placeos / auth Goto Github PK
View Code? Open in Web Editor NEWPlaceOS authentication service and API gatekeeper.
auth's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
ishuuuu1auth's Issues
Cannot retrieve a token via password grant
When attempting to POST to /auth/oauth/token as part of a password grant flow the following is returned:
{
"status": 500,
"error": "Internal Server Error",
"exception": "#<NoMethodError: undefined method `where' for #<Doorkeeper::AccessToken:0x000055d9a16a5ab0>\nDid you mean? when>",
"traces": {
"Application Trace": [
{
"exception_object_id": 47196584802760,
"id": 65,
"trace": "lib/omniauth/strategies/generic_adfs.rb:45:in `other_phase'"
}
],
"Framework Trace": [
{
"exception_object_id": 47196584802760,
"id": 0,
"trace": "doorkeeper-rethinkdb (15f5e2e09b59) lib/support/orm/rethinkdb/access_token.rb:234:in `refresh_token_unique'"
},
{
"exception_object_id": 47196584802760,
"id": 1,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:429:in `block in make_lambda'"
},
{
"exception_object_id": 47196584802760,
"id": 2,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:201:in `block (2 levels) in halting'"
},
{
"exception_object_id": 47196584802760,
"id": 3,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:607:in `block (2 levels) in default_terminator'"
},
{
"exception_object_id": 47196584802760,
"id": 4,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:606:in `catch'"
},
{
"exception_object_id": 47196584802760,
"id": 5,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:606:in `block in default_terminator'"
},
{
"exception_object_id": 47196584802760,
"id": 6,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:202:in `block in halting'"
},
{
"exception_object_id": 47196584802760,
"id": 7,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:514:in `block in invoke_before'"
},
{
"exception_object_id": 47196584802760,
"id": 8,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:514:in `each'"
},
{
"exception_object_id": 47196584802760,
"id": 9,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:514:in `invoke_before'"
},
{
"exception_object_id": 47196584802760,
"id": 10,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:134:in `run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 11,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:827:in `_run_validate_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 12,
"trace": "activemodel (6.0.2.1) lib/active_model/validations.rb:407:in `run_validations!'"
},
{
"exception_object_id": 47196584802760,
"id": 13,
"trace": "activemodel (6.0.2.1) lib/active_model/validations/callbacks.rb:118:in `block in run_validations!'"
},
{
"exception_object_id": 47196584802760,
"id": 14,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:135:in `run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 15,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:827:in `_run_validation_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 16,
"trace": "activemodel (6.0.2.1) lib/active_model/validations/callbacks.rb:118:in `run_validations!'"
},
{
"exception_object_id": 47196584802760,
"id": 17,
"trace": "activemodel (6.0.2.1) lib/active_model/validations.rb:337:in `valid?'"
},
{
"exception_object_id": 47196584802760,
"id": 18,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/validation/core.rb:12:in `valid?'"
},
{
"exception_object_id": 47196584802760,
"id": 19,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/validation/core.rb:19:in `save?'"
},
{
"exception_object_id": 47196584802760,
"id": 20,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/validation/uniqueness.rb:9:in `save?'"
},
{
"exception_object_id": 47196584802760,
"id": 21,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/atomic_ops.rb:227:in `save?'"
},
{
"exception_object_id": 47196584802760,
"id": 22,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/persistance.rb:95:in `save!'"
},
{
"exception_object_id": 47196584802760,
"id": 23,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/persistance.rb:136:in `block in create!'"
},
{
"exception_object_id": 47196584802760,
"id": 24,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/persistance.rb:136:in `tap'"
},
{
"exception_object_id": 47196584802760,
"id": 25,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/persistance.rb:136:in `create!'"
