Fix rules, fix OIDC loggin

2025-11-07 16:12:39 +11:00
parent d153fd436f
commit f50ebe666e
3 changed files with 27 additions and 8 deletions
--- a/app/models/rule.rb
+++ b/app/models/rule.rb
@@ -143,20 +143,39 @@ class Rule < ApplicationRecord
    format = {
      id: id,
      rule_type: rule_type,
-      action: action,
+      waf_action: action,  # Agents expect 'waf_action' field
      conditions: agent_conditions,
      priority: agent_priority,
-      expires_at: expires_at&.iso8601,
+      expires_at: expires_at&.to_i,  # Agents expect Unix timestamps
      enabled: enabled,
      source: source,
      metadata: metadata || {},
-      created_at: created_at.iso8601,
-      updated_at: updated_at.iso8601
+      created_at: created_at.to_i,   # Agents expect Unix timestamps
+      updated_at: updated_at.to_i     # Agents expect Unix timestamps
    }

-    # Add network intelligence for debugging (optional)
+    # For network rules, resolve the network range to actual IP data
    if network_rule? && network_range
-      format[:network_intelligence] = network_intelligence
+      begin
+        ip_range = IPAddr.new(network_range.cidr)
+        range = ip_range.to_range
+
+        if ip_range.ipv4?
+          format[:network_start] = range.first.to_i
+          format[:network_end] = range.last.to_i
+        else
+          # IPv6 - use binary representation
+          format[:network_start] = range.first.hton
+          format[:network_end] = range.last.hton
+        end
+
+        format[:network_prefix] = network_range.prefix_length
+        format[:network_intelligence] = network_intelligence
+      rescue => e
+        Rails.logger.error "Failed to resolve network range #{network_range.cidr}: #{e.message}"
+        # Fallback to CIDR format
+        format[:conditions] = { cidr: network_range.cidr }
+      end
    end

    format
--- a/config/database.yml
+++ b/config/database.yml
@@ -12,7 +12,7 @@ postgres_default: &postgres_default
  adapter: postgresql
  encoding: unicode
  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
-  host: localhost
+  host: postgres
  port: 5432

 development:
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@@ -8,7 +8,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do
      client_options: {
        identifier: ENV['OIDC_CLIENT_ID'],
        secret: ENV['OIDC_CLIENT_SECRET'],
-        redirect_uri: ENV['OIDC_REDIRECT_URI'] || "#{Rails.application.routes.url_helpers.root_url}auth/oidc/callback",
+        redirect_uri: ENV['OIDC_REDIRECT_URI'],
        discovery: true,
        authorization_endpoint: nil,
        token_endpoint: nil,