omniauth-applicaster 1.7.1 → 1.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Gemfile +1 -0
- data/lib/applicaster/accounts.rb +27 -5
- data/lib/applicaster/auth_helpers.rb +30 -4
- data/lib/applicaster/sessions_controller_mixin.rb +11 -4
- data/lib/omniauth-applicaster/version.rb +1 -1
- data/omniauth-applicaster.gemspec +2 -1
- data/spec/support/webmock_stubs_helper.rb +2 -1
- metadata +19 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: d9bcca69fcde5b2efaf200357c1f787f5e36936ecc8027fdaff673b14fba079d
|
|
4
|
+
data.tar.gz: 722a0df2373c6c06b00383576550a7e977f5b33c8a454e913e3f09674e75dd85
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4339cf40df8f62781ab957c3cf92cd5692aeb2bdc5d0fd6401a856ebf656fd6b703ef11f8d175c2383c2f721cb7a01c1d71a858a5cf646b406487c99f020a5a1
|
|
7
|
+
data.tar.gz: 4a183580fc81efbd62fb8b70533a0f9e99aace2d6467d0f8d87dffb410b4c2118b3f933f3c83de354cfd82494acc58ea0f993fa236a328afd4551b2392ec4536
|
data/Gemfile
CHANGED
data/lib/applicaster/accounts.rb
CHANGED
|
@@ -20,7 +20,7 @@ module Applicaster
|
|
|
20
20
|
|
|
21
21
|
Faraday.new(conn_opts) do |conn|
|
|
22
22
|
if options[:token]
|
|
23
|
-
conn.request :oauth2, options[:token]
|
|
23
|
+
conn.request :oauth2, options[:token], token_type: "param"
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
conn.request :json
|
|
@@ -38,24 +38,30 @@ module Applicaster
|
|
|
38
38
|
|
|
39
39
|
|
|
40
40
|
conn.response :json, content_type: /\bjson$/
|
|
41
|
+
conn.response :raise_error
|
|
41
42
|
# conn.response :logger, Rails.logger
|
|
42
43
|
# conn.response :logger, Logger.new(STDOUT)
|
|
43
|
-
conn.response :raise_error
|
|
44
|
-
|
|
45
44
|
conn.adapter config.faraday_adapter
|
|
46
45
|
end
|
|
47
46
|
end
|
|
48
47
|
|
|
49
48
|
def user_from_token(token)
|
|
50
|
-
|
|
49
|
+
Rails.logger.info("Fetching user with token: #{token}")
|
|
50
|
+
user = Applicaster::Accounts::User.new(
|
|
51
51
|
connection(token: token)
|
|
52
52
|
.get("/api/v1/users/current.json")
|
|
53
53
|
.body
|
|
54
54
|
)
|
|
55
|
+
if user.nil?
|
|
56
|
+
Rails.logger.error("[Login Failed] - User fetch failed. Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
57
|
+
end
|
|
58
|
+
user
|
|
55
59
|
rescue Faraday::ClientError => e
|
|
56
60
|
if e.response && e.response[:status] == 401
|
|
61
|
+
Rails.logger.error("[Login Failed] - Unauthorized access attempt detected. Invalid token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Error: #{e.message}")
|
|
57
62
|
nil
|
|
58
63
|
else
|
|
64
|
+
Rails.logger.error("[Login Failed] - Error fetching user. Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Error: #{e.message}")
|
|
59
65
|
raise
|
|
60
66
|
end
|
|
61
67
|
end
|
|
@@ -66,13 +72,20 @@ module Applicaster
|
|
|
66
72
|
.get("/api/v1/users/#{id}.json")
|
|
67
73
|
.body
|
|
68
74
|
)
|
|
75
|
+
rescue Faraday::ResourceNotFound
|
|
76
|
+
Rails.logger.error("[Login Failed] - User not found. ID: #{id}, Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
77
|
+
nil
|
|
69
78
|
end
|
|
70
79
|
|
|
71
80
|
def accounts_from_token(token)
|
|
81
|
+
Rails.logger.info("Fetching accounts with token: #{token}")
|
|
72
82
|
connection(token: token)
|
|
73
83
|
.get("/api/v1/accounts.json")
|
|
74
84
|
.body
|
|
75
85
|
.map {|a| Account.new(a) }
|
|
86
|
+
rescue Faraday::ClientError => e
|
|
87
|
+
Rails.logger.error("Failed to fetch accounts. Token: #{token}, Error: #{e.message}")
|
|
88
|
+
raise
|
|
76
89
|
end
|
|
77
90
|
|
|
78
91
|
def config
|
|
@@ -89,12 +102,16 @@ module Applicaster
|
|
|
89
102
|
config.client_secret,
|
|
90
103
|
site: config.base_url,
|
|
91
104
|
authorize_url: "/oauth/authorize",
|
|
92
|
-
|
|
105
|
+
auth_scheme: :basic_auth,
|
|
106
|
+
)
|
|
93
107
|
end
|
|
94
108
|
end
|
|
95
109
|
|
|
96
110
|
def user_data_from_omniauth(omniauth_credentials)
|
|
97
111
|
access_token(omniauth_credentials).get("/api/v1/users/current.json").parsed
|
|
112
|
+
rescue Faraday::ClientError => e
|
|
113
|
+
Rails.logger.error("[Login Failed] - Failed to fetch user data from Omniauth. Error: #{e.message}")
|
|
114
|
+
raise
|
|
98
115
|
end
|
|
99
116
|
|
|
100
117
|
def accounts
|
|
@@ -102,8 +119,10 @@ module Applicaster
|
|
|
102
119
|
end
|
|
103
120
|
|
|
104
121
|
def find_user_by_id(id)
|
|
122
|
+
Rails.logger.info("Finding user by ID: #{id}")
|
|
105
123
|
self.class.user_by_id_and_token(id, client_credentials_token.token)
|
|
106
124
|
rescue Faraday::ResourceNotFound
|
|
125
|
+
Rails.logger.error("[Login Failed] - User not found by ID: #{id}")
|
|
107
126
|
nil
|
|
108
127
|
end
|
|
109
128
|
|
|
@@ -117,6 +136,9 @@ module Applicaster
|
|
|
117
136
|
@client_credentials_token ||= self.class.oauth_client
|
|
118
137
|
.client_credentials
|
|
119
138
|
.get_token
|
|
139
|
+
rescue OAuth2::Error => e
|
|
140
|
+
Rails.logger.error("[Login Failed] - Failed to get client credentials token. Error: #{e.message}")
|
|
141
|
+
raise
|
|
120
142
|
end
|
|
121
143
|
end
|
|
122
144
|
end
|
|
@@ -10,6 +10,7 @@ module Applicaster
|
|
|
10
10
|
|
|
11
11
|
def authenticate_user!
|
|
12
12
|
unless current_user
|
|
13
|
+
log_unauthorized_access
|
|
13
14
|
store_location!
|
|
14
15
|
redirect_to '/auth/applicaster'
|
|
15
16
|
end
|
|
@@ -25,10 +26,10 @@ module Applicaster
|
|
|
25
26
|
|
|
26
27
|
def store_location!
|
|
27
28
|
session[:path_before_login] = if request.get?
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
29
|
+
request.fullpath
|
|
30
|
+
else
|
|
31
|
+
request.referrer
|
|
32
|
+
end
|
|
32
33
|
end
|
|
33
34
|
|
|
34
35
|
def clear_omniauth_credentials
|
|
@@ -41,6 +42,31 @@ module Applicaster
|
|
|
41
42
|
Applicaster::Accounts.user_from_token(current_access_token).tap do |user|
|
|
42
43
|
clear_omniauth_credentials unless user
|
|
43
44
|
end
|
|
45
|
+
rescue Faraday::ClientError => e
|
|
46
|
+
log_failed_user_fetch(e)
|
|
47
|
+
nil
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def log_unauthorized_access
|
|
51
|
+
user_email = current_user&.email || "Unknown User"
|
|
52
|
+
user_ip = request.remote_ip
|
|
53
|
+
user_agent = request.user_agent
|
|
54
|
+
requested_path = request.fullpath
|
|
55
|
+
|
|
56
|
+
Rails.logger.error(
|
|
57
|
+
"[Unauthorized Access Attempt] - User: #{user_email}, IP: #{user_ip}, User Agent: #{user_agent}, Requested Path: #{requested_path}. Redirecting to '/auth/applicaster'."
