From ec22f5883e15e4fce36e121e4ef2a91de5f471ee Mon Sep 17 00:00:00 2001
From: Benjamin Neff <benjamin@coding4coffee.ch>
Date: Sat, 6 Nov 2021 01:31:56 +0100
Subject: [PATCH] Bump omniauth

---
 Gemfile                                      | 11 ++++++-----
 Gemfile.lock                                 | 15 +++++++++++----
 app/views/services/_add_remove_services.haml |  2 +-
 app/views/streams/main_stream.html.haml      |  2 +-
 4 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/Gemfile b/Gemfile
index 00ae62aae..82e429584 100644
--- a/Gemfile
+++ b/Gemfile
@@ -159,11 +159,12 @@ gem "secure_headers", "6.3.3"
 
 # Services
 
-gem "omniauth",           "1.9.1"
-gem "omniauth-tumblr",    "1.2"
-gem "omniauth-twitter",   "1.4.0"
-gem "omniauth-wordpress", "0.2.2"
-gem "twitter",            "7.0.0"
+gem "omniauth",                       "2.0.4"
+gem "omniauth-rails_csrf_protection", "1.0.0"
+gem "omniauth-tumblr",                "1.2"
+gem "omniauth-twitter",               "1.4.0"
+gem "omniauth-wordpress",             "0.2.2"
+gem "twitter",                        "7.0.0"
 
 # OpenID Connect
 gem "openid_connect", "1.3.0"
diff --git a/Gemfile.lock b/Gemfile.lock
index 7a07fd246..9d7f9771a 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -378,7 +378,7 @@ GEM
       rspec
     jsonpath (1.1.0)
       multi_json
-    jwt (2.2.3)
+    jwt (2.3.0)
     kgio (2.11.4)
     kostya-sigar (2.0.10)
     leaflet-rails (1.7.0)
@@ -435,15 +435,19 @@ GEM
     octokit (4.21.0)
       faraday (>= 0.9)
       sawyer (~> 0.8.0, >= 0.5.3)
-    omniauth (1.9.1)
+    omniauth (2.0.4)
       hashie (>= 3.4.6)
       rack (>= 1.6.2, < 3)
+      rack-protection
     omniauth-oauth (1.2.0)
       oauth
       omniauth (>= 1.0, < 3)
-    omniauth-oauth2 (1.7.1)
+    omniauth-oauth2 (1.7.2)
       oauth2 (~> 1.4)
       omniauth (>= 1.9, < 3)
+    omniauth-rails_csrf_protection (1.0.0)
+      actionpack (>= 4.2)
+      omniauth (~> 2.0)
     omniauth-tumblr (1.2)
       multi_json
       omniauth-oauth (~> 1.0)
@@ -516,6 +520,8 @@ GEM
       json-jwt (>= 1.11.0)
       rack (>= 2.1.0)
     rack-piwik (0.3.0)
+    rack-protection (2.1.0)
+      rack
     rack-rewrite (1.5.1)
     rack-ssl (1.4.1)
       rack
@@ -852,7 +858,8 @@ DEPENDENCIES
   mobile-fu (= 1.4.0)
   mysql2 (= 0.5.3)
   nokogiri (= 1.12.5)
-  omniauth (= 1.9.1)
+  omniauth (= 2.0.4)
+  omniauth-rails_csrf_protection (= 1.0.0)
   omniauth-tumblr (= 1.2)
   omniauth-twitter (= 1.4.0)
   omniauth-wordpress (= 0.2.2)
diff --git a/app/views/services/_add_remove_services.haml b/app/views/services/_add_remove_services.haml
index bac69588f..b10a4f6c7 100644
--- a/app/views/services/_add_remove_services.haml
+++ b/app/views/services/_add_remove_services.haml
@@ -17,7 +17,7 @@
 
       - else
         = t("services.index.not_logged_in")
-        = link_to(t("services.index.connect"), "/auth/#{provider}")
+        = link_to(t("services.index.connect"), "/auth/#{provider}", method: :post)
 
 - else
   .well
diff --git a/app/views/streams/main_stream.html.haml b/app/views/streams/main_stream.html.haml
index ee99d3d9b..991575157 100644
--- a/app/views/streams/main_stream.html.haml
+++ b/app/views/streams/main_stream.html.haml
@@ -124,7 +124,7 @@
                     - if service_unconnected?(service)
                       = link_to(content_tag(:div, nil,
                         class: "social-media-logos-#{service.to_s.downcase}-24x24",
-                        title: service.to_s.titleize), "/auth/#{service}")
+                        title: service.to_s.titleize), "/auth/#{service}", method: :post)
 
           .section.collapsed
             .title