Fix rules, fix OIDC loggin
This commit is contained in:
Dan Milne
@@ -143,20 +143,39 @@ class Rule < ApplicationRecord
|
|||||||
format = {
|
format = {
|
||||||
id: id,
|
id: id,
|
||||||
rule_type: rule_type,
|
rule_type: rule_type,
|
||||||
action: action,
|
waf_action: action, # Agents expect 'waf_action' field
|
||||||
conditions: agent_conditions,
|
conditions: agent_conditions,
|
||||||
priority: agent_priority,
|
priority: agent_priority,
|
||||||
expires_at: expires_at&.iso8601,
|
expires_at: expires_at&.to_i, # Agents expect Unix timestamps
|
||||||
enabled: enabled,
|
enabled: enabled,
|
||||||
source: source,
|
source: source,
|
||||||
metadata: metadata || {},
|
metadata: metadata || {},
|
||||||
created_at: created_at.iso8601,
|
created_at: created_at.to_i, # Agents expect Unix timestamps
|
||||||
updated_at: updated_at.iso8601
|
updated_at: updated_at.to_i # Agents expect Unix timestamps
|
||||||
}
|
}
|
||||||
|
|
||||||
# Add network intelligence for debugging (optional)
|
# For network rules, resolve the network range to actual IP data
|
||||||
if network_rule? && network_range
|
if network_rule? && network_range
|
||||||
format[:network_intelligence] = network_intelligence
|
begin
|
||||||
|
ip_range = IPAddr.new(network_range.cidr)
|
||||||
|
range = ip_range.to_range
|
||||||
|
|
||||||
|
if ip_range.ipv4?
|
||||||
|
format[:network_start] = range.first.to_i
|
||||||
|
format[:network_end] = range.last.to_i
|
||||||
|
else
|
||||||
|
# IPv6 - use binary representation
|
||||||
|
format[:network_start] = range.first.hton
|
||||||
|
format[:network_end] = range.last.hton
|
||||||
|
end
|
||||||
|
|
||||||
|
format[:network_prefix] = network_range.prefix_length
|
||||||
|
format[:network_intelligence] = network_intelligence
|
||||||
|
rescue => e
|
||||||
|
Rails.logger.error "Failed to resolve network range #{network_range.cidr}: #{e.message}"
|
||||||
|
# Fallback to CIDR format
|
||||||
|
format[:conditions] = { cidr: network_range.cidr }
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
format
|
format
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ postgres_default: &postgres_default
|
|||||||
adapter: postgresql
|
adapter: postgresql
|
||||||
encoding: unicode
|
encoding: unicode
|
||||||
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
|
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
|
||||||
host: localhost
|
host: postgres
|
||||||
port: 5432
|
port: 5432
|
||||||
|
|
||||||
development:
|
development:
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do
|
|||||||
client_options: {
|
client_options: {
|
||||||
identifier: ENV['OIDC_CLIENT_ID'],
|
identifier: ENV['OIDC_CLIENT_ID'],
|
||||||
secret: ENV['OIDC_CLIENT_SECRET'],
|
secret: ENV['OIDC_CLIENT_SECRET'],
|
||||||
redirect_uri: ENV['OIDC_REDIRECT_URI'] || "#{Rails.application.routes.url_helpers.root_url}auth/oidc/callback",
|
redirect_uri: ENV['OIDC_REDIRECT_URI'],
|
||||||
discovery: true,
|
discovery: true,
|
||||||
authorization_endpoint: nil,
|
authorization_endpoint: nil,
|
||||||
token_endpoint: nil,
|
token_endpoint: nil,
|
||||||
|
|||||||
Reference in New Issue
Block a user