rename sso_token to api_token

app/controllers/app_passwords_controller.rb

@@ -31,7 +31,7 @@ class AppPasswordsController < ApplicationController
       end
     elsif params[:delete]
       begin
-        ApiBackend::app_password_delete(current_user, params[:delete], sso_token)
+        ApiBackend::app_password_delete(current_user, params[:delete], api_token)
       rescue ApiBackend::ApiError
         flash[:notice] = :failed
       end

app/controllers/application_controller.rb

@@ -127,11 +127,11 @@ class ApplicationController < ActionController::Base
     session[:mail_crypt_recovery_token] = nil
     reset_session
     session[:locale] = I18n.locale
-    session[:sso_token] = nil
+    session[:api_token] = nil
   end
 
-  def sso_token
-    session[:sso_token]
+  def api_token
+    session[:api_token]
   end
-  helper_method :sso_token
+  helper_method :api_token
 end

app/controllers/concerns/api_backend.rb

@@ -71,9 +71,9 @@ module ApiBackend
     get(['users', 'app_passwords'], {'email' => email})
   end
 
-  def self.app_password_delete(email, pw_name, sso)
+  def self.app_password_delete(email, pw_name, token)
     post(['users', 'app_password_delete'], {'email' => email,
-                                            'sso' => sso,
+                                            'token' => token,
                                             'pw_name' => pw_name})
   end
 
@@ -83,18 +83,18 @@ module ApiBackend
                                             'pw_name' => pw_name})
   end
 
-  def self.user_info(admin_email, sso, email, include_deleted=false)
+  def self.user_info(admin_email, token, email, include_deleted=false)
     get(['users_admin', 'info'], {
       'admin_email' => admin_email,
-      'sso' => sso,
+      'token' => token,
       'email' => email,
       'include_deleted' => include_deleted})
   end
 
-  def self.user_update(admin_email, sso, email, action, value)
+  def self.user_update(admin_email, token, email, action, value)
     post(['users_admin', 'update'], {
       'admin_email' => admin_email,
-      'sso' => sso,
+      'token' => token,
       'email' => email,
       'action' => action,
       'value' => value})
@@ -108,10 +108,10 @@ module ApiBackend
     get(['users', 'check_valid_new_email'], {'email' => email})
   end
 
-  def self.list(admin_email, sso, filter = nil, domain = nil, mailbox = nil, deleted = nil)
+  def self.list(admin_email, token, filter = nil, domain = nil, mailbox = nil, deleted = nil)
     get(['users_admin', 'list'], {
       'admin_email' => admin_email,
-      'sso' => sso,
+      'token' => token,
       'filter' => filter,
       'domain' => domain,
       'mailbox' => mailbox,
@@ -273,10 +273,10 @@ module ApiBackend
                                            })
   end
 
-  def self.create_new_mailbox_admin(admin_email, sso, email, pw, forward, mail_crypt_enabled, recovery_email, keep_recovery_token, storagehost)
+  def self.create_new_mailbox_admin(admin_email, token, email, pw, forward, mail_crypt_enabled, recovery_email, keep_recovery_token, storagehost)
     post(['users_admin', 'create_new_mailbox'], {
       'admin_email' => admin_email,
-      'sso' => sso,
+      'token' => token,
       "email" => email,
       "password" => pw,
       "forward" => forward,
@@ -290,7 +290,7 @@ module ApiBackend
   def self.create_new_forward_admin(email, forwards)
     post(['users_admin', 'create_new_forward'], {
       'admin_email' => admin_email,
-      'sso' => sso,
+      'token' => token,
       "email" => email,
       "forwards" => forwards})
   end

app/controllers/saml_controller.rb

@@ -11,15 +11,15 @@ class SamlController < ApplicationController
     response          = OneLogin::RubySaml::Response.new(params[:SAMLResponse],
                                                          settings: saml_settings)
 
+    print response.decrypted_document.to_s
     # We validate the SAML Response and check if the user already exists in the system
     if response.is_valid?
-       # authorize_success, log the user
-       session[:user_id] = response.name_id
-       session[:sso_token] = Base64.encode64(response.decrypted_document.to_s)
-       update_session_expiry
-       session[:saml_attributes] = response.attributes
+      update_session_expiry
+      # authorize_success, log the user
+      session[:user_id] = response.name_id
+      session[:api_token] = response.attributes[:api_token]
     else
-       flash[:notice] = :login_failed
+      flash[:notice] = :login_failed
     end
     redirect_to '/'
   end

app/controllers/users_controller.rb

@@ -5,7 +5,7 @@ class UsersController < AdminController
     @only_mailbox = (params['only_mailbox'] == 'true') || nil
     @deleted = (params['deleted'] == 'true') || nil
     begin
-      res = ApiBackend::list(current_user, sso_token, @filter, @domain, @only_mailbox, @deleted)
+      res = ApiBackend::list(current_user, api_token, @filter, @domain, @only_mailbox, @deleted)
       @users = res['users']
     rescue ApiBackend::ApiError
       flash[:notice] = :fail
@@ -15,11 +15,11 @@ class UsersController < AdminController
   def create
     full_email = "#{params[:alias]}@#{params[:domain]}"
     if params[:forward].present? && !params[:password].present?
-      ApiBackend::create_new_forward_admin(current_user, sso_token, full_email, params[:forward])
+      ApiBackend::create_new_forward_admin(current_user, api_token, full_email, params[:forward])
     else
       ApiBackend::create_new_mailbox_admin(
         current_user,
-        sso_token,
+        api_token,
         full_email,
         params[:password],
         params[:forward],
@@ -84,13 +84,13 @@ class UsersController < AdminController
        end)
     if action
       begin
-        ApiBackend::user_update(current_user, sso_token, params[:email], action, value)
+        ApiBackend::user_update(current_user, api_token, params[:email], action, value)
         flash[:notice] = :success
         if [:delete,:purge].include?(action)
           redirect_to users_path and return
         end
         if [:legacy_password, :mail_crypt_secret_box, :mail_crypt_force_password, ].include?(action) && (params[:admin_lock] == 'yes')
-          ApiBackend::user_update(current_user, sso_token, params[:email], :lock, true)
+          ApiBackend::user_update(current_user, api_token, params[:email], :lock, true)
         end
       rescue ApiBackend::ApiError
         flash[:notice] = :failed
@@ -112,7 +112,7 @@ class UsersController < AdminController
     @email = params[:email]
     @the_user = nil
 
-    res = ApiBackend::user_info(current_user, sso_token, @email, true)
+    res = ApiBackend::user_info(current_user, api_token, @email, true)
     @the_user = res['user']
   rescue ApiBackend::ApiError
     flash[:notice] = :fail