castle_devise 0.4.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '08bc5ac82986fd553c2c64a8c10a04748220a997b1c3430d1dc2bde82c18623d'
-  data.tar.gz: 367ba90a6e2e6e6b32a2dd87a9ad7e375fc6567d64dc069816d85f0bf1d5a014
+  metadata.gz: a64b67ee6cdd64729672a54ec1f17457a03ac36833d00fa52ea3c2c8752a4f7a
+  data.tar.gz: 56de964e966c6dd76953fffda7b5121b06883aa79b21dc680aaccd64ba94383a
 SHA512:
-  metadata.gz: c3b603e7ad9f16909b546bb2604cff29d9939ea5e43b187764a0f114f9ee43a9746616bf05e1699a4bb914053781df0a190d7281ed5c9e2c1e0e34739bd34945
-  data.tar.gz: 47abcfb52b021885ce447ca68199cea7142f9e574e5b4bdb5653e60c6c4c373b67d1225c06baf61df24cca590b1dd35756cb3914c2de6348aea72c70ce110ac8
+  metadata.gz: 55d9047b2d6ecfca23badbd25736afa89acc132f2a6d8267eedd936f69d96c33da85a7f7ee2a7ac9e7a9a69f0e250532229d06fc22eb454a76b2a8c493233233
+  data.tar.gz: 695ed027ffff37f150a238897d98d2e68d156871895576e5f40cf287fa983964c0a36f378983e88c995080de95ba64d0f342e0e02b3c8b740a11e99d88f776fc

data/.github/workflows/lint.yml

@@ -1,21 +1,18 @@
 name: Lint
 
-on: [pull_request]
+on:
+  pull_request:
+  push:
+    branches: [main]
 
 jobs:
   standardrb:
-    name: runner / standardrb
+    name: standardrb
     runs-on: ubuntu-latest
     steps:
-      - name: Check out code
-        uses: actions/checkout@v1
-      - name: Give permissions
-        run: |
-          sudo chown -R root:root $GITHUB_WORKSPACE
-      - name: standardrb
-        uses: SennaLabs/action-standardrb@v0.0.3
+      - uses: actions/checkout@v4
+      - uses: ruby/setup-ruby@v1
         with:
-          github_token: ${{ secrets.github_token }}
-          reporter: github-pr-review # Default is github-pr-check
-          rubocop_version: 1.1.6 # note: this actually refers to standardb version, not Rubocop
-          rubocop_flags: --format progress
+          ruby-version: "3.4"
+          bundler-cache: true
+      - run: bundle exec standardrb --format progress

data/.github/workflows/specs.yml

@@ -10,34 +10,60 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        ruby: ["2.6", "2.7", "3.0"]
-        rails: ["5.2", "6.0", "6.1"]
-        exclude:
-          - ruby: "3.0"
-            rails: "5.2"
-
+        include:
+          # Rails 6.0
+          - ruby: "3.2"
+            rails: "6.0"
+          # Rails 6.1
+          - ruby: "3.2"
+            rails: "6.1"
+          # Rails 7.0
+          - ruby: "3.2"
+            rails: "7.0"
+          # Rails 7.1
+          - ruby: "3.2"
+            rails: "7.1"
+          - ruby: "3.3"
+            rails: "7.1"
+          # Rails 7.2
+          - ruby: "3.2"
+            rails: "7.2"
+          - ruby: "3.3"
+            rails: "7.2"
+          # Rails 8.0
+          - ruby: "3.3"
+            rails: "8.0"
+          - ruby: "3.4"
+            rails: "8.0"
+          - ruby: "4.0"
+            rails: "8.0"
+          # Rails 8.1
+          - ruby: "3.3"
+            rails: "8.1"
+          - ruby: "3.4"
+            rails: "8.1"
+          - ruby: "4.0"
+            rails: "8.1"
     steps:
-    - uses: actions/checkout@v2
-    - name: Set up Ruby ${{ matrix.ruby }}
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: ${{ matrix.ruby }}
-    - name: Install depenencies
-      env:
-        BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile
-      run: |
-        gem update --system
-        bundle config path vendor/bundle
-        bundle install
-    - name: Run specs
-      env:
-        BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile
-        CASTLE_API_SECRET: ${{ secrets.CASTLE_API_SECRET }}
-      run: |
-        bundle exec rake
-    - name: Simplecov Report
-      if:
-        ${{ matrix.rails == '6.1' && matrix.ruby >= '3.0' }}
-      uses: aki77/simplecov-report-action@v1
-      with:
-        token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: actions/checkout@v4
+      - name: Set up Ruby ${{ matrix.ruby }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+      - name: Install dependencies
+        env:
+          BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile
+        run: |
+          bundle config path vendor/bundle
+          bundle install
+      - name: Run specs
+        env:
+          BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile
+          CASTLE_API_SECRET: ${{ secrets.CASTLE_API_SECRET }}
+        run: |
+          bundle exec rake
+      - name: Simplecov Report
+        uses: k1LoW/octocov-action@v1
+        if: matrix.ruby == '3.4' && matrix.rails == '8.1'
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}

data/.gitignore

@@ -22,3 +22,4 @@ gemfiles/*.lock
 vendor/
 
 spec/dummy_app/log/
+spec/dummy_app/tmp/

data/.octocov.yml

@@ -0,0 +1,14 @@
+# generated by octocov init
+coverage:
+  if: true
+testExecutionTime:
+  if: true
+diff:
+  datastores:
+    - artifact://${GITHUB_REPOSITORY}
+summary:
+  if: true
+report:
+  if: is_default_branch
+  datastores:
+    - artifact://${GITHUB_REPOSITORY}

data/.standard.yml

@@ -0,0 +1,3 @@
+ignore:
+  - "gemfiles/vendor/**/*"
+  - "vendor/**/*"

data/CHANGELOG.md

@@ -2,6 +2,31 @@
 
 ## [Unreleased][main]
 
+## [0.6.0] - 2026-05-25
+- Add support for Rails 8.1
+- Add support for Devise 5
+- Allow `castle-rb` 9.x (constraint widened to `>= 7.2, < 10.0`); verified
+  against the upcoming 9.0 release — castle_devise uses only the
+  `#risk` / `#filter` / `#log` Client APIs and the `Castle::Error` /
+  `InvalidParametersError` / `InvalidRequestTokenError` classes, all of
+  which remain in 9.0.
+- Bump `castle-rb` to 9.1.0
+- Add Ruby 3.3, 3.4, and 4.0 to the CI matrix
+- Bump minimum required Ruby version to 3.2
+- Replace deprecated `ActiveSupport::Configurable` with plain Ruby attribute accessors (drops the Rails 8.2 deprecation warning)
+- Drop `appraisal` development dependency in favor of hand-maintained `gemfiles/*.gemfile`
+- Bump development Gemfile to Rails 8.1, Devise 5, sqlite3 ~> 2.1, Bundler 2.7.x
+
+## [0.5.0] - 2025-06-17
+- Throw a warning instead of an error for the `$login.failed` event when an exception is raised
+- Security fixes and dependency updates
+
+## [0.4.3] - 2023-07-11
+- Fix an issue where we would send a `login.failed` event on any attempt of accessing a protected resource, not only when the user failed to log in specifically
+
+## [0.4.2] - 2023-07-10
+- Change `params` to contain the email address sent by the user for the `/v1/filter` endpoint
+
 ## [0.4.1] - 2022-12-13
 - Introduced new configuration options for `castle_sdk_facade_class` and `castle_client`
 
@@ -23,7 +48,12 @@
 
 - Initial release
 
-[main]: https://github.com/castle/castle_devise/compare/v0.4.0...HEAD
+[main]: https://github.com/castle/castle_devise/compare/v0.6.0...HEAD
+[0.6.0]: https://github.com/castle/castle_devise/compare/v0.5.0...v0.6.0
+[0.5.0]: https://github.com/castle/castle_devise/compare/v0.4.3...v0.5.0
+[0.4.3]: https://github.com/castle/castle_devise/compare/v0.4.2...v0.4.3
+[0.4.2]: https://github.com/castle/castle_devise/compare/v0.4.1...v0.4.2
+[0.4.1]: https://github.com/castle/castle_devise/compare/v0.4.0...v0.4.1
 [0.4.0]: https://github.com/castle/castle_devise/compare/v0.3.0...v0.4.0
 [0.3.0]: https://github.com/castle/castle_devise/compare/v0.2.0...v0.3.0
 [0.2.0]: https://github.com/castle/castle_devise/compare/v0.1.0...v0.2.0

data/Gemfile

@@ -7,13 +7,16 @@ gemspec
 
 gem "actionmailer"
 gem "activerecord"
+# Dev/test: track castle-rb upstream develop. Gemspec uses rubygems.
+gem "castle-rb", github: "castle/castle-ruby", branch: "develop"
 gem "byebug"
-gem "railties", "~> 6.1"
+gem "devise", "~> 5.0"
+gem "railties", "~> 8.1"
 gem "rake"
 gem "rspec"
 gem "rspec-rails"
 gem "simplecov"
+gem "sqlite3", "~> 2.1"
 gem "standard"
-gem "sqlite3"
 gem "vcr"
 gem "webmock"

data/Gemfile.lock

@@ -1,193 +1,311 @@
+GIT
+  remote: https://github.com/castle/castle-ruby.git
+  revision: 66c0523be56f5f24b8a8933dc522b5487bc77fce
+  branch: develop
+  specs:
+    castle-rb (9.1.0)
+      base64 (~> 0.2)
+
 PATH
   remote: .
   specs:
-    castle_devise (0.4.1)
-      activesupport (>= 5.0)
-      castle-rb (>= 7.0, < 8.0)
-      devise (>= 4.3.0, < 5.0)
+    castle_devise (0.6.0)
+      activesupport (>= 6.0)
+      castle-rb (>= 7.2, < 10.0)
+      devise (>= 4.3.0, < 6.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (6.1.4)
-      actionpack (= 6.1.4)
-      actionview (= 6.1.4)
-      activejob (= 6.1.4)
-      activesupport (= 6.1.4)
-      mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 2.0)
-    actionpack (6.1.4)
-      actionview (= 6.1.4)
-      activesupport (= 6.1.4)
-      rack (~> 2.0, >= 2.0.9)
+    actionmailer (8.1.3)
+      actionpack (= 8.1.3)
+      actionview (= 8.1.3)
+      activejob (= 8.1.3)
+      activesupport (= 8.1.3)
+      mail (>= 2.8.0)
+      rails-dom-testing (~> 2.2)
+    actionpack (8.1.3)
+      actionview (= 8.1.3)
+      activesupport (= 8.1.3)
+      nokogiri (>= 1.8.5)
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (6.1.4)
-      activesupport (= 6.1.4)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+      useragent (~> 0.16)
+    actionview (8.1.3)
+      activesupport (= 8.1.3)
       builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.1.4)
-      activesupport (= 6.1.4)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activejob (8.1.3)
+      activesupport (= 8.1.3)
       globalid (>= 0.3.6)
-    activemodel (6.1.4)
-      activesupport (= 6.1.4)
-    activerecord (6.1.4)
-      activemodel (= 6.1.4)
-      activesupport (= 6.1.4)
-    activesupport (6.1.4)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+    activemodel (8.1.3)
+      activesupport (= 8.1.3)
+    activerecord (8.1.3)
+      activemodel (= 8.1.3)
+      activesupport (= 8.1.3)
+      timeout (>= 0.4.0)
+    activesupport (8.1.3)
+      base64
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
+      json
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
-    appraisal (2.3.0)
-      bundler
-      rake
-      thor (>= 0.14.0)
-    ast (2.4.2)
-    bcrypt (3.1.16)
-    builder (3.2.4)
-    byebug (11.1.3)
-    castle-rb (7.1.1)
-    concurrent-ruby (1.1.9)
-    crack (0.4.5)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+      uri (>= 0.13.1)
+    addressable (2.9.0)
+      public_suffix (>= 2.0.2, < 8.0)
+    ast (2.4.3)
+    base64 (0.3.0)
+    bcrypt (3.1.22)
+    bigdecimal (4.1.2)
+    builder (3.3.0)
+    byebug (13.0.0)
+      reline (>= 0.6.0)
+    concurrent-ruby (1.3.6)
+    connection_pool (3.0.2)
+    crack (1.0.1)
+      bigdecimal
       rexml
     crass (1.0.6)
-    devise (4.8.0)
+    date (3.5.1)
+    devise (5.0.4)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0)
+      railties (>= 7.0)
       responders
       warden (~> 1.2.3)
-    diff-lcs (1.4.4)
-    docile (1.4.0)
-    erubi (1.10.0)
-    globalid (0.5.1)
-      activesupport (>= 5.0)
-    hashdiff (1.0.1)
-    i18n (1.8.10)
+    diff-lcs (1.6.2)
+    docile (1.4.1)
+    drb (2.2.3)
+    erb (6.0.4)
+    erubi (1.13.1)
+    globalid (1.3.0)
+      activesupport (>= 6.1)
+    hashdiff (1.2.1)
+    i18n (1.14.8)
       concurrent-ruby (~> 1.0)
-    loofah (2.10.0)
+    io-console (0.8.2)
+    irb (1.18.0)
+      pp (>= 0.6.0)
+      prism (>= 1.3.0)
+      rdoc (>= 4.0.0)
+      reline (>= 0.4.2)
+    json (2.19.7)
+    language_server-protocol (3.17.0.5)
+    lint_roller (1.1.0)
+    logger (1.7.0)
+    loofah (2.25.1)
       crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
-    mail (2.7.1)
+      nokogiri (>= 1.12.0)
+    mail (2.9.0)
+      logger
       mini_mime (>= 0.1.1)
-    method_source (1.0.0)
-    mini_mime (1.1.0)
-    minitest (5.14.4)
-    nokogiri (1.11.7-x86_64-darwin)
+      net-imap
+      net-pop
+      net-smtp
+    mini_mime (1.1.5)
+    minitest (6.0.6)
+      drb (~> 2.0)
+      prism (~> 1.5)
+    net-imap (0.6.4)
+      date
+      net-protocol
+    net-pop (0.1.2)
+      net-protocol
+    net-protocol (0.2.2)
+      timeout
+    net-smtp (0.5.1)
+      net-protocol
+    nokogiri (1.19.3-aarch64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.19.3-aarch64-linux-musl)
+      racc (~> 1.4)
+    nokogiri (1.19.3-arm-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.19.3-arm-linux-musl)
+      racc (~> 1.4)
+    nokogiri (1.19.3-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.19.3-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.19.3-x86_64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.19.3-x86_64-linux-musl)
       racc (~> 1.4)
     orm_adapter (0.5.0)
-    parallel (1.20.1)
-    parser (3.0.2.0)
+    parallel (1.28.0)
+    parser (3.3.11.1)
       ast (~> 2.4.1)
-    public_suffix (4.0.6)
-    racc (1.5.2)
