strongmind-auth 1.0.9 → 1.0.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/strong_mind_nav.rb +3 -0
- data/app/controllers/users/omniauth_callbacks_controller.rb +13 -1
- data/app/controllers/users/sessions_controller.rb +16 -0
- data/app/views/logins/index.html.erb +10 -1
- data/app/views/users/omniauth_callbacks/failure.html.erb +129 -0
- data/config/routes.rb +2 -1
- data/lib/strongmind/auth/version.rb +1 -1
- data/lib/strongmind/common_nav_fetcher.rb +4 -1
- metadata +5 -3
- /data/app/jobs/{rails → strongmind}/auth/application_job.rb +0 -0
- /data/app/mailers/{rails → strongmind}/auth/application_mailer.rb +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5744571fb4c34f46eab563a74d0f09ff0da1a5d88be521d785d42bf11537b354
|
|
4
|
+
data.tar.gz: '036694d87a468271a854342b34823357649def9b7ee12fbccbaa9e1384c90a70'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 56e34ffb177bf0949cf0d8e670dd407e8c554ad88138432054b9bd1439ca989b6d5a020a461c9dc9204b5ead7dd81ef852e89114b7ea2d534dca7c44e6e8d610
|
|
7
|
+
data.tar.gz: 144c638476dabe423587f743b175a49a0e3a325ac64db51af008aab7ef3282e37e0471e99ff7c9698721bd74852e50d246cc7bf75e5fa6f4e5d4a5fc111dbc28
|
|
@@ -12,6 +12,9 @@ module StrongMindNav
|
|
|
12
12
|
@theme_css = navbar[:theme_css]
|
|
13
13
|
rescue Strongmind::CommonNavFetcher::TokenNotFoundError, Strongmind::CommonNavFetcher::UserNotFoundError => e
|
|
14
14
|
Sentry.capture_exception(e)
|
|
15
|
+
Rails.logger.error(e)
|
|
16
|
+
flash[:alert] = e.inspect if Rails.env.development?
|
|
17
|
+
@stop_redirect = true if Rails.env.development?
|
|
15
18
|
render 'logins/index'
|
|
16
19
|
rescue Exception => e
|
|
17
20
|
Sentry.capture_exception(e)
|
|
@@ -22,7 +22,19 @@ module Users
|
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
def failure
|
|
25
|
-
|
|
25
|
+
client_errors = [
|
|
26
|
+
"#<AttrRequired::AttrMissing: 'identifier' required.>",
|
|
27
|
+
"#<Rack::OAuth2::Client::Error: invalid_client>",
|
|
28
|
+
]
|
|
29
|
+
if client_errors.include?(request.env['omniauth.error'].inspect)
|
|
30
|
+
render
|
|
31
|
+
else
|
|
32
|
+
redirect_to root_path
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
def passthru
|
|
37
|
+
redirect_to root_path
|
|
26
38
|
end
|
|
27
39
|
end
|
|
28
40
|
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Users
|
|
4
|
+
class SessionsController < Devise::SessionsController
|
|
5
|
+
skip_before_action :fetch_common_nav
|
|
6
|
+
|
|
7
|
+
def login
|
|
8
|
+
redirect_to user_strongmind_omniauth_authorize_url
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def new
|
|
12
|
+
redirect_to user_strongmind_omniauth_authorize_url
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
end
|
|
16
|
+
end
|
|
@@ -22,13 +22,22 @@
|
|
|
22
22
|
|
|
23
23
|
// Submit the form on load
|
|
24
24
|
window.addEventListener("load", (event) => {
|
|
25
|
+
<% if @stop_redirect %>
|
|
26
|
+
return;
|
|
27
|
+
<% end %>
|
|
25
28
|
submitForm();
|
|
26
29
|
});
|
|
27
30
|
|
|
28
31
|
</script>
|
|
29
32
|
<div id="loading">
|
|
33
|
+
<% flash.each do |type, message| %>
|
|
34
|
+
<div class="alert alert-<%= type %>"><%= message %></div>
|
|
35
|
+
<% end %>
|
|
36
|
+
<% flash.clear %>
|
|
30
37
|
<div class="sm-loader">
|
|
31
|
-
|
|
38
|
+
<% unless @stop_redirect %>
|
|
39
|
+
<img src="https://prod-backpack-ui.strongmind.com/assets/images/strongmind-loader.svg">
|
|
40
|
+
<% end %>
|
|
32
41
|
</div>
|
|
33
42
|
|
|
34
43
|
</div>
|
|
@@ -0,0 +1,129 @@
|
|
|
1
|
+
<%
|
|
2
|
+
require 'json'
|
|
3
|
+
|
|
4
|
+
if Rails.env.development?
|
|
5
|
+
app_name = Rails.application.class.name.split("::").first.underscore.dasherize
|
|
6
|
+
if app_name == "app"
|
|
7
|
+
%>
|
|
8
|
+
Please set the name of your application in the module line of config/application.rb and restart your server.
