
-			, user.family_name
-			, token.scopes
-		FROM osf_apioauth2personaltoken AS token
-		JOIN osf_osfuser AS user ON user.id = token.owner_id
-		WHERE token_id = $1
-	`, tokenId).Scan(&result.Id, &result.Username, &result.GivenName, scopes)
-
+	var queryString = `
+		SELECT DISTINCT
+			osf_guid._id,
+			osf_osfuser.username,
+			osf_osfuser.given_name,
+			osf_osfuser.family_name,
+			osf_apioauth2personaltoken.scopes
+		FROM osf_guid
+			LEFT JOIN django_content_type
+				ON django_content_type.model = 'osfuser'
+			JOIN osf_osfuser
+				ON django_content_type.id = osf_guid.content_type_id AND object_id = osf_osfuser.id
+			JOIN osf_apioauth2personaltoken
+					ON osf_osfuser.id = osf_apioauth2personaltoken.owner_id
+			WHERE osf_apioauth2personaltoken.token_id = $1
+	`
+	err := DatabaseConnection.QueryRow(queryString, tokenId).Scan(&result.Id, &result.Username, &result.GivenName, &result.FamilyName, &scopes)
 	if err != nil {
 		if err != sql.ErrNoRows {
 			panic(err)
 		}
 		fmt.Println("Access token", tokenId, "not found")
 		return c.NoContent(http.StatusNotFound)
 	}
+	fmt.Println("User found for token: username =", result.Username, ", guid =", result.Id,)
 
 	return c.JSON(200, OAuthResponse{
 		Id: result.Id,