omniauth-applicaster 1.8.0 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: d9bcca69fcde5b2efaf200357c1f787f5e36936ecc8027fdaff673b14fba079d
|
|
4
|
+
data.tar.gz: 722a0df2373c6c06b00383576550a7e977f5b33c8a454e913e3f09674e75dd85
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4339cf40df8f62781ab957c3cf92cd5692aeb2bdc5d0fd6401a856ebf656fd6b703ef11f8d175c2383c2f721cb7a01c1d71a858a5cf646b406487c99f020a5a1
|
|
7
|
+
data.tar.gz: 4a183580fc81efbd62fb8b70533a0f9e99aace2d6467d0f8d87dffb410b4c2118b3f933f3c83de354cfd82494acc58ea0f993fa236a328afd4551b2392ec4536
|
data/lib/applicaster/accounts.rb
CHANGED
|
@@ -20,7 +20,7 @@ module Applicaster
|
|
|
20
20
|
|
|
21
21
|
Faraday.new(conn_opts) do |conn|
|
|
22
22
|
if options[:token]
|
|
23
|
-
conn.request :oauth2, options[:token], token_type:
|
|
23
|
+
conn.request :oauth2, options[:token], token_type: "param"
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
conn.request :json
|
|
@@ -38,24 +38,30 @@ module Applicaster
|
|
|
38
38
|
|
|
39
39
|
|
|
40
40
|
conn.response :json, content_type: /\bjson$/
|
|
41
|
+
conn.response :raise_error
|
|
41
42
|
# conn.response :logger, Rails.logger
|
|
42
43
|
# conn.response :logger, Logger.new(STDOUT)
|
|
43
|
-
conn.response :raise_error
|
|
44
|
-
|
|
45
44
|
conn.adapter config.faraday_adapter
|
|
46
45
|
end
|
|
47
46
|
end
|
|
48
47
|
|
|
49
48
|
def user_from_token(token)
|
|
50
|
-
|
|
49
|
+
Rails.logger.info("Fetching user with token: #{token}")
|
|
50
|
+
user = Applicaster::Accounts::User.new(
|
|
51
51
|
connection(token: token)
|
|
52
52
|
.get("/api/v1/users/current.json")
|
|
53
53
|
.body
|
|
54
54
|
)
|
|
55
|
+
if user.nil?
|
|
56
|
+
Rails.logger.error("[Login Failed] - User fetch failed. Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
57
|
+
end
|
|
58
|
+
user
|
|
55
59
|
rescue Faraday::ClientError => e
|
|
56
60
|
if e.response && e.response[:status] == 401
|
|
61
|
+
Rails.logger.error("[Login Failed] - Unauthorized access attempt detected. Invalid token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Error: #{e.message}")
|
|
57
62
|
nil
|
|
58
63
|
else
|
|
64
|
+
Rails.logger.error("[Login Failed] - Error fetching user. Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Error: #{e.message}")
|
|
59
65
|
raise
|
|
60
66
|
end
|
|
61
67
|
end
|
|
@@ -66,13 +72,20 @@ module Applicaster
|
|
|
66
72
|
.get("/api/v1/users/#{id}.json")
|
|
67
73
|
.body
|
|
68
74
|
)
|
|
75
|
+
rescue Faraday::ResourceNotFound
|
|
76
|
+
Rails.logger.error("[Login Failed] - User not found. ID: #{id}, Token: #{token}, IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
77
|
+
nil
|
|
69
78
|
end
|
|
70
79
|
|
|
71
80
|
def accounts_from_token(token)
|
|
81
|
+
Rails.logger.info("Fetching accounts with token: #{token}")
|
|
72
82
|
connection(token: token)
|
|
73
83
|
.get("/api/v1/accounts.json")
|
|
74
84
|
.body
|
|
75
85
|
.map {|a| Account.new(a) }
|
|
86
|
+
rescue Faraday::ClientError => e
|
|
87
|
+
Rails.logger.error("Failed to fetch accounts. Token: #{token}, Error: #{e.message}")
|
|
88
|
+
raise
|
|
76
89
|
end
|
|
77
90
|
|
|
78
91
|
def config
|
|
@@ -90,12 +103,15 @@ module Applicaster
|
|
|
90
103
|
site: config.base_url,
|
|
91
104
|
authorize_url: "/oauth/authorize",
|
|
92
105
|
auth_scheme: :basic_auth,
|
|
93
|
-
|
|
106
|
+
)
|
|
94
107
|
end
|
|
95
108
|
end
|
|
96
109
|
|
|
97
110
|
def user_data_from_omniauth(omniauth_credentials)
|
|
98
111
|
access_token(omniauth_credentials).get("/api/v1/users/current.json").parsed
|
|
112
|
+
rescue Faraday::ClientError => e
|
|
113
|
+
Rails.logger.error("[Login Failed] - Failed to fetch user data from Omniauth. Error: #{e.message}")
|
|
114
|
+
raise
|
|
99
115
|
end
|
|
100
116
|
|
|
101
117
|
def accounts
|
|
@@ -103,8 +119,10 @@ module Applicaster
|
|
|
103
119
|
end
|
|
104
120
|
|
|
105
121
|
def find_user_by_id(id)
|
|
122
|
+
Rails.logger.info("Finding user by ID: #{id}")
|
|
106
123
|
self.class.user_by_id_and_token(id, client_credentials_token.token)
|
|
107
124
|
rescue Faraday::ResourceNotFound
|
|
125
|
+
Rails.logger.error("[Login Failed] - User not found by ID: #{id}")
|
|
108
126
|
nil
|
|
109
127
|
end
|
|
110
128
|
|
|
@@ -118,6 +136,9 @@ module Applicaster
|
|
|
118
136
|
@client_credentials_token ||= self.class.oauth_client
|
|
119
137
|
.client_credentials
|
|
120
138
|
.get_token
|
|
139
|
+
rescue OAuth2::Error => e
|
|
140
|
+
Rails.logger.error("[Login Failed] - Failed to get client credentials token. Error: #{e.message}")
|
|
141
|
+
raise
|
|
121
142
|
end
|
|
122
143
|
end
|
|
123
144
|
end
|
|
@@ -10,6 +10,7 @@ module Applicaster
|
|
|
10
10
|
|
|
11
11
|
def authenticate_user!
|
|
12
12
|
unless current_user
|
|
13
|
+
log_unauthorized_access
|
|
13
14
|
store_location!
|
|
14
15
|
redirect_to '/auth/applicaster'
|
|
15
16
|
end
|
|
@@ -25,10 +26,10 @@ module Applicaster
|
|
|
25
26
|
|
|
26
27
|
def store_location!
|
|
27
28
|
session[:path_before_login] = if request.get?
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
29
|
+
request.fullpath
|
|
30
|
+
else
|
|
31
|
+
request.referrer
|
|
32
|
+
end
|
|
32
33
|
end
|
|
33
34
|
|
|
34
35
|
def clear_omniauth_credentials
|
|
@@ -41,6 +42,31 @@ module Applicaster
|
|
|
41
42
|
Applicaster::Accounts.user_from_token(current_access_token).tap do |user|
|
|
42
43
|
clear_omniauth_credentials unless user
|
|
43
44
|
end
|
|
45
|
+
rescue Faraday::ClientError => e
|
|
46
|
+
log_failed_user_fetch(e)
|
|
47
|
+
nil
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def log_unauthorized_access
|
|
51
|
+
user_email = current_user&.email || "Unknown User"
|
|
52
|
+
user_ip = request.remote_ip
|
|
53
|
+
user_agent = request.user_agent
|
|
54
|
+
requested_path = request.fullpath
|
|
55
|
+
|
|
56
|
+
Rails.logger.error(
|
|
57
|
+
"[Unauthorized Access Attempt] - User: #{user_email}, IP: #{user_ip}, User Agent: #{user_agent}, Requested Path: #{requested_path}. Redirecting to '/auth/applicaster'."
|
|
58
|
+
)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def log_failed_user_fetch(exception)
|
|
62
|
+
user_email = current_user&.email || session[:omniauth_credentials]&.fetch(:email, "Unknown User")
|
|
63
|
+
user_ip = request.remote_ip
|
|
64
|
+
user_agent = request.user_agent
|
|
65
|
+
requested_path = request.fullpath
|
|
66
|
+
|
|
67
|
+
Rails.logger.error(
|
|
68
|
+
"[User Fetch Failed] - User: #{user_email}, IP: #{user_ip}, User Agent: #{user_agent}, Requested Path: #{requested_path}. Error: #{exception.message}",
|
|
69
|
+
)
|
|
44
70
|
end
|
|
45
71
|
end
|
|
46
72
|
end
|
|
@@ -1,25 +1,32 @@
|
|
|
1
1
|
module Applicaster
|
|
2
2
|
module SessionsControllerMixin
|
|
3
3
|
def new
|
|
4
|
+
Rails.logger.info("New session initiated. Redirecting to /auth/applicaster. IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
4
5
|
redirect_to "/auth/applicaster"
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def create
|
|
8
9
|
session[:omniauth_credentials] = omniauth_credentials
|
|
10
|
+
Rails.logger.info("Session created successfully for user. IP: #{request.remote_ip}, User Agent: #{request.user_agent}, Params: #{safe_user_params.inspect}")
|
|
9
11
|
|
|
10
12
|
redirect_to(session.delete(:path_before_login) || '/')
|
|
11
13
|
end
|
|
12
14
|
|
|
13
15
|
def destroy
|
|
14
|
-
|
|
16
|
+
user_email = current_user.email rescue "Unknown"
|
|
17
|
+
Rails.logger.info("Session destroyed for user: #{user_email}. IP: #{request.remote_ip}, User Agent: #{request.user_agent}")
|
|
15
18
|
|
|
16
|
-
|
|
19
|
+
reset_session
|
|
20
|
+
redirect_to config.base_url
|
|
17
21
|
end
|
|
18
22
|
|
|
19
23
|
def failure
|
|
20
|
-
Rails.logger.
|
|
21
|
-
message: "Omniauth error with strategy '#{params[:strategy]}': #{params[:message]}",
|
|
24
|
+
Rails.logger.error({
|
|
25
|
+
message: "[Login Failed] - Omniauth error with strategy '#{params[:strategy]}': #{params[:message]}",
|
|
22
26
|
origin: params[:origin],
|
|
27
|
+
IP: request.remote_ip,
|
|
28
|
+
UserAgent: request.user_agent,
|
|
29
|
+
Params: params[:origin],
|
|
23
30
|
})
|
|
24
31
|
flash[:notice] = "There was a problem logging in"
|
|
25
32
|
redirect_to "/"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-applicaster
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neer Friedman
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-09-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -207,8 +207,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
207
207
|
- !ruby/object:Gem::Version
|
|
208
208
|
version: '0'
|
|
209
209
|
requirements: []
|
|
210
|
-
|
|
211
|
-
rubygems_version: 2.5.2.1
|
|
210
|
+
rubygems_version: 3.0.3.1
|
|
212
211
|
signing_key:
|
|
213
212
|
specification_version: 4
|
|
214
213
|
summary: Omniauth strategy for http://accounts.applicaster.com
|