RubyGems - standard_id - Versions diffs - 0.22.0 → 0.23.0 - Mend

standard_id 0.22.0 → 0.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/app/controllers/standard_id/api/oauth/callback/providers_controller.rb +17 -1
data/app/controllers/standard_id/api/oauth/tokens_controller.rb +26 -0
data/lib/generators/standard_id/install/templates/standard_id.rb +5 -0
data/lib/standard_id/config/schema.rb +9 -0
data/lib/standard_id/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7caed55f6e5f6f70b01a7e79dabdc5ad9ddd646535f8c10bbde93158c65e32d9
-  data.tar.gz: 7ca5e3b573b3718e722eb047f14eefffab20263ee374d23f706f278878bcc640
+  metadata.gz: ed15fb7068e789bc80676ae7d191b1b154c79adeedc60a58aa55c3c5e5e1c29f
+  data.tar.gz: 95cce0258343786169a8afcda56c91534e96f684b74f2764b7c8a66d838c4aab
 SHA512:
-  metadata.gz: c68adc74ec092631a1af808cc61ea1d2d8adeb72dbaa70588cd4069edd71b94d57e6ed33f5a9fc5ca4104def616b779e9bbe44f3c9b61e9a861ebdee1eadc946
-  data.tar.gz: 6f10a9a4916737e870798e38c96c53e7767fcf9c4e538bd5c0ca0ee43d21843ec3dff838ee384d1acb6d68336655165fc43cf970e3e8a4e65e5e75cba32fd51f
+  metadata.gz: 41efa2cbf81c06d2bbc8747b68bb8f1f76a13684eda0512710d4bdc756132cfd1765c7b2d1580d938e326eb3ad19e04e6b627cc86d27f27bb1c718803864cadb
+  data.tar.gz: 07c359414b5800fd8151e5915bef1c51044cca4285c796c16c43e05c9593f903c8071c6da257d826cb3273d678c35faed27700807442f67e16ee1cc2cf3bcd28

data/app/controllers/standard_id/api/oauth/callback/providers_controller.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module StandardId
         ].freeze
         def callback
-          provider_response = get_user_info_from_provider(flow: resolve_flow_for(provider.provider_name))
+          provider_response = fetch_provider_user_info
           social_info = provider_response[:user_info]
           provider_tokens = provider_response[:tokens]
           account = find_or_create_account_from_social(social_info)
@@ -45,6 +45,22 @@ module StandardId
         private
+        # Mirror of the web callback's OAuthError handling: emit
+        # SOCIAL_AUTH_FAILED for infrastructure-level provider failures
+        # (HTTP/DNS/SSL/timeouts surfaced as OAuthError by provider
+        # implementations) so host apps can observe provider outages on the
+        # API flow too. Scoped to the provider call — OAuthError subclasses
+        # raised later in the flow (SocialLinkError, InvalidRequestError,
+        # ...) are policy/client errors, not infrastructure failures, and
+        # must not emit. The error re-raises into the standard
+        # handle_oauth_error JSON response.
+        def fetch_provider_user_info
+          get_user_info_from_provider(flow: resolve_flow_for(provider.provider_name))
+        rescue StandardId::OAuthError => e
+          emit_social_auth_failed(e)
+          raise
+        end
         def resolve_flow_for(connection)
           return :mobile unless connection == "apple"

data/app/controllers/standard_id/api/oauth/tokens_controller.rb CHANGED Viewed

@@ -21,6 +21,7 @@ module StandardId
         }.freeze
         before_action :extract_client_credentials_from_basic_auth
+        before_action :enforce_per_audience_rate_limit, only: :create
         def create
           response_data = flow_strategy_class.new(flow_strategy_params, request).execute
@@ -29,6 +30,31 @@ module StandardId
         private
+        # Per-audience tightening on top of the global api_token_per_ip
+        # ceiling (rate_limits.api_token_per_audience_per_ip). Hand-rolled
+        # rather than the Rails rate_limit DSL on purpose: the DSL counts
+        # every request that reaches the action — a `by:` block returning nil
+        # does NOT exempt a request, it collapses into a shared bucket keyed
+        # without the discriminator (["rate-limit", scope, name, nil].compact),
+        # so one audience's rule would throttle every other audience's
+        # traffic. Here only requests that target a configured audience
+        # increment that audience's per-IP counter.
+        def enforce_per_audience_rate_limit
+          limits = StandardId.config.rate_limits.api_token_per_audience_per_ip
+          return if limits.blank?
+          Array(params[:audience]).each do |audience|
+            next unless audience.is_a?(String)
+            cap = limits[audience] || limits[audience.to_sym]
+            next if cap.blank?
+            cache_key = "rate-limit:#{self.class.controller_path}:api_token_per_audience:#{audience}:#{request.remote_ip}"
+            count = StandardId::RateLimitHandling::RATE_LIMIT_STORE.increment(cache_key, 1, expires_in: 15.minutes)
+            raise ActionController::TooManyRequests if count && count > cap.to_i
+          end
+        end
         # Support HTTP Basic authentication for client credentials (RFC 6749 Section 2.3.1)
         def extract_client_credentials_from_basic_auth
           auth_header = request.headers["Authorization"]

data/lib/generators/standard_id/install/templates/standard_id.rb CHANGED Viewed

@@ -368,6 +368,11 @@ StandardId.configure do |c|
   # c.rate_limits.api_passwordless_start_per_target = 5  # per 15 minutes
   # c.rate_limits.api_token_per_ip               = 30  # per 15 minutes
+  # Optional per-audience tightening on top of api_token_per_ip. Only token
+  # requests targeting a configured audience count toward its cap (per IP,
+  # per 15 minutes); unlisted audiences are governed by the global ceiling.
+  # c.rate_limits.api_token_per_audience_per_ip  = { "mobile_app" => 10 }
   # ---------------------------------------------------------------------------
   # Observability
   # ---------------------------------------------------------------------------

data/lib/standard_id/config/schema.rb CHANGED Viewed

@@ -328,6 +328,15 @@ StandardId::ConfigSchema.define do
     field :api_passwordless_start_per_target, type: :integer, default: 5 # per 15 minutes
     field :api_token_per_ip, type: :integer, default: 30                 # per 15 minutes
+    # Optional per-audience tightening on top of the api_token_per_ip
+    # ceiling. A Hash of audience => max token requests per IP per 15
+    # minutes, e.g. `{ "mobile_app" => 10, "partner_api" => 30 }`. Only
+    # requests targeting a configured audience count toward that audience's
+    # limit; audiences without an entry are governed solely by the global
+    # api_token_per_ip ceiling. A request must pass both its audience cap
+    # and the global cap.
+    field :api_token_per_audience_per_ip, type: :hash, default: -> { {} }
     # Dynamic client registration (RFC 7591) — throttle the open registration
     # endpoint by IP so an enabled deployment can't be flooded with client rows.
     field :dynamic_registration_per_ip, type: :integer, default: 10      # per hour

data/lib/standard_id/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module StandardId
-  VERSION = "0.22.0"
+  VERSION = "0.23.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: standard_id
 version: !ruby/object:Gem::Version
-  version: 0.22.0
+  version: 0.23.0
 platform: ruby
 authors:
 - Jaryl Sim