forest_liana 2.13.0 → 2.13.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/forest_liana/base_controller.rb +6 -6
- data/app/controllers/forest_liana/sessions_controller.rb +4 -4
- data/app/services/forest_liana/authorization_getter.rb +3 -2
- data/app/services/forest_liana/ip_whitelist.rb +3 -3
- data/app/services/forest_liana/login_handler.rb +12 -6
- data/app/services/forest_liana/permissions_getter.rb +3 -3
- data/app/services/forest_liana/two_factor_registration_confirmer.rb +3 -3
- data/lib/forest_liana/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7d1941c0af3bb4db4a10bc53472238782ad89f55
|
4
|
+
data.tar.gz: 7d2ec8809e2f1ff8b53fa9feebca63cdf28c5fcc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 462403bb7e3b0bf329badfec0205fac6ee2c318150cc4909c66a98a643bf744ffec2e8645b1b640918a54785f62b725597f4156113323f1329754564ce32d39e
|
7
|
+
data.tar.gz: bf01bd37a5744d4a55b11a0623b5de93d93797900786d5a99669612df3546eab7ec3932a01e62239fc3923919ca091d3bdaab1fd95d74b4a5a80605d72e81bf9
|
@@ -10,16 +10,16 @@ module ForestLiana
|
|
10
10
|
begin
|
11
11
|
ip = request.remote_ip
|
12
12
|
|
13
|
-
if !IpWhitelist.is_ip_whitelist_retrieved || !IpWhitelist.is_ip_valid(ip)
|
14
|
-
unless IpWhitelist.retrieve
|
15
|
-
raise Errors::HTTP403Error.new("IP whitelist not retrieved")
|
13
|
+
if !ForestLiana::IpWhitelist.is_ip_whitelist_retrieved || !ForestLiana::IpWhitelist.is_ip_valid(ip)
|
14
|
+
unless ForestLiana::IpWhitelist.retrieve
|
15
|
+
raise ForestLiana::Errors::HTTP403Error.new("IP whitelist not retrieved")
|
16
16
|
end
|
17
17
|
|
18
|
-
unless IpWhitelist.is_ip_valid(ip)
|
19
|
-
raise Errors::HTTP403Error.new("IP address rejected (#{ip})")
|
18
|
+
unless ForestLiana::IpWhitelist.is_ip_valid(ip)
|
19
|
+
raise ForestLiana::Errors::HTTP403Error.new("IP address rejected (#{ip})")
|
20
20
|
end
|
21
21
|
end
|
22
|
-
rescue Errors::ExpectedError => exception
|
22
|
+
rescue ForestLiana::Errors::ExpectedError => exception
|
23
23
|
exception.display_error
|
24
24
|
error_data = JSONAPI::Serializer.serialize_errors([{
|
25
25
|
status: exception.error_code,
|
@@ -50,17 +50,17 @@ module ForestLiana
|
|
50
50
|
)
|
51
51
|
begin
|
52
52
|
if two_factor_registration && two_factor_token.nil?
|
53
|
-
raise Errors::HTTP401Error
|
53
|
+
raise ForestLiana::Errors::HTTP401Error
|
54
54
|
end
|
55
55
|
|
56
56
|
# NOTICE: The IP Whitelist is retrieved on any request if it was not retrieved yet, or when
|
57
57
|
# an IP is rejected, to ensure the IP is still rejected (meaning the configuration
|
58
58
|
# on the projects has not changed). To handle the last case, which is rejecting an
|
59
59
|
# IP which was not initaliy rejected, we need periodically refresh the whitelist.
|
60
|
-
# This is done here on the login of any user.
|
61
|
-
IpWhitelist.retrieve
|
60
|
+
# This is done here on the login of any user.
|
61
|
+
ForestLiana::IpWhitelist.retrieve
|
62
62
|
|
63
|
-
reponse_data = LoginHandler.new(
|
63
|
+
reponse_data = ForestLiana::LoginHandler.new(
|
64
64
|
rendering_id,
|
65
65
|
auth_data,
|
66
66
|
use_google_authentication,
|
@@ -24,7 +24,8 @@ module ForestLiana
|
|
24
24
|
query_parameters['two-factor-registration'] = true
|
25
25
|
end
|
26
26
|
|
27
|
-
response = ForestApiRequester
|
27
|
+
response = ForestLiana::ForestApiRequester
|
28
|
+
.get(@route, query: query_parameters, headers: headers)
|
28
29
|
|
29
30
|
if response.is_a?(Net::HTTPOK)
|
30
31
|
body = JSON.parse(response.body)
|
@@ -39,7 +40,7 @@ module ForestLiana
|
|
39
40
|
end
|
40
41
|
end
|
41
42
|
rescue
|
42
|
-
raise Errors::HTTP401Error
|
43
|
+
raise ForestLiana::Errors::HTTP401Error
|
43
44
|
end
|
44
45
|
end
|
45
46
|
end
|
@@ -5,7 +5,7 @@ module ForestLiana
|
|
5
5
|
|
6
6
|
def self.retrieve
|
7
7
|
begin
|
8
|
-
response = ForestApiRequester.get('/liana/v1/ip-whitelist-rules')
|
8
|
+
response = ForestLiana::ForestApiRequester.get('/liana/v1/ip-whitelist-rules')
|
9
9
|
|
10
10
|
if response.is_a?(Net::HTTPOK)
|
11
11
|
body = JSON.parse(response.body)
|
@@ -20,7 +20,7 @@ module ForestLiana
|
|
20
20
|
rescue => exception
|
21
21
|
FOREST_LOGGER.error 'Cannot retrieve the IP Whitelist from the Forest server.'
|
22
22
|
FOREST_LOGGER.error 'Which was caused by:'
|
23
|
-
Errors::ExceptionHelper.recursively_print(exception, margin: ' ', is_error: true)
|
23
|
+
ForestLiana::Errors::ExceptionHelper.recursively_print(exception, margin: ' ', is_error: true)
|
24
24
|
false
|
25
25
|
end
|
26
26
|
end
|
@@ -31,7 +31,7 @@ module ForestLiana
|
|
31
31
|
|
32
32
|
def self.is_ip_valid(ip)
|
33
33
|
if @@use_ip_whitelist
|
34
|
-
return IpWhitelistChecker.is_ip_matches_any_rule(ip, @@ip_whitelist_rules)
|
34
|
+
return ForestLiana::IpWhitelistChecker.is_ip_matches_any_rule(ip, @@ip_whitelist_rules)
|
35
35
|
end
|
36
36
|
|
37
37
|
true
|
@@ -19,17 +19,23 @@ module ForestLiana
|
|
19
19
|
end
|
20
20
|
|
21
21
|
def perform
|
22
|
-
user = AuthorizationGetter.new(
|
22
|
+
user = ForestLiana::AuthorizationGetter.new(
|
23
|
+
@rendering_id,
|
24
|
+
@use_google_authentication,
|
25
|
+
@auth_data,
|
26
|
+
@two_factor_registration
|
27
|
+
).perform
|
23
28
|
|
24
29
|
if user['two_factor_authentication_enabled']
|
25
30
|
if !@two_factor_token.nil?
|
26
31
|
if is_two_factor_token_valid(user, @two_factor_token)
|
27
|
-
TwoFactorRegistrationConfirmer
|
32
|
+
ForestLiana::TwoFactorRegistrationConfirmer
|
33
|
+
.new(@project_id, @use_google_authentication, @auth_data)
|
28
34
|
.perform
|
29
35
|
|
30
36
|
return { 'token' => create_token(user, @rendering_id) }
|
31
37
|
else
|
32
|
-
raise Errors::HTTP401Error.new('Your token is invalid, please try again.')
|
38
|
+
raise ForestLiana::Errors::HTTP401Error.new('Your token is invalid, please try again.')
|
33
39
|
end
|
34
40
|
else
|
35
41
|
return get_two_factor_response(user)
|
@@ -53,7 +59,7 @@ module ForestLiana
|
|
53
59
|
FOREST_LOGGER.error 'The FOREST_2FA_SECRET_SALT environment variable must be 20 characters long.'
|
54
60
|
FOREST_LOGGER.error 'You can generate it using this command: `$ openssl rand -hex 10`'
|
55
61
|
|
56
|
-
raise Errors::HTTP401Error.new('Invalid 2FA configuration, please ask more information to your admin')
|
62
|
+
raise ForestLiana::Errors::HTTP401Error.new('Invalid 2FA configuration, please ask more information to your admin')
|
57
63
|
end
|
58
64
|
end
|
59
65
|
|
@@ -63,7 +69,7 @@ module ForestLiana
|
|
63
69
|
return { 'twoFactorAuthenticationEnabled' => true } if user['two_factor_authentication_active']
|
64
70
|
|
65
71
|
two_factor_authentication_secret = user['two_factor_authentication_secret']
|
66
|
-
user_secret = UserSecretCreator
|
72
|
+
user_secret = ForestLiana::UserSecretCreator
|
67
73
|
.new(two_factor_authentication_secret, ENV['FOREST_2FA_SECRET_SALT'])
|
68
74
|
.perform
|
69
75
|
|
@@ -78,7 +84,7 @@ module ForestLiana
|
|
78
84
|
|
79
85
|
two_factor_authentication_secret = user['two_factor_authentication_secret']
|
80
86
|
|
81
|
-
user_secret = UserSecretCreator
|
87
|
+
user_secret = ForestLiana::UserSecretCreator
|
82
88
|
.new(two_factor_authentication_secret, ENV['FOREST_2FA_SECRET_SALT'])
|
83
89
|
.perform
|
84
90
|
|
@@ -8,17 +8,17 @@ module ForestLiana
|
|
8
8
|
def perform
|
9
9
|
begin
|
10
10
|
query_parameters = { 'renderingId' => @rendering_id }
|
11
|
-
response = ForestApiRequester.get(@route, query: query_parameters)
|
11
|
+
response = ForestLiana::ForestApiRequester.get(@route, query: query_parameters)
|
12
12
|
|
13
13
|
if response.is_a?(Net::HTTPOK)
|
14
14
|
JSON.parse(response.body)
|
15
15
|
else
|
16
|
-
raise "Forest API returned an #{Errors::HTTPErrorHelper.format(response)}"
|
16
|
+
raise "Forest API returned an #{ForestLiana::Errors::HTTPErrorHelper.format(response)}"
|
17
17
|
end
|
18
18
|
rescue => exception
|
19
19
|
FOREST_LOGGER.error 'Cannot retrieve the permissions from the Forest server.'
|
20
20
|
FOREST_LOGGER.error 'Which was caused by:'
|
21
|
-
Errors::ExceptionHelper.recursively_print(exception, margin: ' ', is_error: true)
|
21
|
+
ForestLiana::Errors::ExceptionHelper.recursively_print(exception, margin: ' ', is_error: true)
|
22
22
|
nil
|
23
23
|
end
|
24
24
|
end
|
@@ -20,16 +20,16 @@ module ForestLiana
|
|
20
20
|
body_data['email'] = @auth_data[:email]
|
21
21
|
end
|
22
22
|
|
23
|
-
response = ForestApiRequester.post(
|
23
|
+
response = ForestLiana::ForestApiRequester.post(
|
24
24
|
"/liana/v2/projects/#{@project_id}/two-factor-registration-confirm",
|
25
25
|
body: body_data,
|
26
26
|
)
|
27
27
|
|
28
28
|
unless response.is_a?(Net::HTTPOK)
|
29
|
-
raise "Cannot retrieve the data from the Forest server. Forest API returned an #{Errors::HTTPErrorHelper.format(response)}"
|
29
|
+
raise "Cannot retrieve the data from the Forest server. Forest API returned an #{ForestLiana::Errors::HTTPErrorHelper.format(response)}"
|
30
30
|
end
|
31
31
|
rescue
|
32
|
-
raise Errors::HTTP401Error
|
32
|
+
raise ForestLiana::Errors::HTTP401Error
|
33
33
|
end
|
34
34
|
end
|
35
35
|
end
|
data/lib/forest_liana/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: forest_liana
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.13.
|
4
|
+
version: 2.13.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sandro Munda
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-09-
|
11
|
+
date: 2018-09-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|