-    rack (2.2.3)
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
+      racc
+    pp (0.6.3)
+      prettyprint
+    prettyprint (0.2.0)
+    prism (1.9.0)
+    psych (5.3.1)
+      date
+      stringio
+    public_suffix (7.0.5)
+    racc (1.8.1)
+    rack (3.2.6)
+    rack-session (2.1.2)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0)
+    rack-test (2.2.0)
+      rack (>= 1.3)
+    rackup (2.3.1)
+      rack (>= 3)
+    rails-dom-testing (2.3.0)
+      activesupport (>= 5.0.0)
+      minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.3.0)
-      loofah (~> 2.3)
-    railties (6.1.4)
-      actionpack (= 6.1.4)
-      activesupport (= 6.1.4)
-      method_source
-      rake (>= 0.13)
-      thor (~> 1.0)
-    rainbow (3.0.0)
-    rake (13.0.6)
-    regexp_parser (2.1.1)
-    responders (3.0.1)
-      actionpack (>= 5.0)
-      railties (>= 5.0)
-    rexml (3.2.5)
-    rspec (3.10.0)
-      rspec-core (~> 3.10.0)
-      rspec-expectations (~> 3.10.0)
-      rspec-mocks (~> 3.10.0)
-    rspec-core (3.10.1)
-      rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.1)
+    rails-html-sanitizer (1.7.0)
+      loofah (~> 2.25)
+      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
+    railties (8.1.3)
+      actionpack (= 8.1.3)
+      activesupport (= 8.1.3)
+      irb (~> 1.13)
+      rackup (>= 1.0.0)
+      rake (>= 12.2)
+      thor (~> 1.0, >= 1.2.2)
+      tsort (>= 0.2)
+      zeitwerk (~> 2.6)
+    rainbow (3.1.1)
+    rake (13.4.2)
+    rdoc (7.2.0)
+      erb
+      psych (>= 4.0.0)
+      tsort
+    regexp_parser (2.12.0)
+    reline (0.6.3)
+      io-console (~> 0.5)
+    responders (3.2.0)
+      actionpack (>= 7.0)
+      railties (>= 7.0)
+    rexml (3.4.4)
+    rspec (3.13.2)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.6)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-mocks (3.10.2)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.8)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-rails (5.0.1)
-      actionpack (>= 5.2)
-      activesupport (>= 5.2)
-      railties (>= 5.2)
-      rspec-core (~> 3.10)
-      rspec-expectations (~> 3.10)
-      rspec-mocks (~> 3.10)
-      rspec-support (~> 3.10)
-    rspec-support (3.10.2)
-    rubocop (1.18.4)
+      rspec-support (~> 3.13.0)
+    rspec-rails (8.0.4)
+      actionpack (>= 7.2)
+      activesupport (>= 7.2)
+      railties (>= 7.2)
+      rspec-core (>= 3.13.0, < 5.0.0)
+      rspec-expectations (>= 3.13.0, < 5.0.0)
+      rspec-mocks (>= 3.13.0, < 5.0.0)
+      rspec-support (>= 3.13.0, < 5.0.0)
+    rspec-support (3.13.7)
+    rubocop (1.84.2)
+      json (~> 2.3)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.1.0)
       parallel (~> 1.10)
-      parser (>= 3.0.0.0)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.8.0, < 2.0)
+      regexp_parser (>= 2.9.3, < 3.0)
+      rubocop-ast (>= 1.49.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.8.0)
-      parser (>= 3.0.1.1)
-    rubocop-performance (1.11.4)
-      rubocop (>= 1.7.0, < 2.0)
-      rubocop-ast (>= 0.4.0)
-    ruby-progressbar (1.11.0)
-    simplecov (0.21.2)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.49.1)
+      parser (>= 3.3.7.2)
+      prism (~> 1.7)
+    rubocop-performance (1.26.1)
+      lint_roller (~> 1.1)
+      rubocop (>= 1.75.0, < 2.0)
+      rubocop-ast (>= 1.47.1, < 2.0)
+    ruby-progressbar (1.13.0)
+    securerandom (0.4.1)
+    simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-html (0.12.3)
-    simplecov_json_formatter (0.1.3)
-    sqlite3 (1.4.2)
-    standard (1.1.6)
-      rubocop (= 1.18.4)
-      rubocop-performance (= 1.11.4)
-    thor (1.1.0)
-    tzinfo (2.0.4)
+    simplecov-html (0.13.2)
+    simplecov_json_formatter (0.1.4)
+    sqlite3 (2.9.4-aarch64-linux-gnu)
+    sqlite3 (2.9.4-aarch64-linux-musl)
+    sqlite3 (2.9.4-arm-linux-gnu)
+    sqlite3 (2.9.4-arm-linux-musl)
+    sqlite3 (2.9.4-arm64-darwin)
+    sqlite3 (2.9.4-x86_64-darwin)
+    sqlite3 (2.9.4-x86_64-linux-gnu)
+    sqlite3 (2.9.4-x86_64-linux-musl)
+    standard (1.54.0)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.0)
+      rubocop (~> 1.84.0)
+      standard-custom (~> 1.0.0)
+      standard-performance (~> 1.8)
+    standard-custom (1.0.2)
+      lint_roller (~> 1.0)
+      rubocop (~> 1.50)
+    standard-performance (1.9.0)
+      lint_roller (~> 1.1)
+      rubocop-performance (~> 1.26.0)
+    stringio (3.2.0)
+    thor (1.5.0)
+    timeout (0.6.1)
+    tsort (0.2.0)
+    tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.0.0)
-    vcr (6.0.0)
+    unicode-display_width (3.2.0)
+      unicode-emoji (~> 4.1)
+    unicode-emoji (4.2.0)
+    uri (1.1.1)
+    useragent (0.16.11)
+    vcr (6.4.0)
     warden (1.2.9)
       rack (>= 2.0.9)
-    webmock (3.13.0)
-      addressable (>= 2.3.6)
+    webmock (3.26.2)
+      addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    zeitwerk (2.4.2)
+    zeitwerk (2.8.2)
 
 PLATFORMS
-  x86_64-darwin-18
-  x86_64-darwin-19
-  x86_64-darwin-20
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux-gnu
+  arm-linux-musl
+  arm64-darwin
+  x86_64-darwin
+  x86_64-linux-gnu
+  x86_64-linux-musl
 
 DEPENDENCIES
   actionmailer
   activerecord
-  appraisal (~> 2.3.0)
   byebug
+  castle-rb!
   castle_devise!
-  railties (~> 6.1)
+  devise (~> 5.0)
+  railties (~> 8.1)
   rake
   rspec
   rspec-rails
   simplecov
-  sqlite3
+  sqlite3 (~> 2.1)
   standard
   vcr
   webmock
 
 BUNDLED WITH
-   2.2.23
+   2.7.2

data/README.md

@@ -1,9 +1,5 @@
 [![Gem Version](https://badge.fury.io/rb/castle_devise.svg)](https://badge.fury.io/rb/castle_devise)
 
-**Disclaimer:** CastleDevise is currently in beta. There might be some upcoming breaking changes to the gem before we stabilize the API.
-
----
-
 # CastleDevise
 
 CastleDevise is a [Devise](https://github.com/heartcombo/devise) plugin that integrates [Castle](https://castle.io).
@@ -211,3 +207,26 @@ CastleDevise.configure do |config|
   end
 end
 ```
+
+## Development
+
+### Setup
+
+```bash
+bundle install
+```
+
+### Running tests
+
+Most of the specs should pass just by running the following command:
+
+```bash
+bundle exec rake
+```
+
+We also have a few VCR tests that will periodically rebuild the cassettes just to make sure that the integration with Castle API is working.
+For those, you need to run your specs with a proper Castle API Secret:
+
+```bash
+CASTLE_API_SECRET=your_api_secret bundle exec rake
+```

data/bin/console

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 
 require "bundler/setup"
-require "castle/devise"
+require "castle_devise"
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.

data/castle_devise.gemspec

@@ -9,10 +9,10 @@ Gem::Specification.new do |spec|
   spec.summary = "Integrates Castle with Devise"
   spec.description = "castle_devise provides out-of-the-box protection against bot registrations and account takeover attacks."
   spec.homepage = "https://github.com/castle/castle_devise"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
+  spec.required_ruby_version = Gem::Requirement.new(">= 3.2.0")
 
-  spec.authors = ["Kacper Madej", "Dawid Libiszewski", "Johan Brissmyr"]
-  spec.email = ["kacper@castle.io"]
+  spec.authors = ["Kacper Madej", "Dawid Libiszewski", "Bartosz Knapik", "Johan Brissmyr"]
+  spec.email = ["team@castle.io"]
 
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = "https://github.com/castle/castle_devise"
@@ -27,9 +27,7 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "activesupport", ">= 5.0"
-  spec.add_dependency "castle-rb", ">= 7.0", "< 8.0"
-  spec.add_dependency "devise", ">= 4.3.0", "< 5.0"
-
-  spec.add_development_dependency "appraisal", "~> 2.3.0"
+  spec.add_dependency "activesupport", ">= 6.0"
+  spec.add_dependency "castle-rb", ">= 7.2", "< 10.0"
+  spec.add_dependency "devise", ">= 4.3.0", "< 6.0"
 end

data/gemfiles/rails_6.0.gemfile

@@ -1,17 +1,18 @@
-# This file was generated by Appraisal
-
 source "https://rubygems.org"
 
 gem "actionmailer"
 gem "activerecord"
-gem "railties", "~> 6.0.4"
+gem "byebug"
+gem "railties", "~> 6.0"
 gem "rake"
 gem "rspec"
 gem "rspec-rails"
 gem "simplecov"
 gem "standard"
-gem "sqlite3"
+gem "sqlite3", "~> 1.7"
 gem "vcr"
 gem "webmock"
+gem "mutex_m"
+gem "logger"
 
 gemspec path: "../"

data/gemfiles/rails_6.1.gemfile

@@ -1,17 +1,18 @@
-# This file was generated by Appraisal
-
 source "https://rubygems.org"
 
 gem "actionmailer"
 gem "activerecord"
-gem "railties", "~> 6.1.4"
+gem "byebug"
+gem "railties", "~> 6.1"
 gem "rake"
 gem "rspec"
 gem "rspec-rails"
 gem "simplecov"
 gem "standard"
-gem "sqlite3"
+gem "sqlite3", "~> 1.7"
 gem "vcr"
 gem "webmock"
+gem "mutex_m"
+gem "logger"
 
 gemspec path: "../"

data/gemfiles/rails_7.0.gemfile

@@ -0,0 +1,18 @@
+source "https://rubygems.org"
+
+gem "actionmailer"
+gem "activerecord"
+gem "byebug"
+gem "railties", "~> 7.0"
+gem "rake"
+gem "rspec"
+gem "rspec-rails"
+gem "simplecov"
+gem "standard"
+gem "sqlite3", "~> 1.7"
+gem "vcr"
+gem "webmock"
+gem "mutex_m"
+gem "logger"
+
+gemspec path: "../"

data/gemfiles/rails_7.1.gemfile

@@ -0,0 +1,18 @@
+source "https://rubygems.org"
+
+gem "actionmailer"
+gem "activerecord"
+gem "byebug"
+gem "railties", "~> 7.1"
+gem "rake"
+gem "rspec"
+gem "rspec-rails"
+gem "simplecov"
+gem "standard"
+gem "sqlite3", "~> 1.7"
+gem "vcr"
+gem "webmock"
+gem "mutex_m"
+gem "logger"
+
+gemspec path: "../"

data/gemfiles/rails_7.2.gemfile

@@ -0,0 +1,18 @@
+source "https://rubygems.org"
+
+gem "actionmailer"
+gem "activerecord"
+gem "byebug"
+gem "railties", "~> 7.2"
+gem "rake"
+gem "rspec"
+gem "rspec-rails"
+gem "simplecov"
+gem "standard"
+gem "sqlite3", "~> 1.7"
+gem "vcr"
+gem "webmock"
+gem "mutex_m"
+gem "logger"
+
+gemspec path: "../"

data/gemfiles/{rails_5.2.gemfile → rails_8.0.gemfile}

@@ -1,10 +1,9 @@
-# This file was generated by Appraisal
-
 source "https://rubygems.org"
 
 gem "actionmailer"
 gem "activerecord"
-gem "railties", "~> 5.2.6"
+gem "byebug"
+gem "railties", "~> 8.0.0"
 gem "rake"
 gem "rspec"
 gem "rspec-rails"
@@ -13,5 +12,7 @@ gem "standard"
 gem "sqlite3"
 gem "vcr"
 gem "webmock"
+gem "mutex_m"
+gem "logger"
 
 gemspec path: "../"

data/gemfiles/rails_8.1.gemfile

@@ -0,0 +1,17 @@
+source "https://rubygems.org"
+
+gem "actionmailer"
+gem "activerecord"
+gem "byebug"
+gem "devise", "~> 5.0"
+gem "railties", "~> 8.1.0"
+gem "rake"
+gem "rspec"
+gem "rspec-rails"
+gem "simplecov"
+gem "standard"
+gem "sqlite3"
+gem "vcr"
+gem "webmock"
+
+gemspec path: "../"

data/lib/castle_devise/configuration.rb

@@ -1,20 +1,20 @@
 # frozen_string_literal: true
 
-require "active_support/configurable"
 require "logger"
 
 module CastleDevise
-  # Configuration object using {ActiveSupport::Configurable}
+  # Plain Ruby configuration object for CastleDevise.
+  #
+  # Previously this used +ActiveSupport::Configurable+, which is deprecated
+  # and slated for removal in Rails 8.2.
   class Configuration
-    include ActiveSupport::Configurable
-
     # @!attribute api_secret
     #   @return [String] Your API secret
-    config_accessor(:api_secret)
+    attr_accessor :api_secret
 
     # @!attribute app_id
     #   @return [String] Your Castle App ID
-    config_accessor(:app_id)
+    attr_accessor :app_id
 
     # @!attribute monitoring_mode
     #   When CastleDevise is in monitoring mode, it sends requests to Castle
@@ -25,27 +25,41 @@ module CastleDevise
     #   from logging in/registering.
     #
     #   @return [true, false] whether to act on deny requests or not
-    config_accessor(:monitoring_mode) { false }
-
-    # @!attribute logger
-    #   @return [Logger] A Logger instance. You might want to use Rails.logger here.
-    config_accessor(:logger) { Logger.new("/dev/null") }
+    attr_accessor :monitoring_mode
 
     # @!attribute before_request_hooks
     #   @return [Array<Proc>] Array of procs that will get called before a request to the Castle API
-    config_accessor(:before_request_hooks) { [] }
+    attr_accessor :before_request_hooks
 
     # @!attribute after_request_hooks
     #   @return [Array<Proc>] Array of procs that will get called after a request to the Castle API
-    config_accessor(:after_request_hooks) { [] }
+    attr_accessor :after_request_hooks
+
+    attr_writer :logger, :castle_sdk_facade_class, :castle_client
+
+    def initialize
+      @monitoring_mode = false
+      @before_request_hooks = []
+      @after_request_hooks = []
+    end
+
+    # @!attribute logger
+    #   @return [Logger] A Logger instance. You might want to use Rails.logger here.
+    def logger
+      @logger ||= Logger.new(File::NULL)
+    end
 
     # @!attribute castle_sdk_facade_class
     #   @return [Class] Castle API implementation
-    config_accessor(:castle_sdk_facade_class) { ::CastleDevise::SdkFacade }
+    def castle_sdk_facade_class
+      @castle_sdk_facade_class ||= ::CastleDevise::SdkFacade
+    end
 
     # @!attribute castle_client
-    #   @return [Class] Castle SDK client
-    config_accessor(:castle_client) { ::Castle::Client.new }
+    #   @return [Castle::Client] Castle SDK client
+    def castle_client
+      @castle_client ||= ::Castle::Client.new
+    end
 
     # Adds a new before_request hook
     # @param blk [Proc]

data/lib/castle_devise/hooks/castle_protectable.rb

@@ -23,9 +23,11 @@ Warden::Manager.after_authentication do |resource, warden, opts|
       context.logout!
     end
   rescue Castle::InvalidParametersError
-    # TODO: We should act differently if the error is about missing/invalid request token
-    #   compared to any other validation errors. However, we can't do this with the
-    #   current Castle SDK as it doesn't give us any way to differentiate these two cases.
+    # log API error and allow
+    CastleDevise.logger.warn(
+      "[CastleDevise] /v1/risk request contained invalid parameters."
+    )
+  rescue Castle::InvalidRequestTokenError
     CastleDevise.logger.warn(
       "[CastleDevise] /v1/risk request contained invalid parameters." \
       " This might mean that either you didn't configure Castle's Javascript properly, or" \
@@ -42,6 +44,9 @@ end
 
 Warden::Manager.before_failure do |env, opts|
   next if opts[:castle_devise] == :skip
+  # recall is set by Devise on a failed login attempt. If it's not set, this hook might fire on any
+  # authentication failure attempt (eg. trying to access a resource while unauthenticated), not just login specifically
+  next unless opts.key?(:recall)
 
   resource_class = Devise.mappings[opts[:scope]].to
 
@@ -58,6 +63,6 @@ Warden::Manager.before_failure do |env, opts|
       context: context
     )
   rescue Castle::Error => e
-    CastleDevise.logger.error("[CastleDevise] filter($login, $failed): #{e}")
+    CastleDevise.logger.warn("[CastleDevise] filter($login, $failed): #{e}")
   end
 end

data/lib/castle_devise/patches/registrations_controller.rb

@@ -28,16 +28,19 @@ module CastleDevise
               context: context
             )
           rescue Castle::InvalidParametersError
-            # TODO: We should act differently if the error is about missing/invalid request token
-            #   compared to any other validation errors. However, we can't do this with the
-            #   current Castle SDK as it doesn't give us any way to differentiate these two cases.
+            # log API error and allow
             CastleDevise.logger.warn(
-              "[CastleDevise] /v1/risk request contained invalid parameters." \
-              " This might mean that either you didn't configure Castle's Javascript properly," \
+              "[CastleDevise] /v1/risk request contained invalid parameters."
+            )
+          rescue Castle::InvalidRequestTokenError
+            CastleDevise.logger.warn(
+              "[CastleDevise] /v1/risk request contained invalid token." \
+              " This means that either you didn't configure Castle's Javascript properly," \
               " or a request has been made without Javascript (eg. cURL/bot)." \
               " Such a request is treated as if Castle responded with a 'deny' action in" \
               " non-monitoring mode."
             )
+            # TODO: Implement a deny mechanism for this action.
           rescue Castle::Error => e
             # log API errors and allow
             CastleDevise.logger.error("[CastleDevise] risk($profile_update): #{e}")
@@ -81,12 +84,14 @@ module CastleDevise
           # everything fine, continue
         end
       rescue Castle::InvalidParametersError
-        # TODO: We should act differently if the error is about missing/invalid request token
-        #   compared to any other validation errors. However, we can't do this with the
-        #   current Castle SDK as it doesn't give us any way to differentiate these two cases.
+        # log error and allow
+        CastleDevise.logger.warn(
+          "[CastleDevise] /v1/filter request contained invalid parameters."
+        )
+      rescue Castle::InvalidRequestTokenError
         CastleDevise.logger.warn(
-          "[CastleDevise] /v1/filter request contained invalid parameters." \
-          " This might mean that either you didn't configure Castle's Javascript properly, or" \
+          "[CastleDevise] /v1/filter request contained invalid request token." \
+          " This means that either you didn't configure Castle's Javascript properly, or" \
           " a request has been made without Javascript (eg. cURL/bot)." \
           " Such a request is treated as if Castle responded with a 'deny' action in" \
           " non-monitoring mode."

data/lib/castle_devise/sdk_facade.rb

@@ -24,9 +24,9 @@ module CastleDevise
       payload = {
         event: event,
         status: status,
-        user: {
+        params: {
           email: context.email
-        },
+        }.compact,
         request_token: context.request_token,
         context: payload_context(context.rack_request)
       }

data/lib/castle_devise/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module CastleDevise
-  VERSION = "0.4.1"
+  VERSION = "0.6.0"
 end

metadata

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: castle_devise
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.6.0
 platform: ruby
 authors:
 - Kacper Madej
 - Dawid Libiszewski
+- Bartosz Knapik
 - Johan Brissmyr
-autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-12-13 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -18,34 +18,34 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: castle-rb
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.0'
+        version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.0'
+        version: '10.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.0'
+        version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.0'
+        version: '10.0'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -55,7 +55,7 @@ dependencies:
         version: 4.3.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -65,25 +65,11 @@ dependencies:
         version: 4.3.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.0'
-- !ruby/object:Gem::Dependency
-  name: appraisal
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.3.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: '6.0'
 description: castle_devise provides out-of-the-box protection against bot registrations
   and account takeover attacks.
 email:
-- kacper@castle.io
+- team@castle.io
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -91,8 +77,9 @@ files:
 - ".github/workflows/lint.yml"
 - ".github/workflows/specs.yml"
 - ".gitignore"
+- ".octocov.yml"
 - ".rspec"
-- Appraisals
+- ".standard.yml"
 - CHANGELOG.md
 - Gemfile
 - Gemfile.lock
@@ -102,9 +89,13 @@ files:
 - bin/console
 - bin/setup
 - castle_devise.gemspec
-- gemfiles/rails_5.2.gemfile
 - gemfiles/rails_6.0.gemfile
 - gemfiles/rails_6.1.gemfile
+- gemfiles/rails_7.0.gemfile
+- gemfiles/rails_7.1.gemfile
+- gemfiles/rails_7.2.gemfile
+- gemfiles/rails_8.0.gemfile
+- gemfiles/rails_8.1.gemfile
 - lib/castle_devise.rb
 - lib/castle_devise/configuration.rb
 - lib/castle_devise/context.rb
@@ -125,7 +116,6 @@ metadata:
   homepage_uri: https://github.com/castle/castle_devise
   source_code_uri: https://github.com/castle/castle_devise
   changelog_uri: https://github.com/castle/castle_devise/CHANGELOG.md
-post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -133,15 +123,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.5.0
+      version: 3.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
-signing_key: 
+rubygems_version: 4.0.8
 specification_version: 4
 summary: Integrates Castle with Devise
 test_files: []

data/Appraisals

@@ -1,13 +0,0 @@
-if RUBY_VERSION < "3.0"
-  appraise "rails-5.2" do
-    gem "railties", "~> 5.2.6"
-  end
-end
-
-appraise "rails-6.0" do
-  gem "railties", "~> 6.0.4"
-end
-
-appraise "rails-6.1" do
-  gem "railties", "~> 6.1.4"
-end