zaikio-oauth_client 0.11.1 → 0.12.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -4
  3. data/app/controllers/zaikio/oauth_client/subscriptions_controller.rb +1 -1
  4. data/lib/zaikio/oauth_client/authenticatable.rb +10 -10
  5. data/lib/zaikio/oauth_client/test_helper.rb +41 -6
  6. data/lib/zaikio/oauth_client/version.rb +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d95701c627108f46f90ac430b28138c8c1ae33dbe8307a6453250255e42b4244
4
- data.tar.gz: b5ee3c7b5a0fd691fbe6382f2c5b17b3a9000384db7f5ceb91271f893c943e22
3
+ metadata.gz: 2e007c62cd36b1b00aa8e542958bb5d627b5ca417ffc6559f45de3868e79149a
4
+ data.tar.gz: 9977c82c5f734d93b05269a7e9fb30e6fe6df1b15a291d680a48fa38bea079a8
5
5
  SHA512:
6
- metadata.gz: d1ff6dba884c261c27c698680ae077ed9995bb0754198eec53ff31dffd66c86b29fa522d924f65357cc99e18653f047530fabd0c46001d0ddaebbfc310692663
7
- data.tar.gz: 2e5b2231a0a34b788e803755b77891be4df996b20a41d91d8bf8956a2f2980e17337ba9a680f59b90bc519b54b6e1efc0bc44a58b72873ded8a0edc335d111f9
6
+ metadata.gz: eeb3f43dc40d4cabeb1f585864ff76c716243e6d0336164b0e3b98c7e2e41bdbd25ffdeaeeeb4b7ee1ccefe20cf1f458bd0af62e1cb2238af3ad258ad6cf4804
7
+ data.tar.gz: e3b47a58b780c92ed0b8a9c5ae0df7011026feed340204e8deb80a88ca2562b4a220cd59c8d5907982488001b6738d5c0eb0ba2495771c0de2a0310f44de42bd
data/README.md CHANGED
@@ -133,12 +133,12 @@ redirect_to zaikio_oauth_client.new_subscription_path(plan: "free")
133
133
 
134
134
  #### Session handling
135
135
 
136
- The Zaikio gem engine will set a cookie for the user after a successful OAuth flow: `cookies.encrypted[:zaikio_person_id]`.
136
+ The Zaikio gem engine will set a cookie for the user after a successful OAuth flow: `session[:zaikio_person_id]`.
137
137
 
138
138
  If you are using for example `Zaikio::Hub::Models`, you can use this snippet to set the current user:
139
139
 
140
140
  ```ruby
141
- Current.user ||= Zaikio::Hub::Models::Person.find_by(id: cookies.encrypted[:zaikio_person_id])
141
+ Current.user ||= Zaikio::Hub::Models::Person.find_by(id: session[:zaikio_person_id])
142
142
  ````
143
143
 
