Sha256: efe4bde320926ce40bcb59d1dfece7b550a95fcb202bc9835b7b224177ff493f

Contents?: true

Size: 640 Bytes

Versions: 8

Compression:

Stored size: 640 Bytes

Contents

require 'rack-protection'

module OmniAuth
  class AuthenticityError < StandardError; end
  class AuthenticityTokenProtection < Rack::Protection::AuthenticityToken
    def initialize(options = {})
      @options = default_options.merge(options)
    end

    def self.call(env)
      new.call!(env)
    end

    def call!(env)
      return if accepts?(env)

      instrument env
      react env
    end

    alias_method :call, :call!

  private

    def deny(_env)
      OmniAuth.logger.send(:warn, "Attack prevented by #{self.class}")
      raise AuthenticityError.new(options[:message])
    end

    alias default_reaction deny
  end
end

Version data entries

8 entries across 8 versions & 2 rubygems

Version Path
omniauth-2.1.2 lib/omniauth/authenticity_token_protection.rb
omniauth-2.1.1 lib/omniauth/authenticity_token_protection.rb
omniauth-2.1.0 lib/omniauth/authenticity_token_protection.rb
tdiary-5.1.6 vendor/bundle/ruby/2.7.0/gems/omniauth-2.0.4/lib/omniauth/authenticity_token_protection.rb
omniauth-2.0.4 lib/omniauth/authenticity_token_protection.rb
omniauth-2.0.3 lib/omniauth/authenticity_token_protection.rb
omniauth-2.0.2 lib/omniauth/authenticity_token_protection.rb
omniauth-2.0.1 lib/omniauth/authenticity_token_protection.rb