diff --git a/.ruby-version b/.ruby-version index 37c2961c2430f357166156e7ddf1c590eb8d4ce1..49cdd668e1c82b32c9adc54b07e5c52757e6b93a 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.7.2 +2.7.6 diff --git a/Gemfile b/Gemfile index 325901a8cc5b7e6b8e55a6b0f0512495ce50e56e..fa0c39dc54351394569596af16ea644391c69b8f 100644 --- a/Gemfile +++ b/Gemfile @@ -10,7 +10,7 @@ end # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' gem 'aws-sdk-s3', '~> 1.88.1' gem 'bcrypt', '~> 3.1.7' -gem 'bigbluebutton-api-ruby', git: 'https://github.com/mconf/bigbluebutton-api-ruby.git', branch: 'master' +gem 'bigbluebutton-api-ruby', '~> 1.9' gem 'bn-ldap-authentication', '~> 0.1.4' gem 'bootsnap', '~> 1.7.2', require: false gem 'bootstrap', '~> 4.3.1' @@ -25,12 +25,12 @@ gem 'jquery-rails', '~> 4.4.0' gem 'jquery-ui-rails', '~> 6.0.1' gem 'local_time', '~> 2.1.0' gem 'net-ldap', '~> 0.17.0' -gem 'omniauth', '~> 1.9.1' -gem 'omniauth-bn-launcher', '~> 0.1.3' -gem 'omniauth-bn-office365', '~> 0.1.1' -gem 'omniauth-google-oauth2', '~> 0.7.0' +gem 'omniauth', '~> 2.1.0' +gem 'omniauth-bn-launcher', '~> 0.1.4' +gem 'omniauth-bn-office365', '~> 0.1.2' +gem 'omniauth-google-oauth2', '~> 1.0.1' gem 'omniauth_openid_connect', '~> 0.4.0' -gem 'omniauth-rails_csrf_protection', '~> 0.1.2' +gem 'omniauth-rails_csrf_protection', '~> 1.0.1' gem 'omniauth-twitter', '~> 1.4.0' gem 'pagy', '~> 3.11.0' gem 'pluck_to_hash', '~> 1.0.2' diff --git a/Gemfile.lock b/Gemfile.lock index fc4e69af96f86cbdbd8e729ebd6ac973bad6249a..8fe4fd138329da7f42511aaac6e90bf550d2451f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -6,20 +6,6 @@ GIT tabler-rubygem (0.1.4.1) autoprefixer-rails (>= 6.0.3) -GIT - remote: https://github.com/mconf/bigbluebutton-api-ruby.git - revision: 91dc495324a6b7e162773227ec3650f8a5b39c50 - branch: master - specs: - bigbluebutton-api-ruby (1.7.0) - childprocess (>= 1.0.1) - ffi (>= 1.9.24) - json (>= 1.8.6) - nokogiri (>= 1.10.4) - rack (>= 1.6.11) - rubyzip (>= 1.3.0) - xml-simple (~> 1.1) - GEM remote: https://rubygems.org/ specs: @@ -72,30 +58,38 @@ GEM arel (9.0.0) ast (2.4.2) attr_required (1.0.1) - autoprefixer-rails (10.2.4.0) - execjs - aws-eventstream (1.1.1) - aws-partitions (1.435.0) - aws-sdk-core (3.113.0) + autoprefixer-rails (10.4.7.0) + execjs (~> 2) + aws-eventstream (1.2.0) + aws-partitions (1.592.0) + aws-sdk-core (3.131.1) aws-eventstream (~> 1, >= 1.0.2) - aws-partitions (~> 1, >= 1.239.0) + aws-partitions (~> 1, >= 1.525.0) aws-sigv4 (~> 1.1) - jmespath (~> 1.0) - aws-sdk-kms (1.43.0) - aws-sdk-core (~> 3, >= 3.112.0) + jmespath (~> 1, >= 1.6.1) + aws-sdk-kms (1.57.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-s3 (1.88.2) aws-sdk-core (~> 3, >= 3.112.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.1) - aws-sigv4 (1.2.3) + aws-sigv4 (1.5.0) aws-eventstream (~> 1, >= 1.0.2) - bcrypt (3.1.16) + bcrypt (3.1.18) + bigbluebutton-api-ruby (1.9.0) + childprocess (>= 1.0.1) + ffi (>= 1.9.24) + json (>= 1.8.6) + nokogiri (>= 1.10.4) + rack (>= 1.6.11) + rubyzip (>= 1.3.0) + xml-simple (~> 1.1) bindata (2.4.10) bindex (0.8.1) bn-ldap-authentication (0.1.4) net-ldap (~> 0) - bootsnap (1.7.3) + bootsnap (1.7.7) msgpack (~> 1.0) bootstrap (4.3.1) autoprefixer-rails (>= 9.1.0) @@ -104,7 +98,7 @@ GEM builder (3.2.4) byebug (11.1.3) cancancan (2.3.0) - childprocess (4.0.0) + childprocess (4.1.0) concurrent-ruby (1.1.10) coveralls (0.8.23) json (>= 1.8, < 3) @@ -116,54 +110,70 @@ GEM rexml crass (1.0.6) declarative (0.0.20) - declarative-option (0.1.0) - diff-lcs (1.4.4) - digest-crc (0.6.3) + diff-lcs (1.5.0) + digest-crc (0.6.4) rake (>= 12.0.0, < 14.0.0) - docile (1.3.5) + docile (1.4.0) dotenv (2.7.6) dotenv-rails (2.7.6) dotenv (= 2.7.6) railties (>= 3.2) erubi (1.10.0) - execjs (2.7.0) - factory_bot (6.1.0) + execjs (2.8.1) + factory_bot (6.2.1) activesupport (>= 5.0.0) - factory_bot_rails (6.1.0) - factory_bot (~> 6.1.0) + factory_bot_rails (6.2.0) + factory_bot (~> 6.2.0) railties (>= 5.0.0) - faker (2.17.0) - i18n (>= 1.6, < 2) - faraday (1.3.0) + faker (2.21.0) + i18n (>= 1.8.11, < 2) + faraday (1.10.0) + faraday-em_http (~> 1.0) + faraday-em_synchrony (~> 1.0) + faraday-excon (~> 1.1) + faraday-httpclient (~> 1.0) + faraday-multipart (~> 1.0) faraday-net_http (~> 1.0) + faraday-net_http_persistent (~> 1.0) + faraday-patron (~> 1.0) + faraday-rack (~> 1.0) + faraday-retry (~> 1.0) + ruby2_keywords (>= 0.0.4) + faraday-em_http (1.0.0) + faraday-em_synchrony (1.0.0) + faraday-excon (1.1.0) + faraday-httpclient (1.0.1) + faraday-multipart (1.0.3) multipart-post (>= 1.2, < 3) - ruby2_keywords faraday-net_http (1.0.1) - ffi (1.15.0) + faraday-net_http_persistent (1.2.0) + faraday-patron (1.0.0) + faraday-rack (1.0.0) + faraday-retry (1.0.3) + ffi (1.15.5) font-awesome-sass (5.9.0) sassc (>= 1.11) globalid (1.0.0) activesupport (>= 5.0) - google-apis-core (0.3.0) + google-apis-core (0.5.0) addressable (~> 2.5, >= 2.5.1) - googleauth (~> 0.14) - httpclient (>= 2.8.1, < 3.0) + googleauth (>= 0.16.2, < 2.a) + httpclient (>= 2.8.1, < 3.a) mini_mime (~> 1.0) representable (~> 3.0) - retriable (>= 2.0, < 4.0) + retriable (>= 2.0, < 4.a) rexml - signet (~> 0.14) webrick - google-apis-iamcredentials_v1 (0.2.0) - google-apis-core (~> 0.1) - google-apis-storage_v1 (0.3.0) - google-apis-core (~> 0.1) + google-apis-iamcredentials_v1 (0.10.0) + google-apis-core (>= 0.4, < 2.a) + google-apis-storage_v1 (0.14.0) + google-apis-core (>= 0.4, < 2.a) google-cloud-core (1.6.0) google-cloud-env (~> 1.0) google-cloud-errors (~> 1.0) - google-cloud-env (1.5.0) - faraday (>= 0.17.3, < 2.0) - google-cloud-errors (1.1.0) + google-cloud-env (1.6.0) + faraday (>= 0.17.3, < 3.0) + google-cloud-errors (1.2.0) google-cloud-storage (1.30.0) addressable (~> 2.5) digest-crc (~> 0.4) @@ -172,37 +182,38 @@ GEM google-cloud-core (~> 1.2) googleauth (~> 0.9) mini_mime (~> 1.0) - googleauth (0.16.0) + googleauth (0.17.1) faraday (>= 0.17.3, < 2.0) jwt (>= 1.4, < 3.0) memoist (~> 0.16) multi_json (~> 1.11) os (>= 0.9, < 2.0) - signet (~> 0.14) + signet (~> 0.15) hashdiff (1.0.1) - hashie (4.1.0) + hashie (5.0.0) hiredis (0.6.3) http_accept_language (2.1.1) httpclient (2.8.3) i18n (1.10.0) concurrent-ruby (~> 1.0) i18n-language-mapping (0.1.3.1) - jbuilder (2.11.2) + jbuilder (2.11.5) + actionview (>= 5.0.0) activesupport (>= 5.0.0) - jmespath (1.4.0) + jmespath (1.6.1) jquery-rails (4.4.0) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) jquery-ui-rails (6.0.1) railties (>= 3.2.16) - json (2.5.1) + json (2.6.2) json-jwt (1.13.0) activesupport (>= 4.2) aes_key_wrap bindata - jwt (2.2.2) - listen (3.5.0) + jwt (2.3.0) + listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) local_time (2.1.0) @@ -211,7 +222,7 @@ GEM activesupport (>= 4) railties (>= 4) request_store (~> 1.0) - loofah (2.17.0) + loofah (2.18.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) @@ -222,7 +233,7 @@ GEM mini_mime (1.1.2) mini_portile2 (2.8.0) minitest (5.15.0) - msgpack (1.4.2) + msgpack (1.5.1) multi_json (1.15.0) multi_xml (0.6.0) multipart-post (2.1.1) @@ -231,35 +242,37 @@ GEM nokogiri (1.13.6) mini_portile2 (~> 2.8.0) racc (~> 1.4) - oauth (0.5.5) - oauth2 (1.4.7) - faraday (>= 0.8, < 2.0) + oauth (0.5.10) + oauth2 (1.4.9) + faraday (>= 0.17.3, < 3.0) jwt (>= 1.0, < 3.0) multi_json (~> 1.3) multi_xml (~> 0.5) rack (>= 1.2, < 3) - omniauth (1.9.1) + omniauth (2.1.0) hashie (>= 3.4.6) - rack (>= 1.6.2, < 3) - omniauth-bn-launcher (0.1.3) - omniauth (~> 1.3, >= 1.3.2) - omniauth-oauth2 (= 1.5.0) - omniauth-bn-office365 (0.1.1) - omniauth (>= 1.3.2) - omniauth-oauth2 (>= 1.5.0) - omniauth-google-oauth2 (0.7.0) + rack (>= 2.2.3) + rack-protection + omniauth-bn-launcher (0.1.4) + omniauth (~> 2.1, >= 2.1.0) + omniauth-oauth2 (= 1.7.2) + omniauth-bn-office365 (0.1.2) + omniauth (~> 2.1, >= 2.1.0) + omniauth-oauth2 (= 1.7.2) + omniauth-google-oauth2 (1.0.1) jwt (>= 2.0) - omniauth (>= 1.1.1) - omniauth-oauth2 (>= 1.5) + oauth2 (~> 1.1) + omniauth (~> 2.0) + omniauth-oauth2 (~> 1.7.1) omniauth-oauth (1.2.0) oauth omniauth (>= 1.0, < 3) - omniauth-oauth2 (1.5.0) - oauth2 (~> 1.1) - omniauth (~> 1.2) - omniauth-rails_csrf_protection (0.1.2) + omniauth-oauth2 (1.7.2) + oauth2 (~> 1.4) + omniauth (>= 1.9, < 3) + omniauth-rails_csrf_protection (1.0.1) actionpack (>= 4.2) - omniauth (>= 1.3.1) + omniauth (~> 2.0) omniauth-twitter (1.4.0) omniauth-oauth (~> 1.1) rack @@ -277,17 +290,17 @@ GEM validate_email validate_url webfinger (>= 1.0.1) - os (1.1.1) + os (1.1.4) pagy (3.11.0) - parallel (1.20.1) - parser (3.0.0.0) + parallel (1.22.1) + parser (3.1.2.0) ast (~> 2.4.1) pg (0.21.0) pluck_to_hash (1.0.2) activerecord (>= 4.0.2) activesupport (>= 4.0.2) popper_js (1.16.0) - public_suffix (4.0.6) + public_suffix (4.0.7) puma (4.3.12) nio4r (~> 2.0) racc (1.6.0) @@ -298,6 +311,8 @@ GEM httpclient json-jwt (>= 1.11.0) rack (>= 2.1.0) + rack-protection (2.2.0) + rack rack-test (1.1.0) rack (>= 1.0, < 3) rails (5.2.7.1) @@ -328,25 +343,25 @@ GEM method_source rake (>= 0.8.7) thor (>= 0.19.0, < 2.0) - rainbow (3.0.0) + rainbow (3.1.1) rake (13.0.6) random_password (0.1.1) - rb-fsevent (0.10.4) + rb-fsevent (0.11.1) rb-inotify (0.10.1) ffi (~> 1.0) recaptcha (5.7.0) json redcarpet (3.5.1) redis (4.2.5) - regexp_parser (2.1.1) + regexp_parser (2.4.0) remote_syslog_logger (1.0.4) syslog_protocol repost (0.3.8) - representable (3.0.4) + representable (3.2.0) declarative (< 0.1.0) - declarative-option (< 0.2.0) + trailblazer-option (>= 0.1.1, < 0.2.0) uber (< 0.2.0) - request_store (1.5.0) + request_store (1.5.1) rack (>= 1.4) retriable (3.1.2) rexml (3.2.5) @@ -376,11 +391,11 @@ GEM rubocop-ast (>= 1.2.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.4.1) - parser (>= 2.7.1.5) + rubocop-ast (1.18.0) + parser (>= 3.1.1.0) ruby-progressbar (1.11.0) - ruby2_keywords (0.0.4) - rubyzip (2.3.0) + ruby2_keywords (0.0.5) + rubyzip (2.3.2) sassc (2.4.0) ffi (~> 1.9) sassc-rails (2.1.2) @@ -392,9 +407,9 @@ GEM sequel (5.41.0) shoulda-matchers (3.1.3) activesupport (>= 4.0.0) - signet (0.15.0) - addressable (~> 2.3) - faraday (>= 0.17.3, < 2.0) + signet (0.16.1) + addressable (~> 2.8) + faraday (>= 0.17.5, < 3.0) jwt (>= 1.5, < 3.0) multi_json (~> 1.10) simplecov (0.16.1) @@ -425,23 +440,24 @@ GEM thor (1.2.1) thread_safe (0.3.6) tilt (2.0.10) - tins (1.28.0) + tins (1.31.1) sync + trailblazer-option (0.1.2) turbolinks (5.2.1) turbolinks-source (~> 5.2) turbolinks-source (5.2.0) tzinfo (1.2.9) thread_safe (~> 0.1) - tzinfo-data (1.2021.1) + tzinfo-data (1.2021.5) tzinfo (>= 1.0.0) uber (0.1.0) uglifier (4.2.0) execjs (>= 0.3.0, < 3) - unicode-display_width (2.0.0) + unicode-display_width (2.1.0) validate_email (0.1.6) activemodel (>= 3.0) mail (>= 2.2.5) - validate_url (1.0.13) + validate_url (1.0.15) activemodel (>= 3.0.0) public_suffix web-console (3.7.0) @@ -452,15 +468,16 @@ GEM webfinger (1.2.0) activesupport httpclient (>= 2.4) - webmock (3.12.1) - addressable (>= 2.3.6) + webmock (3.14.0) + addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) webrick (1.7.0) websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - xml-simple (1.1.8) + xml-simple (1.1.9) + rexml PLATFORMS ruby @@ -469,7 +486,7 @@ DEPENDENCIES action-cable-testing (~> 0.6) aws-sdk-s3 (~> 1.88.1) bcrypt (~> 3.1.7) - bigbluebutton-api-ruby! + bigbluebutton-api-ruby (~> 1.9) bn-ldap-authentication (~> 0.1.4) bootsnap (~> 1.7.2) bootstrap (~> 4.3.1) @@ -491,11 +508,11 @@ DEPENDENCIES local_time (~> 2.1.0) lograge (~> 0.11.2) net-ldap (~> 0.17.0) - omniauth (~> 1.9.1) - omniauth-bn-launcher (~> 0.1.3) - omniauth-bn-office365 (~> 0.1.1) - omniauth-google-oauth2 (~> 0.7.0) - omniauth-rails_csrf_protection (~> 0.1.2) + omniauth (~> 2.1.0) + omniauth-bn-launcher (~> 0.1.4) + omniauth-bn-office365 (~> 0.1.2) + omniauth-google-oauth2 (~> 1.0.1) + omniauth-rails_csrf_protection (~> 1.0.1) omniauth-twitter (~> 1.4.0) omniauth_openid_connect (~> 0.4.0) pagy (~> 3.11.0) diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index d6dbe8c0c2195e314af85ac8f90f7b1edaeaedc7..550038f538a011f5ad885892e2d9b26fa1ea3c8d 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -3,8 +3,8 @@ # BigBlueButton open source conferencing system - http://www.bigbluebutton.org/. # # Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below). -# # This program is free software; you can redistribute it and/or modify it under the +# # terms of the GNU Lesser General Public License as published by the Free Software # Foundation; either version 3.0 of the License, or (at your option) any later # version. diff --git a/lib/omniauth_options.rb b/lib/omniauth_options.rb index 61996ecdf7e5968b3acfec4324e44cebc3c7d46b..ca636b05b4ec6de5f0b6ca3ac89faa0fc9307550 100644 --- a/lib/omniauth_options.rb +++ b/lib/omniauth_options.rb @@ -23,7 +23,6 @@ module OmniauthOptions case env['omniauth.strategy'].options[:name] when "bn_launcher" protocol = Rails.env.production? ? "https" : env["rack.url_scheme"] - customer_redirect_url = "#{protocol}://#{env['SERVER_NAME']}:#{env['SERVER_PORT']}" user_domain = parse_user_domain(env["SERVER_NAME"]) env['omniauth.strategy'].options[:customer] = user_domain