remove github authentication for manager

2020-11-03 17:36:35 +01:00 · 2020-11-03 17:36:35 +01:00 · 6c2eb22960
commit 6c2eb22960
parent 29cfdfbe91
10 changed files with 1 additions and 99 deletions
--- a/config/env.example
+++ b/config/env.example
@ -42,10 +42,6 @@ FC_PARTICULIER_ID=""
 FC_PARTICULIER_SECRET=""
 FC_PARTICULIER_BASE_URL=""

-# Service externe: Authentification pour manager (auth Github obligatoire), permet d'accéder à /manager
-GITHUB_CLIENT_ID=""
-GITHUB_CLIENT_SECRET=""
-
 # Service externe: Support Utilisateur HelpScout | Spécifique démarches-simplifiées.fr
 HELPSCOUT_MAILBOX_ID=""
 HELPSCOUT_CLIENT_ID=""
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@ -232,13 +232,6 @@ Devise.setup do |config|
  # The default HTTP method used to sign out a resource. Default is :delete.
  config.sign_out_via = :delete

-  # ==> OmniAuth
-  # Add a new OmniAuth provider. Check the wiki for more information on setting
-  # up on your models and hooks.
-  if !Rails.env.test?
-    config.omniauth :github, Rails.application.secrets.github[:client_id], Rails.application.secrets.github[:client_secret], scope: 'user:email'
-  end
-
  # ==> Warden configuration
  # If you want to use other strategies, that are not supported by Devise, or
  # change the failure app, you can configure them inside the config.warden block.
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@ -1,4 +0,0 @@
-# OmniAuth GET requests may be vulnerable to CSRF.
-# Ensure that OmniAuth only uses POST requests.
-# See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
-OmniAuth.config.allowed_request_methods = [:post]
--- a/config/routes.rb
+++ b/config/routes.rb
@ -80,7 +80,6 @@ Rails.application.routes.draw do
  devise_for :administrations,
    skip: [:password, :registrations, :sessions],
    controllers: {
-      omniauth_callbacks: 'administrations/omniauth_callbacks'
    }

  devise_for :users, controllers: {
--- a/config/secrets.yml
+++ b/config/secrets.yml
@ -23,9 +23,6 @@ defaults: &defaults
    token_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/token
    userinfo_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/userinfo
    logout_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/logout
-  github:
-    client_id: <%= ENV['GITHUB_CLIENT_ID'] %>
-    client_secret: <%= ENV['GITHUB_CLIENT_SECRET'] %>
  mailjet:
    api_key: <%= ENV['MAILJET_API_KEY'] %>
    secret_key: <%= ENV['MAILJET_SECRET_KEY'] %>