cohesive_marketplace_middleware 0.1.3 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7f25619e09f201a527087188d66b5f91ceb0a7070c76cfca92db3a39c6c5d4b8
|
|
4
|
+
data.tar.gz: 4624f274f1b9f529af6dd91de378dc193f70c1784c253a1d8a20698eb4913e2e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 05fc7672e47b2245f696d5422a5477c889694a7e1fafedfe091299f480b4ed51275fe08b4df6b09a2d6adc08b4cc58d56a8ad6607440b794d849d06af0f427a4
|
|
7
|
+
data.tar.gz: e838506ef7409bbe62797c21dc7dc3cd373f6d8ef0261236dd97d080b723a91ce66e48f7bd5e7ef53030cfd434f9532b45165aacd2b8492abacd20a1d97b6abe
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
cohesive_marketplace_middleware (0.1.
|
|
4
|
+
cohesive_marketplace_middleware (0.1.5)
|
|
5
5
|
cohesive_marketplace_sdk (~> 0.1.1, >= 0.1.1)
|
|
6
6
|
jwt (~> 1.5, >= 1.5.0)
|
|
7
7
|
|
|
@@ -44,7 +44,7 @@ GEM
|
|
|
44
44
|
rubocop-ast (>= 1.24.1, < 2.0)
|
|
45
45
|
ruby-progressbar (~> 1.7)
|
|
46
46
|
unicode-display_width (>= 2.4.0, < 3.0)
|
|
47
|
-
rubocop-ast (1.
|
|
47
|
+
rubocop-ast (1.27.0)
|
|
48
48
|
parser (>= 3.2.1.0)
|
|
49
49
|
rubocop-performance (1.15.2)
|
|
50
50
|
rubocop (>= 1.7.0, < 2.0)
|
|
@@ -1,9 +1,10 @@
|
|
|
1
|
-
require
|
|
1
|
+
require "cohesive_marketplace_middleware"
|
|
2
2
|
|
|
3
3
|
module AuthMiddleware
|
|
4
4
|
class Railtie < Rails::Railtie
|
|
5
5
|
initializer "cohesive_marketplace_middleware.configure_rails_initialization" do |app|
|
|
6
6
|
app.middleware.use AuthMiddleware
|
|
7
|
+
app.middleware.use CookieAuthMiddleware
|
|
7
8
|
end
|
|
8
9
|
end
|
|
9
10
|
end
|
|
@@ -3,29 +3,112 @@
|
|
|
3
3
|
require_relative "cohesive_marketplace_middleware/version"
|
|
4
4
|
require "cohesive_marketplace_sdk"
|
|
5
5
|
|
|
6
|
+
AUTH_DETAILS_ENV_KEY = "auth_details"
|
|
7
|
+
COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX = "COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX"
|
|
8
|
+
COHESIVE_MIDDLEWARE_LOGIN_PATH = "COHESIVE_MIDDLEWARE_LOGIN_PATH"
|
|
9
|
+
COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT = "/cohesive_login"
|
|
10
|
+
|
|
6
11
|
module CohesiveMarketplaceMiddleware
|
|
7
|
-
|
|
12
|
+
def self.get_cohesive_auth_details(env)
|
|
13
|
+
env[AUTH_DETAILS_ENV_KEY]
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def self.collect_ignore_paths
|
|
17
|
+
# Get the path prefixes to ignore from an environment variable.
|
|
18
|
+
ignore_path_prefix_string = ENV[COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX]
|
|
19
|
+
result = []
|
|
20
|
+
if ignore_path_prefix_string && ignore_path_prefix_string != "nil"
|
|
21
|
+
# Split the prefixes into an array.
|
|
22
|
+
result = ignore_path_prefix_string.split(",")
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
# Output some information for debugging.
|
|
26
|
+
puts("Cohesive middleware ignoring paths: ", result)
|
|
27
|
+
result
|
|
28
|
+
end
|
|
8
29
|
|
|
9
30
|
class AuthMiddleware
|
|
31
|
+
# Initializes a new instance of the middleware.
|
|
32
|
+
#
|
|
33
|
+
# @param app [Object] The application object.
|
|
34
|
+
#
|
|
35
|
+
# @return [void]
|
|
10
36
|
def initialize(app)
|
|
11
37
|
@app = app
|
|
12
|
-
|
|
38
|
+
@ignore_paths = CohesiveMarketplaceMiddleware.collect_ignore_paths
|
|
13
39
|
end
|
|
14
40
|
|
|
15
41
|
def call(env)
|
|
16
|
-
|
|
17
|
-
if
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
42
|
+
# Check if the current path should be ignored.
|
|
43
|
+
if !(@ignore_paths.any? { |prefix| env["REQUEST_PATH"] && env["REQUEST_PATH"].start_with?(prefix) })
|
|
44
|
+
authorization_header = env["HTTP_AUTHORIZATION"]
|
|
45
|
+
if authorization_header&.start_with?("Bearer ")
|
|
46
|
+
token = authorization_header.sub("Bearer ", "")
|
|
47
|
+
begin
|
|
48
|
+
env[AUTH_DETAILS_ENV_KEY] = CohesiveMarketplaceSDK.validate_jwt token
|
|
49
|
+
rescue => exception
|
|
50
|
+
puts exception
|
|
51
|
+
return [401, {"Content-Type" => "text/plain"}, [exception.message]]
|
|
52
|
+
end
|
|
53
|
+
else
|
|
54
|
+
return [401, {"Content-Type" => "text/plain"}, ["No Token in auth header"]]
|
|
24
55
|
end
|
|
25
|
-
else
|
|
26
|
-
return [401, {"Content-Type" => "text/plain"}, ["No Token"]]
|
|
27
56
|
end
|
|
57
|
+
@app.call(env)
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
class CookieAuthMiddleware
|
|
62
|
+
# Initializes a new instance of the middleware.
|
|
63
|
+
#
|
|
64
|
+
# @param app [Object] The application object.
|
|
65
|
+
#
|
|
66
|
+
# @return [void]
|
|
67
|
+
def initialize(app)
|
|
68
|
+
@app = app
|
|
69
|
+
@ignore_paths = CohesiveMarketplaceMiddleware.collect_ignore_paths
|
|
70
|
+
|
|
71
|
+
# Get the login redirect URI from an environment variable.
|
|
72
|
+
@redirect_uri = ENV[COHESIVE_MIDDLEWARE_LOGIN_PATH]
|
|
73
|
+
# Set a default URI if the environment variable is not set.
|
|
74
|
+
if !@redirect_uri || @redirect_uri == ""
|
|
75
|
+
@redirect_uri = COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
# Add the login redirect URI to the list of ignored paths.
|
|
79
|
+
@ignore_paths = @ignore_paths.append(@redirect_uri)
|
|
28
80
|
|
|
81
|
+
# Output some information for debugging.
|
|
82
|
+
puts("Cohesive middleware login redirect: ", @redirect_uri)
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
# Processes a request and authenticates the user if necessary.
|
|
86
|
+
#
|
|
87
|
+
# @param env [Hash] The Rack environment hash.
|
|
88
|
+
#
|
|
89
|
+
# @return [Array] A Rack-compatible response triplet.
|
|
90
|
+
def call(env)
|
|
91
|
+
# Check if the current path should be ignored.
|
|
92
|
+
if !(@ignore_paths.any? { |prefix| env["REQUEST_PATH"] && prefix && env["REQUEST_PATH"].start_with?(prefix) })
|
|
93
|
+
# Create a new request object.
|
|
94
|
+
request = ActionDispatch::Request.new(env)
|
|
95
|
+
# Get the authentication token from the cookie.
|
|
96
|
+
token = request.cookie_jar[:chAppToken]
|
|
97
|
+
if token
|
|
98
|
+
begin
|
|
99
|
+
# Validate the JWT token and store the result in the environment hash.
|
|
100
|
+
env[AUTH_DETAILS_ENV_KEY] = CohesiveMarketplaceSDK.validate_jwt token
|
|
101
|
+
rescue => exception
|
|
102
|
+
# Return a 401 Unauthorized response if the token is invalid.
|
|
103
|
+
puts exception
|
|
104
|
+
return [401, {"Content-Type" => "text/plain"}, [exception.message]]
|
|
105
|
+
end
|
|
106
|
+
else
|
|
107
|
+
# Redirect the user to the login page if the token is missing.
|
|
108
|
+
return [301, {"Location" => COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT, "Content-Type" => "text/plain"}, ["token not in cookie"]]
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
# Call the next middleware or application in the chain.
|
|
29
112
|
@app.call(env)
|
|
30
113
|
end
|
|
31
114
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cohesive_marketplace_middleware
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chinmay Relkar
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-03-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jwt
|