cohesive_marketplace_middleware 0.1.3 → 0.1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +2 -2
  3. data/Gemfile.lock +2 -2
  4. data/lib/cohesive_marketplace_middleware/railtie.rb +2 -1
  5. data/lib/cohesive_marketplace_middleware/version.rb +1 -1
  6. data/lib/cohesive_marketplace_middleware.rb +95 -12
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e49e5d662b2d2b9e3cb29b3434720f195400a502f70544ee56166a8c270ef223
4
- data.tar.gz: 8403c6a4d544943e673a20ca93143f6f9dc953f5a329a9a625d1e9a1e5682b27
3
+ metadata.gz: 7f25619e09f201a527087188d66b5f91ceb0a7070c76cfca92db3a39c6c5d4b8
4
+ data.tar.gz: 4624f274f1b9f529af6dd91de378dc193f70c1784c253a1d8a20698eb4913e2e
5
5
  SHA512:
6
- metadata.gz: 9cc5a7871634bc04f4b992312816e96d6d56a13858bd5e37197f8aae8be6af54f2eb2733a0e6f47972ef54937a1047a068291745cf70f080a50d65d884285308
7
- data.tar.gz: cbc0d875d3d2fc71dfb9e4f1ae93f1c76cf2599c6cfaf4afe965b5f8a77fcab5c9c879848407b7dfda237532c4624a4e8eb51ae68ad6841a16e8b0e063403e55
6
+ metadata.gz: 05fc7672e47b2245f696d5422a5477c889694a7e1fafedfe091299f480b4ed51275fe08b4df6b09a2d6adc08b4cc58d56a8ad6607440b794d849d06af0f427a4
7
+ data.tar.gz: e838506ef7409bbe62797c21dc7dc3cd373f6d8ef0261236dd97d080b723a91ce66e48f7bd5e7ef53030cfd434f9532b45165aacd2b8492abacd20a1d97b6abe
data/CHANGELOG.md CHANGED
@@ -1,5 +1,5 @@
1
- ## [Unreleased]
1
+ ## [Released]
2
2
 
3
- ## [0.1.2] - 2023-02-22
3
+ ## [0.1.3] - 2023-02-24
4
4
 
5
5
  - Initial release
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- cohesive_marketplace_middleware (0.1.3)
4
+ cohesive_marketplace_middleware (0.1.5)
5
5
  cohesive_marketplace_sdk (~> 0.1.1, >= 0.1.1)
6
6
  jwt (~> 1.5, >= 1.5.0)
7
7
 
@@ -44,7 +44,7 @@ GEM
44
44
  rubocop-ast (>= 1.24.1, < 2.0)
45
45
  ruby-progressbar (~> 1.7)
46
46
  unicode-display_width (>= 2.4.0, < 3.0)
47
- rubocop-ast (1.26.0)
47
+ rubocop-ast (1.27.0)
48
48
  parser (>= 3.2.1.0)
49
49
  rubocop-performance (1.15.2)
50
50
  rubocop (>= 1.7.0, < 2.0)
data/lib/cohesive_marketplace_middleware/railtie.rb CHANGED
@@ -1,9 +1,10 @@
1
- require 'cohesive_marketplace_middleware'
1
+ require "cohesive_marketplace_middleware"
2
2
 
3
3
  module AuthMiddleware
4
4
  class Railtie < Rails::Railtie
5
5
  initializer "cohesive_marketplace_middleware.configure_rails_initialization" do |app|
6
6
  app.middleware.use AuthMiddleware
7
+ app.middleware.use CookieAuthMiddleware
7
8
  end
8
9
  end
9
10
  end
data/lib/cohesive_marketplace_middleware/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module CohesiveMarketplaceMiddleware
4
- VERSION = "0.1.3"
4
+ VERSION = "0.1.5"
5
5
  end
data/lib/cohesive_marketplace_middleware.rb CHANGED
@@ -3,29 +3,112 @@
3
3
  require_relative "cohesive_marketplace_middleware/version"
4
4
  require "cohesive_marketplace_sdk"
5
5
 
6
+ AUTH_DETAILS_ENV_KEY = "auth_details"
7
+ COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX = "COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX"
8
+ COHESIVE_MIDDLEWARE_LOGIN_PATH = "COHESIVE_MIDDLEWARE_LOGIN_PATH"
9
+ COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT = "/cohesive_login"
10
+
6
11
  module CohesiveMarketplaceMiddleware
7
- class Error < StandardError; end
12
+ def self.get_cohesive_auth_details(env)
13
+ env[AUTH_DETAILS_ENV_KEY]
14
+ end
15
+
16
+ def self.collect_ignore_paths
17
+ # Get the path prefixes to ignore from an environment variable.
18
+ ignore_path_prefix_string = ENV[COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX]
19
+ result = []
20
+ if ignore_path_prefix_string && ignore_path_prefix_string != "nil"
21
+ # Split the prefixes into an array.
22
+ result = ignore_path_prefix_string.split(",")
23
+ end
24
+
25
+ # Output some information for debugging.
26
+ puts("Cohesive middleware ignoring paths: ", result)
27
+ result
28
+ end
8
29
 
9
30
  class AuthMiddleware
31
+ # Initializes a new instance of the middleware.
32
+ #
33
+ # @param app [Object] The application object.
34
+ #
35
+ # @return [void]
10
36
  def initialize(app)
11
37
  @app = app
12
- puts @secret_key
38
+ @ignore_paths = CohesiveMarketplaceMiddleware.collect_ignore_paths
13
39
  end
14
40
 
15
41
  def call(env)
16
- authorization_header = env["HTTP_AUTHORIZATION"]
17
- if authorization_header&.start_with?("Bearer ")
18
- token = authorization_header.sub("Bearer ", "")
19
- begin
20
- env["auth_details"] = CohesiveMarketplaceSDK.validate_jwt token
21
- rescue => exception
22
- puts exception
23
- return [401, {"Content-Type" => "text/plain"}, [exception.message]]
42
+ # Check if the current path should be ignored.
43
+ if !(@ignore_paths.any? { |prefix| env["REQUEST_PATH"] && env["REQUEST_PATH"].start_with?(prefix) })
44
+ authorization_header = env["HTTP_AUTHORIZATION"]
45
+ if authorization_header&.start_with?("Bearer ")
46
+ token = authorization_header.sub("Bearer ", "")
47
+ begin
48
+ env[AUTH_DETAILS_ENV_KEY] = CohesiveMarketplaceSDK.validate_jwt token
49
+ rescue => exception
50
+ puts exception
51
+ return [401, {"Content-Type" => "text/plain"}, [exception.message]]
52
+ end
53
+ else
54
+ return [401, {"Content-Type" => "text/plain"}, ["No Token in auth header"]]
24
55
  end
25
- else
26
- return [401, {"Content-Type" => "text/plain"}, ["No Token"]]
27
56
  end
57
+ @app.call(env)
58
+ end
59
+ end
60
+
61
+ class CookieAuthMiddleware
62
+ # Initializes a new instance of the middleware.
63
+ #
64
+ # @param app [Object] The application object.
65
+ #
66
+ # @return [void]
67
+ def initialize(app)
68
+ @app = app
69
+ @ignore_paths = CohesiveMarketplaceMiddleware.collect_ignore_paths
70
+
71
+ # Get the login redirect URI from an environment variable.
72
+ @redirect_uri = ENV[COHESIVE_MIDDLEWARE_LOGIN_PATH]
73
+ # Set a default URI if the environment variable is not set.
74
+ if !@redirect_uri || @redirect_uri == ""
75
+ @redirect_uri = COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT
76
+ end
77
+
78
+ # Add the login redirect URI to the list of ignored paths.
79
+ @ignore_paths = @ignore_paths.append(@redirect_uri)
28
80
 
81
+ # Output some information for debugging.
82
+ puts("Cohesive middleware login redirect: ", @redirect_uri)
83
+ end
84
+
85
+ # Processes a request and authenticates the user if necessary.
86
+ #
87
+ # @param env [Hash] The Rack environment hash.
88
+ #
89
+ # @return [Array] A Rack-compatible response triplet.
90
+ def call(env)
91
+ # Check if the current path should be ignored.
92
+ if !(@ignore_paths.any? { |prefix| env["REQUEST_PATH"] && prefix && env["REQUEST_PATH"].start_with?(prefix) })
93
+ # Create a new request object.
94
+ request = ActionDispatch::Request.new(env)
95
+ # Get the authentication token from the cookie.
96
+ token = request.cookie_jar[:chAppToken]
97
+ if token
98
+ begin
99
+ # Validate the JWT token and store the result in the environment hash.
100
+ env[AUTH_DETAILS_ENV_KEY] = CohesiveMarketplaceSDK.validate_jwt token
101
+ rescue => exception
102
+ # Return a 401 Unauthorized response if the token is invalid.
103
+ puts exception
104
+ return [401, {"Content-Type" => "text/plain"}, [exception.message]]
105
+ end
106
+ else
107
+ # Redirect the user to the login page if the token is missing.
108
+ return [301, {"Location" => COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT, "Content-Type" => "text/plain"}, ["token not in cookie"]]
109
+ end
110
+ end
111
+ # Call the next middleware or application in the chain.
29
112
  @app.call(env)
30
113
  end
31
114
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cohesive_marketplace_middleware
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chinmay Relkar
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-02-24 00:00:00.000000000 Z
11
+ date: 2023-03-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt