verikloak-rails 0.2.5 → 0.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +22 -0
- data/README.md +7 -6
- data/lib/generators/verikloak/install/install_generator.rb +1 -1
- data/lib/generators/verikloak/install/templates/initializer.rb.erb +4 -1
- data/lib/verikloak/rails/railtie.rb +52 -6
- data/lib/verikloak/rails/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d96aa5ed90bc1dbc922ec263fecbccdb8dd122e51accced8776a969211e4f549
|
|
4
|
+
data.tar.gz: d7cc87f1b7cf857fbc707962860a596f35efa32f167c76e1bf50362090f6d5b6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 518cf212cede738ce3e392a93f413b654ba138d4768afbe20811274129f93139aef1afbe5c24cbf3309cf7d99c978cf9a4ff6d8443b01cc7dae543da97f04c7c
|
|
7
|
+
data.tar.gz: 412639b3aa790ffae71cf53dc427e213ba5b9ae426270cbc6af3e1e0ce26c028abc98db14b0bce58153601f10a7b86c566b4ffdbfd7dcd954175008a6d146025
|
data/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,28 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
---
|
|
9
9
|
|
|
10
|
+
## [0.2.7] - 2025-09-23
|
|
11
|
+
|
|
12
|
+
### Fixed
|
|
13
|
+
- Handle `RuntimeError` exceptions from `ActionDispatch::MiddlewareStack#insert_after` in Rails 8+
|
|
14
|
+
- Add `inserted` flag to prevent duplicate middleware insertion when fallback is used
|
|
15
|
+
- Enhance error handling to gracefully handle all middleware insertion failures
|
|
16
|
+
|
|
17
|
+
### Changed
|
|
18
|
+
- Update middleware insertion candidates logic for better Rails version compatibility
|
|
19
|
+
- Rails 8+ now raises `RuntimeError` instead of the deprecated `ActionDispatch::MiddlewareStack::MiddlewareNotFound`
|
|
20
|
+
- Broaden exception handling to catch `StandardError` for robustness across Rails versions
|
|
21
|
+
- Improve logging and debugging information for middleware insertion failures
|
|
22
|
+
|
|
23
|
+
## [0.2.6] - 2025-09-23
|
|
24
|
+
|
|
25
|
+
### Fixed
|
|
26
|
+
- Leave `config.verikloak.rescue_pundit` commented in the installer initializer so `verikloak-pundit` can automatically disable the built-in rescue.
|
|
27
|
+
|
|
28
|
+
### Documentation
|
|
29
|
+
- Align README compatibility with the current `verikloak` dependency range.
|
|
30
|
+
- Clarify how the Pundit rescue interacts with the optional `verikloak-pundit` gem and adjust examples accordingly.
|
|
31
|
+
|
|
10
32
|
## [0.2.5] - 2025-09-23
|
|
11
33
|
|
|
12
34
|
### Added
|
data/README.md
CHANGED
|
@@ -21,7 +21,7 @@ Provide drop-in, token-based authentication for Rails APIs via Verikloak (OIDC d
|
|
|
21
21
|
## Compatibility
|
|
22
22
|
- Ruby: >= 3.1
|
|
23
23
|
- Rails: 6.1 – 8.x
|
|
24
|
-
- verikloak: >= 0.
|
|
24
|
+
- verikloak: >= 0.2.0, < 1.0.0
|
|
25
25
|
|
|
26
26
|
## Quick Start
|
|
27
27
|
```bash
|
|
@@ -114,7 +114,7 @@ Keys under `config.verikloak`:
|
|
|
114
114
|
| `error_renderer` | Object responding to `render(controller, error)` | Override error rendering | built-in JSON renderer |
|
|
115
115
|
| `auto_include_controller` | Boolean | Auto-include controller concern | `true` |
|
|
116
116
|
| `render_500_json` | Boolean | Rescue `StandardError`, log the exception, and render JSON 500 | `false` |
|
|
117
|
-
| `rescue_pundit` | Boolean | Rescue `Pundit::NotAuthorizedError` to 403 JSON when Pundit is present
|
|
117
|
+
| `rescue_pundit` | Boolean | Rescue `Pundit::NotAuthorizedError` to 403 JSON when Pundit is present<br/>(auto-disabled when `verikloak-pundit` is loaded and the initializer leaves it unset) | `true` |
|
|
118
118
|
| `middleware_insert_before` | Object/String/Symbol | Insert `Verikloak::Middleware` before this Rack middleware | `nil` |
|
|
119
119
|
| `middleware_insert_after` | Object/String/Symbol | Insert `Verikloak::Middleware` after this Rack middleware (`Rails::Rack::Logger` when `nil`) | `nil` |
|
|
120
120
|
| `auto_insert_bff_header_guard` | Boolean | Auto insert `Verikloak::Bff::HeaderGuard` when the gem is present | `true` |
|
|
@@ -157,8 +157,9 @@ Rails.application.configure do
|
|
|
157
157
|
config.verikloak.logger_tags = %i[request_id sub]
|
|
158
158
|
config.verikloak.render_500_json = ENV.fetch('VERIKLOAK_RENDER_500', 'false') == 'true'
|
|
159
159
|
|
|
160
|
-
# Optional Pundit rescue (403 JSON)
|
|
161
|
-
|
|
160
|
+
# Optional Pundit rescue (403 JSON). Leave commented if you use
|
|
161
|
+
# verikloak-pundit so it can disable the built-in handler automatically.
|
|
162
|
+
# config.verikloak.rescue_pundit = ENV.fetch('VERIKLOAK_RESCUE_PUNDIT', 'true') == 'true'
|
|
162
163
|
end
|
|
163
164
|
```
|
|
164
165
|
|
|
@@ -232,10 +233,10 @@ end
|
|
|
232
233
|
## Optional Pundit Rescue
|
|
233
234
|
If the `pundit` gem is present, `Pundit::NotAuthorizedError` is rescued to a standardized 403 JSON. This is a lightweight convenience only; deeper Pundit integration (policies, helpers) is out of scope and can live in a separate plugin.
|
|
234
235
|
|
|
235
|
-
When the optional [`verikloak-pundit`](https://github.com/taiyaky/verikloak-pundit) gem is loaded, the built-in rescue is automatically disabled to avoid double-handling errors
|
|
236
|
+
When the optional [`verikloak-pundit`](https://github.com/taiyaky/verikloak-pundit) gem is loaded, the built-in rescue is automatically disabled to avoid double-handling errors—as long as the initializer leaves `config.verikloak.rescue_pundit` unset. Uncomment the initializer line (or set the value elsewhere) if you prefer different behavior.
|
|
236
237
|
|
|
237
238
|
### Toggle
|
|
238
|
-
Toggle with `config.verikloak.rescue_pundit` (default: true
|
|
239
|
+
Toggle with `config.verikloak.rescue_pundit` (default: true; leave unset to allow `verikloak-pundit` to disable it). Environment example:
|
|
239
240
|
|
|
240
241
|
```ruby
|
|
241
242
|
# config/initializers/verikloak.rb
|
|
@@ -26,7 +26,7 @@ module Verikloak
|
|
|
26
26
|
✅ verikloak: initializer created.
|
|
27
27
|
|
|
28
28
|
Next steps:
|
|
29
|
-
1) Ensure the base gem is installed: gem 'verikloak', '>= 0.
|
|
29
|
+
1) Ensure the base gem is installed: gem 'verikloak', '>= 0.2.0', '< 1.0.0'
|
|
30
30
|
2) Set discovery_url / audience in config/initializers/verikloak.rb
|
|
31
31
|
3) (Optional) If you disable auto-include, add this line to ApplicationController:
|
|
32
32
|
include Verikloak::Rails::Controller
|
|
@@ -10,5 +10,8 @@ Rails.application.configure do
|
|
|
10
10
|
config.verikloak.logger_tags = %i[request_id sub]
|
|
11
11
|
config.verikloak.auto_include_controller = true
|
|
12
12
|
config.verikloak.render_500_json = ENV.fetch('VERIKLOAK_RENDER_500', 'false') == 'true'
|
|
13
|
-
|
|
13
|
+
|
|
14
|
+
# Optional Pundit rescue (403 JSON). Leave commented so `verikloak-pundit`
|
|
15
|
+
# can auto-disable the built-in handler when it is on the load path.
|
|
16
|
+
# config.verikloak.rescue_pundit = ENV.fetch('VERIKLOAK_RESCUE_PUNDIT', 'true') == 'true'
|
|
14
17
|
end
|
|
@@ -136,13 +136,59 @@ module Verikloak
|
|
|
136
136
|
# @param base_options [Hash] options to pass to the middleware
|
|
137
137
|
# @return [void]
|
|
138
138
|
def insert_middleware_after(stack, base_options)
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
139
|
+
candidates = middleware_insert_after_candidates
|
|
140
|
+
inserted = false
|
|
141
|
+
|
|
142
|
+
candidates.each do |candidate|
|
|
143
|
+
next unless candidate
|
|
144
|
+
|
|
145
|
+
begin
|
|
146
|
+
stack.insert_after candidate,
|
|
147
|
+
::Verikloak::Middleware,
|
|
148
|
+
**base_options
|
|
149
|
+
inserted = true
|
|
150
|
+
break
|
|
151
|
+
rescue StandardError => e
|
|
152
|
+
# Handle middleware insertion failures:
|
|
153
|
+
# - Rails 8+: RuntimeError for missing middleware
|
|
154
|
+
# - Earlier versions: ActionDispatch::MiddlewareStack::MiddlewareNotFound
|
|
155
|
+
log_middleware_insertion_warning(candidate, e)
|
|
156
|
+
end
|
|
157
|
+
end
|
|
158
|
+
|
|
159
|
+
# Only use as fallback if insertion after a specific middleware failed
|
|
160
|
+
stack.use ::Verikloak::Middleware, **base_options unless inserted
|
|
161
|
+
end
|
|
162
|
+
|
|
163
|
+
# Build list of middleware to try as insertion points.
|
|
164
|
+
# Starts with the configured value (if any) and falls back to defaults
|
|
165
|
+
# that exist across supported Rails versions.
|
|
166
|
+
#
|
|
167
|
+
# @return [Array<Object>] ordered list of potential middleware targets
|
|
168
|
+
def middleware_insert_after_candidates
|
|
169
|
+
configured = Verikloak::Rails.config.middleware_insert_after
|
|
170
|
+
|
|
171
|
+
defaults = []
|
|
172
|
+
defaults << ::Rails::Rack::Logger if defined?(::Rails::Rack::Logger)
|
|
173
|
+
defaults << ::ActionDispatch::Executor if defined?(::ActionDispatch::Executor)
|
|
174
|
+
defaults << ::Rack::Head if defined?(::Rack::Head)
|
|
175
|
+
defaults << ::Rack::Runtime if defined?(::Rack::Runtime)
|
|
176
|
+
|
|
177
|
+
([configured] + defaults).compact.uniq
|
|
178
|
+
end
|
|
179
|
+
|
|
180
|
+
# Log when a middleware insertion target cannot be found.
|
|
181
|
+
#
|
|
182
|
+
# @param candidate [Object] middleware we attempted to insert after
|
|
183
|
+
# @param error [StandardError] the exception raised during insertion
|
|
184
|
+
# @return [void]
|
|
185
|
+
def log_middleware_insertion_warning(candidate, error)
|
|
186
|
+
candidate_name = candidate.is_a?(Class) ? candidate.name : candidate.class.name
|
|
187
|
+
message = "[verikloak] Unable to insert after #{candidate_name}: #{error.message}"
|
|
188
|
+
if defined?(::Rails) && ::Rails.respond_to?(:logger) && ::Rails.logger
|
|
189
|
+
::Rails.logger.warn(message)
|
|
144
190
|
else
|
|
145
|
-
|
|
191
|
+
warn(message)
|
|
146
192
|
end
|
|
147
193
|
end
|
|
148
194
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: verikloak-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- taiyaky
|
|
@@ -94,7 +94,7 @@ metadata:
|
|
|
94
94
|
source_code_uri: https://github.com/taiyaky/verikloak-rails
|
|
95
95
|
changelog_uri: https://github.com/taiyaky/verikloak-rails/blob/main/CHANGELOG.md
|
|
96
96
|
bug_tracker_uri: https://github.com/taiyaky/verikloak-rails/issues
|
|
97
|
-
documentation_uri: https://rubydoc.info/gems/verikloak-rails/0.2.
|
|
97
|
+
documentation_uri: https://rubydoc.info/gems/verikloak-rails/0.2.7
|
|
98
98
|
rubygems_mfa_required: 'true'
|
|
99
99
|
rdoc_options: []
|
|
100
100
|
require_paths:
|