},
{
"exception_object_id": 47196584802760,
"id": 26,
"trace": "doorkeeper-rethinkdb (15f5e2e09b59) lib/support/orm/rethinkdb/access_token.rb:164:in `find_or_create_for'"
},
{
"exception_object_id": 47196584802760,
"id": 27,
"trace": "doorkeeper (5.2.3) lib/doorkeeper/oauth/base_request.rb:39:in `find_or_create_access_token'"
},
{
"exception_object_id": 47196584802760,
"id": 28,
"trace": "doorkeeper (5.2.3) lib/doorkeeper/oauth/password_access_token_request.rb:28:in `before_successful_response'"
},
{
"exception_object_id": 47196584802760,
"id": 29,
"trace": "doorkeeper (5.2.3) lib/doorkeeper/oauth/base_request.rb:14:in `authorize'"
},
{
"exception_object_id": 47196584802760,
"id": 30,
"trace": "doorkeeper (5.2.3) lib/doorkeeper/request/strategy.rb:8:in `authorize'"
},
{
"exception_object_id": 47196584802760,
"id": 31,
"trace": "doorkeeper (5.2.3) app/controllers/doorkeeper/tokens_controller.rb:93:in `authorize_response'"
},
{
"exception_object_id": 47196584802760,
"id": 32,
"trace": "doorkeeper (5.2.3) app/controllers/doorkeeper/tokens_controller.rb:6:in `create'"
},
{
"exception_object_id": 47196584802760,
"id": 33,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'"
},
{
"exception_object_id": 47196584802760,
"id": 34,
"trace": "actionpack (6.0.2.1) lib/abstract_controller/base.rb:196:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 35,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/rendering.rb:30:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 36,
"trace": "actionpack (6.0.2.1) lib/abstract_controller/callbacks.rb:42:in `block in process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 37,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:112:in `block in run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 38,
"trace": "sentry-raven (2.13.0) lib/raven/integrations/rails/controller_transaction.rb:7:in `block in included'"
},
{
"exception_object_id": 47196584802760,
"id": 39,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:121:in `instance_exec'"
},
{
"exception_object_id": 47196584802760,
"id": 40,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:121:in `block in run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 41,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:139:in `run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 42,
"trace": "actionpack (6.0.2.1) lib/abstract_controller/callbacks.rb:41:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 43,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/rescue.rb:22:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 44,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/instrumentation.rb:33:in `block in process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 45,
"trace": "activesupport (6.0.2.1) lib/active_support/notifications.rb:180:in `block in instrument'"
},
{
"exception_object_id": 47196584802760,
"id": 46,
"trace": "activesupport (6.0.2.1) lib/active_support/notifications/instrumenter.rb:24:in `instrument'"
},
{
"exception_object_id": 47196584802760,
"id": 47,
"trace": "activesupport (6.0.2.1) lib/active_support/notifications.rb:180:in `instrument'"
},
{
"exception_object_id": 47196584802760,
"id": 48,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/instrumentation.rb:32:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 49,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/params_wrapper.rb:245:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 50,
"trace": "nobrainer (0.34.0) lib/no_brainer/profiler/controller_runtime.rb:44:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 51,
"trace": "actionpack (6.0.2.1) lib/abstract_controller/base.rb:136:in `process'"
},
{
"exception_object_id": 47196584802760,
"id": 52,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal.rb:191:in `dispatch'"
},
{
"exception_object_id": 47196584802760,
"id": 53,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal.rb:252:in `dispatch'"
},
{
"exception_object_id": 47196584802760,
"id": 54,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/routing/route_set.rb:51:in `dispatch'"
},
{
"exception_object_id": 47196584802760,
"id": 55,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/routing/route_set.rb:33:in `serve'"
},
{
"exception_object_id": 47196584802760,
"id": 56,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/journey/router.rb:49:in `block in serve'"
},
{
"exception_object_id": 47196584802760,
"id": 57,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/journey/router.rb:32:in `each'"
},
{
"exception_object_id": 47196584802760,
"id": 58,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/journey/router.rb:32:in `serve'"
},
{
"exception_object_id": 47196584802760,
"id": 59,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/routing/route_set.rb:837:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 60,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:192:in `call!'"
},
{
"exception_object_id": 47196584802760,
"id": 61,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:169:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 62,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:192:in `call!'"
},
{
"exception_object_id": 47196584802760,
"id": 63,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:169:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 64,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:420:in `call_app!'"
},
{
"exception_object_id": 47196584802760,
"id": 66,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:190:in `call!'"
},
{
"exception_object_id": 47196584802760,
"id": 67,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:169:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 68,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:192:in `call!'"
},
{
"exception_object_id": 47196584802760,
"id": 69,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:169:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 70,
"trace": "omniauth (1.9.0) lib/omniauth/builder.rb:64:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 71,
"trace": "rack (2.1.2) lib/rack/tempfile_reaper.rb:17:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 72,
"trace": "rack (2.1.2) lib/rack/etag.rb:27:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 73,
"trace": "rack (2.1.2) lib/rack/conditional_get.rb:40:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 74,
"trace": "rack (2.1.2) lib/rack/head.rb:14:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 75,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/http/content_security_policy.rb:18:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 76,
"trace": "rack (2.1.2) lib/rack/session/abstract/id.rb:269:in `context'"
},
{
"exception_object_id": 47196584802760,
"id": 77,
"trace": "rack (2.1.2) lib/rack/session/abstract/id.rb:263:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 78,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/cookies.rb:648:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 79,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'"
},
{
"exception_object_id": 47196584802760,
"id": 80,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:101:in `run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 81,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/callbacks.rb:26:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 82,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/executor.rb:14:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 83,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/actionable_exceptions.rb:17:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 84,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/debug_exceptions.rb:32:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 85,
"trace": "web-console (4.0.1) lib/web_console/middleware.rb:132:in `call_app'"
},
{
"exception_object_id": 47196584802760,
"id": 86,
"trace": "web-console (4.0.1) lib/web_console/middleware.rb:19:in `block in call'"
},
{
"exception_object_id": 47196584802760,
"id": 87,
"trace": "web-console (4.0.1) lib/web_console/middleware.rb:17:in `catch'"
},
{
"exception_object_id": 47196584802760,
"id": 88,
"trace": "web-console (4.0.1) lib/web_console/middleware.rb:17:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 89,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 90,
"trace": "railties (6.0.2.1) lib/rails/rack/logger.rb:38:in `call_app'"
},
{
"exception_object_id": 47196584802760,
"id": 91,
"trace": "railties (6.0.2.1) lib/rails/rack/logger.rb:26:in `block in call'"
},
{
"exception_object_id": 47196584802760,
"id": 92,
"trace": "activesupport (6.0.2.1) lib/active_support/tagged_logging.rb:80:in `block in tagged'"
},
{
"exception_object_id": 47196584802760,
"id": 93,
"trace": "activesupport (6.0.2.1) lib/active_support/tagged_logging.rb:28:in `tagged'"
},
{
"exception_object_id": 47196584802760,
"id": 94,
"trace": "activesupport (6.0.2.1) lib/active_support/tagged_logging.rb:80:in `tagged'"
},
{
"exception_object_id": 47196584802760,
"id": 95,
"trace": "railties (6.0.2.1) lib/rails/rack/logger.rb:26:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 96,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 97,
"trace": "request_store (1.5.0) lib/request_store/middleware.rb:19:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 98,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/request_id.rb:27:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 99,
"trace": "rack (2.1.2) lib/rack/method_override.rb:24:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 100,
"trace": "rack (2.1.2) lib/rack/runtime.rb:24:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 101,
"trace": "activesupport (6.0.2.1) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 102,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/executor.rb:14:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 103,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/static.rb:126:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 104,
"trace": "rack (2.1.2) lib/rack/sendfile.rb:113:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 105,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/host_authorization.rb:77:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 106,
"trace": "sentry-raven (2.13.0) lib/raven/integrations/rack.rb:51:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 107,
"trace": "railties (6.0.2.1) lib/rails/engine.rb:526:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 108,
"trace": "puma (4.3.1) lib/puma/configuration.rb:228:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 109,
"trace": "puma (4.3.1) lib/puma/server.rb:681:in `handle_request'"
},
{
"exception_object_id": 47196584802760,
"id": 110,
"trace": "puma (4.3.1) lib/puma/server.rb:472:in `process_client'"
},
{
"exception_object_id": 47196584802760,
"id": 111,
"trace": "puma (4.3.1) lib/puma/server.rb:328:in `block in run'"
},
{
"exception_object_id": 47196584802760,
"id": 112,
"trace": "puma (4.3.1) lib/puma/thread_pool.rb:134:in `block in spawn_thread'"
}
],
"Full Trace": [
{
"exception_object_id": 47196584802760,
"id": 0,
"trace": "doorkeeper-rethinkdb (15f5e2e09b59) lib/support/orm/rethinkdb/access_token.rb:234:in `refresh_token_unique'"
},
{
"exception_object_id": 47196584802760,
"id": 1,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:429:in `block in make_lambda'"
},
{
"exception_object_id": 47196584802760,
"id": 2,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:201:in `block (2 levels) in halting'"
},
{
"exception_object_id": 47196584802760,
"id": 3,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:607:in `block (2 levels) in default_terminator'"
},
{
"exception_object_id": 47196584802760,
"id": 4,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:606:in `catch'"
},
{
"exception_object_id": 47196584802760,
"id": 5,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:606:in `block in default_terminator'"
},
{
"exception_object_id": 47196584802760,
"id": 6,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:202:in `block in halting'"
},
{
"exception_object_id": 47196584802760,
"id": 7,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:514:in `block in invoke_before'"
},
{
"exception_object_id": 47196584802760,
"id": 8,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:514:in `each'"
},
{
"exception_object_id": 47196584802760,
"id": 9,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:514:in `invoke_before'"
},
{
"exception_object_id": 47196584802760,
"id": 10,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:134:in `run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 11,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:827:in `_run_validate_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 12,
"trace": "activemodel (6.0.2.1) lib/active_model/validations.rb:407:in `run_validations!'"
},
{
"exception_object_id": 47196584802760,
"id": 13,
"trace": "activemodel (6.0.2.1) lib/active_model/validations/callbacks.rb:118:in `block in run_validations!'"
},
{
"exception_object_id": 47196584802760,
"id": 14,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:135:in `run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 15,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:827:in `_run_validation_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 16,
"trace": "activemodel (6.0.2.1) lib/active_model/validations/callbacks.rb:118:in `run_validations!'"
},
{
"exception_object_id": 47196584802760,
"id": 17,
"trace": "activemodel (6.0.2.1) lib/active_model/validations.rb:337:in `valid?'"
},
{
"exception_object_id": 47196584802760,
"id": 18,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/validation/core.rb:12:in `valid?'"
},
{
"exception_object_id": 47196584802760,
"id": 19,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/validation/core.rb:19:in `save?'"
},
{
"exception_object_id": 47196584802760,
"id": 20,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/validation/uniqueness.rb:9:in `save?'"
},
{
"exception_object_id": 47196584802760,
"id": 21,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/atomic_ops.rb:227:in `save?'"
},
{
"exception_object_id": 47196584802760,
"id": 22,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/persistance.rb:95:in `save!'"
},
{
"exception_object_id": 47196584802760,
"id": 23,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/persistance.rb:136:in `block in create!'"
},
{
"exception_object_id": 47196584802760,
"id": 24,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/persistance.rb:136:in `tap'"
},
{
"exception_object_id": 47196584802760,
"id": 25,
"trace": "nobrainer (0.34.0) lib/no_brainer/document/persistance.rb:136:in `create!'"
},
{
"exception_object_id": 47196584802760,
"id": 26,
"trace": "doorkeeper-rethinkdb (15f5e2e09b59) lib/support/orm/rethinkdb/access_token.rb:164:in `find_or_create_for'"
},
{
"exception_object_id": 47196584802760,
"id": 27,
"trace": "doorkeeper (5.2.3) lib/doorkeeper/oauth/base_request.rb:39:in `find_or_create_access_token'"
},
{
"exception_object_id": 47196584802760,
"id": 28,
"trace": "doorkeeper (5.2.3) lib/doorkeeper/oauth/password_access_token_request.rb:28:in `before_successful_response'"
},
{
"exception_object_id": 47196584802760,
"id": 29,
"trace": "doorkeeper (5.2.3) lib/doorkeeper/oauth/base_request.rb:14:in `authorize'"
},
{
"exception_object_id": 47196584802760,
"id": 30,
"trace": "doorkeeper (5.2.3) lib/doorkeeper/request/strategy.rb:8:in `authorize'"
},
{
"exception_object_id": 47196584802760,
"id": 31,
"trace": "doorkeeper (5.2.3) app/controllers/doorkeeper/tokens_controller.rb:93:in `authorize_response'"
},
{
"exception_object_id": 47196584802760,
"id": 32,
"trace": "doorkeeper (5.2.3) app/controllers/doorkeeper/tokens_controller.rb:6:in `create'"
},
{
"exception_object_id": 47196584802760,
"id": 33,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'"
},
{
"exception_object_id": 47196584802760,
"id": 34,
"trace": "actionpack (6.0.2.1) lib/abstract_controller/base.rb:196:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 35,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/rendering.rb:30:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 36,
"trace": "actionpack (6.0.2.1) lib/abstract_controller/callbacks.rb:42:in `block in process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 37,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:112:in `block in run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 38,
"trace": "sentry-raven (2.13.0) lib/raven/integrations/rails/controller_transaction.rb:7:in `block in included'"
},
{
"exception_object_id": 47196584802760,
"id": 39,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:121:in `instance_exec'"
},
{
"exception_object_id": 47196584802760,
"id": 40,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:121:in `block in run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 41,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:139:in `run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 42,
"trace": "actionpack (6.0.2.1) lib/abstract_controller/callbacks.rb:41:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 43,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/rescue.rb:22:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 44,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/instrumentation.rb:33:in `block in process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 45,
"trace": "activesupport (6.0.2.1) lib/active_support/notifications.rb:180:in `block in instrument'"
},
{
"exception_object_id": 47196584802760,
"id": 46,
"trace": "activesupport (6.0.2.1) lib/active_support/notifications/instrumenter.rb:24:in `instrument'"
},
{
"exception_object_id": 47196584802760,
"id": 47,
"trace": "activesupport (6.0.2.1) lib/active_support/notifications.rb:180:in `instrument'"
},
{
"exception_object_id": 47196584802760,
"id": 48,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/instrumentation.rb:32:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 49,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal/params_wrapper.rb:245:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 50,
"trace": "nobrainer (0.34.0) lib/no_brainer/profiler/controller_runtime.rb:44:in `process_action'"
},
{
"exception_object_id": 47196584802760,
"id": 51,
"trace": "actionpack (6.0.2.1) lib/abstract_controller/base.rb:136:in `process'"
},
{
"exception_object_id": 47196584802760,
"id": 52,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal.rb:191:in `dispatch'"
},
{
"exception_object_id": 47196584802760,
"id": 53,
"trace": "actionpack (6.0.2.1) lib/action_controller/metal.rb:252:in `dispatch'"
},
{
"exception_object_id": 47196584802760,
"id": 54,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/routing/route_set.rb:51:in `dispatch'"
},
{
"exception_object_id": 47196584802760,
"id": 55,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/routing/route_set.rb:33:in `serve'"
},
{
"exception_object_id": 47196584802760,
"id": 56,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/journey/router.rb:49:in `block in serve'"
},
{
"exception_object_id": 47196584802760,
"id": 57,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/journey/router.rb:32:in `each'"
},
{
"exception_object_id": 47196584802760,
"id": 58,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/journey/router.rb:32:in `serve'"
},
{
"exception_object_id": 47196584802760,
"id": 59,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/routing/route_set.rb:837:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 60,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:192:in `call!'"
},
{
"exception_object_id": 47196584802760,
"id": 61,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:169:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 62,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:192:in `call!'"
},
{
"exception_object_id": 47196584802760,
"id": 63,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:169:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 64,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:420:in `call_app!'"
},
{
"exception_object_id": 47196584802760,
"id": 65,
"trace": "lib/omniauth/strategies/generic_adfs.rb:45:in `other_phase'"
},
{
"exception_object_id": 47196584802760,
"id": 66,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:190:in `call!'"
},
{
"exception_object_id": 47196584802760,
"id": 67,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:169:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 68,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:192:in `call!'"
},
{
"exception_object_id": 47196584802760,
"id": 69,
"trace": "omniauth (1.9.0) lib/omniauth/strategy.rb:169:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 70,
"trace": "omniauth (1.9.0) lib/omniauth/builder.rb:64:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 71,
"trace": "rack (2.1.2) lib/rack/tempfile_reaper.rb:17:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 72,
"trace": "rack (2.1.2) lib/rack/etag.rb:27:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 73,
"trace": "rack (2.1.2) lib/rack/conditional_get.rb:40:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 74,
"trace": "rack (2.1.2) lib/rack/head.rb:14:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 75,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/http/content_security_policy.rb:18:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 76,
"trace": "rack (2.1.2) lib/rack/session/abstract/id.rb:269:in `context'"
},
{
"exception_object_id": 47196584802760,
"id": 77,
"trace": "rack (2.1.2) lib/rack/session/abstract/id.rb:263:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 78,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/cookies.rb:648:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 79,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'"
},
{
"exception_object_id": 47196584802760,
"id": 80,
"trace": "activesupport (6.0.2.1) lib/active_support/callbacks.rb:101:in `run_callbacks'"
},
{
"exception_object_id": 47196584802760,
"id": 81,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/callbacks.rb:26:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 82,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/executor.rb:14:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 83,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/actionable_exceptions.rb:17:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 84,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/debug_exceptions.rb:32:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 85,
"trace": "web-console (4.0.1) lib/web_console/middleware.rb:132:in `call_app'"
},
{
"exception_object_id": 47196584802760,
"id": 86,
"trace": "web-console (4.0.1) lib/web_console/middleware.rb:19:in `block in call'"
},
{
"exception_object_id": 47196584802760,
"id": 87,
"trace": "web-console (4.0.1) lib/web_console/middleware.rb:17:in `catch'"
},
{
"exception_object_id": 47196584802760,
"id": 88,
"trace": "web-console (4.0.1) lib/web_console/middleware.rb:17:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 89,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 90,
"trace": "railties (6.0.2.1) lib/rails/rack/logger.rb:38:in `call_app'"
},
{
"exception_object_id": 47196584802760,
"id": 91,
"trace": "railties (6.0.2.1) lib/rails/rack/logger.rb:26:in `block in call'"
},
{
"exception_object_id": 47196584802760,
"id": 92,
"trace": "activesupport (6.0.2.1) lib/active_support/tagged_logging.rb:80:in `block in tagged'"
},
{
"exception_object_id": 47196584802760,
"id": 93,
"trace": "activesupport (6.0.2.1) lib/active_support/tagged_logging.rb:28:in `tagged'"
},
{
"exception_object_id": 47196584802760,
"id": 94,
"trace": "activesupport (6.0.2.1) lib/active_support/tagged_logging.rb:80:in `tagged'"
},
{
"exception_object_id": 47196584802760,
"id": 95,
"trace": "railties (6.0.2.1) lib/rails/rack/logger.rb:26:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 96,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 97,
"trace": "request_store (1.5.0) lib/request_store/middleware.rb:19:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 98,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/request_id.rb:27:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 99,
"trace": "rack (2.1.2) lib/rack/method_override.rb:24:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 100,
"trace": "rack (2.1.2) lib/rack/runtime.rb:24:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 101,
"trace": "activesupport (6.0.2.1) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 102,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/executor.rb:14:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 103,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/static.rb:126:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 104,
"trace": "rack (2.1.2) lib/rack/sendfile.rb:113:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 105,
"trace": "actionpack (6.0.2.1) lib/action_dispatch/middleware/host_authorization.rb:77:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 106,
"trace": "sentry-raven (2.13.0) lib/raven/integrations/rack.rb:51:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 107,
"trace": "railties (6.0.2.1) lib/rails/engine.rb:526:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 108,
"trace": "puma (4.3.1) lib/puma/configuration.rb:228:in `call'"
},
{
"exception_object_id": 47196584802760,
"id": 109,
"trace": "puma (4.3.1) lib/puma/server.rb:681:in `handle_request'"
},
{
"exception_object_id": 47196584802760,
"id": 110,
"trace": "puma (4.3.1) lib/puma/server.rb:472:in `process_client'"
},
{
"exception_object_id": 47196584802760,
"id": 111,
"trace": "puma (4.3.1) lib/puma/server.rb:328:in `block in run'"
},
{
"exception_object_id": 47196584802760,
"id": 112,
"trace": "puma (4.3.1) lib/puma/thread_pool.rb:134:in `block in spawn_thread'"
}
]
}
}HTTP 502 returned when user creation fails
Describe the bug
When processing an auth callback in SessionsController#create and user creation fails, the user encounters a HTTP 502.
Your environment
2a93852
To Reproduce
Attempt an auth flow with an invalid config (e.g. mismatched SAML claims etc).
Expected behavior
The response code should be suitable for the error encountered. Ideally recovery behaviour should also redirect the user appropriately.
Additional context
Cause may be to this redirect as /signup route likely does not exist in most deployment environments.
Nobrainer Duplicate Tables
Nobrainer generates duplicate tables.
We should patch the orm with something like this
This change should resolve place-labs/development-environment/issues/3
Missing migration for `User` model change
Describe the bug
A set of changes were recently made the way email case sensitivity is handled. This included a change to use a downcased form as input to email_digest. As a result email lookups against previously created users may fail.
Your environment
c6101ff
To Reproduce
- Attempt email address based resolution for a user which previous had a mixed case email address in use. An easily accessible path for this is via inline login on this service.
- Login will fail due to user not found.
- Force a change on the user model that results in
email_digestbeing set. - User will now be found.
Expected behavior
User should be discovered without requiring manual re-save.
Additional context
https://github.com/place-technology/suncorp-ntt/issues/69
refactor to use Postgresql instead of RethinkDB
Azure B2C Last Logged in User
When using Azure B2C as the authentication source for a domain, only the last logged in user is retained against the domain as a user.
For example, User 1 logs in via B2C domain users will show User 1.
If User 2 then logs in, the domain users will now show User 2 and remove User 1.
All users that authenticate via this domain should be retained as domain users.
Authority query fails if user in cookie is invalid
If a cookie exists, but holds a user id that is no longer valid (e.g. after re-initializing a dev environment), calls to GET /auth/authority always return 404. The user visible behaviour of this is a backoffice auth screen persistently stuck on 'Loading...'.
This is due to the user lookup reached by UserHelper#signed_in? failing due to a NoBrainer::Error::DocumentNotFound error.
improve auth flows for web applications
https://acaprojects.atlassian.net/browse/AD-107
Ensure token refresh can occur via ajax
Provide OAuth Redirect without Query Param
Microsoft Azure B2C will not accept an OAuth2 redirect URL with query parameters.
Need it identify a method to provide a redirect URL for PlaceOS oauth_strat without a query param.
OAuth2 callback URL incompatible with Azure AD B2C
Using Azure AD as an OAuth2 based IdP is currently not possible due to query parameters being disallowed in redirect URI's configured on Azure.
The current callback URL format encodes the provider id as a static query param.
This was previously allowed, but may have regressed as part of a recent Azure service update.
To re-enable compatibility, without relying on an upstream update, there should be potential to support this as a path parameter.
Note: configuring as a SAML based IdP is currently supported and is the recommended approach.
expired auth data should be deleted to prevent DB size growing indefinitely
doorkeeper_grant and doorkeeper_token tables grow without bound.
Taking 50GB in this real world example:
Add Logstash logging feature
Integrate a UDP logging backend to the auth service.
fix oauth password grant with URL encoded characters
this grant isn't used very commonly
work around is to use passwords without characters that require URI encoding
Provide a mechanism to deauth users
Is your feature request related to a problem? Please describe.
It should be possible for an admin to deauthenticate an individual user or a set of users.
Describe the solution you'd like
Provide an option visible to admins on a user's page that invalidates any sessions.
Provide an option to invalidate all user sessions via the admin page.
Additional context
This could be achieved on a user level by keeping the user's id in redis with the time of invalidation.
Incoming JWTs to services will require a quick check of the token's user id, and a comparison of the creation time and time of invalidation
file uploads saving as binary
instead of using the proper mime type
Service accounts that allow substituting users
i.e. Staff app service account acting as user Steve.
(bad example as we'll pass through the supplied JWT token for Staff app, however useful for 3rd party integrations)
Add support for authentication tokens
Where the token can be expired or revoked
Specs for Theme Service
CI notifications
Please see this issue in relation to this line.
Add OpenTelemetry Instrumentation
Add rails instrumentation to keep tabs on perf and drill down on errors within the authentication service.
Relevant Issues
`mimemagic 0.3.5` dependency cannot be resolved
Nighty builds have recently started failing. This appears to be due to a pinned dependency that is no longer available.
Build output of interest:
---> Running in 535008ad8f09
Fetching gem metadata from https://rubygems.org/........
Your bundle is locked to mimemagic (0.3.5), but that version could not be found
in any of the sources listed in your Gemfile. If you haven't changed sources,
that means the author of mimemagic (0.3.5) has removed it. You'll need to update
your bundle to a version other than mimemagic (0.3.5) that hasn't been removed
in order to install.
The command '/bin/sh -c bundle config --global frozen 1 && bundle install --without test:assets -j4 --retry 3 --path=vendor/bundle && rm -rf vendor/bundle/ruby/2.6.0/cache/*.gem && find vendor/bundle/ruby/2.6.0/gems/ -name "*.c" -delete && find vendor/bundle/ruby/2.6.0/gems/ -name "*.o" -delete' returned a non-zero code: 7
Room Config: Add room features
Room features are added as tags to the system e.g. whiteboard, projector, webex etc. some features will be added automatically if the system on PlaceOS has been integrated with a video conference unit.
Unable to revoke access tokens
Describe the bug
Standard token revocation is exposed under the /auth/oauth/revoke endpoint however successful interaction with this does not currently appear possible.
Your environment
placeos-1.2109.0
To Reproduce
Perform a POST request containing the token to revoke as per https://datatracker.ietf.org/doc/html/rfc7009#section-2.1.
Expected behavior
Token should be revoked immediately.
Additional context
Attempts to interact with this endpoint without supplying client credentials results in the request failing due to being unauthorized.
auth | Started POST "/auth/oauth/revoke" for 172.31.231.18 at 2021-09-08 14:48:47 +1000
auth | Processing by Doorkeeper::TokensController#revoke as HTML
auth | Parameters: {"token"=>"eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJQT1MiLCJpYXQiOjE2MzEwNzYyNzYsImV4cCI6MTYzMTA4MzQ3NiwianRpIjoiZDg2NjI2MDQtYjg3Mi00MmQ1LThkYzgtZThhMTgzOGI5ODI2IiwiYXVkIjoibG9jYWxob3N0Iiwic2NvcGUiOlsicHVibGljIl0sInN1YiI6InVzZXItQ2IxdjV-SklncSIsInUiOnsibiI6IlBsYWNlIFN1cHBvcnQgKGxvY2FsaG9zdDo4NDQzKSIsImUiOiJzdXBwb3J0QHBsYWNlLnRlY2giLCJwIjoyLCJyIjpbXX19.JoCBXs4hMRXt_CUj_UPVU4DRZGyKdJQzG9VjVA4YptHP6hqiGm7ZEM_7-l56CBuCkYHUgMd5kbrF-RFyBcgTwIgjdR2nqctb00iTYVeWJae2c4Isp9OhDbil5JIGpUJTYDT3BORAKyJoXhQfQKa7gdVD9cppWJkI7nlGOLoWA2NW4PomUPjEYH4HRME0h4DASChYz6cVzsqouDOIbujhnxhddCKpAgOvgNFxRS0MBaF3jUMk2e_hCaeqi75leO4O0wOxABZ7L51VRSaFbYrEqLB9ZDp5ExaWLI7h8gkX0rHbfCLgvziYIyeQ2mQq_knjhF-NVtWgfHiL2VJIpPJ_uWOw1gPb36CQ44427LplHsOD5zbdTcoOyLXwrSngjRfFEBdIqzvGmNh7lTXHJQUVPGWyL3aChiYYt1IPbbd3Ma1tRD1w9619mmYoprA__RYtuFS-NUk0D5OU_2A0LvYAO0p_impwMW4_j6NunjVQxKHFIwi2MEf4-PAk3o-L7SRktgz9v-PW2BDJfj01i-JmylwqooWF1j7P1ve2O_PIsgcCyeo5oi_UHV7zwFgPy4c6-Y9sAIaBHY5qRr_h4OAunye7NCzMIXdfpXTm42SEyc4JsBmi_palOhv0-10Gixq1GAm0caPXvALPpG8T5hm2sHJKjdB7JWW51JLjbVTUsAw"}
auth | Filter chain halted as :validate_presence_of_client rendered or redirected
auth | Completed 403 Forbidden in 0ms (Views: 0.2ms | Allocations: 173)
Note: this appears as though it should be allowed.
When supplying a client_id and client_secret as basic credentials the request fails with a HTTP 500.
auth | Started POST "/auth/oauth/revoke" for 172.31.231.18 at 2021-09-08 14:48:05 +1000
auth | Processing by Doorkeeper::TokensController#revoke as HTML
auth | Parameters: {"token"=>"eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJQT1MiLCJpYXQiOjE2MzEwNzYyNzYsImV4cCI6MTYzMTA4MzQ3NiwianRpIjoiZDg2NjI2MDQtYjg3Mi00MmQ1LThkYzgtZThhMTgzOGI5ODI2IiwiYXVkIjoibG9jYWxob3N0Iiwic2NvcGUiOlsicHVibGljIl0sInN1YiI6InVzZXItQ2IxdjV-SklncSIsInUiOnsibiI6IlBsYWNlIFN1cHBvcnQgKGxvY2FsaG9zdDo4NDQzKSIsImUiOiJzdXBwb3J0QHBsYWNlLnRlY2giLCJwIjoyLCJyIjpbXX19.JoCBXs4hMRXt_CUj_UPVU4DRZGyKdJQzG9VjVA4YptHP6hqiGm7ZEM_7-l56CBuCkYHUgMd5kbrF-RFyBcgTwIgjdR2nqctb00iTYVeWJae2c4Isp9OhDbil5JIGpUJTYDT3BORAKyJoXhQfQKa7gdVD9cppWJkI7nlGOLoWA2NW4PomUPjEYH4HRME0h4DASChYz6cVzsqouDOIbujhnxhddCKpAgOvgNFxRS0MBaF3jUMk2e_hCaeqi75leO4O0wOxABZ7L51VRSaFbYrEqLB9ZDp5ExaWLI7h8gkX0rHbfCLgvziYIyeQ2mQq_knjhF-NVtWgfHiL2VJIpPJ_uWOw1gPb36CQ44427LplHsOD5zbdTcoOyLXwrSngjRfFEBdIqzvGmNh7lTXHJQUVPGWyL3aChiYYt1IPbbd3Ma1tRD1w9619mmYoprA__RYtuFS-NUk0D5OU_2A0LvYAO0p_impwMW4_j6NunjVQxKHFIwi2MEf4-PAk3o-L7SRktgz9v-PW2BDJfj01i-JmylwqooWF1j7P1ve2O_PIsgcCyeo5oi_UHV7zwFgPy4c6-Y9sAIaBHY5qRr_h4OAunye7NCzMIXdfpXTm42SEyc4JsBmi_palOhv0-10Gixq1GAm0caPXvALPpG8T5hm2sHJKjdB7JWW51JLjbVTUsAw"}
auth | [ 1.6ms] r.table("doorkeeper_app").get_all( "b52e653071c45353dbff4e8f47d51cdf", {"index" => :uid}).order_by(r.asc(:id)).limit(1)
auth | [ 2.1ms] r.table("doorkeeper_token").get_all( "62603e7370fc230ee287822734d6dcec0d095640d2c246c60a8ed1ef31eb051d", {"index" => :token}).order_by(r.asc(:id)).limit(1)
auth | Completed 500 Internal Server Error in 19ms (NoBrainer: 3.7ms (read) | Allocations: 3644)
auth |
auth |
auth | undefined method `application_id?' for #<Doorkeeper::AccessToken:0x00007f711ca8d600>
auth | Did you mean? application_id
auth | application_id=
auth | application
auth | application_id_was
auth | application= excluded from capture: DSN not set
auth |
auth | NoMethodError (undefined method `application_id?' for #<Doorkeeper::AccessToken:0x00007f711ca8d600>
auth | Did you mean? application_id
auth | application_id=
auth | application
auth | application_id_was
auth | application=):
auth |
auth | lib/omniauth/strategies/generic_adfs.rb:45:in `other_phase'
CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
The application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
`
Log off
def destroy
remove_session
# do we want to redirect externally?
path = params.permit(:continue)[:continue] || '/'
if path.include?("://")
authority = current_authority
uri = Addressable::URI.parse(path)
if uri.domain == authority.domain
path = "#{uri.request_uri}#{uri.fragment ? "##{uri.fragment}" : nil}"
else
path = authority.logout_url
if path.include?("continue=")
path = URI.decode_www_form_component(path.split("continue=", 2)[-1])
end
end
end
redirect_to path
end
`
Payload: https:///auth/logout?continue=//<external_domain>
Open Redirection Vulnerability
We found the source code on their Github page and discovered an open redirection vulnerability in the logout function. The application insecurely validates inputs to the session controller that allows open redirects to external domains
https://myoffice.domain.com.au/auth/logout?continue=//accenture.com
I noticed that the logout function is not in use in the workspace app, but the vulnerability can be triggered using direct link. Their devs had made changes to the source code after reporting, 76ca6f6.
This is a very low-risk vulnerability though however, I thought it is good to let you know in advance so you could deploy the updated source.โ
Survey: Responses received for a survey
- access responses data from Backend
- build page showing responses received for a survey
- responses page to be accessible by clicking on a survey in the Survey List view
Successful login redirects back to login page
Describe the bug
In development mode, with env var
COAUTH_NO_SSL: "true"
successful (202) logins will result in redirection back to the login page. Making it impossible to access the desired app (e.g. backoffice). This can be reproduced with partner-environment: PlaceOS/local#85
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.