zaikio-oauth_client 0.11.1 → 0.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -4
  3. data/app/controllers/zaikio/oauth_client/subscriptions_controller.rb +1 -1
  4. data/lib/zaikio/oauth_client/authenticatable.rb +10 -10
  5. data/lib/zaikio/oauth_client/test_helper.rb +41 -6
  6. data/lib/zaikio/oauth_client/version.rb +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d95701c627108f46f90ac430b28138c8c1ae33dbe8307a6453250255e42b4244
4
- data.tar.gz: b5ee3c7b5a0fd691fbe6382f2c5b17b3a9000384db7f5ceb91271f893c943e22
3
+ metadata.gz: 2e007c62cd36b1b00aa8e542958bb5d627b5ca417ffc6559f45de3868e79149a
4
+ data.tar.gz: 9977c82c5f734d93b05269a7e9fb30e6fe6df1b15a291d680a48fa38bea079a8
5
5
  SHA512:
6
- metadata.gz: d1ff6dba884c261c27c698680ae077ed9995bb0754198eec53ff31dffd66c86b29fa522d924f65357cc99e18653f047530fabd0c46001d0ddaebbfc310692663
7
- data.tar.gz: 2e5b2231a0a34b788e803755b77891be4df996b20a41d91d8bf8956a2f2980e17337ba9a680f59b90bc519b54b6e1efc0bc44a58b72873ded8a0edc335d111f9
6
+ metadata.gz: eeb3f43dc40d4cabeb1f585864ff76c716243e6d0336164b0e3b98c7e2e41bdbd25ffdeaeeeb4b7ee1ccefe20cf1f458bd0af62e1cb2238af3ad258ad6cf4804
7
+ data.tar.gz: e3b47a58b780c92ed0b8a9c5ae0df7011026feed340204e8deb80a88ca2562b4a220cd59c8d5907982488001b6738d5c0eb0ba2495771c0de2a0310f44de42bd
data/README.md CHANGED
@@ -133,12 +133,12 @@ redirect_to zaikio_oauth_client.new_subscription_path(plan: "free")
133
133
 
134
134
  #### Session handling
135
135
 
136
- The Zaikio gem engine will set a cookie for the user after a successful OAuth flow: `cookies.encrypted[:zaikio_person_id]`.
136
+ The Zaikio gem engine will set a cookie for the user after a successful OAuth flow: `session[:zaikio_person_id]`.
137
137
 
138
138
  If you are using for example `Zaikio::Hub::Models`, you can use this snippet to set the current user:
139
139
 
140
140
  ```ruby
141
- Current.user ||= Zaikio::Hub::Models::Person.find_by(id: cookies.encrypted[:zaikio_person_id])
141
+ Current.user ||= Zaikio::Hub::Models::Person.find_by(id: session[:zaikio_person_id])
142
142
  ````
143
143
 
