cohesive_marketplace_middleware 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +2 -2
  3. data/Gemfile.lock +2 -2
  4. data/lib/cohesive_marketplace_middleware/railtie.rb +2 -1
  5. data/lib/cohesive_marketplace_middleware/version.rb +1 -1
  6. data/lib/cohesive_marketplace_middleware.rb +91 -12
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e49e5d662b2d2b9e3cb29b3434720f195400a502f70544ee56166a8c270ef223
4
- data.tar.gz: 8403c6a4d544943e673a20ca93143f6f9dc953f5a329a9a625d1e9a1e5682b27
3
+ metadata.gz: a34773a0133414482f6c51355c2fed3e3a74c115a5c7029311f93273983444a7
4
+ data.tar.gz: 13bd370b078dafd52eabb562df66580decd46c69916ff9a315128cc116329847
5
5
  SHA512:
6
- metadata.gz: 9cc5a7871634bc04f4b992312816e96d6d56a13858bd5e37197f8aae8be6af54f2eb2733a0e6f47972ef54937a1047a068291745cf70f080a50d65d884285308
7
- data.tar.gz: cbc0d875d3d2fc71dfb9e4f1ae93f1c76cf2599c6cfaf4afe965b5f8a77fcab5c9c879848407b7dfda237532c4624a4e8eb51ae68ad6841a16e8b0e063403e55
6
+ metadata.gz: e7882e14c2094dd1dd41d946596451144b6b2508a0e65af24a3e427257f9820217f9e0fd2c11f1474bcf9743012ddcd6ddd6f928d7ca9dbbdc978fb234cde5e8
7
+ data.tar.gz: 949f6ea4cda78f97492afffe2e17bb49db5274b84f68b4d530d533eba603d9058972a25146e48970d4f95cfbfa4e1c212cd5b6e7f9998f8e45e4c073c4d08021
data/CHANGELOG.md CHANGED
@@ -1,5 +1,5 @@
1
- ## [Unreleased]
1
+ ## [Released]
2
2
 
3
- ## [0.1.2] - 2023-02-22
3
+ ## [0.1.3] - 2023-02-24
4
4
 
5
5
  - Initial release
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- cohesive_marketplace_middleware (0.1.3)
4
+ cohesive_marketplace_middleware (0.1.4)
5
5
  cohesive_marketplace_sdk (~> 0.1.1, >= 0.1.1)
6
6
  jwt (~> 1.5, >= 1.5.0)
7
7
 
@@ -44,7 +44,7 @@ GEM
44
44
  rubocop-ast (>= 1.24.1, < 2.0)
45
45
  ruby-progressbar (~> 1.7)
46
46
  unicode-display_width (>= 2.4.0, < 3.0)
47
- rubocop-ast (1.26.0)
47
+ rubocop-ast (1.27.0)
48
48
  parser (>= 3.2.1.0)
49
49
  rubocop-performance (1.15.2)
50
50
  rubocop (>= 1.7.0, < 2.0)
data/lib/cohesive_marketplace_middleware/railtie.rb CHANGED
@@ -1,9 +1,10 @@
1
- require 'cohesive_marketplace_middleware'
1
+ require "cohesive_marketplace_middleware"
2
2
 
3
3
  module AuthMiddleware
4
4
  class Railtie < Rails::Railtie
5
5
  initializer "cohesive_marketplace_middleware.configure_rails_initialization" do |app|
6
6
  app.middleware.use AuthMiddleware
7
+ app.middleware.use CookieAuthMiddleware
7
8
  end
8
9
  end
9
10
  end
data/lib/cohesive_marketplace_middleware/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module CohesiveMarketplaceMiddleware
4
- VERSION = "0.1.3"
4
+ VERSION = "0.1.4"
5
5
  end
data/lib/cohesive_marketplace_middleware.rb CHANGED
@@ -3,29 +3,108 @@
3
3
  require_relative "cohesive_marketplace_middleware/version"
4
4
  require "cohesive_marketplace_sdk"
5
5
 
6
+ AUTH_DETAILS_ENV_KEY = "auth_details"
7
+ COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX = "COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX"
8
+ COHESIVE_MIDDLEWARE_LOGIN_PATH = "COHESIVE_MIDDLEWARE_LOGIN_PATH"
9
+ COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT = "/cohesive_login"
10
+
6
11
  module CohesiveMarketplaceMiddleware
7
- class Error < StandardError; end
12
+ def getCohesiveAuthDetails(env)
13
+ env[AUTH_DETAILS_ENV_KEY]
14
+ end
15
+
16
+ def collect_ignore_paths
17
+ # Get the path prefixes to ignore from an environment variable.
18
+ ignore_path_prefix_string = ENV[COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX]
19
+ # Split the prefixes into an array.
20
+ result = ignore_path_prefix_string.split(",")
21
+ # Output some information for debugging.
22
+ puts("Cohesive middleware ignoring paths: ", result)
23
+ result
24
+ end
8
25
 