|
|
9
|
+
<%
|
|
10
|
+
else
|
|
11
|
+
%>
|
|
12
|
+
<script>
|
|
13
|
+
function toggleInstructions() {
|
|
14
|
+
if (document.getElementById('new_app_yes').checked) {
|
|
15
|
+
document.getElementById('new_app_instructions').style.display = 'block';
|
|
16
|
+
document.getElementById('existing_app_instructions').style.display = 'none';
|
|
17
|
+
} else {
|
|
18
|
+
document.getElementById('new_app_instructions').style.display = 'none';
|
|
19
|
+
document.getElementById('existing_app_instructions').style.display = 'block';
|
|
20
|
+
}
|
|
21
|
+
}
|
|
22
|
+
</script>
|
|
23
|
+
<div>
|
|
24
|
+
Your StrongMind Identity client does not appear to be configured correctly.
|
|
25
|
+
</div>
|
|
26
|
+
<div>
|
|
27
|
+
Is this a brand new app that needs to be setup in StrongMind Identity?
|
|
28
|
+
</div>
|
|
29
|
+
<div class="flex">
|
|
30
|
+
<input type="radio" name="new_app" value="yes" id="new_app_yes" onclick="toggleInstructions()">
|
|
31
|
+
<label for="new_app_yes" style="margin-left: 5px">Yes</label>
|
|
32
|
+
</div>
|
|
33
|
+
<div class="flex">
|
|
34
|
+
<input type="radio" name="new_app" value="no" id="new_app_no" onclick="toggleInstructions()">
|
|
35
|
+
<label for="new_app_no" style="margin-left: 5px">No</label>
|
|
36
|
+
</div>
|
|
37
|
+
|
|
38
|
+
<div id="existing_app_instructions" style="display: none; margin-top: 10px">
|
|
39
|
+
Grab the .env file from Bitwarden and place it in the root of your project. Restart your server.
|
|
40
|
+
</div>
|
|
41
|
+
<div id="new_app_instructions" style="display: none; margin-top: 10px">
|
|
42
|
+
<div>
|
|
43
|
+
Please follow these steps:
|
|
44
|
+
</div>
|
|
45
|
+
<%
|
|
46
|
+
local_app_url = "http://localhost:3000"
|
|
47
|
+
stage_app_url = "https://stage-#{app_name}.strongmind.com"
|
|
48
|
+
prod_app_url = "https://#{app_name}.strongmind.com"
|
|
49
|
+
local_redirect_url = "#{local_app_url}/users/auth/strongmind/callback"
|
|
50
|
+
stage_redirect_url = "#{stage_app_url}/users/auth/strongmind/callback"
|
|
51
|
+
prod_redirect_url = "#{prod_app_url}/users/auth/strongmind/callback"
|
|
52
|
+
stage_post_logout_redirect_url = "https://stage-#{app_name}.strongmind.com"
|
|
53
|
+
prod_post_logout_redirect_url = "https://#{app_name}.strongmind.com"
|
|
54
|
+
stage_backchannel_logout_url = "https://stage-#{app_name}.strongmind.com/users/endsession"
|
|
55
|
+
prod_backchannel_logout_url = "https://#{app_name}.strongmind.com/users/endsession"
|
|
56
|
+
|
|
57
|
+
stage_login_base_url = "https://devlogin.strongmind.com"
|
|
58
|
+
prod_login_base_url = "https://login.strongmind.com"
|
|
59
|
+
stage_secret = SecureRandom.hex(16)
|
|
60
|
+
prod_secret = SecureRandom.hex(16)
|
|
61
|
+
stage_url = "#{stage_login_base_url}/Clients/Create?"
|
|
62
|
+
stage_url += "ClientID=#{app_name}&"
|
|
63
|
+
stage_url += "RedirectURL=#{local_redirect_url}&"
|
|
64
|
+
stage_url += "RedirectURL=#{stage_redirect_url}&"
|
|
65
|
+
stage_url += "PostLogoutRedirectURL=#{stage_post_logout_redirect_url}&"
|
|
66
|
+
stage_url += "BackChannelLogoutUri=#{stage_backchannel_logout_url}&"
|
|
67
|
+
stage_url += "ClientSecret=#{stage_secret}"
|
|
68
|
+
|
|
69
|
+
prod_url = "#{prod_login_base_url}/Clients/Create?"