144
144
  You can then use `Current.user` anywhere.
@@ -172,7 +172,7 @@ Additionally you can also specify your own redirect handlers in your `Applicatio
172
172
  ```rb
173
173
  class ApplicationController < ActionController::Base
174
174
  def after_approve_path_for(access_token, origin)
175
- cookies.encrypted[:zaikio_person_id] = access_token.bearer_id unless access_token.organization?
175
+ session[:zaikio_person_id] = access_token.bearer_id unless access_token.organization?
176
176
 
177
177
  # Sync data on login
178
178
  Zaikio::Hub.with_token(access_token.token) do
@@ -183,7 +183,7 @@ class ApplicationController < ActionController::Base
183
183
  end
184
184
 
185
185
  def after_destroy_path_for(access_token_id)
186
- cookies.delete :zaikio_person_id
186
+ reset_session
187
187
 
188
188
  main_app.root_path
189
189
  end
data/app/controllers/zaikio/oauth_client/subscriptions_controller.rb CHANGED
@@ -4,7 +4,7 @@ module Zaikio
4
4
  def new
5
5
  opts = params.permit(:client_name, :state, :plan, :organization_id)
6
6
  opts[:redirect_with_error] = 1
7
- opts[:state] ||= cookies.encrypted[:state] = SecureRandom.urlsafe_base64(32)
7
+ opts[:state] ||= session[:state] = SecureRandom.urlsafe_base64(32)
8
8
 
9
9
  plan = opts.delete(:plan)
10
10
  organization_id = opts.delete(:organization_id)
data/lib/zaikio/oauth_client/authenticatable.rb CHANGED
@@ -7,7 +7,7 @@ module Zaikio
7
7
  opts = params.permit(:client_name, :show_signup, :force_login, :state)
8
8
  opts[:redirect_with_error] = 1
9
9
  client_name = opts.delete(:client_name)
10
- opts[:state] ||= cookies.encrypted[:state] = SecureRandom.urlsafe_base64(32)
10
+ opts[:state] ||= session[:state] = SecureRandom.urlsafe_base64(32)
11
11
 
12
12
  redirect_to oauth_client.auth_code.authorize_url(
13
13
  redirect_uri: approve_url(client_name),
@@ -25,7 +25,7 @@ module Zaikio
25
25
  ) and return
26
26
  end
27
27
 
28
- if cookies.encrypted[:state].present? && params[:state] != cookies.encrypted[:state]
28
+ if session[:state].present? && params[:state] != session[:state]
29
29
  return redirect_to send(
30
30
  respond_to?(:error_path_for) ? :error_path_for : :default_error_path_for,
31
31
  "invalid_state"
@@ -34,10 +34,10 @@ module Zaikio
34
34
 
35
35
  access_token = create_access_token
36
36
 
37
- origin = cookies.encrypted[:origin]
38
- cookies.delete :origin
37
+ origin = session[:origin]
38
+ session.delete(:origin)
39
39
 
40
- cookies.encrypted[:zaikio_access_token_id] = access_token.id unless access_token.organization?
40
+ session[:zaikio_access_token_id] = access_token.id unless access_token.organization?
41
41
 
42
42
  redirect_to send(
43
43
  respond_to?(:after_approve_path_for) ? :after_approve_path_for : :default_after_approve_path_for,
@@ -46,9 +46,9 @@ module Zaikio
46
46
  end
47
47
 
48
48
  def destroy
49
- access_token_id = cookies.encrypted[:zaikio_access_token_id]
50
- cookies.delete :zaikio_access_token_id
51
- cookies.delete :state
49
+ access_token_id = session[:zaikio_access_token_id]
50
+ session.delete(:zaikio_access_token_id)
51
+ session.delete(:origin)
52
52
 
53
53
  redirect_to send(
54
54
  respond_to?(:after_destroy_path_for) ? :after_destroy_path_for : :default_after_destroy_path_for,
@@ -95,13 +95,13 @@ module Zaikio
95
95
  end
96
96
 
97
97
  def default_after_approve_path_for(access_token, origin)
98
- cookies.encrypted[:zaikio_person_id] = access_token.bearer_id unless access_token.organization?
98
+ session[:zaikio_person_id] = access_token.bearer_id unless access_token.organization?
99
99
 
100
100
  origin || main_app.root_path
101
101
  end
102
102
 
103
103
  def default_after_destroy_path_for(_access_token_id)
104
- cookies.delete :zaikio_person_id
104
+ session.delete(:origin)
105
105
 
106
106
  main_app.root_path
107
107
  end
data/lib/zaikio/oauth_client/test_helper.rb CHANGED
@@ -3,13 +3,48 @@ module Zaikio
3
3
  module TestHelper
4
4
  extend ActiveSupport::Concern
5
5
 
6
- def logged_in_as(person)
7
- # We need to manually encrypt the value since the tests cookie jar does not
8
- # support encrypted or signed cookies
9
- encrypted_cookies = ActionDispatch::Request.new(Rails.application.env_config.deep_dup).cookie_jar
10
- encrypted_cookies.encrypted[:zaikio_person_id] = person.id
6
+ class TestSessionController < ActionController::Base
7
+ def show
8
+ if session[params[:key]].nil?
9
+ head :no_content
10
+ else
11
+ render plain: session[params[:key]]
12
+ end
13
+ end
14
+
15
+ def create
16
+ session[params[:key]] = params[:id]
17
+
18
+ head :ok
19
+ end
20
+ end
21
+
22
+ included do
23
+ # This is needed as it is not possible to set sesison values in an ActionDispatch::IntegrationTest
24
+ # This creates a dummy controller to set the session
25
+ Rails.application.routes.disable_clear_and_finalize = true # Keep existing routes
26
+ Rails.application.routes.draw do
27
+ get "/zaikio/oauth_client/test_helper/get_session", to: "zaikio/oauth_client/test_helper/test_session#show"
28
+ get "/zaikio/oauth_client/test_helper/session", to: "zaikio/oauth_client/test_helper/test_session#create"
29
+ end
30
+ end
11
31
 
12
- cookies["zaikio_person_id"] = encrypted_cookies["zaikio_person_id"]
32
+ def get_session(key)
33
+ get "/zaikio/oauth_client/test_helper/get_session", params: { key: key }
34
+
35
+ if response.status == 204
36
+ nil
37
+ else
38
+ response.body
39
+ end
40
+ end
41
+
42
+ def set_session(key, value)
43
+ get "/zaikio/oauth_client/test_helper/session", params: { id: value, key: key }
44
+ end
45
+
46
+ def logged_in_as(person)
47
+ set_session(:zaikio_person_id, person.id)
13
48
  end
14
49
  end
15
50
  end
data/lib/zaikio/oauth_client/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Zaikio
2
2
  module OAuthClient
3
- VERSION = "0.11.1".freeze
3
+ VERSION = "0.12.0".freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: zaikio-oauth_client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.1
4
+ version: 0.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Zaikio GmbH
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-21 00:00:00.000000000 Z
11
+ date: 2021-04-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionpack
@@ -164,7 +164,7 @@ homepage: https://github.com/zaikio/zaikio-oauth_client
164
164
  licenses:
165
165
  - MIT
166
166
  metadata:
167
- changelog_uri: https://github.com/zaikio/zaikio-oauth_client/blob/master/CHANGELOG.md
167
+ changelog_uri: https://github.com/zaikio/zaikio-oauth_client/blob/main/CHANGELOG.md
168
168
  post_install_message:
169
169
  rdoc_options: []
170
170
  require_paths: