mumukit-login 7.1.0 → 7.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d9fcbf1a466edd39310327016d1523314fced42c96cc3f87578d9b925040a1ed
-  data.tar.gz: b6e0c3a610d0147c3928871ebad9dae3a493958c96668d4dd2d3cd8ffcfd3b63
+  metadata.gz: 79f9af1052d482e6ac705c690008baa6b1b48ce5bac7d4657721391b8f384366
+  data.tar.gz: 4ea633723b6d51a32b814af0da2e76a303af02c8cc8030a04b6eaed5822d3af6
 SHA512:
-  metadata.gz: 271b2d2d145d49b05559a9abe894277a1d89259e5d1ff07e29e95445780a04fb60ef76c0b4a05d2db5491a7f334dc8644e0165c56462b345a90761a246707570
-  data.tar.gz: 122b793af5999519061aa01431196a1095150cb6d6b38c590e8d97641b33acae688e619c96555094b95771382990c7bce776f4aae5cc01e13f580a488edab35f
+  metadata.gz: 70cbe76c86b4b1b34c8501f66a5521eb28646ac6f04a5df3c99cf8993ed0d61f4a4fa9f80115e618818c4f28358d9444777b9bd94622d3961a4f5753e02bcd67
+  data.tar.gz: f7e9c785adb74998f9511d72075f8e12183fc65388e7f6793cb5f6ad2d6438bf2b4f967bc16c5b82debfdbdec212d81a3c431654a4e9b69dfe52ce25cc224cfc

data/lib/mumukit/login/helpers/login_controller_helpers.rb

@@ -19,6 +19,7 @@ module Mumukit::Login::LoginControllerHelpers
 
   def logout_current_user!
     destroy_current_user_session!
+    login_provider.destroy_session! mumukit_controller
     origin_redirector.redirect_after_logout!
   end
 

data/lib/mumukit/login/mucookie.rb

@@ -6,11 +6,10 @@ class Mumukit::Login::Mucookie
   end
 
   def write!(key, value, options={})
-    @controller.write_cookie! cookie_name(key),
-                              spec.merge(
-                                value: value.to_s,
-                                httponly: !!options[:httponly],
-                                same_site: self.class.cookie_same_site)
+    do_write! cookie_name(key),
+              spec.merge(
+                value: value.to_s,
+                httponly: !!options[:httponly])
   end
 
   def encrypt_and_write!(key, value, options={})
@@ -22,7 +21,7 @@ class Mumukit::Login::Mucookie
   end
 
   def read(key)
-    @controller.read_cookie cookie_name(key)
+    do_read!(cookie_name(key))
   end
 
   def decrypt_and_read(key)
@@ -34,7 +33,7 @@ class Mumukit::Login::Mucookie
   end
 
   def delete!(key)
-    @controller.delete_cookie! cookie_name(key), Mumukit::Login.config.mucookie_domain
+    do_delete! cookie_name(key), Mumukit::Login.config.mucookie_domain
   end
 
   def spec
@@ -55,6 +54,22 @@ class Mumukit::Login::Mucookie
 
   private
 
+  # Support for legacy browsers
+  # Duplicate write / read / delete cookies without samesite for old browsers that do not allow for SameSite=None attribute
+  def do_write!(cookie_name, spec)
+    @controller.write_cookie! cookie_name, spec.merge(same_site: self.class.cookie_same_site)
+    @controller.write_cookie! "#{cookie_name}_legacy", spec
+  end
+
+  def do_delete!(cookie_name, domain)
+    @controller.delete_cookie! cookie_name, domain
+    @controller.delete_cookie! "#{cookie_name}_legacy", domain
+  end
+
+  def do_read!(cookie_name)
+    @controller.read_cookie(cookie_name) || @controller.read_cookie("#{cookie_name}_legacy")
+  end
+
   def cookie_name(key)
     "mucookie_#{key}"
   end
@@ -95,5 +110,6 @@ class Mumukit::Login::Mucookie
       value.try { |it| encryptor.decrypt_and_verify it }
     end
   end
-
 end
+
+require_relative 'mucookie/store'

data/lib/mumukit/login/mucookie/store.rb

@@ -0,0 +1,14 @@
+require 'action_dispatch'
+
+class Mumukit::Login::Mucookie::Store < ActionDispatch::Session::CookieStore
+  def set_cookie(request, session_id, cookie)
+    cookie.merge! same_site: :none if on_embeddable_organization?(request)
+    super
+  end
+
+  private
+
+  def on_embeddable_organization?(request)
+    Mumukit::Platform::Organization.find_by_name!(request.cookies['mucookie_login_organization']).embeddable? rescue false
+  end
+end

data/lib/mumukit/login/profile.rb

@@ -1,15 +1,21 @@
 module Mumukit::Login::Profile
   def self.from_omniauth(omniauth)
-    struct provider: omniauth.provider,
-           first_name: omniauth.info.first_name,
-           last_name: omniauth.info.last_name,
-           social_id: omniauth.uid,
-           email: omniauth.info.email,
-           uid: generate_uid(omniauth),
-           image_url: omniauth.info.image
+    struct profile_hash(omniauth)
+  end
+
+  def self.profile_hash(omniauth)
+    {
+      provider: omniauth.provider,
+      first_name: omniauth.info.first_name,
+      last_name: omniauth.info.last_name,
+      social_id: omniauth.uid,
+      email: omniauth.info.email,
+      uid: generate_uid(omniauth),
+      image_url: omniauth.info.image
+    }.compact
   end
 
   def self.generate_uid(omniauth)
-    omniauth.info.email || omniauth.uid
+    Mumukit::Login::Provider.parse_login_provider(omniauth.provider).uid_for_profile(omniauth)
   end
 end

data/lib/mumukit/login/provider/base.rb

@@ -45,6 +45,9 @@ class Mumukit::Login::Provider::Base
     nil
   end
 
+  def destroy_session!(_controller)
+  end
+
   def setup_proc
     proc do |env|
       options = env['omniauth.strategy'].options
@@ -75,6 +78,13 @@ class Mumukit::Login::Provider::Base
     {}
   end
 
+  def finalize_user_creation!(_user)
+  end
+
+  def uid_for_profile(omniauth)
+    omniauth.info.email || omniauth.uid
+  end
+
   private
 
   def setup_phase_login_settings(env)
@@ -82,7 +92,7 @@ class Mumukit::Login::Provider::Base
   end
 
   def setup_phase_login_organization_name(env)
-    Rack::Request.new(env).cookies['login_organization']
+    Rack::Request.new(env).cookies['mucookie_login_organization']
   end
 
   def organization_login_settings_for(name)

data/lib/mumukit/login/version.rb

@@ -1,5 +1,5 @@
 module Mumukit
   module Login
-    VERSION = '7.1.0'
+    VERSION = '7.4.1'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mumukit-login
 version: !ruby/object:Gem::Version
-  version: 7.1.0
+  version: 7.4.1
 platform: ruby
 authors:
 - Franco Leonardo Bulgarelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-02-06 00:00:00.000000000 Z
+date: 2020-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -30,28 +30,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '12.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '12.3'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
@@ -234,6 +234,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.1'
 description: 
 email:
 - franco@mumuki.org
@@ -257,6 +271,7 @@ files:
 - lib/mumukit/login/helpers/login_settings_helpers.rb
 - lib/mumukit/login/helpers/organization_helpers.rb
 - lib/mumukit/login/mucookie.rb
+- lib/mumukit/login/mucookie/store.rb
 - lib/mumukit/login/origin_redirector.rb
 - lib/mumukit/login/profile.rb
 - lib/mumukit/login/provider.rb
@@ -290,8 +305,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.7
+rubygems_version: 3.0.8
 signing_key: 
 specification_version: 4
 summary: Library for login mumuki requests