mumukit-login 7.0.0 → 7.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b8200b72f9ae05c8235f7e53b81857ae3212a82fec4d301e5c994b817f5aa7a2
-  data.tar.gz: 0165fab28ec7ae0f46b7364abbf9af0bbd96b0a2e03d765413632eaad21e6f40
+  metadata.gz: be2628bd7ab69e312b2259b3c26d75b37bde248e7d3105760605b366d5b27564
+  data.tar.gz: b4efe8b1d0cb3fc93dfe9b77bfa12efebf1966e31f24f14f51dfeb86160d2732
 SHA512:
-  metadata.gz: 14ee27ad4add9cfdc80b40fdabaf497f0db291ca0c3035b732a6ac220c87de0e78d1318f414e18b3c9a09958acfc8571b61b4cadda954ccadabb3a46c6d80807
-  data.tar.gz: 2d4c7d91d203aa7fd4c37da0e48122cd364ebe0674c1cc5e9765cd00aa15aef18fb918b4ce3369c999826254633dfcb825b48e1eca10eacb4a3aa668e2236fd3
+  metadata.gz: f296c251632dbb75996eed92312b26433eaab8bfafcf30da0990fb64d4e610b263b4fd11efac5dd6e9f66e9022a5c86bd84d524e41ac08b0d0a81aeb8cab3548
+  data.tar.gz: d242c667ab85d70254514ea418322544580a229c9e3f1587122d9fae8a1dcf7213565a7166bfb616a18fbebdd89f8c969496293150724e070da0e0dbe5551a45

data/lib/mumukit/login/helpers/login_controller_helpers.rb

@@ -1,7 +1,7 @@
 module Mumukit::Login::LoginControllerHelpers
 
   def login_current_user!
-    mumukit_controller.write_cookie!(:login_organization, organization_name)
+    mumukit_controller.mucookie.write!(:login_organization, organization_name)
     origin_redirector.save_after_login_location!
     if current_user?
       origin_redirector.redirect_after_login!
@@ -19,6 +19,7 @@ module Mumukit::Login::LoginControllerHelpers
 
   def logout_current_user!
     destroy_current_user_session!
+    login_provider.destroy_session! mumukit_controller
     origin_redirector.redirect_after_logout!
   end
 

data/lib/mumukit/login/mucookie.rb

@@ -6,10 +6,10 @@ class Mumukit::Login::Mucookie
   end
 
   def write!(key, value, options={})
-    @controller.write_cookie! cookie_name(key),
-                              spec.merge(
-                                value: value.to_s,
-                                httponly: !!options[:httponly])
+    do_write! cookie_name(key),
+              spec.merge(
+                value: value.to_s,
+                httponly: !!options[:httponly])
   end
 
   def encrypt_and_write!(key, value, options={})
@@ -21,7 +21,7 @@ class Mumukit::Login::Mucookie
   end
 
   def read(key)
-    @controller.read_cookie cookie_name(key)
+    do_read!(cookie_name(key))
   end
 
   def decrypt_and_read(key)
@@ -33,17 +33,43 @@ class Mumukit::Login::Mucookie
   end
 
   def delete!(key)
-    @controller.delete_cookie! cookie_name(key), Mumukit::Login.config.mucookie_domain
+    do_delete! cookie_name(key), Mumukit::Login.config.mucookie_domain
   end
 
   def spec
-    { path: '/',
+    {
+      path: '/',
       expires: Mumukit::Login.config.mucookie_duration.days.since,
-      domain: Mumukit::Login.config.mucookie_domain }
+      domain: Mumukit::Login.config.mucookie_domain
+    }
+  end
+
+  def self.cookie_same_site
+    if %w(RACK_ENV RAILS_ENV).any? { |it| ENV[it] == 'production' }
+      :none
+    else
+      :lax
+    end
   end
 
   private
 
+  # Support for legacy browsers
+  # Duplicate write / read / delete cookies without samesite for old browsers that do not allow for SameSite=None attribute
+  def do_write!(cookie_name, spec)
+    @controller.write_cookie! cookie_name, spec.merge(same_site: self.class.cookie_same_site)
+    @controller.write_cookie! "#{cookie_name}_legacy", spec
+  end
+
+  def do_delete!(cookie_name, domain)
+    @controller.delete_cookie! cookie_name, domain
+    @controller.delete_cookie! "#{cookie_name}_legacy", domain
+  end
+
+  def do_read!(cookie_name)
+    @controller.read_cookie(cookie_name) || @controller.read_cookie("#{cookie_name}_legacy")
+  end
+
   def cookie_name(key)
     "mucookie_#{key}"
   end
@@ -84,5 +110,6 @@ class Mumukit::Login::Mucookie
       value.try { |it| encryptor.decrypt_and_verify it }
     end
   end
-
 end
+
+require_relative 'mucookie/store'

data/lib/mumukit/login/mucookie/store.rb

@@ -0,0 +1,14 @@
+require 'action_dispatch'
+
+class Mumukit::Login::Mucookie::Store < ActionDispatch::Session::CookieStore
+  def set_cookie(request, session_id, cookie)
+    cookie.merge! same_site: :none if on_embeddable_organization?(request)
+    super
+  end
+
+  private
+
+  def on_embeddable_organization?(request)
+    Mumukit::Platform::Organization.find_by_name!(request.cookies['mucookie_login_organization']).embeddable? rescue false
+  end
+end

data/lib/mumukit/login/profile.rb

@@ -1,15 +1,21 @@
 module Mumukit::Login::Profile
   def self.from_omniauth(omniauth)
-    struct provider: omniauth.provider,
-           first_name: omniauth.info.first_name,
-           last_name: omniauth.info.last_name,
-           social_id: omniauth.uid,
-           email: omniauth.info.email,
-           uid: generate_uid(omniauth),
-           image_url: omniauth.info.image
+    struct profile_hash(omniauth)
+  end
+
+  def self.profile_hash(omniauth)
+    {
+      provider: omniauth.provider,
+      first_name: omniauth.info.first_name,
+      last_name: omniauth.info.last_name,
+      social_id: omniauth.uid,
+      email: omniauth.info.email,
+      uid: generate_uid(omniauth),
+      image_url: omniauth.info.image
+    }.compact
   end
 
   def self.generate_uid(omniauth)
-    omniauth.info.email || omniauth.uid
+    omniauth.uid || omniauth.info.email
   end
 end

data/lib/mumukit/login/provider/base.rb

@@ -45,6 +45,9 @@ class Mumukit::Login::Provider::Base
     nil
   end
 
+  def destroy_session!(_controller)
+  end
+
   def setup_proc
     proc do |env|
       options = env['omniauth.strategy'].options
@@ -75,6 +78,9 @@ class Mumukit::Login::Provider::Base
     {}
   end
 
+  def finalize_user_creation!(_user)
+  end
+
   private
 
   def setup_phase_login_settings(env)
@@ -82,7 +88,7 @@ class Mumukit::Login::Provider::Base
   end
 
   def setup_phase_login_organization_name(env)
-    Rack::Request.new(env).cookies['login_organization']
+    Rack::Request.new(env).cookies['mucookie_login_organization']
   end
 
   def organization_login_settings_for(name)

data/lib/mumukit/login/version.rb

@@ -1,5 +1,5 @@
 module Mumukit
   module Login
-    VERSION = '7.0.0'
+    VERSION = '7.4.0'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mumukit-login
 version: !ruby/object:Gem::Version
-  version: 7.0.0
+  version: 7.4.0
 platform: ruby
 authors:
 - Franco Leonardo Bulgarelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-08 00:00:00.000000000 Z
+date: 2020-08-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,42 +16,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '12.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '12.3'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -234,6 +234,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.1'
 description: 
 email:
 - franco@mumuki.org
@@ -257,6 +271,7 @@ files:
 - lib/mumukit/login/helpers/login_settings_helpers.rb
 - lib/mumukit/login/helpers/organization_helpers.rb
 - lib/mumukit/login/mucookie.rb
+- lib/mumukit/login/mucookie/store.rb
 - lib/mumukit/login/origin_redirector.rb
 - lib/mumukit/login/profile.rb
 - lib/mumukit/login/provider.rb
@@ -290,7 +305,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.4
+rubygems_version: 3.0.8
 signing_key: 
 specification_version: 4
 summary: Library for login mumuki requests