omniauth-applicaster 1.8.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 3d313cff55489987764247019e5d52d6a2008991
-  data.tar.gz: 7a878add84b178e96614aaef15edc9f5b0ce4118
+SHA256:
+  metadata.gz: 2082b22a6f4f98d7ffabb53f47c992f357d551fa689692172d4b3c27600c810a
+  data.tar.gz: 46d156b5ede9274f2725a136d2af9658ae1f82d28f737415d0bd273f2a73b886
 SHA512:
-  metadata.gz: bba346e9ac54426324abbed47b6240a891151278ff9702674f73adbc1305d2287b52210304a7246ece0ba0a2b89aa717b69b1f0b7a5da2aa18b8187ec45a5f4b
-  data.tar.gz: fcad4d23bde6ae0010cdd497fe27b443c532a34e96402002841233ba1303750a8ff46d9675d3996409933fcc22d2bbb8af5eb64365dab89171728ced0955e97b
+  metadata.gz: 3b113f436fa3a9474913cf36d757fff9ab04695c4038e91ada024a22c6549f86b454129ac6ab4b5c8a8761f6d83a4362b54b114bddc50807796f47066e057697
+  data.tar.gz: 47260b3abf6278bdaa91bed92b1259c7f85c31fd1dbbe6ff24d197c52c83f02fee6769485e1570919cc1feda4116bcb3c2eba9c341f54b205c1e8a6fc8185760

data/README.md

@@ -23,6 +23,7 @@ See [Omniauth](https://github.com/intridea/omniauth) for setting up omniauth.
 Applicaster::Accounts.configure do |config|
   config.client_id = "my-service-uid"
   config.client_secret = "my-service-secret"
+  config.request_proc = -> { Thread.current[:request] }
 
   if Rails.env.development?
     # Use local accounts service with Pow when in development
@@ -49,6 +50,12 @@ projects.
 ```ruby
 class ApplicationController < ActionController::Base
   include Applicaster::AuthHelpers
+
+  before_action :set_request_in_thread
+
+  def set_request_in_thread
+    Thread.current[:request] = request
+  end
 end
 ```
 

data/lib/applicaster/accounts/configuration.rb

@@ -25,6 +25,8 @@ module Applicaster
 
       attribute :faraday_adapter, nil, default: :excon
 
+      # Add the request_proc attribute
+      attribute :request_proc, Proc, default: proc { nil }
 
       def default_base_url
         ENV["ACCOUNTS_BASE_URL"] || "https://accounts.applicaster.com/"

data/lib/applicaster/accounts.rb

@@ -20,7 +20,7 @@ module Applicaster
 
         Faraday.new(conn_opts) do |conn|
           if options[:token]
-            conn.request :oauth2, options[:token], token_type: 'param'
+            conn.request :oauth2, options[:token], token_type: "param"
           end
 
           conn.request :json
@@ -38,24 +38,41 @@ module Applicaster
 
 
           conn.response :json, content_type: /\bjson$/
+          conn.response :raise_error
           # conn.response :logger, Rails.logger
           # conn.response :logger, Logger.new(STDOUT)
-          conn.response :raise_error
-
           conn.adapter config.faraday_adapter
         end
       end
 
+      def current_request
+        config.request_proc.call if config.request_proc
+      end
+
+      def log_with_request_context(message)
+        request = current_request
+        log_message = "#{message}, IP: #{request&.remote_ip}, User Agent: #{request&.user_agent}"
+
+        Rails.logger.error(log_message)
+      end
+
       def user_from_token(token)
-        Applicaster::Accounts::User.new(
+        Rails.logger.info("Fetching user with token: #{token}")
+        user = Applicaster::Accounts::User.new(
           connection(token: token)
             .get("/api/v1/users/current.json")
             .body
         )
+        if user.nil?
+          Rails.logger.error("[Login Failed] - User fetch failed. Token: #{token}")
+        end
+        user
       rescue Faraday::ClientError => e
         if e.response && e.response[:status] == 401
+          log_with_request_context("[Login Failed] - Unauthorized access attempt detected. Invalid token: #{token}, Error: #{e.message}")
           nil
         else
+          log_with_request_context("[Login Failed] - Error fetching user. Token: #{token}, Error: #{e.message}")
           raise
         end
       end
@@ -66,13 +83,20 @@ module Applicaster
             .get("/api/v1/users/#{id}.json")
             .body
         )
+      rescue Faraday::ResourceNotFound
+        log_with_request_context("[Login Failed] - User not found. ID: #{id}, Token: #{token}")
+        nil
       end
 
       def accounts_from_token(token)
+        Rails.logger.info("Fetching accounts with token: #{token}")
         connection(token: token)
           .get("/api/v1/accounts.json")
           .body
           .map {|a| Account.new(a) }
+      rescue Faraday::ClientError => e
+        Rails.logger.error("Failed to fetch accounts. Token: #{token}, Error: #{e.message}")
+        raise
       end
 
       def config
@@ -90,12 +114,15 @@ module Applicaster
           site: config.base_url,
           authorize_url: "/oauth/authorize",
           auth_scheme: :basic_auth,
-        )
+          )
       end
     end
 
     def user_data_from_omniauth(omniauth_credentials)
       access_token(omniauth_credentials).get("/api/v1/users/current.json").parsed
+    rescue Faraday::ClientError => e
+      log_with_request_context("[Login Failed] - Failed to fetch user data from Omniauth. Error: #{e.message}")
+      raise
     end
 
     def accounts
@@ -103,8 +130,10 @@ module Applicaster
     end
 
     def find_user_by_id(id)
+      Rails.logger.info("Finding user by ID: #{id}")
       self.class.user_by_id_and_token(id, client_credentials_token.token)
     rescue Faraday::ResourceNotFound
+      Rails.logger.error("[Login Failed] - User not found by ID: #{id}")
       nil
     end
 
@@ -118,6 +147,9 @@ module Applicaster
       @client_credentials_token ||= self.class.oauth_client
         .client_credentials
         .get_token
+    rescue OAuth2::Error => e
+      log_with_request_context("[Login Failed] - Failed to get client credentials token. Error: #{e.message}")
+      raise
     end
   end
 end

data/lib/applicaster/auth_helpers.rb

@@ -10,6 +10,7 @@ module Applicaster
 
     def authenticate_user!
       unless current_user
+        log_unauthorized_access
         store_location!
         redirect_to '/auth/applicaster'
       end
@@ -25,10 +26,10 @@ module Applicaster
 
     def store_location!
       session[:path_before_login] = if request.get?
-                                      request.fullpath
-                                    else
-                                      request.referrer
-                                    end
+        request.fullpath
+      else
+        request.referrer
+      end
     end
 
     def clear_omniauth_credentials
@@ -41,6 +42,31 @@ module Applicaster
       Applicaster::Accounts.user_from_token(current_access_token).tap do |user|
         clear_omniauth_credentials unless user
       end
+    rescue Faraday::ClientError => e
+      log_failed_user_fetch(e)
+      nil
+    end
+
+    def log_unauthorized_access
+      user_email = current_user&.email || "Unknown User"
+      user_ip = request.remote_ip
+      user_agent = request.user_agent
+      requested_path = request.fullpath
+
+      Rails.logger.error(
+        "[Unauthorized Access Attempt] - User: #{user_email}, IP: #{user_ip}, User Agent: #{user_agent}, Requested Path: #{requested_path}. Redirecting to '/auth/applicaster'."
+      )
+    end
+
+    def log_failed_user_fetch(exception)
+      user_email = current_user&.email || session[:omniauth_credentials]&.fetch(:email, "Unknown User")
+      user_ip = request.remote_ip
+      user_agent = request.user_agent
+      requested_path = request.fullpath
+
+      Rails.logger.error(
+        "[User Fetch Failed] - User: #{user_email}, IP: #{user_ip}, User Agent: #{user_agent}, Requested Path: #{requested_path}. Error: #{exception.message}",
+      )
     end
   end
 end

data/lib/applicaster/sessions_controller_mixin.rb

@@ -1,25 +1,31 @@
 module Applicaster
   module SessionsControllerMixin
     def new
+      Rails.logger.info("New session initiated. Redirecting to /auth/applicaster. IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
       redirect_to "/auth/applicaster"
     end
 
     def create
       session[:omniauth_credentials] = omniauth_credentials
+      Rails.logger.info("Session created successfully for user. IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Params: #{params[:origin].inspect}")
 
       redirect_to(session.delete(:path_before_login) || '/')
     end
 
     def destroy
-      reset_session
+      user_email = current_user.email rescue "Unknown"
+      Rails.logger.info("Session destroyed for user: #{user_email}. IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
 
+      reset_session
       redirect_to "/"
     end
 
     def failure
-      Rails.logger.warn({
-        message: "Omniauth error with strategy '#{params[:strategy]}': #{params[:message]}",
-        origin: params[:origin],
+      Rails.logger.error({
+        message: "[Login Failed] - Omniauth error with strategy '#{params[:strategy]}': #{params[:message]}",
+        IP: request.remote_ip,
+        UserAgent: request.user_agent,
+        Params: params[:origin],
       })
       flash[:notice] = "There was a problem logging in"
       redirect_to "/"

data/lib/omniauth-applicaster/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module Applicaster
-    VERSION = "1.8.0"
+    VERSION = "2.0.0"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-applicaster
 version: !ruby/object:Gem::Version
-  version: 1.8.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Neer Friedman
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-24 00:00:00.000000000 Z
+date: 2024-09-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -207,8 +207,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.2.1
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Omniauth strategy for http://accounts.applicaster.com