|
|
70
|
+
prod_url += "ClientID=#{app_name}&"
|
|
71
|
+
prod_url += "RedirectURL=#{prod_redirect_url}&"
|
|
72
|
+
prod_url += "PostLogoutRedirectURL=#{prod_post_logout_redirect_url}&"
|
|
73
|
+
prod_url += "BackChannelLogoutUri=#{prod_backchannel_logout_url}&"
|
|
74
|
+
prod_url += "ClientSecret=#{prod_secret}"
|
|
75
|
+
|
|
76
|
+
env_file_additions = "IDENTITY_CLIENT_ID=#{app_name}\nIDENTITY_CLIENT_SECRET=#{stage_secret}\n# Production\n#IDENTITY_CLIENT_SECRET=#{prod_secret}"
|
|
77
|
+
%>
|
|
78
|
+
|
|
79
|
+
<ol style="list-style: decimal">
|
|
80
|
+
<li>
|
|
81
|
+
<%= link_to "Create Client in Staging Identity Server", stage_url, { target: "_blank" } %>
|
|
82
|
+
</li>
|
|
83
|
+
<li>
|
|
84
|
+
<%= link_to "Create Client in Production Identity Server", prod_url, { target: "_blank" } %>
|
|
85
|
+
</li>
|
|
86
|
+
<li>
|
|
87
|
+
<div>
|
|
88
|
+
Set the following environment variables in your .env file:
|
|
89
|
+
</div>
|
|
90
|
+
<textarea style="width: 100%; height: 200px"><%= env_file_additions %></textarea>
|
|
91
|
+
<br/>
|
|
92
|
+
<button onclick="navigator.clipboard.writeText(document.querySelector('textarea').value)">
|
|
93
|
+
Copy to clipboard
|
|
94
|
+
</button>
|
|
95
|
+
<br/><br/>
|
|
96
|
+
</li>
|
|
97
|
+
<li>
|
|
98
|
+
Save the .env file into a new Bitwarden item called "<%= app_name %> .env"
|
|
99
|
+
</li>
|
|
100
|
+
<li>
|
|
101
|
+
Restart your server.
|
|
102
|
+
</li>
|
|
103
|
+
</ol>
|
|
104
|
+
</div>
|
|
105
|
+
<%
|
|
106
|
+
end
|
|
107
|
+
else %>
|
|
108
|
+
This application is not configured properly.
|
|
109
|
+
<br/>
|
|
110
|
+
Please contact your nearest engineer using a ticket.
|
|
111
|
+
<br/>
|
|
112
|
+
|
|
113
|
+
Provide them this information:
|
|
114
|
+
<%
|
|
115
|
+
info = {
|
|
116
|
+
url: request.url,
|
|
117
|
+
error: request.env['omniauth.error']
|
|
118
|
+
}
|
|
119
|
+
%>
|
|
120
|
+
<textarea style="width: 100%; height: 200px"><%= JSON.pretty_generate(info) %></textarea>
|
|
121
|
+
<!-- copy to clipboard -->
|
|
122
|
+
<button onclick="navigator.clipboard.writeText(document.querySelector('textarea').value)">
|
|
123
|
+
Copy to clipboard
|
|
124
|
+
</button>
|
|
125
|
+
|
|
126
|
+
<div>
|
|
127
|
+
<%= link_to "Back to Home", "/", data: { turbo: false } %>
|
|
128
|
+
</div>
|
|
129
|
+
<% end %>
|
data/config/routes.rb
CHANGED
|
@@ -3,7 +3,8 @@ Rails.application.routes.draw do
|
|
|
3
3
|
return if defined? Rails::Generators
|
|
4
4
|
|
|
5
5
|
devise_for :users, controllers: {
|
|
6
|
-
omniauth_callbacks:
|
|
6
|
+
omniauth_callbacks: 'users/omniauth_callbacks',
|
|
7
|
+
sessions: 'users/sessions'
|
|
7
8
|
}
|
|
8
9
|
|
|
9
10
|
devise_scope :user do
|
|
@@ -52,7 +52,10 @@ module Strongmind
|
|
|
52
52
|
|
|
53
53
|
def token
|
|
54
54
|
cache_data = Rails.cache.fetch(user.uid)
|
|
55
|
-
|
|
55
|
+
cache_missing_message = " - check your caching settings (switch to file or redis)" if Rails.env.development?
|
|
56
|
+
unless cache_data&.key?(:access_token)
|
|
57
|
+
raise TokenNotFoundError, "Token not found for user #{user.uid}#{cache_missing_message}"
|
|
58
|
+
end
|
|
56
59
|
|
|
57
60
|
cache_data[:access_token]
|
|
58
61
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: strongmind-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.11
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Team Belding
|
|
@@ -108,12 +108,14 @@ files:
|
|
|
108
108
|
- app/controllers/concerns/strong_mind_nav.rb
|
|
109
109
|
- app/controllers/logins_controller.rb
|
|
110
110
|
- app/controllers/users/omniauth_callbacks_controller.rb
|
|
111
|
+
- app/controllers/users/sessions_controller.rb
|
|
111
112
|
- app/helpers/strongmind/auth/application_helper.rb
|
|
112
|
-
- app/jobs/
|
|
113
|
-
- app/mailers/
|
|
113
|
+
- app/jobs/strongmind/auth/application_job.rb
|
|
114
|
+
- app/mailers/strongmind/auth/application_mailer.rb
|
|
114
115
|
- app/models/user_base.rb
|
|
115
116
|
- app/views/layouts/_loading_navbar.html.erb
|
|
116
117
|
- app/views/logins/index.html.erb
|
|
118
|
+
- app/views/users/omniauth_callbacks/failure.html.erb
|
|
117
119
|
- config/initializers/devise.rb
|
|
118
120
|
- config/routes.rb
|
|
119
121
|
- lib/generators/strongmind/USAGE
|
|
File without changes
|
|
File without changes
|