strongmind-auth 1.1.0 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/concerns/jwt_utilities.rb +1 -1
- data/app/controllers/concerns/strong_mind_nav.rb +3 -2
- data/app/controllers/users/sessions_controller.rb +1 -0
- data/app/views/logins/index.html.erb +6 -2
- data/lib/generators/strongmind/install_generator.rb +0 -7
- data/lib/strongmind/auth/version.rb +1 -1
- data/lib/strongmind/common_nav_fetcher.rb +20 -8
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87786b4c0cd6fa8ae92cbf99acb4ed2c189dd0ada276d738448d494fb146949b
|
|
4
|
+
data.tar.gz: b2020de0c578fe1f1ce781a4086c58b11518efe1338d3b7cba3f7c1a990574d1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 43cd1f34fb2a6804fef474cc46a65550772e4cb33c9b019b98a66754773ea31228297943d0018d2e7bafebbf1ad51a3cbf003685d80e03df8f18664314143806
|
|
7
|
+
data.tar.gz: 4b2dc4014ef8fd40bdd1e75041169622c2609977cff7680d65c08ec60107089bfee1c8490bbfddb7a069bf6cbd90dfc4d7b1354094a30cf07f9dd8e5f03fc612
|
|
@@ -89,7 +89,7 @@ module JwtUtilities
|
|
|
89
89
|
def validate_tokens(tokens)
|
|
90
90
|
return unless tokens[:error] == 'invalid_grant' || !tokens[:refresh_token]
|
|
91
91
|
|
|
92
|
-
raise Strongmind::Exceptions::
|
|
92
|
+
raise Strongmind::Exceptions::RefreshTokenExpiredError, tokens[:error]
|
|
93
93
|
end
|
|
94
94
|
|
|
95
95
|
def generate_tokens(session_data)
|
|
@@ -11,12 +11,13 @@ module StrongMindNav
|
|
|
11
11
|
@top_navbar_html = navbar[:top_navbar_html]
|
|
12
12
|
@bottom_navbar_html = navbar[:bottom_navbar_html]
|
|
13
13
|
@theme_css = navbar[:theme_css]
|
|
14
|
-
rescue Strongmind::Exceptions::TokenNotFoundError, Strongmind::Exceptions::UserNotFoundError => e
|
|
14
|
+
rescue Strongmind::Exceptions::TokenNotFoundError, Strongmind::Exceptions::UserNotFoundError, Strongmind::Exceptions::RefreshTokenExpiredError => e
|
|
15
15
|
Sentry.capture_exception(e)
|
|
16
16
|
Rails.logger.error(e)
|
|
17
17
|
flash[:alert] = e.inspect if Rails.env.development? || Rails.env.test?
|
|
18
18
|
@stop_redirect = true if Rails.env.development? || Rails.env.test?
|
|
19
|
-
|
|
19
|
+
current_user.invalidate_all_sessions!
|
|
20
|
+
render 'logins/index' and return
|
|
20
21
|
rescue Exception => e
|
|
21
22
|
Sentry.capture_exception(e)
|
|
22
23
|
Rails.logger.error(e)
|
|
@@ -18,6 +18,7 @@ module Users
|
|
|
18
18
|
|
|
19
19
|
def endsession
|
|
20
20
|
headers = { 'Cache-Control' => 'no-store' }
|
|
21
|
+
Rails.logger.info("endsession called with params: #{params}")
|
|
21
22
|
if jwt_valid?(params[:logout_token], 'http://schemas.openid.net/event/backchannel-logout')
|
|
22
23
|
payload, _header = JWT.decode(params[:logout_token], nil, false)
|
|
23
24
|
user_identity = payload['sub']
|
|
@@ -17,11 +17,15 @@
|
|
|
17
17
|
<%= button_to 'Sign in with StrongMind', '/users/auth/strongmind', style: 'display:none' %>
|
|
18
18
|
<script type="text/javascript">
|
|
19
19
|
// Submit the form on load
|
|
20
|
-
|
|
20
|
+
function handleLoadEvent() {
|
|
21
21
|
<% unless @stop_redirect %>
|
|
22
22
|
document.forms[0].submit();
|
|
23
23
|
<% end %>
|
|
24
|
-
}
|
|
24
|
+
}
|
|
25
|
+
|
|
26
|
+
window.addEventListener("load", handleLoadEvent);
|
|
27
|
+
window.addEventListener("turbo:load", handleLoadEvent);
|
|
28
|
+
|
|
25
29
|
|
|
26
30
|
</script>
|
|
27
31
|
<div id="loading">
|
|
@@ -20,13 +20,6 @@ module Strongmind
|
|
|
20
20
|
before_action :authenticate_user!