9
26
  class AuthMiddleware
27
+ # Initializes a new instance of the middleware.
28
+ #
29
+ # @param app [Object] The application object.
30
+ #
31
+ # @return [void]
10
32
  def initialize(app)
11
33
  @app = app
12
- puts @secret_key
34
+ @ignore_paths = collect_ignore_paths
13
35
  end
14
36
 
15
37
  def call(env)
16
- authorization_header = env["HTTP_AUTHORIZATION"]
17
- if authorization_header&.start_with?("Bearer ")
18
- token = authorization_header.sub("Bearer ", "")
19
- begin
20
- env["auth_details"] = CohesiveMarketplaceSDK.validate_jwt token
21
- rescue => exception
22
- puts exception
23
- return [401, {"Content-Type" => "text/plain"}, [exception.message]]
38
+ # Check if the current path should be ignored.
39
+ if !(@ignore_paths.any? { |prefix| env["REQUEST_PATH"].start_with?(prefix) })
40
+ authorization_header = env["HTTP_AUTHORIZATION"]
41
+ if authorization_header&.start_with?("Bearer ")
42
+ token = authorization_header.sub("Bearer ", "")
43
+ begin
44
+ env[AUTH_DETAILS_ENV_KEY] = CohesiveMarketplaceSDK.validate_jwt token
45
+ rescue => exception
46
+ puts exception
47
+ return [401, {"Content-Type" => "text/plain"}, [exception.message]]
48
+ end
49
+ else
50
+ return [401, {"Content-Type" => "text/plain"}, ["No Token in auth header"]]
24
51
  end
25
- else
26
- return [401, {"Content-Type" => "text/plain"}, ["No Token"]]
52
+ end
53
+ @app.call(env)
54
+ end
55
+ end
56
+
57
+ class CookieAuthMiddleware
58
+ # Initializes a new instance of the middleware.
59
+ #
60
+ # @param app [Object] The application object.
61
+ #
62
+ # @return [void]
63
+ def initialize(app)
64
+ @app = app
65
+ @ignore_paths = collect_ignore_paths
66
+
67
+ # Get the login redirect URI from an environment variable.
68
+ @redirect_uri = ENV[COHESIVE_MIDDLEWARE_LOGIN_PATH]
69
+ # Set a default URI if the environment variable is not set.
70
+ if @redirect_uri == ""
71
+ @redirect_uri = COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT
27
72
  end
28
73
 
74
+ # Add the login redirect URI to the list of ignored paths.
75
+ @ignore_paths.append(@redirect_uri)
76
+
77
+ # Output some information for debugging.
78
+ puts("Cohesive middleware login redirect: ", @redirect_uri)
79
+ end
80
+
81
+ # Processes a request and authenticates the user if necessary.
82
+ #
83
+ # @param env [Hash] The Rack environment hash.
84
+ #
85
+ # @return [Array] A Rack-compatible response triplet.
86
+ def call(env)
87
+ # Check if the current path should be ignored.
88
+ if !(@ignore_paths.any? { |prefix| env["REQUEST_PATH"].start_with?(prefix) })
89
+ # Create a new request object.
90
+ request = ActionDispatch::Request.new(env)
91
+ # Get the authentication token from the cookie.
92
+ token = request.cookie_jar[:chAppToken]
93
+ if token
94
+ begin
95
+ # Validate the JWT token and store the result in the environment hash.
96
+ env[AUTH_DETAILS_ENV_KEY] = CohesiveMarketplaceSDK.validate_jwt token
97
+ rescue => exception
98
+ # Return a 401 Unauthorized response if the token is invalid.
99
+ puts exception
100
+ return [401, {"Content-Type" => "text/plain"}, [exception.message]]
101
+ end
102
+ else
103
+ # Redirect the user to the login page if the token is missing.
104
+ return [301, {"Location" => "/cohesive_login", "Content-Type" => "text/plain"}, ["token not in cookie"]]
105
+ end
106
+ end
107
+ # Call the next middleware or application in the chain.
29
108
  @app.call(env)
30
109
  end
31
110
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cohesive_marketplace_middleware
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chinmay Relkar
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-02-24 00:00:00.000000000 Z
11
+ date: 2023-02-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt