From ce81d8966b54ec47a5f6aa65c791bd41db1626a0 Mon Sep 17 00:00:00 2001 From: Andreas Finger Date: Mon, 19 Aug 2024 11:28:22 +0200 Subject: [PATCH] Update omniauth [WIP] OmniAuth::Strategies::OAuth2::CallbackError csrf_detected | CSRF detected --- Gemfile | 2 +- Gemfile.lock | 67 ++++++++++++++++++++++++++++------------------------ 2 files changed, 37 insertions(+), 32 deletions(-) diff --git a/Gemfile b/Gemfile index af42301..b1b0a2e 100644 --- a/Gemfile +++ b/Gemfile @@ -22,7 +22,7 @@ gem "observer" gem "dotenv-rails", "~> 2.4" gem "haml-rails", "~> 2.0" gem "jbuilder", "~> 2.5" -gem "omniauth-google-oauth2", "~> 1.0" +gem "omniauth-google-oauth2", "~> 1.1" gem "omniauth-rails_csrf_protection", "~> 1.0" gem "pg", ">= 0.18", "< 2.0" gem "pg_search", "~> 2.1" diff --git a/Gemfile.lock b/Gemfile.lock index 5e203ba..73d23cd 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -97,15 +97,11 @@ GEM factory_bot_rails (6.2.0) factory_bot (~> 6.2.0) railties (>= 5.0.0) - faraday (1.4.1) - faraday-excon (~> 1.1) - faraday-net_http (~> 1.0) - faraday-net_http_persistent (~> 1.1) - multipart-post (>= 1.2, < 3) - ruby2_keywords (>= 0.0.4) - faraday-excon (1.1.0) - faraday-net_http (1.0.1) - faraday-net_http_persistent (1.1.0) + faraday (2.10.1) + faraday-net_http (>= 2.0, < 3.2) + logger + faraday-net_http (3.1.1) + net-http ffi (1.15.0) globalid (1.2.1) activesupport (>= 6.1) @@ -124,7 +120,7 @@ GEM rainbow rubocop (>= 0.50.0) sysexits (~> 1.1) - hashie (4.1.0) + hashie (5.0.0) html2haml (2.2.0) erubis (~> 2.7.0) haml (>= 4.0, < 6) @@ -135,11 +131,13 @@ GEM jbuilder (2.11.2) activesupport (>= 5.0.0) json (2.7.2) - jwt (2.2.3) + jwt (2.8.2) + base64 language_server-protocol (3.17.0.3) listen (3.5.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) + logger (1.6.0) loofah (2.22.0) crass (~> 1.0.2) nokogiri (>= 1.12.0) @@ -154,10 +152,11 @@ GEM mini_mime (1.1.5) mini_portile2 (2.8.7) minitest (5.25.1) - multi_json (1.15.0) - multi_xml (0.6.0) - multipart-post (2.1.1) + multi_xml (0.7.1) + bigdecimal (~> 3.1) mutex_m (0.2.0) + net-http (0.4.1) + uri net-imap (0.4.14) date net-protocol @@ -171,26 +170,27 @@ GEM nokogiri (1.16.7) mini_portile2 (~> 2.8.2) racc (~> 1.4) - oauth2 (1.4.7) - faraday (>= 0.8, < 2.0) + oauth2 (2.0.9) + faraday (>= 0.17.3, < 3.0) jwt (>= 1.0, < 3.0) - multi_json (~> 1.3) multi_xml (~> 0.5) - rack (>= 1.2, < 3) + rack (>= 1.2, < 4) + snaky_hash (~> 2.0) + version_gem (~> 1.1) observer (0.1.2) - omniauth (2.0.4) + omniauth (2.1.2) hashie (>= 3.4.6) - rack (>= 1.6.2, < 3) + rack (>= 2.2.3) rack-protection - omniauth-google-oauth2 (1.0.0) + omniauth-google-oauth2 (1.1.2) jwt (>= 2.0) - oauth2 (~> 1.1) + oauth2 (~> 2.0) omniauth (~> 2.0) - omniauth-oauth2 (~> 1.7.1) - omniauth-oauth2 (1.7.1) - oauth2 (~> 1.4) - omniauth (>= 1.9, < 3) - omniauth-rails_csrf_protection (1.0.0) + omniauth-oauth2 (~> 1.8) + omniauth-oauth2 (1.8.0) + oauth2 (>= 1.4, < 3) + omniauth (~> 2.0) + omniauth-rails_csrf_protection (1.0.2) actionpack (>= 4.2) omniauth (~> 2.0) parallel (1.26.3) @@ -206,8 +206,9 @@ GEM nio4r (~> 2.0) racc (1.8.1) rack (2.2.9) - rack-protection (2.1.0) - rack + rack-protection (3.2.0) + base64 (>= 0.1.0) + rack (~> 2.2, >= 2.2.4) rack-test (2.1.0) rack (>= 1.3) rails (6.1.7.8) @@ -293,7 +294,6 @@ GEM rubocop-rspec (3.0.4) rubocop (~> 1.61) ruby-progressbar (1.13.0) - ruby2_keywords (0.0.4) ruby_parser (3.15.1) sexp_processor (~> 4.9) sass (3.7.4) @@ -314,6 +314,9 @@ GEM scss_lint (0.59.0) sass (~> 3.5, >= 3.5.5) sexp_processor (4.15.2) + snaky_hash (2.0.1) + hashie + version_gem (~> 1.1, >= 1.1.1) sprockets (4.2.1) concurrent-ruby (~> 1.0) rack (>= 2.2.4, < 4) @@ -335,6 +338,8 @@ GEM uglifier (4.2.0) execjs (>= 0.3.0, < 3) unicode-display_width (2.5.0) + uri (0.13.0) + version_gem (1.1.4) web-console (4.1.0) actionview (>= 6.0.0) activemodel (>= 6.0.0) @@ -366,7 +371,7 @@ DEPENDENCIES matrix mutex_m observer - omniauth-google-oauth2 (~> 1.0) + omniauth-google-oauth2 (~> 1.1) omniauth-rails_csrf_protection (~> 1.0) pg (>= 0.18, < 2.0) pg_search (~> 2.1)