|
|
21
21
|
before_action :fetch_common_nav
|
|
22
22
|
|
|
23
|
-
rescue_from Strongmind::Exceptions::RefreshTokenExpiredError do
|
|
24
|
-
current_user&.invalidate_all_sessions!
|
|
25
|
-
redirect_to \"#{ENV['IDENTITY_BASE_URL']}/connect/endsession\", headers: {
|
|
26
|
-
'Content-Type' => 'application/json'
|
|
27
|
-
}, allow_other_host: true
|
|
28
|
-
end
|
|
29
|
-
|
|
30
23
|
# Implement the list of menu items for the application
|
|
31
24
|
# def menu_items
|
|
32
25
|
# [
|
|
@@ -9,6 +9,10 @@ module Strongmind
|
|
|
9
9
|
|
|
10
10
|
include Rails.application.routes.url_helpers
|
|
11
11
|
|
|
12
|
+
class TokenNotFoundError < StandardError; end
|
|
13
|
+
|
|
14
|
+
class UserNotFoundError < StandardError; end
|
|
15
|
+
|
|
12
16
|
def initialize(user, request)
|
|
13
17
|
raise Strongmind::Exceptions::UserNotFoundError, 'User not found' unless user.present?
|
|
14
18
|
raise ArgumentError, 'Request not found' unless request.present?
|
|
@@ -35,7 +39,7 @@ module Strongmind
|
|
|
35
39
|
end
|
|
36
40
|
|
|
37
41
|
def fetch_navbar_data(nav_items)
|
|
38
|
-
refresh_session
|
|
42
|
+
refresh_session
|
|
39
43
|
|
|
40
44
|
connection.post(navbar_endpoint, nav_items.to_json, 'Authorization' => "Bearer #{token}")
|
|
41
45
|
end
|
|
@@ -60,13 +64,21 @@ module Strongmind
|
|
|
60
64
|
end
|
|
61
65
|
|
|
62
66
|
def refresh_session
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
67
|
+
session = Rails.cache.fetch(user.uid)
|
|
68
|
+
auth_client.refresh_session(session:)
|
|
69
|
+
Rails.cache.write(user.uid, session)
|
|
70
|
+
rescue PlatformSdk::Identity::ClientError => e
|
|
71
|
+
handle_refresh_error(e)
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def handle_refresh_error(error)
|
|
75
|
+
raise Strongmind::Exceptions::RefreshTokenExpiredError, error.response[:body]['error'] if invalid_grant_error?(error)
|
|
76
|
+
|
|
77
|
+
raise error
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
def invalid_grant_error?(error)
|
|
81
|
+
error.response[:body]['error'] == 'invalid_grant'
|
|
70
82
|
end
|
|
71
83
|
|
|
72
84
|
def navbar_endpoint
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: strongmind-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Team Belding
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-03-
|
|
11
|
+
date: 2024-03-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -86,14 +86,14 @@ dependencies:
|
|
|
86
86
|
requirements:
|
|
87
87
|
- - ">="
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
|
-
version:
|
|
89
|
+
version: 3.11.0
|
|
90
90
|
type: :runtime
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
94
|
- - ">="
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version:
|
|
96
|
+
version: 3.11.0
|
|
97
97
|
description: Ruby gem for StrongMind authentication in a strongmind app
|
|
98
98
|
email:
|
|
99
99
|
- teambelding@strongmind.com
|