forest_liana 7.6.14 → 7.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4c0be19be3d243bda2e6ed0a9b926c6e1f1b24b7ab44187698d7fa08bdd8cfbb
-  data.tar.gz: cd4076fa6837e825d545ccc0995dfef7a2326c652ab659ff615f582069b59c12
+  metadata.gz: 4f2e246fbfde70dc193c1ff1f71b97d5bb02c5c9ecee0a52073c5909b792e7b6
+  data.tar.gz: f267f5d490e264b288a0d0136c34f2e15d185760a2c4849bb7359a457ffb5ce2
 SHA512:
-  metadata.gz: 0c34125014fb5025c6d9bfbe4c1fc4076d876ca2a436671743c5c529ac8b8c9cbb9add104ad03f01142a31ae17c0a04f3c9e76b73b1eb4785dfe01d4cbb1d3c2
-  data.tar.gz: d189bf3ccd299236868d97c8fc32464c9c22f095c1c0a1c5f28c990b2690f63fe6f9c25f45c374b510849f3246dcd4e572b110194e0ca2ce0cc60e209d511133
+  metadata.gz: 449ecf89de01cfb538b57ac9768989d753e911f2ba67995290307d770a5bca72605e5766f83962d45e12d7052d7878b15a14402c0256687203d0107dc0b17669
+  data.tar.gz: eddb63f55196bbbea363d280a2610a0d42150ca554e55b6fcfaf998575041143346e7693bef6442dbd895d24981a185c35d4950f1950fa53cbd35d69aefebe13

data/app/controllers/forest_liana/authentication_controller.rb

@@ -6,21 +6,11 @@ module ForestLiana
     START_AUTHENTICATION_ROUTE = 'authentication'
     CALLBACK_AUTHENTICATION_ROUTE = 'authentication/callback'
     LOGOUT_ROUTE = 'authentication/logout'
-    PUBLIC_ROUTES = [
-      "/#{START_AUTHENTICATION_ROUTE}",
-      "/#{CALLBACK_AUTHENTICATION_ROUTE}",
-      "/#{LOGOUT_ROUTE}",
-    ]
+    PUBLIC_ROUTES = %W[/#{START_AUTHENTICATION_ROUTE} /#{CALLBACK_AUTHENTICATION_ROUTE} /#{LOGOUT_ROUTE}]
 
     def initialize
       @authentication_service = ForestLiana::Authentication.new()
     end
-  
-    def get_callback_url
-      File.join(ForestLiana.application_url, "/forest/#{CALLBACK_AUTHENTICATION_ROUTE}").to_s
-    rescue => error
-      raise "application_url is not valid or not defined" if error.is_a?(ArgumentError)
-    end
 
     def get_and_check_rendering_id
       if !params.has_key?('renderingId')
@@ -28,7 +18,7 @@ module ForestLiana
       end
 
       rendering_id = params[:renderingId]
-      
+
       if !(rendering_id.instance_of?(String) || rendering_id.instance_of?(Numeric)) || (rendering_id.instance_of?(Numeric) && rendering_id.nan?)
         raise ForestLiana::MESSAGES[:SERVER_TRANSACTION][:INVALID_RENDERING_ID]
       end
@@ -36,15 +26,10 @@ module ForestLiana
       return rendering_id.to_i
     end
 
-    def start_authentication 
+    def start_authentication
       begin
         rendering_id = get_and_check_rendering_id()
-        callback_url = get_callback_url()
-
-        result = @authentication_service.start_authentication(
-          callback_url,
-          { 'renderingId' => rendering_id },
-        )
+        result = @authentication_service.start_authentication({ 'renderingId' => rendering_id })
 
         render json: { authorizationUrl: result['authorization_url']}, status: 200
       rescue => error
@@ -55,12 +40,7 @@ module ForestLiana
 
     def authentication_callback
       begin
-        callback_url = get_callback_url()
-
-        token = @authentication_service.verify_code_and_generate_token(
-          callback_url,
-          params,
-        )
+        token = @authentication_service.verify_code_and_generate_token(params)
 
         response_body = {
           token: token,
@@ -79,7 +59,7 @@ module ForestLiana
       begin
         if cookies.has_key?(:forest_session_token)
           forest_session_token = cookies[:forest_session_token]
-          
+
           if forest_session_token
             response.set_cookie(
               'forest_session_token',

data/app/services/forest_liana/authentication.rb

@@ -1,18 +1,18 @@
 module ForestLiana
   class Authentication
-    def start_authentication(redirect_url, state)
-      client = ForestLiana::OidcClientManager.get_client_for_callback_url(redirect_url)
+    def start_authentication(state)
+      client = ForestLiana::OidcClientManager.get_client()
 
       authorization_url = client.authorization_uri({
         scope: 'openid email profile',
         state: state.to_s,
       })
-  
+
       { 'authorization_url' => authorization_url }
     end
 
-    def verify_code_and_generate_token(redirect_url, params) 
-      client = ForestLiana::OidcClientManager.get_client_for_callback_url(redirect_url)
+    def verify_code_and_generate_token(params)
+      client = ForestLiana::OidcClientManager.get_client()
 
       rendering_id = parse_state(params['state'])
       client.authorization_code = params['code']

data/app/services/forest_liana/oidc_client_manager.rb

@@ -2,33 +2,32 @@ require 'openid_connect'
 
 module ForestLiana
   class OidcClientManager
-    def self.get_client_for_callback_url(callback_url)
+    def self.get_client
       begin
         configuration = ForestLiana::OidcConfigurationRetriever.retrieve()
         if ForestLiana.forest_client_id.nil?
-          client_data = Rails.cache.read("#{callback_url}-#{ForestLiana.env_secret}-client-data") || nil
+          client_data = Rails.cache.read("#{ForestLiana.env_secret}-client-data") || nil
           if client_data.nil?
             client_credentials = ForestLiana::OidcDynamicClientRegistrator.register({
               token_endpoint_auth_method: 'none',
-              redirect_uris: [callback_url],
               registration_endpoint: configuration['registration_endpoint']
             })
-            client_data = { :client_id => client_credentials['client_id'], :issuer => configuration['issuer'] }
-            Rails.cache.write("#{callback_url}-#{ForestLiana.env_secret}-client-data", client_data)
+            client_data = { :client_id => client_credentials['client_id'], :issuer => configuration['issuer'], :redirect_uri => client_credentials['redirect_uris'][0] }
+            Rails.cache.write("#{ForestLiana.env_secret}-client-data", client_data)
           end
         else
-          client_data = { :client_id => ForestLiana.forest_client_id, :issuer => configuration['issuer'] }
+          client_data = { :client_id => ForestLiana.forest_client_id, :issuer => configuration['issuer'], :redirect_uri => File.join(ForestLiana.application_url, "/forest/authentication/callback").to_s }
         end
 
         OpenIDConnect::Client.new(
           identifier: client_data[:client_id],
-          redirect_uri: callback_url,
+          redirect_uri: client_data[:redirect_uri],
           host: "#{client_data[:issuer].sub(/^https?\:\/\/(www.)?/,'')}",
           authorization_endpoint: '/oidc/auth',
           token_endpoint: '/oidc/token',
         )
       rescue => error
-        Rails.cache.delete("#{callback_url}-#{ForestLiana.env_secret}-client-data")
+        Rails.cache.delete("#{ForestLiana.env_secret}-client-data")
         raise error
       end
     end

data/lib/forest_liana/bootstrapper.rb

@@ -18,11 +18,19 @@ module ForestLiana
         ForestLiana.auth_secret = ForestLiana.auth_key
       end
 
-      unless Rails.application.config.action_controller.perform_caching || Rails.env.test? || ForestLiana.forest_client_id
+      if ForestLiana.forest_client_id
+        FOREST_LOGGER.warn "DEPRECATION WARNING: The use of " \
+          "ForestLiana.forest_client_id is deprecated. It's not needed anymore."
+      end
+
+      if Rails.application.secrets.forest_application_url
+        FOREST_LOGGER.warn "DEPRECATION WARNING: The use of " \
+          "The secret forest_application_url is deprecated. It's not needed anymore."
+      end
+
+      unless Rails.application.config.action_controller.perform_caching || Rails.env.test?
         FOREST_LOGGER.error "You need to enable caching on your environment to use Forest Admin.\n" \
-          "For a development environment, run: `rails dev:cache`\n" \
-          "Or setup a static forest_client_id by following this part of the documentation:\n" \
-          "https://docs.forestadmin.com/documentation/how-tos/maintain/upgrade-notes-rails/upgrade-to-v6#setup-a-static-clientid"
+          "For a development environment, run: `rails dev:cache`"
       end
 
       fetch_models

data/lib/forest_liana/version.rb

@@ -1,3 +1,3 @@
 module ForestLiana
-  VERSION = "7.6.14"
+  VERSION = "7.7.0"
 end

data/lib/generators/forest_liana/install_generator.rb

@@ -5,7 +5,6 @@ module ForestLiana
     desc 'Forest Rails Liana installation generator'
 
     argument :env_secret, type: :string, required: true, desc: 'required', banner: 'env_secret'
-    argument :application_url, type: :string, required: false, desc: 'optional', banner: 'application_url', default: 'http://localhost:3000'
 
     def install
       if ForestLiana.env_secret.present?
@@ -28,42 +27,35 @@ module ForestLiana
       if File.exist? 'config/secrets.yml'
         inject_into_file 'config/secrets.yml', after: "development:\n" do
           "  forest_env_secret: #{env_secret}\n" +
-          "  forest_auth_secret: #{auth_secret}\n" +
-          "  forest_application_url: #{application_url}\n"
+          "  forest_auth_secret: #{auth_secret}\n"
         end
 
         inject_into_file 'config/secrets.yml', after: "staging:\n", force: true do
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
-          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
         end
 
         inject_into_file 'config/secrets.yml', after: "production:\n", force: true do
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
-          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
         end
       else
         create_file 'config/secrets.yml' do
           "development:\n" +
           "  forest_env_secret: #{env_secret}\n" +
           "  forest_auth_secret: #{auth_secret}\n" +
-          "  forest_application_url: #{application_url}\n" +
           "staging:\n" +
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
           "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
-          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n" +
           "production:\n" +
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
-          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
         end
       end
 
       initializer 'forest_liana.rb' do
         "ForestLiana.env_secret = Rails.application.secrets.forest_env_secret" +
-        "\nForestLiana.auth_secret = Rails.application.secrets.forest_auth_secret" +
-        "\nForestLiana.application_url = Rails.application.secrets.forest_application_url"
+        "\nForestLiana.auth_secret = Rails.application.secrets.forest_auth_secret"
       end
     end
   end

data/lib/tasks/clear_oidc_data.rake

@@ -0,0 +1,6 @@
+namespace :forest do
+  desc "Clear the OIDC data cache key"
+  task clear: :environment do
+    Rails.cache.delete("#{ForestLiana.env_secret}-client-data")
+  end
+end

data/spec/requests/authentications_spec.rb

@@ -14,7 +14,7 @@ describe "Authentications", type: :request do
         }', :symbolize_names => false)
     }
     allow(ForestLiana::ForestApiRequester).to receive(:post) {
-      instance_double(HTTParty::Response, body: '{ "client_id": "random_id" }', code: 201)
+      instance_double(HTTParty::Response, body: '{ "client_id": "random_id", "redirect_uris": ["http://localhost:3000/forest/authentication/callback"] }', code: 201)
     }
     allow_any_instance_of(OpenIDConnect::Client).to receive(:access_token!) {
       OpenIDConnect::AccessToken.new(access_token: 'THE-ACCESS-TOKEN', client: instance_double(OpenIDConnect::Client))
@@ -22,11 +22,11 @@ describe "Authentications", type: :request do
   end
 
   after do
-    Rails.cache.delete(URI.join(ForestLiana.application_url, ForestLiana::Engine.routes.url_helpers.authentication_callback_path).to_s)
+    Rails.cache.delete("#{ForestLiana.env_secret}-client-data")
   end
 
   describe "POST /authentication" do
-    before() do 
+    before() do
       post ForestLiana::Engine.routes.url_helpers.authentication_path, params: '{"renderingId":"42"}', headers: {
         'Accept' => 'application/json',
         'Content-Type' => 'application/json',
@@ -44,10 +44,10 @@ describe "Authentications", type: :request do
   end
 
   describe "GET /authentication/callback" do
-    before() do 
+    before() do
       response = '{"data":{"id":666,"attributes":{"first_name":"Alice","last_name":"Doe","email":"alice@forestadmin.com","teams":[1,2,3],"role":"Test","tags":[{"key":"city","value":"Paris"}]}}}'
       allow(ForestLiana::ForestApiRequester).to receive(:get).with(
-        "/liana/v2/renderings/42/authorization", { :headers => { "forest-token" => "THE-ACCESS-TOKEN" }, :query=> {} }
+        "/liana/v2/renderings/42/authorization", { :headers => { "forest-token" => "THE-ACCESS-TOKEN" }, :query => {} }
       ).and_return(
         instance_double(HTTParty::Response, :body => response, :code => 200)
       )
@@ -86,7 +86,7 @@ describe "Authentications", type: :request do
   end
 
   describe "POST /authentication/logout" do
-    before() do 
+    before() do
       post ForestLiana::Engine.routes.url_helpers.authentication_logout_path, params: { :renderingId => 42 }, :headers => headers
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: forest_liana
 version: !ruby/object:Gem::Version
-  version: 7.6.14
+  version: 7.7.0
 platform: ruby
 authors:
 - Sandro Munda
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-09-08 00:00:00.000000000 Z
+date: 2022-09-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -316,6 +316,7 @@ files:
 - lib/forest_liana/schema_file_updater.rb
 - lib/forest_liana/version.rb
 - lib/generators/forest_liana/install_generator.rb
+- lib/tasks/clear_oidc_data.rake
 - lib/tasks/display_apimap.rake
 - lib/tasks/send_apimap.rake
 - spec/config/initializers/logger_spec.rb