SSO Interface and Connection (#652)

* working saml, cas, probably openid_connect. shibboleth gets to idp and logs in but looses session on the way back

merge all the omniauth related code together
solve saml metadata issue, put in saml redirect loading page, put in choose your sso page
remove shibboleth since it can be done with saml and saml is more configurable

* update gemfile order

* Update app/models/identity_provider.rb

Co-authored-by: Alisha Evans <[email protected]>

* remove old spec and leftovers

---------

Co-authored-by: leaannbradford <[email protected]>
Co-authored-by: Alisha Evans <[email protected]>

.gitguardian.yaml

@@ -0,0 +1,5 @@
+secret:
+  ignored-matches:
+  - match: 2ace7433e96955aeed1a310d7dcc61f8761d05fbff91b92d79d860e307d6ea6a
+    name: Generic High Entropy Secret - .env
+version: 2

Gemfile

@@ -3,143 +3,106 @@
 source 'https://rubygems.org'
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '~> 5.2.5'
-gem 'activerecord-nulldb-adapter'
-# Use sqlite3 as the database for Active Record
-gem 'pg'
-# Use Puma as the app server
-gem 'puma', '~> 4.3'
-# Use SCSS for stylesheets
-gem 'sass-rails', '~> 5.0'
-# Use CoffeeScript for .coffee assets and views
-gem 'coffee-rails', '~> 4.2'
-# See https://github.com/rails/execjs#readme for more supported runtimes
-# gem 'therubyracer', platforms: :ruby
-# Use jquery as the JavaScript library
-gem 'jquery-rails'
-# Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks
-gem 'turbolinks', '~> 5'
-# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
-gem 'jbuilder', '~> 2.5'
-# bundle exec rake doc:rails generates the API under doc/api.
-# gem 'sdoc', '~> 0.4.0', group: :doc
-# Use ActiveModel has_secure_password
-# gem 'bcrypt', '~> 3.1.7'
-gem 'active-fedora', '>= 11.1.4'
-gem 'flutie'
-# Use Capistrano for deployment
-# gem 'capistrano-rails', group: :development
-group :development, :test do
-  # Call 'byebug' anywhere in the code to stop execution and get a debugger console
-  gem 'byebug'
-  gem 'pry-byebug'
-  gem 'i18n-debug', require: false
-  gem 'i18n-tasks'
-  gem 'rspec'
-  gem 'rspec-rails', '>= 3.6.0'
-  gem 'coveralls', '~> 0.8', '>= 0.8.23', require: false
-  gem 'simplecov', require: false
-  gem 'fcrepo_wrapper', '~> 0.4'
-  gem 'solr_wrapper', '~> 2.0'
-
-  gem 'rubocop', '~> 0.50', '<= 0.52.1'
-  gem 'rubocop-rspec', '~> 1.22', '<= 1.22.2'
-  # gem 'xray-rails'
-end
-
-group :test do
-  gem 'capybara'
-  gem 'capybara-screenshot', '~> 1.0'
-  gem 'database_cleaner'
-  gem 'factory_bot_rails'
-  gem 'launchy'
-  # rack-test >= 0.71 does not work with older Capybara versions (< 2.17). See #214 for more details
-  gem 'rack-test', '0.7.0'
-  gem 'rails-controller-testing'
-  gem 'rspec-activemodel-mocks'
-  gem 'rspec-its'
-  gem 'rspec_junit_formatter'
-  gem 'rspec-retry'
-  gem 'semaphore_test_boosters'
-  gem 'selenium-webdriver', '3.142.7'
-  gem 'shoulda-matchers', '~> 4.0'
-  gem 'webdrivers', '~> 4.0'
-  gem 'webmock'
-end
-group :development do
-  # Access an IRB console on exception pages or by using <%= console %> in views
-  gem 'web-console', '>= 3.3.0'
-  gem 'listen', '>= 3.0.5', '< 3.2'
-  # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
-  gem 'easy_translate'
-  gem 'scss_lint', require: false
-  gem 'spring', '~> 1.7'
-  gem 'spring-watcher-listen', '~> 2.0.0'
-end
-
-gem 'bulkrax', '~> 5.0'
 