|
|
58
|
+
)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def log_failed_user_fetch(exception)
|
|
62
|
+
user_email = current_user&.email || session[:omniauth_credentials]&.fetch(:email, "Unknown User")
|
|
63
|
+
user_ip = request.remote_ip
|
|
64
|
+
user_agent = request.user_agent
|
|
65
|
+
requested_path = request.fullpath
|
|
66
|
+
|
|
67
|
+
Rails.logger.error(
|
|
68
|
+
"[User Fetch Failed] - User: #{user_email}, IP: #{user_ip}, User Agent: #{user_agent}, Requested Path: #{requested_path}. Error: #{exception.message}",
|
|
69
|
+
)
|
|
44
70
|
end
|
|
45
71
|
end
|
|
46
72
|
end
|
|
@@ -1,25 +1,32 @@
|
|
|
1
1
|
module Applicaster
|
|
2
2
|
module SessionsControllerMixin
|
|
3
3
|
def new
|
|
4
|
+
Rails.logger.info("New session initiated. Redirecting to /auth/applicaster. IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
4
5
|
redirect_to "/auth/applicaster"
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def create
|
|
8
9
|
session[:omniauth_credentials] = omniauth_credentials
|
|
10
|
+
Rails.logger.info("Session created successfully for user. IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Params: #{safe_user_params.inspect}")
|
|
9
11
|
|
|
10
12
|
redirect_to(session.delete(:path_before_login) || '/')
|
|
11
13
|
end
|
|
12
14
|
|
|
13
15
|
def destroy
|
|
14
|
-
|
|
16
|
+
user_email = current_user.email rescue "Unknown"
|
|
17
|
+
Rails.logger.info("Session destroyed for user: #{user_email}. IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
15
18
|
|
|
16
|
-
|
|
19
|
+
reset_session
|
|
20
|
+
redirect_to config.base_url
|
|
17
21
|
end
|
|
18
22
|
|
|
19
23
|
def failure
|
|
20
|
-
Rails.logger.
|
|
21
|
-
message: "Omniauth error with strategy '#{params[:strategy]}': #{params[:message]}",
|
|
24
|
+
Rails.logger.error({
|
|
25
|
+
message: "[Login Failed] - Omniauth error with strategy '#{params[:strategy]}': #{params[:message]}",
|
|
22
26
|
origin: params[:origin],
|
|
27
|
+
IP: request.remote_ip,
|
|
28
|
+
UserAgent: request.user_agent,
|
|
29
|
+
Params: params[:origin],
|
|
23
30
|
})
|
|
24
31
|
flash[:notice] = "There was a problem logging in"
|
|
25
32
|
redirect_to "/"
|
|
@@ -24,7 +24,8 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.add_development_dependency "webmock"
|
|
25
25
|
|
|
26
26
|
spec.add_dependency "omniauth-oauth2"
|
|
27
|
-
spec.add_dependency "faraday", "~> 0.
|
|
27
|
+
spec.add_dependency "faraday", "~> 0.11"
|
|
28
|
+
spec.add_dependency "oauth2", "> 1.3.1"
|
|
28
29
|
spec.add_dependency "faraday_middleware"
|
|
29
30
|
spec.add_dependency "excon"
|
|
30
31
|
spec.add_dependency "virtus"
|
|
@@ -10,8 +10,9 @@ module WebmockStubsHelper
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def stub_client_credentials_request
|
|
13
|
-
stub_request(:post, "https
|
|
13
|
+
stub_request(:post, "https://#{accounts_host}/oauth/token")
|
|
14
14
|
.with(:body => {"grant_type"=>"client_credentials"})
|
|
15
|
+
.with(basic_auth: ["client-id", "client-secret"])
|
|
15
16
|
.to_return(successful_json_response(access_token: "client-credentials-token"))
|
|
16
17
|
end
|
|
17
18
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-applicaster
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neer Friedman
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-09-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -86,14 +86,28 @@ dependencies:
|
|
|
86
86
|
requirements:
|
|
87
87
|
- - "~>"
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
|
-
version: 0.
|
|
89
|
+
version: '0.11'
|
|
90
90
|
type: :runtime
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
94
|
- - "~>"
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: 0.
|
|
96
|
+
version: '0.11'
|
|
97
|
+
- !ruby/object:Gem::Dependency
|
|
98
|
+
name: oauth2
|
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
|
100
|
+
requirements:
|
|
101
|
+
- - ">"
|
|
102
|
+
- !ruby/object:Gem::Version
|
|
103
|
+
version: 1.3.1
|
|
104
|
+
type: :runtime
|
|
105
|
+
prerelease: false
|
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
+
requirements:
|
|
108
|
+
- - ">"
|
|
109
|
+
- !ruby/object:Gem::Version
|
|
110
|
+
version: 1.3.1
|
|
97
111
|
- !ruby/object:Gem::Dependency
|
|
98
112
|
name: faraday_middleware
|
|
99
113
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -193,8 +207,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
193
207
|
- !ruby/object:Gem::Version
|
|
194
208
|
version: '0'
|
|
195
209
|
requirements: []
|
|
196
|
-
|
|
197
|
-
rubygems_version: 2.4.5.1
|
|
210
|
+
rubygems_version: 3.0.3.1
|
|
198
211
|
signing_key:
|
|
199
212
|
specification_version: 4
|
|
200
213
|
summary: Omniauth strategy for http://accounts.applicaster.com
|