144
144
  You can then use `Current.user` anywhere.
@@ -172,7 +172,7 @@ Additionally you can also specify your own redirect handlers in your `Applicatio
172
172
  ```rb
173
173
  class ApplicationController < ActionController::Base
174
174
  def after_approve_path_for(access_token, origin)
175
- cookies.encrypted[:zaikio_person_id] = access_token.bearer_id unless access_token.organization?
175
+ session[:zaikio_person_id] = access_token.bearer_id unless access_token.organization?
176
176
 
177
177
  # Sync data on login
178
178
  Zaikio::Hub.with_token(access_token.token) do
@@ -183,7 +183,7 @@ class ApplicationController < ActionController::Base
183
183
  end
184
184
 
185
185
  def after_destroy_path_for(access_token_id)
186
- cookies.delete :zaikio_person_id
186
+ reset_session
187
187
 
188
188
  main_app.root_path
189
189
  end
data/app/controllers/zaikio/oauth_client/subscriptions_controller.rb CHANGED
@@ -4,7 +4,7 @@ module Zaikio
4
4
  def new
5
5
  opts = params.permit(:client_name, :state, :plan, :organization_id)
6
6
  opts[:redirect_with_error] = 1
7
- opts[:state] ||= cookies.encrypted[:state] = SecureRandom.urlsafe_base64(32)
7
+ opts[:state] ||= session[:state] = SecureRandom.urlsafe_base64(32)
8
8
 
9
9
  plan = opts.delete(:plan)
10
10
  organization_id = opts.delete(:organization_id)
data/lib/zaikio/oauth_client/authenticatable.rb CHANGED
@@ -7,7 +7,7 @@ module Zaikio
7
7
  opts = params.permit(:client_name, :show_signup, :force_login, :state)
8
8
  opts[:redirect_with_error] = 1
9
9
  client_name = opts.delete(:client_name)
10
- opts[:state] ||= cookies.encrypted[:state] = SecureRandom.urlsafe_base64(32)
10
+ opts[:state] ||= session[:state] = SecureRandom.urlsafe_base64(32)
11
11
 
12
12
  redirect_to oauth_client.auth_code.authorize_url(
13
13
  redirect_uri: approve_url(client_name),
@@ -25,7 +25,7 @@ module Zaikio
25
25
  ) and return
26
26
  end
27
27
 
28
- if cookies.encrypted[:state].present? && params[:state] != cookies.encrypted[:state]
28
+ if session[:state].present? && params[:state] != session[:state]
29
29
  return redirect_to send(
30
30
  respond_to?(:error_path_for) ? :error_path_for : :default_error_path_for,
31
31
  "invalid_state"
@@ -34,10 +34,10 @@ module Zaikio
34
34
 
35
35
  access_token = create_access_token
36
36
 
37
- origin = cookies.encrypted[:origin]
38
- cookies.delete :origin
37
+ origin = session[:origin]
38
+ session.delete(:origin)
39
39
 
40
- cookies.encrypted[:zaikio_access_token_id] = access_token.id unless access_token.organization?
40
+ session[:zaikio_access_token_id] = access_token.id unless access_token.organization?
41
41
 
42
42
  redirect_to send(
43
43
  respond_to?(:after_approve_path_for) ? :after_approve_path_for : :default_after_approve_path_for,
@@ -46,9 +46,9 @@ module Zaikio
46
46
  end
47
47
 
48
48
  def destroy
49
- access_token_id = cookies.encrypted[:zaikio_access_token_id]
50
- cookies.delete :zaikio_access_token_id
51
- cookies.delete :state
49
+ access_token_id = session[:zaikio_access_token_id]
50
+ session.delete(:zaikio_access_token_id)
51
+ session.delete(:origin)
52
52
 
53
53
  redirect_to send(
54
54
  respond_to?(:after_destroy_path_for) ? :after_destroy_path_for : :default_after_destroy_path_for,
@@ -95,13 +95,13 @@ module Zaikio
95
95
  end
96
96
 
97
97
  def default_after_approve_path_for(access_token, origin)
98
- cookies.encrypted[:zaikio_person_id] = access_token.bearer_id unless access_token.organization?
98
+ session[:zaikio_person_id] = access_token.bearer_id unless access_token.organization?
99
99
 
100
100
  origin || main_app.root_path
101
101
  end
102
102
 
103
103
  def default_after_destroy_path_for(_access_token_id)
104
- cookies.delete :zaikio_person_id
104
+ session.delete(:origin)
105
105
 
106
106
  main_app.root_path
107
107
  end
data/lib/zaikio/oauth_client/test_helper.rb CHANGED
@@ -3,13 +3,48 @@ module Zaikio
3
3
  module TestHelper
4
4
  extend ActiveSupport::Concern
5
5
 
6
- def logged_in_as(person)
7
- # We need to manually encrypt the value since the tests cookie jar does not
8
- # support encrypted or signed cookies
9
- encrypted_cookies = ActionDispatch::Request.new(Rails.application.env_config.deep_dup).cookie_jar
10
- encrypted_cookies.encrypted[:zaikio_person_id] = person.id
6
+ class TestSessionController < ActionController::Base
7
+ def show
8
+ if session[params[:key]].nil?
9
+ head :no_content
10
+ else
11
+ render plain: session[params[:key]]
12
+ end
13
+ end
14
+
15
+ def create
16
+ session[params[:key]] = params[:id]
17
+
18
+ head :ok
19
+ end
20
+ end
21
+
22
+ included do
23
+ # This is needed as it is not possible to set sesison values in an ActionDispatch::IntegrationTest
24
+ # This creates a dummy controller to set the session
25
+ Rails.application.routes.disable_clear_and_finalize = true # Keep existing routes
26
+ Rails.application.routes.draw do
27
+ get "/zaikio/oauth_client/test_helper/get_session", to: "zaikio/oauth_client/test_helper/test_session#show"
28
+ get "/zaikio/oauth_client/test_helper/session", to: "zaikio/oauth_client/test_helper/test_session#create"
29
+ end
30
+ end
11
31
 
12
- cookies["zaikio_person_id"] = encrypted_cookies["zaikio_person_id"]
32
+ def get_session(key)
33
+ get "/zaikio/oauth_client/test_helper/get_session", params: { key: key }
34
+
35
+ if response.status == 204
36
+ nil
37
+ else
38
+ response.body
39
+ end
40
+ end
41
+
42
+ def set_session(key, value)
43
+ get "/zaikio/oauth_client/test_helper/session", params: { id: value, key: key }
44
+ end
45
+
46
+ def logged_in_as(person)
47
+ set_session(:zaikio_person_id, person.id)
13
48
  end
14
49
  end
15
50
  end
data/lib/zaikio/oauth_client/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Zaikio
2
2
  module OAuthClient
3
- VERSION = "0.11.1".freeze
3
+ VERSION = "0.12.0".freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: zaikio-oauth_client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.1
4
+ version: 0.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Zaikio GmbH
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-21 00:00:00.000000000 Z
11
+ date: 2021-04-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionpack
@@ -164,7 +164,7 @@ homepage: https://github.com/zaikio/zaikio-oauth_client
164
164
  licenses:
165
165
  - MIT
166
166
  metadata:
167
- changelog_uri: https://github.com/zaikio/zaikio-oauth_client/blob/master/CHANGELOG.md
167
+ changelog_uri: https://github.com/zaikio/zaikio-oauth_client/blob/main/CHANGELOG.md
168
168
  post_install_message:
169
169
  rdoc_options: []
170
170
  require_paths: