omniauth-applicaster 1.7.1 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/Gemfile +1 -0
- data/lib/applicaster/accounts.rb +27 -5
- data/lib/applicaster/auth_helpers.rb +30 -4
- data/lib/applicaster/sessions_controller_mixin.rb +11 -4
- data/lib/omniauth-applicaster/version.rb +1 -1
- data/omniauth-applicaster.gemspec +2 -1
- data/spec/support/webmock_stubs_helper.rb +2 -1
- metadata +19 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: d9bcca69fcde5b2efaf200357c1f787f5e36936ecc8027fdaff673b14fba079d
|
|
4
|
+
data.tar.gz: 722a0df2373c6c06b00383576550a7e977f5b33c8a454e913e3f09674e75dd85
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4339cf40df8f62781ab957c3cf92cd5692aeb2bdc5d0fd6401a856ebf656fd6b703ef11f8d175c2383c2f721cb7a01c1d71a858a5cf646b406487c99f020a5a1
|
|
7
|
+
data.tar.gz: 4a183580fc81efbd62fb8b70533a0f9e99aace2d6467d0f8d87dffb410b4c2118b3f933f3c83de354cfd82494acc58ea0f993fa236a328afd4551b2392ec4536
|
data/Gemfile
CHANGED
data/lib/applicaster/accounts.rb
CHANGED
|
@@ -20,7 +20,7 @@ module Applicaster
|
|
|
20
20
|
|
|
21
21
|
Faraday.new(conn_opts) do |conn|
|
|
22
22
|
if options[:token]
|
|
23
|
-
conn.request :oauth2, options[:token]
|
|
23
|
+
conn.request :oauth2, options[:token], token_type: "param"
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
conn.request :json
|
|
@@ -38,24 +38,30 @@ module Applicaster
|
|
|
38
38
|
|
|
39
39
|
|
|
40
40
|
conn.response :json, content_type: /\bjson$/
|
|
41
|
+
conn.response :raise_error
|
|
41
42
|
# conn.response :logger, Rails.logger
|
|
42
43
|
# conn.response :logger, Logger.new(STDOUT)
|
|
43
|
-
conn.response :raise_error
|
|
44
|
-
|
|
45
44
|
conn.adapter config.faraday_adapter
|
|
46
45
|
end
|
|
47
46
|
end
|
|
48
47
|
|
|
49
48
|
def user_from_token(token)
|
|
50
|
-
|
|
49
|
+
Rails.logger.info("Fetching user with token: #{token}")
|
|
50
|
+
user = Applicaster::Accounts::User.new(
|
|
51
51
|
connection(token: token)
|
|
52
52
|
.get("/api/v1/users/current.json")
|
|
53
53
|
.body
|
|
54
54
|
)
|
|
55
|
+
if user.nil?
|
|
56
|
+
Rails.logger.error("[Login Failed] - User fetch failed. Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
57
|
+
end
|
|
58
|
+
user
|
|
55
59
|
rescue Faraday::ClientError => e
|
|
56
60
|
if e.response && e.response[:status] == 401
|
|
61
|
+
Rails.logger.error("[Login Failed] - Unauthorized access attempt detected. Invalid token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Error: #{e.message}")
|
|
57
62
|
nil
|
|
58
63
|
else
|
|
64
|
+
Rails.logger.error("[Login Failed] - Error fetching user. Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Error: #{e.message}")
|
|
59
65
|
raise
|
|
60
66
|
end
|
|
61
67
|
end
|
|
@@ -66,13 +72,20 @@ module Applicaster
|
|
|
66
72
|
.get("/api/v1/users/#{id}.json")
|
|
67
73
|
.body
|
|
68
74
|
)
|
|
75
|
+
rescue Faraday::ResourceNotFound
|
|
76
|
+
Rails.logger.error("[Login Failed] - User not found. ID: #{id}, Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
77
|
+
nil
|
|
69
78
|
end
|
|
70
79
|
|
|
71
80
|
def accounts_from_token(token)
|
|
81
|
+
Rails.logger.info("Fetching accounts with token: #{token}")
|
|
72
82
|
connection(token: token)
|
|
73
83
|
.get("/api/v1/accounts.json")
|
|
74
84
|
.body
|
|
75
85
|
.map {|a| Account.new(a) }
|
|
86
|
+
rescue Faraday::ClientError => e
|
|
87
|
+
Rails.logger.error("Failed to fetch accounts. Token: #{token}, Error: #{e.message}")
|
|
88
|
+
raise
|
|
76
89
|
end
|
|
77
90
|
|
|
78
91
|
def config
|
|
@@ -89,12 +102,16 @@ module Applicaster
|
|
|
89
102
|
config.client_secret,
|
|
90
103
|
site: config.base_url,
|
|
91
104
|
authorize_url: "/oauth/authorize",
|
|
92
|
-
|
|
105
|
+
auth_scheme: :basic_auth,
|
|
106
|
+
)
|
|
93
107
|
end
|
|
94
108
|
end
|
|
95
109
|
|
|
96
110
|
def user_data_from_omniauth(omniauth_credentials)
|
|
97
111
|
access_token(omniauth_credentials).get("/api/v1/users/current.json").parsed
|
|
112
|
+
rescue Faraday::ClientError => e
|
|
113
|
+
Rails.logger.error("[Login Failed] - Failed to fetch user data from Omniauth. Error: #{e.message}")
|
|
114
|
+
raise
|
|
98
115
|
end
|
|
99
116
|
|
|
100
117
|
def accounts
|
|
@@ -102,8 +119,10 @@ module Applicaster
|
|
|
102
119
|
end
|
|
103
120
|
|
|
104
121
|
def find_user_by_id(id)
|
|
122
|
+
Rails.logger.info("Finding user by ID: #{id}")
|
|
105
123
|
self.class.user_by_id_and_token(id, client_credentials_token.token)
|
|
106
124
|
rescue Faraday::ResourceNotFound
|
|
125
|
+
Rails.logger.error("[Login Failed] - User not found by ID: #{id}")
|
|
107
126
|
nil
|
|
108
127
|
end
|
|
109
128
|
|
|
@@ -117,6 +136,9 @@ module Applicaster
|
|
|
117
136
|
@client_credentials_token ||= self.class.oauth_client
|
|
118
137
|
.client_credentials
|
|
119
138
|
.get_token
|
|
139
|
+
rescue OAuth2::Error => e
|
|
140
|
+
Rails.logger.error("[Login Failed] - Failed to get client credentials token. Error: #{e.message}")
|
|
141
|
+
raise
|
|
120
142
|
end
|
|
121
143
|
end
|
|
122
144
|
end
|
|
@@ -10,6 +10,7 @@ module Applicaster
|
|
|
10
10
|
|
|
11
11
|
def authenticate_user!
|
|
12
12
|
unless current_user
|
|
13
|
+
log_unauthorized_access
|
|
13
14
|
store_location!
|
|
14
15
|
redirect_to '/auth/applicaster'
|
|
15
16
|
end
|
|
@@ -25,10 +26,10 @@ module Applicaster
|
|
|
25
26
|
|
|
26
27
|
def store_location!
|
|
27
28
|
session[:path_before_login] = if request.get?
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
29
|
+
request.fullpath
|
|
30
|
+
else
|
|
31
|
+
request.referrer
|
|
32
|
+
end
|
|
32
33
|
end
|
|
33
34
|
|
|
34
35
|
def clear_omniauth_credentials
|
|
@@ -41,6 +42,31 @@ module Applicaster
|
|
|
41
42
|
Applicaster::Accounts.user_from_token(current_access_token).tap do |user|
|
|
42
43
|
clear_omniauth_credentials unless user
|
|
43
44
|
end
|
|
45
|
+
rescue Faraday::ClientError => e
|
|
46
|
+
log_failed_user_fetch(e)
|
|
47
|
+
nil
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def log_unauthorized_access
|
|
51
|
+
user_email = current_user&.email || "Unknown User"
|
|
52
|
+
user_ip = request.remote_ip
|
|
53
|
+
user_agent = request.user_agent
|
|
54
|
+
requested_path = request.fullpath
|
|
55
|
+
|
|
56
|
+
Rails.logger.error(
|
|
57
|
+
"[Unauthorized Access Attempt] - User: #{user_email}, IP: #{user_ip}, User Agent: #{user_agent}, Requested Path: #{requested_path}. Redirecting to '/auth/applicaster'."
|
|
58
|
+
)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def log_failed_user_fetch(exception)
|
|
62
|
+
user_email = current_user&.email || session[:omniauth_credentials]&.fetch(:email, "Unknown User")
|
|
63
|
+
user_ip = request.remote_ip
|
|
64
|
+
user_agent = request.user_agent
|
|
65
|
+
requested_path = request.fullpath
|
|
66
|
+
|
|
67
|
+
Rails.logger.error(
|
|
68
|
+
"[User Fetch Failed] - User: #{user_email}, IP: #{user_ip}, User Agent: #{user_agent}, Requested Path: #{requested_path}. Error: #{exception.message}",
|
|
69
|
+
)
|
|
44
70
|
end
|
|
45
71
|
end
|
|
46
72
|
end
|
|
@@ -1,25 +1,32 @@
|
|
|
1
1
|
module Applicaster
|
|
2
2
|
module SessionsControllerMixin
|
|
3
3
|
def new
|
|
4
|
+
Rails.logger.info("New session initiated. Redirecting to /auth/applicaster. IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
4
5
|
redirect_to "/auth/applicaster"
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def create
|
|
8
9
|
session[:omniauth_credentials] = omniauth_credentials
|
|
10
|
+
Rails.logger.info("Session created successfully for user. IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Params: #{safe_user_params.inspect}")
|
|
9
11
|
|
|
10
12
|
redirect_to(session.delete(:path_before_login) || '/')
|
|
11
13
|
end
|
|
12
14
|
|
|
13
15
|
def destroy
|
|
14
|
-
|
|
16
|
+
user_email = current_user.email rescue "Unknown"
|
|
17
|
+
Rails.logger.info("Session destroyed for user: #{user_email}. IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
15
18
|
|
|
16
|
-
|
|
19
|
+
reset_session
|
|
20
|
+
redirect_to config.base_url
|
|
17
21
|
end
|
|
18
22
|
|
|
19
23
|
def failure
|
|
20
|
-
Rails.logger.
|
|
21
|
-
message: "Omniauth error with strategy '#{params[:strategy]}': #{params[:message]}",
|
|
24
|
+
Rails.logger.error({
|
|
25
|
+
message: "[Login Failed] - Omniauth error with strategy '#{params[:strategy]}': #{params[:message]}",
|
|
22
26
|
origin: params[:origin],
|
|
27
|
+
IP: request.remote_ip,
|
|
28
|
+
UserAgent: request.user_agent,
|
|
29
|
+
Params: params[:origin],
|
|
23
30
|
})
|
|
24
31
|
flash[:notice] = "There was a problem logging in"
|
|
25
32
|
redirect_to "/"
|
|
@@ -24,7 +24,8 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.add_development_dependency "webmock"
|
|
25
25
|
|
|
26
26
|
spec.add_dependency "omniauth-oauth2"
|
|
27
|
-
spec.add_dependency "faraday", "~> 0.
|
|
27
|
+
spec.add_dependency "faraday", "~> 0.11"
|
|
28
|
+
spec.add_dependency "oauth2", "> 1.3.1"
|
|
28
29
|
spec.add_dependency "faraday_middleware"
|
|
29
30
|
spec.add_dependency "excon"
|
|
30
31
|
spec.add_dependency "virtus"
|
|
@@ -10,8 +10,9 @@ module WebmockStubsHelper
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def stub_client_credentials_request
|
|
13
|
-
stub_request(:post, "https
|
|
13
|
+
stub_request(:post, "https://#{accounts_host}/oauth/token")
|
|
14
14
|
.with(:body => {"grant_type"=>"client_credentials"})
|
|
15
|
+
.with(basic_auth: ["client-id", "client-secret"])
|
|
15
16
|
.to_return(successful_json_response(access_token: "client-credentials-token"))
|
|
16
17
|
end
|
|
17
18
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-applicaster
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neer Friedman
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-09-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -86,14 +86,28 @@ dependencies:
|
|
|
86
86
|
requirements:
|
|
87
87
|
- - "~>"
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
|
-
version: 0.
|
|
89
|
+
version: '0.11'
|
|
90
90
|
type: :runtime
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
94
|
- - "~>"
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: 0.
|
|
96
|
+
version: '0.11'
|
|
97
|
+
- !ruby/object:Gem::Dependency
|
|
98
|
+
name: oauth2
|
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
|
100
|
+
requirements:
|
|
101
|
+
- - ">"
|
|
102
|
+
- !ruby/object:Gem::Version
|
|
103
|
+
version: 1.3.1
|
|
104
|
+
type: :runtime
|
|
105
|
+
prerelease: false
|
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
+
requirements:
|
|
108
|
+
- - ">"
|
|
109
|
+
- !ruby/object:Gem::Version
|
|
110
|
+
version: 1.3.1
|
|
97
111
|
- !ruby/object:Gem::Dependency
|
|
98
112
|
name: faraday_middleware
|
|
99
113
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -193,8 +207,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
193
207
|
- !ruby/object:Gem::Version
|
|
194
208
|
version: '0'
|
|
195
209
|
requirements: []
|
|
196
|
-
|
|
197
|
-
rubygems_version: 2.4.5.1
|
|
210
|
+
rubygems_version: 3.0.3.1
|
|
198
211
|
signing_key:
|
|
199
212
|
specification_version: 4
|
|
200
213
|
summary: Omniauth strategy for http://accounts.applicaster.com
|