strongmind-auth 1.1.0 → 1.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/jwt_utilities.rb +1 -1
- data/app/controllers/concerns/strong_mind_nav.rb +3 -2
- data/app/controllers/users/sessions_controller.rb +1 -0
- data/app/views/logins/index.html.erb +6 -2
- data/lib/generators/strongmind/install_generator.rb +0 -7
- data/lib/strongmind/auth/version.rb +1 -1
- data/lib/strongmind/common_nav_fetcher.rb +20 -8
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 87786b4c0cd6fa8ae92cbf99acb4ed2c189dd0ada276d738448d494fb146949b
|
4
|
+
data.tar.gz: b2020de0c578fe1f1ce781a4086c58b11518efe1338d3b7cba3f7c1a990574d1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 43cd1f34fb2a6804fef474cc46a65550772e4cb33c9b019b98a66754773ea31228297943d0018d2e7bafebbf1ad51a3cbf003685d80e03df8f18664314143806
|
7
|
+
data.tar.gz: 4b2dc4014ef8fd40bdd1e75041169622c2609977cff7680d65c08ec60107089bfee1c8490bbfddb7a069bf6cbd90dfc4d7b1354094a30cf07f9dd8e5f03fc612
|
@@ -89,7 +89,7 @@ module JwtUtilities
|
|
89
89
|
def validate_tokens(tokens)
|
90
90
|
return unless tokens[:error] == 'invalid_grant' || !tokens[:refresh_token]
|
91
91
|
|
92
|
-
raise Strongmind::Exceptions::
|
92
|
+
raise Strongmind::Exceptions::RefreshTokenExpiredError, tokens[:error]
|
93
93
|
end
|
94
94
|
|
95
95
|
def generate_tokens(session_data)
|
@@ -11,12 +11,13 @@ module StrongMindNav
|
|
11
11
|
@top_navbar_html = navbar[:top_navbar_html]
|
12
12
|
@bottom_navbar_html = navbar[:bottom_navbar_html]
|
13
13
|
@theme_css = navbar[:theme_css]
|
14
|
-
rescue Strongmind::Exceptions::TokenNotFoundError, Strongmind::Exceptions::UserNotFoundError => e
|
14
|
+
rescue Strongmind::Exceptions::TokenNotFoundError, Strongmind::Exceptions::UserNotFoundError, Strongmind::Exceptions::RefreshTokenExpiredError => e
|
15
15
|
Sentry.capture_exception(e)
|
16
16
|
Rails.logger.error(e)
|
17
17
|
flash[:alert] = e.inspect if Rails.env.development? || Rails.env.test?
|
18
18
|
@stop_redirect = true if Rails.env.development? || Rails.env.test?
|
19
|
-
|
19
|
+
current_user.invalidate_all_sessions!
|
20
|
+
render 'logins/index' and return
|
20
21
|
rescue Exception => e
|
21
22
|
Sentry.capture_exception(e)
|
22
23
|
Rails.logger.error(e)
|
@@ -18,6 +18,7 @@ module Users
|
|
18
18
|
|
19
19
|
def endsession
|
20
20
|
headers = { 'Cache-Control' => 'no-store' }
|
21
|
+
Rails.logger.info("endsession called with params: #{params}")
|
21
22
|
if jwt_valid?(params[:logout_token], 'http://schemas.openid.net/event/backchannel-logout')
|
22
23
|
payload, _header = JWT.decode(params[:logout_token], nil, false)
|
23
24
|
user_identity = payload['sub']
|
@@ -17,11 +17,15 @@
|
|
17
17
|
<%= button_to 'Sign in with StrongMind', '/users/auth/strongmind', style: 'display:none' %>
|
18
18
|
<script type="text/javascript">
|
19
19
|
// Submit the form on load
|
20
|
-
|
20
|
+
function handleLoadEvent() {
|
21
21
|
<% unless @stop_redirect %>
|
22
22
|
document.forms[0].submit();
|
23
23
|
<% end %>
|
24
|
-
}
|
24
|
+
}
|
25
|
+
|
26
|
+
window.addEventListener("load", handleLoadEvent);
|
27
|
+
window.addEventListener("turbo:load", handleLoadEvent);
|
28
|
+
|
25
29
|
|
26
30
|
</script>
|
27
31
|
<div id="loading">
|
@@ -20,13 +20,6 @@ module Strongmind
|
|
20
20
|
before_action :authenticate_user!
|
21
21
|
before_action :fetch_common_nav
|
22
22
|
|
23
|
-
rescue_from Strongmind::Exceptions::RefreshTokenExpiredError do
|
24
|
-
current_user&.invalidate_all_sessions!
|
25
|
-
redirect_to \"#{ENV['IDENTITY_BASE_URL']}/connect/endsession\", headers: {
|
26
|
-
'Content-Type' => 'application/json'
|
27
|
-
}, allow_other_host: true
|
28
|
-
end
|
29
|
-
|
30
23
|
# Implement the list of menu items for the application
|
31
24
|
# def menu_items
|
32
25
|
# [
|
@@ -9,6 +9,10 @@ module Strongmind
|
|
9
9
|
|
10
10
|
include Rails.application.routes.url_helpers
|
11
11
|
|
12
|
+
class TokenNotFoundError < StandardError; end
|
13
|
+
|
14
|
+
class UserNotFoundError < StandardError; end
|
15
|
+
|
12
16
|
def initialize(user, request)
|
13
17
|
raise Strongmind::Exceptions::UserNotFoundError, 'User not found' unless user.present?
|
14
18
|
raise ArgumentError, 'Request not found' unless request.present?
|
@@ -35,7 +39,7 @@ module Strongmind
|
|
35
39
|
end
|
36
40
|
|
37
41
|
def fetch_navbar_data(nav_items)
|
38
|
-
refresh_session
|
42
|
+
refresh_session
|
39
43
|
|
40
44
|
connection.post(navbar_endpoint, nav_items.to_json, 'Authorization' => "Bearer #{token}")
|
41
45
|
end
|
@@ -60,13 +64,21 @@ module Strongmind
|
|
60
64
|
end
|
61
65
|
|
62
66
|
def refresh_session
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
67
|
+
session = Rails.cache.fetch(user.uid)
|
68
|
+
auth_client.refresh_session(session:)
|
69
|
+
Rails.cache.write(user.uid, session)
|
70
|
+
rescue PlatformSdk::Identity::ClientError => e
|
71
|
+
handle_refresh_error(e)
|
72
|
+
end
|
73
|
+
|
74
|
+
def handle_refresh_error(error)
|
75
|
+
raise Strongmind::Exceptions::RefreshTokenExpiredError, error.response[:body]['error'] if invalid_grant_error?(error)
|
76
|
+
|
77
|
+
raise error
|
78
|
+
end
|
79
|
+
|
80
|
+
def invalid_grant_error?(error)
|
81
|
+
error.response[:body]['error'] == 'invalid_grant'
|
70
82
|
end
|
71
83
|
|
72
84
|
def navbar_endpoint
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: strongmind-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Team Belding
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-03-
|
11
|
+
date: 2024-03-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -86,14 +86,14 @@ dependencies:
|
|
86
86
|
requirements:
|
87
87
|
- - ">="
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
89
|
+
version: 3.11.0
|
90
90
|
type: :runtime
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - ">="
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version:
|
96
|
+
version: 3.11.0
|
97
97
|
description: Ruby gem for StrongMind authentication in a strongmind app
|
98
98
|
email:
|
99
99
|
- teambelding@strongmind.com
|