+gem 'active-fedora', '>= 11.1.4'
+gem 'active_elastic_job', github: 'active-elastic-job/active-elastic-job', ref: 'ec51c5d9dedc4a1b47f2db41f26d5fceb251e979', group: %i[aws]
+gem 'activejob-scheduler', github: 'notch8/activejob-scheduler'
+gem 'activerecord-nulldb-adapter'
+gem 'addressable', '2.8.1'
+gem 'apartment'
+gem 'aws-sdk-sqs', group: %i[aws]
 gem 'blacklight', '~> 6.7'
+gem 'blacklight_advanced_search'
 gem 'blacklight_oai_provider', '~> 6.1', '>= 6.1.1'
-
-gem 'hyrax', git: 'https://github.com/samvera/hyrax.git', branch: 'privkey_for_ga4_3.x' #'~> 3.6.0'
-gem 'addressable', '2.8.1'
+gem 'blacklight_range_limit'
 gem 'bolognese', '>= 1.9.10'
-gem 'hyrax-doi', git: 'https://github.com/samvera-labs/hyrax-doi.git', branch: 'hyrax_upgrade'
-gem 'hyrax-iiif_av', git: 'https://github.com/samvera-labs/hyrax-iiif_av.git', branch: 'main'
-gem 'iiif_print', git: 'https://github.com/scientist-softserv/iiif_print.git', branch: 'main'
-gem 'postrank-uri', '>= 1.0.24'
-gem 'redlock', '>= 0.1.2', '< 2.0' # lock redlock per https://github.com/samvera/hyrax/pull/5961
-gem 'rsolr', '~> 2.0'
-
+gem 'bootstrap-datepicker-rails'
+gem 'bulkrax', '~> 5.0'
+gem 'byebug', group: %i[development test]
+gem 'capybara', group: %i[test]
+gem 'capybara-screenshot', '~> 1.0', group: %i[test]
+gem 'carrierwave-aws', '~> 1.3', group: %i[aws test]
+gem 'cocoon'
+gem 'codemirror-rails'
+gem 'coffee-rails', '~> 4.2' # Use CoffeeScript for .coffee assets and views
+gem 'config', '~> 2.2', '>= 2.2.1'
+gem 'coveralls', '~> 0.8', '>= 0.8.23', require: false, group: %i[development test]
+gem 'database_cleaner', group: %i[test]
 gem 'devise'
 gem 'devise-guests', '~> 0.3'
 gem 'devise-i18n'
 gem 'devise_invitable', '~> 1.6'
-gem 'apartment'
-gem 'config', '~> 2.2', '>= 2.2.1'
-gem 'is_it_working'
-gem 'rolify'
+gem 'dry-monads', '~> 1.4.0' # Locked because 1.5.0 was not compatible with Hyrax v.3.4.2
+gem 'easy_translate', group: %i[development]
+gem 'factory_bot_rails', group: %i[test]
+gem 'fcrepo_wrapper', '~> 0.4', group: %i[development test]
 gem 'flipflop', '~> 2.3'
+gem 'flutie'
+gem 'hyrax', github: 'samvera/hyrax', branch: 'privkey_for_ga4_3.x' #'~> 3.6.0'
+gem 'hyrax-doi', github: 'samvera-labs/hyrax-doi', branch: 'main'
+gem 'hyrax-iiif_av', github: 'samvera-labs/hyrax-iiif_av', branch: 'main'
+gem 'i18n-debug', require: false, group: %i[development test]
+gem 'i18n-tasks', group: %i[development test]
+gem 'iiif_print', github: 'scientist-softserv/iiif_print', branch: 'main'
+gem 'jbuilder', '~> 2.5'
+gem 'jquery-rails' # Use jquery as the JavaScript library
+gem 'launchy', group: %i[test]
+gem 'listen', '>= 3.0.5', '< 3.2', group: %i[development]
 gem 'lograge'
 gem 'mods', '~> 2.4'
-group :aws, :test do
-  gem 'carrierwave-aws', '~> 1.3'
-end
-group :aws do
-  gem 'active_elastic_job'#, git: 'https://github.com/active-elastic-job/active-elastic-job'
-  gem 'aws-sdk-sqs'
-end
-gem 'activejob-scheduler', git: 'https://github.com/notch8/activejob-scheduler.git'
-gem 'bootstrap-datepicker-rails'
-gem "cocoon"
-gem 'codemirror-rails'
 gem 'negative_captcha'
 gem 'okcomputer'
+gem 'omniauth-cas', github: 'stanhu/omniauth-cas', ref: '4211e6d05941b4a981f9a36b49ec166cecd0e271'
+gem 'omniauth-multi-provider'
+gem 'omniauth-rails_csrf_protection', '~> 1.0'
+gem 'omniauth-saml', '~> 2.1'
+gem 'omniauth_openid_connect'
+gem 'order_already', '~> 0.3.1'
 gem 'parser', '~> 2.5.3'
-gem 'rdf', '~> 3.1.15' # rdf 3.2.0 removed SerializedTransaction which ldp requires
-gem 'riiif', '~> 1.1'
-gem 'secure_headers'
-gem "sentry-raven" # April ToDo: Need to take out once the transfer is complete to Sentry.io
-gem 'sentry-ruby'
-gem 'sentry-rails'
-gem 'sidekiq'
-gem 'terser' # to support the Safe Navigation / Optional Chaining operator (?.) and avoid uglifier precompile issue
-gem 'tether-rails'
+gem 'pg'
+gem 'postrank-uri', '>= 1.0.24'
 gem 'progress_bar'
-# Pronto adds comments to MRs in gitlab when rubocop offenses are made.
 gem 'pronto'
 gem 'pronto-brakeman', require: false
 gem 'pronto-flay', require: false
 gem 'pronto-rails_best_practices', require: false
 gem 'pronto-rails_schema', require: false
 gem 'pronto-rubocop', require: false
-
-gem "order_already", "~> 0.3.1"
-gem "redcarpet"
-# When first attempting to upgrade to Hyrax v3.4.2, this dry-monads gem was upgraded to v1.5.0.
-# This version threw the following error:
-# NameError: uninitialized constant Dry::Monads::Result::Transformer
-# Locking it to v1.4.x does not throw an error.
-gem 'dry-monads', '~> 1.4.0'
-gem 'blacklight_range_limit'
-gem "blacklight_advanced_search"
+gem 'pry-byebug', group: %i[development test]
+gem 'puma', '~> 4.3' # Use Puma as the app server
+gem 'rack-test', '0.7.0', group: %i[test] # rack-test >= 0.71 does not work with older Capybara versions (< 2.17). See #214 for more details
+gem 'rails-controller-testing', group: %i[test]
+gem 'rdf', '~> 3.1.15' # rdf 3.2.0 removed SerializedTransaction which ldp requires
+gem 'redcarpet'
+gem 'redlock', '>= 0.1.2', '< 2.0' # lock redlock per https://github.com/samvera/hyrax/pull/5961
+gem 'riiif', '~> 1.1'
+gem 'rolify'
+gem 'rsolr', '~> 2.0'
+gem 'rspec', group: %i[development test]
+gem 'rspec-activemodel-mocks', group: %i[test]
+gem 'rspec-its', group: %i[test]
+gem 'rspec-rails', '>= 3.6.0', group: %i[development test]
+gem 'rspec-retry', group: %i[test]
+gem 'rspec_junit_formatter', group: %i[test]
+gem 'rubocop', '~> 0.50', '<= 0.52.1', group: %i[development test]
+gem 'rubocop-rspec', '~> 1.22', '<= 1.22.2', group: %i[development test]
+gem 'sass-rails', '~> 5.0' # Use SCSS for stylesheets
+gem 'scss_lint', require: false, group: %i[development]
+gem 'secure_headers'
+gem 'selenium-webdriver', '3.142.7', group: %i[test]
+gem 'semaphore_test_boosters', group: %i[test]
+gem 'sentry-rails'
+gem 'sentry-raven' # April ToDo: Need to take out once the transfer is complete to Sentry.io
+gem 'sentry-ruby'
+gem 'shoulda-matchers', '~> 4.0', group: %i[test]
+gem 'sidekiq'
+gem 'simplecov', require: false, group: %i[development test]
+gem 'solr_wrapper', '~> 2.0', group: %i[development test]
+gem 'spring', '~> 1.7', group: %i[development]
+gem 'spring-watcher-listen', '~> 2.0.0', group: %i[development]
+gem 'terser' # to support the Safe Navigation / Optional Chaining operator (?.) and avoid uglifier precompile issue
+gem 'tether-rails'
+gem 'turbolinks', '~> 5'
+gem 'web-console', '>= 3.3.0', group: %i[development] # <%= console %> in views
+gem 'webdrivers', '~> 4.7.0', group: %i[test]
+gem 'webmock', group: %i[test]