Merge pull request #28 from RadiusNetworks/filter-fields

cupakromer · web-flow · commit c9d6ca81f5e8 · 2018-05-09T10:42:08.000-04:00
Add Rails filters to remove more sensitive fields
diff --git a/.travis.yml b/.travis.yml
@@ -6,11 +6,14 @@ script: bin/rake
 rvm:
   - 2.3.3
   - 2.4.0
+  - 2.5.0
 env:
+  - RAILS_VERSION='~> 5.1.0'
   - RAILS_VERSION='~> 5.0.0'
   - RAILS_VERSION='~> 4.2.8'
   - RAILS_VERSION='4-2-stable'
   - RAILS_VERSION='5-0-stable'
+  - RAILS_VERSION='5-1-stable'
 matrix:
   include:
     - rvm: 2.2.3
diff --git a/Gemfile-rails-dependencies b/Gemfile-rails-dependencies
@@ -24,5 +24,5 @@ if version && !version.empty?
 elsif RUBY_VERSION.to_f < 2.4
   gem "rails", "~> 4.2.0"
 else
-  gem "rails", "~> 5.0"
+  gem "rails", "~> 5.1"
 end
diff --git a/lib/kracken/railtie.rb b/lib/kracken/railtie.rb
@@ -7,5 +7,27 @@ class Railtie < ::Rails::Railtie
       app.middleware.insert_after ActionDispatch::DebugExceptions,
                                   ::Kracken::JsonApi::PublicExceptions
     end
+
+    config.before_initialize do |app|
+      app.config.filter_parameters += %i[
+        code
+        email
+        linked_accounts
+        raw_info
+        redirect_to
+        redirect_uri
+        state
+        token
+      ]
+      app.config.filter_redirect += [
+        "auth/radius",
+        "auth/token",
+      ]
+    end
+
+    # Allow apps to configure the provider in initializers
+    config.after_initialize do |app|
+      app.config.filter_redirect << URI(Kracken.config.provider_url).host
+    end
   end
 end
