Use Faraday instead of RestClient

Redande · Redande · commit 51f0ae8cb12d · 2025-12-04T00:46:57.000+02:00
diff --git a/app/controllers/password_reset_keys_controller.rb b/app/controllers/password_reset_keys_controller.rb
@@ -39,18 +39,29 @@ def destroy
       return render action: :show, status: :forbidden
     end
 
-    @user.password = params[:password]
-    if @user.save
-      @key.destroy
-      flash[:success] = 'Your password has been reset.'
-      redirect_to root_path
+    if @user.password_managed_by_courses_mooc_fi
+      success = @user.update_password_via_courses_mooc_fi(nil, params[:password])
+      if success
+        @key.destroy
+        flash[:success] = 'Your password has been reset.'
+        redirect_to root_path
+      else
+        'Failed to reset password.'
+      end
     else
-      flash.now[:alert] = if @user.errors[:password]
-        'Password ' + @user.errors[:password].join(', ')
+      @user.password = params[:password]
+      if @user.save
+        @key.destroy
+        flash[:success] = 'Your password has been reset.'
+        redirect_to root_path
       else
-        'Failed to set password'
+        flash.now[:alert] = if @user.errors[:password]
+          'Password ' + @user.errors[:password].join(', ')
+        else
+          'Failed to set password'
+        end
+        render action: :show, status: :forbidden
       end
-      render action: :show, status: :forbidden
     end
   end
 
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -148,71 +148,99 @@ def self.authenticate(login, submitted_password)
     user = find_by(login: login)
     user ||= find_by('lower(email) = ?', login.downcase)
     return nil if user.nil?
-    user if user.password_managed_by_courses_mooc_fi && user.courses_mooc_fi_user_id.present? && authenticate_via_courses_mooc_fi(user.courses_mooc_fi_user_id, submitted_password)
+
+    if user.password_managed_by_courses_mooc_fi && user.courses_mooc_fi_user_id.present?
+      return user if user.authenticate_via_courses_mooc_fi(submitted_password)
+      return nil
+    end
+
     user if user.has_password?(submitted_password)
   end
 
-  def authenticate_via_courses_mooc_fi(courses_mooc_fi_user_id, submitted_password)
+
+  def authenticate_via_courses_mooc_fi(submitted_password)
     auth_url = SiteSetting.value('courses_mooc_fi_auth_url')
-    response = RestClient.post(
-      auth_url,
-      {
+
+    conn = Faraday.new do |f|
+      f.request :json
+      f.response :json
+    end
+
+    response = conn.post(auth_url) do |req|
+      req.headers["Content-Type"] = "application/json"
+      req.headers["Accept"] = "application/json"
+      req.headers["Authorization"] = Base64.decode64(
+        Rails.application.secrets.tmc_server_secret_for_communicating_to_secret_project
+      )
+
+      req.body = {
         user_id: courses_mooc_fi_user_id,
-        password: submitted_password,
-      }.to_json,
-      {
-        content_type: :json,
-        accept: :json,
-        Authorization: Rails.application.secrets.tmc_server_secret_for_communicating_to_secret_project,
+        password: submitted_password
       }
-    )
+    end
+
+    response.body == true
+
+  rescue Faraday::ClientError => e
+    status = e.response&.dig(:status)
 
-    data = JSON.parse(response.body)
-    unless data['authenticated'] == true
-      raise "Authentication via courses.mooc.fi failed for #{email}"
+    if status == 401 || status == 403
+      return false
     end
 
-    true
-  rescue RestClient::Unauthorized, RestClient::Forbidden
-    raise "Authentication rejected by courses.mooc.fi for #{email}"
-  rescue RestClient::ExceptionWithResponse => e
     Rails.logger.error("Authentication via courses.mooc.fi error: #{e.response}")
-    raise "Authentication via courses.mooc.fi failed: #{e.message}"
+    raise
+
   rescue => e
     Rails.logger.error("Unexpected error during authentication via courses.mooc.fi: #{e.message}")
-    raise "Unexpected error while authenticating via courses.mooc.fi: #{e.message}"
+    raise
   end
 
-  def update_password_via_courses_mooc_fi(courses_mooc_fi_user_id, old_password, new_password)
-    update_url = SiteSetting.value('courses_mooc_fi_update_password_url')
 
-    response = RestClient.put(
-      update_url,
-      {
-        user_id: courses_mooc_fi_user_id,
-        old_password: old_password,
-        new_password: new_password,
-      }.to_json,
-      {
-        content_type: :json,
-        accept: :json,
-        Authorization: Rails.application.secrets.tmc_server_secret_for_communicating_to_secret_project,
-      }
-    )
 
-    data = JSON.parse(response.body)
+  def update_password_via_courses_mooc_fi(old_password, new_password)
+    update_url = SiteSetting.value('courses_mooc_fi_update_password_url')
 
-    unless data['updated'] == true
-      raise "Updating password via courses.mooc.fi failed for user with courses.mooc.fi-user-id #{courses_mooc_fi_user_id}"
+    conn = Faraday.new do |f|
+      f.request :json
+      f.response :json
     end
 
-    true
-  rescue RestClient::ExceptionWithResponse => e
-    Rails.logger.error("Updating password via courses.mooc.fi failed for user with courses.mooc.fi-user-id #{courses_mooc_fi_user_id}: #{e.response}")
-    false
-  rescue => e
-    Rails.logger.error("Unexpected error updating password via courses.mooc.fi for user with courses.mooc.fi-user-id #{courses_mooc_fi_user_id}: #{e.message}")
-    false
+    begin
+      response = conn.post(update_url) do |req|
+        req.headers["Content-Type"] = "application/json"
+        req.headers["Accept"] = "application/json"
+        req.headers["Authorization"] = Base64.decode64(
+          Rails.application.secrets.tmc_server_secret_for_communicating_to_secret_project
+        )
+
+        req.body = {
+          user_id: self.courses_mooc_fi_user_id,
+          old_password: old_password,
+          new_password: new_password
+        }
+      end
+
+      data = response.body
+
+      unless data == true
+        raise "Updating password via courses.mooc.fi failed for user with courses.mooc.fi-user-id #{self.courses_mooc_fi_user_id}"
+      end
+
+      true
+
+    rescue Faraday::ClientError => e
+      Rails.logger.error(
+        "Updating password via courses.mooc.fi failed for user with courses.mooc.fi-user-id #{self.courses_mooc_fi_user_id}: #{e.response}"
+      )
+      false
+
+    rescue => e
+      Rails.logger.error(
+        "Unexpected error updating password via courses.mooc.fi for user with courses.mooc.fi-user-id #{self.courses_mooc_fi_user_id}: #{e.message}"
+      )
+      false
+    end
   end
 
   def password_reset_key
