prx_auth-rails 1.2.0 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (75) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +4 -0
  3. data/README.md +25 -6
  4. data/Rakefile +12 -4
  5. data/app/controllers/prx_auth/rails/sessions_controller.rb +108 -0
  6. data/app/views/prx_auth/rails/sessions/auth_error.html.erb +15 -0
  7. data/app/views/prx_auth/rails/sessions/show.html.erb +38 -0
  8. data/config/routes.rb +7 -0
  9. data/lib/prx_auth/rails.rb +1 -0
  10. data/lib/prx_auth/rails/configuration.rb +15 -4
  11. data/lib/prx_auth/rails/engine.rb +5 -0
  12. data/lib/prx_auth/rails/ext/controller.rb +29 -4
  13. data/lib/prx_auth/rails/token.rb +5 -1
  14. data/lib/prx_auth/rails/version.rb +1 -1
  15. data/prx_auth-rails.gemspec +3 -1
  16. data/test/dummy/Rakefile +6 -0
  17. data/test/dummy/app/assets/config/manifest.js +2 -0
  18. data/test/dummy/app/assets/images/.keep +0 -0
  19. data/test/dummy/app/assets/stylesheets/application.css +15 -0
  20. data/test/dummy/app/channels/application_cable/channel.rb +4 -0
  21. data/test/dummy/app/channels/application_cable/connection.rb +4 -0
  22. data/test/dummy/app/controllers/application_controller.rb +8 -0
  23. data/test/dummy/app/controllers/concerns/.keep +0 -0
  24. data/test/dummy/app/helpers/application_helper.rb +2 -0
  25. data/test/dummy/app/javascript/packs/application.js +15 -0
  26. data/test/dummy/app/jobs/application_job.rb +7 -0
  27. data/test/dummy/app/mailers/application_mailer.rb +4 -0
  28. data/test/dummy/app/models/application_record.rb +3 -0
  29. data/test/dummy/app/models/concerns/.keep +0 -0
  30. data/test/dummy/app/views/layouts/application.html.erb +15 -0
  31. data/test/dummy/app/views/layouts/mailer.html.erb +13 -0
  32. data/test/dummy/app/views/layouts/mailer.text.erb +1 -0
  33. data/test/dummy/bin/rails +5 -0
  34. data/test/dummy/bin/rake +5 -0
  35. data/test/dummy/bin/setup +33 -0
  36. data/test/dummy/bin/spring +10 -0
  37. data/test/dummy/config.ru +6 -0
  38. data/test/dummy/config/application.rb +22 -0
  39. data/test/dummy/config/boot.rb +5 -0
  40. data/test/dummy/config/cable.yml +10 -0
  41. data/test/dummy/config/database.yml +25 -0
  42. data/test/dummy/config/environment.rb +5 -0
  43. data/test/dummy/config/environments/development.rb +76 -0
  44. data/test/dummy/config/environments/production.rb +120 -0
  45. data/test/dummy/config/environments/test.rb +60 -0
  46. data/test/dummy/config/initializers/application_controller_renderer.rb +8 -0
  47. data/test/dummy/config/initializers/assets.rb +12 -0
  48. data/test/dummy/config/initializers/backtrace_silencers.rb +8 -0
  49. data/test/dummy/config/initializers/content_security_policy.rb +28 -0
  50. data/test/dummy/config/initializers/cookies_serializer.rb +5 -0
  51. data/test/dummy/config/initializers/filter_parameter_logging.rb +6 -0
  52. data/test/dummy/config/initializers/inflections.rb +16 -0
  53. data/test/dummy/config/initializers/mime_types.rb +4 -0
  54. data/test/dummy/config/initializers/permissions_policy.rb +11 -0
  55. data/test/dummy/config/initializers/prx_auth.rb +8 -0
  56. data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
  57. data/test/dummy/config/locales/en.yml +33 -0
  58. data/test/dummy/config/puma.rb +43 -0
  59. data/test/dummy/config/routes.rb +3 -0
  60. data/test/dummy/config/spring.rb +6 -0
  61. data/test/dummy/config/storage.yml +34 -0
  62. data/test/dummy/lib/assets/.keep +0 -0
  63. data/test/dummy/log/.keep +0 -0
  64. data/test/dummy/public/404.html +67 -0
  65. data/test/dummy/public/422.html +67 -0
  66. data/test/dummy/public/500.html +66 -0
  67. data/test/dummy/public/apple-touch-icon-precomposed.png +0 -0
  68. data/test/dummy/public/apple-touch-icon.png +0 -0
  69. data/test/dummy/public/favicon.ico +0 -0
  70. data/test/dummy/storage/.keep +0 -0
  71. data/test/prx_auth/rails/configuration_test.rb +18 -12
  72. data/test/prx_auth/rails/sessions_controller_test.rb +94 -0
  73. data/test/prx_auth/rails/token_test.rb +1 -1
  74. data/test/test_helper.rb +20 -9
  75. metadata +153 -7
@@ -0,0 +1,8 @@
1
+ class ApplicationController < ActionController::Base
2
+
3
+ before_action :authenticate!
4
+
5
+ def after_sign_in_path_for(_resource)
6
+ '/after-sign-in-path'
7
+ end
8
+ end
@@ -0,0 +1,2 @@
1
+ module ApplicationHelper
2
+ end
@@ -0,0 +1,15 @@
1
+ // This is a manifest file that'll be compiled into application.js, which will include all the files
2
+ // listed below.
3
+ //
4
+ // Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
5
+ // or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
6
+ //
7
+ // It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
8
+ // compiled file. JavaScript code in this file should be added after the last require_* statement.
9
+ //
10
+ // Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
11
+ // about supported directives.
12
+ //
13
+ //= require rails-ujs
14
+ //= require activestorage
15
+ //= require_tree .
@@ -0,0 +1,7 @@
1
+ class ApplicationJob < ActiveJob::Base
2
+ # Automatically retry jobs that encountered a deadlock
3
+ # retry_on ActiveRecord::Deadlocked
4
+
5
+ # Most jobs are safe to ignore if the underlying records are no longer available
6
+ # discard_on ActiveJob::DeserializationError
7
+ end
@@ -0,0 +1,4 @@
1
+ class ApplicationMailer < ActionMailer::Base
2
+ default from: 'from@example.com'
3
+ layout 'mailer'
4
+ end
@@ -0,0 +1,3 @@
1
+ class ApplicationRecord < ActiveRecord::Base
2
+ self.abstract_class = true
3
+ end
File without changes
@@ -0,0 +1,15 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <title>Dummy</title>
5
+ <meta name="viewport" content="width=device-width,initial-scale=1">
6
+ <%= csrf_meta_tags %>
7
+ <%= csp_meta_tag %>
8
+
9
+ <%= stylesheet_link_tag 'application', media: 'all' %>
10
+ </head>
11
+
12
+ <body>
13
+ <%= yield %>
14
+ </body>
15
+ </html>
@@ -0,0 +1,13 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5
+ <style>
6
+ /* Email styles need to be inline */
7
+ </style>
8
+ </head>
9
+
10
+ <body>
11
+ <%= yield %>
12
+ </body>
13
+ </html>
@@ -0,0 +1 @@
1
+ <%= yield %>
@@ -0,0 +1,5 @@
1
+ #!/usr/bin/env ruby
2
+ load File.expand_path("spring", __dir__)
3
+ APP_PATH = File.expand_path('../config/application', __dir__)
4
+ require_relative "../config/boot"
5
+ require "rails/commands"
@@ -0,0 +1,5 @@
1
+ #!/usr/bin/env ruby
2
+ load File.expand_path("spring", __dir__)
3
+ require_relative "../config/boot"
4
+ require "rake"
5
+ Rake.application.run
@@ -0,0 +1,33 @@
1
+ #!/usr/bin/env ruby
2
+ require "fileutils"
3
+
4
+ # path to your application root.
5
+ APP_ROOT = File.expand_path('..', __dir__)
6
+
7
+ def system!(*args)
8
+ system(*args) || abort("\n== Command #{args} failed ==")
9
+ end
10
+
11
+ FileUtils.chdir APP_ROOT do
12
+ # This script is a way to set up or update your development environment automatically.
13
+ # This script is idempotent, so that you can run it at any time and get an expectable outcome.
14
+ # Add necessary setup steps to this file.
15
+
16
+ puts '== Installing dependencies =='
17
+ system! 'gem install bundler --conservative'
18
+ system('bundle check') || system!('bundle install')
19
+
20
+ # puts "\n== Copying sample files =="
21
+ # unless File.exist?('config/database.yml')
22
+ # FileUtils.cp 'config/database.yml.sample', 'config/database.yml'
23
+ # end
24
+
25
+ puts "\n== Preparing database =="
26
+ system! 'bin/rails db:prepare'
27
+
28
+ puts "\n== Removing old logs and tempfiles =="
29
+ system! 'bin/rails log:clear tmp:clear'
30
+
31
+ puts "\n== Restarting application server =="
32
+ system! 'bin/rails restart'
33
+ end
@@ -0,0 +1,10 @@
1
+ #!/usr/bin/env ruby
2
+ if !defined?(Spring) && [nil, "development", "test"].include?(ENV["RAILS_ENV"])
3
+ # Load Spring without loading other gems in the Gemfile, for speed.
4
+ require "bundler"
5
+ Bundler.locked_gems.specs.find { |spec| spec.name == "spring" }&.tap do |spring|
6
+ Gem.use_paths Gem.dir, Bundler.bundle_path.to_s, *Gem.path
7
+ gem "spring", spring.version
8
+ require "spring/binstub"
9
+ end
10
+ end
@@ -0,0 +1,6 @@
1
+ # This file is used by Rack-based servers to start the application.
2
+
3
+ require_relative "config/environment"
4
+
5
+ run Rails.application
6
+ Rails.application.load_server
@@ -0,0 +1,22 @@
1
+ require_relative "boot"
2
+
3
+ require "rails/all"
4
+
5
+ # Require the gems listed in Gemfile, including any gems
6
+ # you've limited to :test, :development, or :production.
7
+ Bundler.require(*Rails.groups)
8
+ require "prx_auth/rails"
9
+
10
+ module Dummy
11
+ class Application < Rails::Application
12
+ config.load_defaults Rails::VERSION::STRING.to_f
13
+
14
+ # Configuration for the application, engines, and railties goes here.
15
+ #
16
+ # These settings can be overridden in specific environments using the files
17
+ # in config/environments, which are processed later.
18
+ #
19
+ # config.time_zone = "Central Time (US & Canada)"
20
+ # config.eager_load_paths << Rails.root.join("extras")
21
+ end
22
+ end
@@ -0,0 +1,5 @@
1
+ # Set up gems listed in the Gemfile.
2
+ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../Gemfile', __dir__)
3
+
4
+ require "bundler/setup" if File.exist?(ENV["BUNDLE_GEMFILE"])
5
+ $LOAD_PATH.unshift File.expand_path('../../../lib', __dir__)
@@ -0,0 +1,10 @@
1
+ development:
2
+ adapter: async
3
+
4
+ test:
5
+ adapter: test
6
+
7
+ production:
8
+ adapter: redis
9
+ url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
10
+ channel_prefix: dummy_production
@@ -0,0 +1,25 @@
1
+ # SQLite. Versions 3.8.0 and up are supported.
2
+ # gem install sqlite3
3
+ #
4
+ # Ensure the SQLite 3 gem is defined in your Gemfile
5
+ # gem 'sqlite3'
6
+ #
7
+ default: &default
8
+ adapter: sqlite3
9
+ pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
10
+ timeout: 5000
11
+
12
+ development:
13
+ <<: *default
14
+ database: db/development.sqlite3
15
+
16
+ # Warning: The database defined as "test" will be erased and
17
+ # re-generated from your development database when you run "rake".
18
+ # Do not set this db to the same as development or production.
19
+ test:
20
+ <<: *default
21
+ database: db/test.sqlite3
22
+
23
+ production:
24
+ <<: *default
25
+ database: db/production.sqlite3
@@ -0,0 +1,5 @@
1
+ # Load the Rails application.
2
+ require_relative "application"
3
+
4
+ # Initialize the Rails application.
5
+ Rails.application.initialize!
@@ -0,0 +1,76 @@
1
+ require "active_support/core_ext/integer/time"
2
+
3
+ Rails.application.configure do
4
+ # Settings specified here will take precedence over those in config/application.rb.
5
+
6
+ # In the development environment your application's code is reloaded any time
7
+ # it changes. This slows down response time but is perfect for development
8
+ # since you don't have to restart the web server when you make code changes.
9
+ config.cache_classes = false
10
+
11
+ # Do not eager load code on boot.
12
+ config.eager_load = false
13
+
14
+ # Show full error reports.
15
+ config.consider_all_requests_local = true
16
+
17
+ # Enable/disable caching. By default caching is disabled.
18
+ # Run rails dev:cache to toggle caching.
19
+ if Rails.root.join('tmp', 'caching-dev.txt').exist?
20
+ config.action_controller.perform_caching = true
21
+ config.action_controller.enable_fragment_cache_logging = true
22
+
23
+ config.cache_store = :memory_store
24
+ config.public_file_server.headers = {
25
+ 'Cache-Control' => "public, max-age=#{2.days.to_i}"
26
+ }
27
+ else
28
+ config.action_controller.perform_caching = false
29
+
30
+ config.cache_store = :null_store
31
+ end
32
+
33
+ # Store uploaded files on the local file system (see config/storage.yml for options).
34
+ config.active_storage.service = :local
35
+
36
+ # Don't care if the mailer can't send.
37
+ config.action_mailer.raise_delivery_errors = false
38
+
39
+ config.action_mailer.perform_caching = false
40
+
41
+ # Print deprecation notices to the Rails logger.
42
+ config.active_support.deprecation = :log
43
+
44
+ # Raise exceptions for disallowed deprecations.
45
+ config.active_support.disallowed_deprecation = :raise
46
+
47
+ # Tell Active Support which deprecation messages to disallow.
48
+ config.active_support.disallowed_deprecation_warnings = []
49
+
50
+ # Raise an error on page load if there are pending migrations.
51
+ config.active_record.migration_error = :page_load
52
+
53
+ # Highlight code that triggered database queries in logs.
54
+ config.active_record.verbose_query_logs = true
55
+
56
+ # Debug mode disables concatenation and preprocessing of assets.
57
+ # This option may cause significant delays in view rendering with a large
58
+ # number of complex assets.
59
+ config.assets.debug = true
60
+
61
+ # Suppress logger output for asset requests.
62
+ config.assets.quiet = true
63
+
64
+ # Raises error for missing translations.
65
+ # config.i18n.raise_on_missing_translations = true
66
+
67
+ # Annotate rendered view with file names.
68
+ # config.action_view.annotate_rendered_view_with_filenames = true
69
+
70
+ # Use an evented file watcher to asynchronously detect changes in source code,
71
+ # routes, locales, etc. This feature depends on the listen gem.
72
+ # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
73
+
74
+ # Uncomment if you wish to allow Action Cable access from any origin.
75
+ # config.action_cable.disable_request_forgery_protection = true
76
+ end
@@ -0,0 +1,120 @@
1
+ require "active_support/core_ext/integer/time"
2
+
3
+ Rails.application.configure do
4
+ # Settings specified here will take precedence over those in config/application.rb.
5
+
6
+ # Code is not reloaded between requests.
7
+ config.cache_classes = true
8
+
9
+ # Eager load code on boot. This eager loads most of Rails and
10
+ # your application in memory, allowing both threaded web servers
11
+ # and those relying on copy on write to perform better.
12
+ # Rake tasks automatically ignore this option for performance.
13
+ config.eager_load = true
14
+
15
+ # Full error reports are disabled and caching is turned on.
16
+ config.consider_all_requests_local = false
17
+ config.action_controller.perform_caching = true
18
+
19
+ # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
20
+ # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
21
+ # config.require_master_key = true
22
+
23
+ # Disable serving static files from the `/public` folder by default since
24
+ # Apache or NGINX already handles this.
25
+ config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
26
+
27
+ # Compress CSS using a preprocessor.
28
+ # config.assets.css_compressor = :sass
29
+
30
+ # Do not fallback to assets pipeline if a precompiled asset is missed.
31
+ config.assets.compile = false
32
+
33
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
34
+ # config.asset_host = 'http://assets.example.com'
35
+
36
+ # Specifies the header that your server uses for sending files.
37
+ # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
38
+ # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
39
+
40
+ # Store uploaded files on the local file system (see config/storage.yml for options).
41
+ config.active_storage.service = :local
42
+
43
+ # Mount Action Cable outside main process or domain.
44
+ # config.action_cable.mount_path = nil
45
+ # config.action_cable.url = 'wss://example.com/cable'
46
+ # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
47
+
48
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
49
+ # config.force_ssl = true
50
+
51
+ # Include generic and useful information about system operation, but avoid logging too much
52
+ # information to avoid inadvertent exposure of personally identifiable information (PII).
53
+ config.log_level = :info
54
+
55
+ # Prepend all log lines with the following tags.
56
+ config.log_tags = [ :request_id ]
57
+
58
+ # Use a different cache store in production.
59
+ # config.cache_store = :mem_cache_store
60
+
61
+ # Use a real queuing backend for Active Job (and separate queues per environment).
62
+ # config.active_job.queue_adapter = :resque
63
+ # config.active_job.queue_name_prefix = "dummy_production"
64
+
65
+ config.action_mailer.perform_caching = false
66
+
67
+ # Ignore bad email addresses and do not raise email delivery errors.
68
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
69
+ # config.action_mailer.raise_delivery_errors = false
70
+
71
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
72
+ # the I18n.default_locale when a translation cannot be found).
73
+ config.i18n.fallbacks = true
74
+
75
+ # Send deprecation notices to registered listeners.
76
+ config.active_support.deprecation = :notify
77
+
78
+ # Log disallowed deprecations.
79
+ config.active_support.disallowed_deprecation = :log
80
+
81
+ # Tell Active Support which deprecation messages to disallow.
82
+ config.active_support.disallowed_deprecation_warnings = []
83
+
84
+ # Use default logging formatter so that PID and timestamp are not suppressed.
85
+ config.log_formatter = ::Logger::Formatter.new
86
+
87
+ # Use a different logger for distributed setups.
88
+ # require "syslog/logger"
89
+ # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
90
+
91
+ if ENV["RAILS_LOG_TO_STDOUT"].present?
92
+ logger = ActiveSupport::Logger.new(STDOUT)
93
+ logger.formatter = config.log_formatter
94
+ config.logger = ActiveSupport::TaggedLogging.new(logger)
95
+ end
96
+
97
+ # Do not dump schema after migrations.
98
+ config.active_record.dump_schema_after_migration = false
99
+
100
+ # Inserts middleware to perform automatic connection switching.
101
+ # The `database_selector` hash is used to pass options to the DatabaseSelector
102
+ # middleware. The `delay` is used to determine how long to wait after a write
103
+ # to send a subsequent read to the primary.
104
+ #
105
+ # The `database_resolver` class is used by the middleware to determine which
106
+ # database is appropriate to use based on the time delay.
107
+ #
108
+ # The `database_resolver_context` class is used by the middleware to set
109
+ # timestamps for the last write to the primary. The resolver uses the context
110
+ # class timestamps to determine how long to wait before reading from the
111
+ # replica.
112
+ #
113
+ # By default Rails will store a last write timestamp in the session. The
114
+ # DatabaseSelector middleware is designed as such you can define your own
115
+ # strategy for connection switching and pass that into the middleware through
116
+ # these configuration options.
117
+ # config.active_record.database_selector = { delay: 2.seconds }
118
+ # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver
119
+ # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session
120
+ end
@@ -0,0 +1,60 @@
1
+ require "active_support/core_ext/integer/time"
2
+
3
+ # The test environment is used exclusively to run your application's
4
+ # test suite. You never need to work with it otherwise. Remember that
5
+ # your test database is "scratch space" for the test suite and is wiped
6
+ # and recreated between test runs. Don't rely on the data there!
7
+
8
+ Rails.application.configure do
9
+ # Settings specified here will take precedence over those in config/application.rb.
10
+
11
+ config.cache_classes = false
12
+ config.action_view.cache_template_loading = true
13
+
14
+ # Do not eager load code on boot. This avoids loading your whole application
15
+ # just for the purpose of running a single test. If you are using a tool that
16
+ # preloads Rails for running tests, you may have to set it to true.
17
+ config.eager_load = false
18
+
19
+ # Configure public file server for tests with Cache-Control for performance.
20
+ config.public_file_server.enabled = true
21
+ config.public_file_server.headers = {
22
+ 'Cache-Control' => "public, max-age=#{1.hour.to_i}"
23
+ }
24
+
25
+ # Show full error reports and disable caching.
26
+ config.consider_all_requests_local = true
27
+ config.action_controller.perform_caching = false
28
+ config.cache_store = :null_store
29
+
30
+ # Raise exceptions instead of rendering exception templates.
31
+ config.action_dispatch.show_exceptions = false
32
+
33
+ # Disable request forgery protection in test environment.
34
+ config.action_controller.allow_forgery_protection = false
35
+
36
+ # Store uploaded files on the local file system in a temporary directory.
37
+ config.active_storage.service = :test
38
+
39
+ config.action_mailer.perform_caching = false
40
+
41
+ # Tell Action Mailer not to deliver emails to the real world.
42
+ # The :test delivery method accumulates sent emails in the
43
+ # ActionMailer::Base.deliveries array.
44
+ config.action_mailer.delivery_method = :test
45
+
46
+ # Print deprecation notices to the stderr.
47
+ config.active_support.deprecation = :stderr
48
+
49
+ # Raise exceptions for disallowed deprecations.
50
+ config.active_support.disallowed_deprecation = :raise
51
+
52
+ # Tell Active Support which deprecation messages to disallow.
53
+ config.active_support.disallowed_deprecation_warnings = []
54
+
55
+ # Raises error for missing translations.
56
+ # config.i18n.raise_on_missing_translations = true
57
+
58
+ # Annotate rendered view with file names.
59
+ # config.action_view.annotate_rendered_view_with_filenames = true
60
+ end