strongmind-auth 1.1.73 → 1.1.76
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/jwt_utilities.rb +18 -26
- data/app/controllers/concerns/strong_mind_nav.rb +1 -1
- data/app/controllers/users/omniauth_callbacks_controller.rb +1 -1
- data/app/controllers/users/sessions_controller.rb +1 -5
- data/app/models/user_base.rb +2 -3
- data/lib/strongmind/auth/version.rb +1 -1
- data/lib/strongmind/common_nav_fetcher.rb +6 -14
- data/lib/strongmind/exceptions.rb +0 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 97c1b7fb5d1dc054c740f5531923c060625e4af1f7d85188db7b3ff3b479ea01
|
4
|
+
data.tar.gz: 7ba5c4d51d0f449e4c78b34cb2f997134f14b7bc64d354cf077460cf31fb0c01
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3948cba9f91d973154152d3bd0d9ce92ccb83bd9a2b9724102a76d46cb6f2b481408f6855d416c778ba041576b946a99ea1761d4ed8fcead5318c71dae403bec
|
7
|
+
data.tar.gz: 19e8e94d1fa603bc207bda0a72337441633380808d4bd972a2c7ef039c0c734d15b2f9dd84e3dd6939355166502e6abdbf0aa75319917ffe3315e9b277d6943e
|
@@ -70,38 +70,30 @@ module JwtUtilities
|
|
70
70
|
|
71
71
|
def user_jwt(session_data)
|
72
72
|
tokens = current_user.nil? ? nil : Rails.cache.read(current_user&.uid)
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
73
|
+
auth_client = PlatformSdk::Identity::AuthClient.new(
|
74
|
+
ENV['IDENTITY_BASE_URL'],
|
75
|
+
ENV['IDENTITY_CLIENT_ID'],
|
76
|
+
ENV['IDENTITY_CLIENT_SECRET'])
|
77
|
+
begin
|
78
|
+
if tokens.nil?
|
79
|
+
tokens = auth_client.refresh_token(session_data[:refresh_token])
|
80
|
+
else
|
81
|
+
auth_client.refresh_session(session: tokens)
|
82
82
|
end
|
83
|
+
Rails.cache.write(current_user.uid, tokens)
|
84
|
+
tokens
|
85
|
+
rescue PlatformSdk::Identity::ClientError => e
|
86
|
+
handle_refresh_error(e)
|
83
87
|
end
|
84
|
-
session_data[:refresh_token] = tokens[:refresh_token]
|
85
|
-
|
86
|
-
tokens
|
87
88
|
end
|
88
89
|
|
89
|
-
def
|
90
|
-
|
90
|
+
def handle_refresh_error(error)
|
91
|
+
raise Strongmind::Exceptions::RefreshTokenExpiredError, error.response[:body]['error'] if invalid_grant_error?(error)
|
91
92
|
|
92
|
-
raise
|
93
|
+
raise error
|
93
94
|
end
|
94
95
|
|
95
|
-
def
|
96
|
-
|
97
|
-
identity_client_id = ENV['IDENTITY_CLIENT_ID']
|
98
|
-
response = Faraday.post("#{identity_base_url}/connect/token", {
|
99
|
-
client_id: identity_client_id,
|
100
|
-
client_secret: ENV['IDENTITY_CLIENT_SECRET'],
|
101
|
-
grant_type: 'refresh_token',
|
102
|
-
refresh_token: session_data[:refresh_token]
|
103
|
-
})
|
104
|
-
|
105
|
-
JSON.parse(response.body, symbolize_names: true)
|
96
|
+
def invalid_grant_error?(error)
|
97
|
+
error.response[:body]['error'] == 'invalid_grant'
|
106
98
|
end
|
107
99
|
end
|
@@ -11,7 +11,7 @@ module StrongMindNav
|
|
11
11
|
@top_navbar_html = navbar[:top_navbar_html]
|
12
12
|
@bottom_navbar_html = navbar[:bottom_navbar_html]
|
13
13
|
@theme_css = navbar[:theme_css]
|
14
|
-
rescue Strongmind::Exceptions::
|
14
|
+
rescue Strongmind::Exceptions::TokenNotFoundError, Strongmind::Exceptions::UserNotFoundError, Strongmind::Exceptions::RefreshTokenExpiredError => e
|
15
15
|
Sentry.capture_exception(e)
|
16
16
|
Rails.logger.error(e)
|
17
17
|
flash[:alert] = e.inspect if Rails.env.development? || Rails.env.test?
|
@@ -12,7 +12,7 @@ module Users
|
|
12
12
|
|
13
13
|
render plain: "You do not have permission to access this application.", status: :unauthorized and return if @user.nil?
|
14
14
|
|
15
|
-
session[:refresh_token] =
|
15
|
+
session[:refresh_token] = auth.credentials['refresh_token']
|
16
16
|
flash.delete(:notice)
|
17
17
|
|
18
18
|
if @user.persisted?
|
@@ -34,13 +34,9 @@ module Users
|
|
34
34
|
user_token_info = fetch_user_token_info
|
35
35
|
|
36
36
|
id_token_hint = user_token_info[:id_token]
|
37
|
-
token = user_token_info[:access_token]
|
38
37
|
current_user&.invalidate_all_sessions!
|
39
38
|
identity_base_url = ENV['IDENTITY_BASE_URL']
|
40
|
-
redirect_to "#{identity_base_url}/connect/endsession?id_token_hint=#{id_token_hint}",
|
41
|
-
'Content-Type' => 'application/json',
|
42
|
-
'Authorization' => "Bearer #{token}"
|
43
|
-
}, allow_other_host: true
|
39
|
+
redirect_to "#{identity_base_url}/connect/endsession?id_token_hint=#{id_token_hint}", allow_other_host: true
|
44
40
|
end
|
45
41
|
|
46
42
|
end
|
data/app/models/user_base.rb
CHANGED
@@ -12,9 +12,8 @@ class UserBase < ApplicationRecord
|
|
12
12
|
{
|
13
13
|
id_token: auth.credentials.id_token,
|
14
14
|
access_token: auth.credentials.token,
|
15
|
-
refresh_token: auth.credentials.refresh_token
|
16
|
-
}
|
17
|
-
expires_in: auth.credentials.expires_in.seconds - 10.minutes
|
15
|
+
refresh_token: auth.credentials.refresh_token,
|
16
|
+
}
|
18
17
|
)
|
19
18
|
end
|
20
19
|
|
@@ -48,8 +48,8 @@ module Strongmind
|
|
48
48
|
end
|
49
49
|
|
50
50
|
def fetch_navbar_data(nav_items)
|
51
|
-
refresh_session
|
52
|
-
access_token =
|
51
|
+
session = refresh_session
|
52
|
+
access_token = session[:access_token]
|
53
53
|
|
54
54
|
connection.post(navbar_endpoint, nav_items.to_json, 'Authorization' => "Bearer #{access_token}")
|
55
55
|
end
|
@@ -63,24 +63,16 @@ module Strongmind
|
|
63
63
|
end
|
64
64
|
end
|
65
65
|
|
66
|
-
def token
|
67
|
-
cache_data = Rails.cache.fetch(user.uid)
|
68
|
-
cache_missing_message = " - check your caching settings (switch to file or redis)" if Rails.env.development?
|
69
|
-
unless cache_data&.key?(:access_token)
|
70
|
-
raise Strongmind::Exceptions::TokenNotFoundError, "Token not found for user #{user.uid}#{cache_missing_message}"
|
71
|
-
end
|
72
|
-
|
73
|
-
cache_data[:access_token]
|
74
|
-
end
|
75
|
-
|
76
66
|
def refresh_session
|
77
67
|
session = Rails.cache.fetch(user.uid)
|
68
|
+
cache_missing_message = " - check your caching settings (switch to file or redis)" if Rails.env.development?
|
78
69
|
unless session&.key?(:access_token)
|
79
|
-
raise Strongmind::Exceptions::
|
70
|
+
raise Strongmind::Exceptions::TokenNotFoundError, "Token not found for user #{user.uid}#{cache_missing_message}"
|
80
71
|
end
|
81
72
|
|
82
73
|
auth_client.refresh_session(session:)
|
83
|
-
Rails.cache.write(user.uid, session
|
74
|
+
Rails.cache.write(user.uid, session)
|
75
|
+
session
|
84
76
|
rescue PlatformSdk::Identity::ClientError => e
|
85
77
|
handle_refresh_error(e)
|
86
78
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: strongmind-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.76
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Team Belding
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-04-
|
11
|
+
date: 2024-04-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|