From c89c6768ef13cb7f7f374bdce0d96f6b092abe45 Mon Sep 17 00:00:00 2001
From: Silumesii Maboshe <silumesii@thoughtbot.com>
Date: Fri, 3 May 2024 12:01:51 +0200
Subject: [PATCH] Prepare for OmniAuth version 2.x

We are currently using OmniAuth version 1.x. Version 2.x is now
available. In the version 2.x announcement, OmniAuth announced that
"OmniAuth now defaults to only POST as the allowed request_phase
method."

This commit changes offending GET requests to POST and adds the
`omniauth-rails_csrf_protection` gem.

Ref:
- https://github.com/thoughtbot/upcase/pull/2473#issuecomment-2092640212
- https://github.com/thoughtbot/upcase/pull/2469
- https://www.mintbit.com/blog/updating-omniauth-from-version-1-to-2
- https://github.com/omniauth/omniauth/releases/tag/v2.0.0
- https://github.com/thoughtbot/upcase/pull/2452
---
 Gemfile                            | 5 +++--
 Gemfile.lock                       | 4 ++++
 app/views/acceptances/new.html.erb | 2 +-
 app/views/sessions/new.html.erb    | 2 +-
 4 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/Gemfile b/Gemfile
index 9f03781f6c..94e421cff5 100644
--- a/Gemfile
+++ b/Gemfile
@@ -33,6 +33,7 @@ gem "nokogiri"
 gem "octokit"
 gem "omniauth"
 gem "omniauth-github"
+gem "omniauth-rails_csrf_protection"
 gem "paperclip"
 gem "pg"
 gem "pg_search"
@@ -50,15 +51,15 @@ gem "responders"
 gem "rexml"
 gem "sassc"
 gem "scenic"
-gem "sentry-ruby"
 gem "sentry-rails"
+gem "sentry-ruby"
 gem "sprockets-rails"
 gem "sprockets-redirect"
 gem "uglifier"
 gem "validates_email_format_of"
 gem "vanity"
-gem "wrapped"
 gem "webrick"
+gem "wrapped"
 
 source "https://rails-assets.org" do
   gem "rails-assets-lodash"
diff --git a/Gemfile.lock b/Gemfile.lock
index 1670c62b7a..bd096ea56e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -317,6 +317,9 @@ GEM
     omniauth-oauth2 (1.7.3)
       oauth2 (>= 1.4, < 3)
       omniauth (>= 1.9, < 3)
+    omniauth-rails_csrf_protection (0.1.2)
+      actionpack (>= 4.2)
+      omniauth (>= 1.3.1)
     paperclip (6.1.0)
       activemodel (>= 4.2.0)
       activesupport (>= 4.2.0)
@@ -573,6 +576,7 @@ DEPENDENCIES
   octokit
   omniauth
   omniauth-github
+  omniauth-rails_csrf_protection
   paperclip
   pg
   pg_search
diff --git a/app/views/acceptances/new.html.erb b/app/views/acceptances/new.html.erb
index ea273313a2..d8b58ec605 100644
--- a/app/views/acceptances/new.html.erb
+++ b/app/views/acceptances/new.html.erb
@@ -3,7 +3,7 @@
     <h3 class="authentication-message">
       <%= t(".sign_in_to_join_the_team", team_name: @invitation.team_name) %>
     </h3>
-    <%= link_to github_auth_path, class: "cta-button secondary-button" do %>
+    <%= link_to github_auth_path, method: :post, class: "cta-button secondary-button" do %>
       <%= image_tag("github.svg", class: "github-logo", alt: "") %>
       <%= t("authenticating.github_signin") %>
     <% end %>
diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb
index 5a1f4aaf41..9fb44f19b6 100644
--- a/app/views/sessions/new.html.erb
+++ b/app/views/sessions/new.html.erb
@@ -1,6 +1,6 @@
 <% content_for :page_title, "Sign In to Upcase" %>
 <section id="auth-form-container">
-  <%= link_to github_auth_path, class: 'cta-button secondary-button' do %>
+  <%= link_to github_auth_path, method: :post, class: 'cta-button secondary-button' do %>
     <%= image_tag("github-black.svg", class: "github-logo", alt: "") %>
     <%= t("authenticating.github_signin") %>
   <% end %>