diff --git a/find-a-lost-trn-client/.gitattributes b/find-a-lost-trn-client/.gitattributes
deleted file mode 100644
index 31eeee0b6..000000000
--- a/find-a-lost-trn-client/.gitattributes
+++ /dev/null
@@ -1,7 +0,0 @@
-# See https://git-scm.com/docs/gitattributes for more about git attribute files.
-
-# Mark the database schema as having been generated.
-db/schema.rb linguist-generated
-
-# Mark any vendored files as having been vendored.
-vendor/* linguist-vendored
diff --git a/find-a-lost-trn-client/.gitignore b/find-a-lost-trn-client/.gitignore
deleted file mode 100644
index e16dc71d2..000000000
--- a/find-a-lost-trn-client/.gitignore
+++ /dev/null
@@ -1,31 +0,0 @@
-# See https://help.github.com/articles/ignoring-files for more about ignoring files.
-#
-# If you find yourself ignoring temporary files generated by your text editor
-# or operating system, you probably want to add a global ignore instead:
-# git config --global core.excludesfile '~/.gitignore_global'
-
-# Ignore bundler config.
-/.bundle
-
-# Ignore all logfiles and tempfiles.
-/log/*
-/tmp/*
-!/log/.keep
-!/tmp/.keep
-
-# Ignore pidfiles, but keep the directory.
-/tmp/pids/*
-!/tmp/pids/
-!/tmp/pids/.keep
-
-# Ignore uploaded files in development.
-/storage/*
-!/storage/.keep
-/tmp/storage/*
-!/tmp/storage/
-!/tmp/storage/.keep
-
-/public/assets
-
-# Ignore master key for decrypting credentials and more.
-/config/master.key
diff --git a/find-a-lost-trn-client/.ruby-version b/find-a-lost-trn-client/.ruby-version
deleted file mode 100644
index a4dd9dba4..000000000
--- a/find-a-lost-trn-client/.ruby-version
+++ /dev/null
@@ -1 +0,0 @@
-2.7.4
diff --git a/find-a-lost-trn-client/Gemfile b/find-a-lost-trn-client/Gemfile
deleted file mode 100644
index 5d7f10063..000000000
--- a/find-a-lost-trn-client/Gemfile
+++ /dev/null
@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-source 'https://rubygems.org'
-git_source(:github) { |repo| "https://github.com/#{repo}.git" }
-
-ruby '2.7.4'
-
-gem 'bootsnap', require: false
-gem 'devise', '~> 4.8'
-gem 'dotenv-rails', '~> 2.7'
-gem 'importmap-rails'
-gem 'jbuilder'
-gem 'omniauth', '~> 2.1'
-gem 'omniauth_openid_connect', '~> 0.4.0'
-gem 'pg', '~> 1.1'
-gem 'puma', '~> 5.0'
-gem 'rails', '~> 7.0.3'
-gem 'redis', '~> 4.0'
-gem 'sprockets-rails'
-gem 'stimulus-rails'
-gem 'turbo-rails'
-gem 'tzinfo-data', platforms: %i[mingw mswin x64_mingw jruby]
-
-group :development, :test do
- gem 'debug', platforms: %i[mri mingw x64_mingw]
-end
-
-group :development do
- gem 'web-console'
-end
-
-group :test do
- gem 'capybara'
- gem 'selenium-webdriver'
- gem 'webdrivers'
-end
diff --git a/find-a-lost-trn-client/Gemfile.lock b/find-a-lost-trn-client/Gemfile.lock
deleted file mode 100644
index 66230165d..000000000
--- a/find-a-lost-trn-client/Gemfile.lock
+++ /dev/null
@@ -1,306 +0,0 @@
-GEM
- remote: https://rubygems.org/
- specs:
- actioncable (7.0.3)
- actionpack (= 7.0.3)
- activesupport (= 7.0.3)
- nio4r (~> 2.0)
- websocket-driver (>= 0.6.1)
- actionmailbox (7.0.3)
- actionpack (= 7.0.3)
- activejob (= 7.0.3)
- activerecord (= 7.0.3)
- activestorage (= 7.0.3)
- activesupport (= 7.0.3)
- mail (>= 2.7.1)
- net-imap
- net-pop
- net-smtp
- actionmailer (7.0.3)
- actionpack (= 7.0.3)
- actionview (= 7.0.3)
- activejob (= 7.0.3)
- activesupport (= 7.0.3)
- mail (~> 2.5, >= 2.5.4)
- net-imap
- net-pop
- net-smtp
- rails-dom-testing (~> 2.0)
- actionpack (7.0.3)
- actionview (= 7.0.3)
- activesupport (= 7.0.3)
- rack (~> 2.0, >= 2.2.0)
- rack-test (>= 0.6.3)
- rails-dom-testing (~> 2.0)
- rails-html-sanitizer (~> 1.0, >= 1.2.0)
- actiontext (7.0.3)
- actionpack (= 7.0.3)
- activerecord (= 7.0.3)
- activestorage (= 7.0.3)
- activesupport (= 7.0.3)
- globalid (>= 0.6.0)
- nokogiri (>= 1.8.5)
- actionview (7.0.3)
- activesupport (= 7.0.3)
- builder (~> 3.1)
- erubi (~> 1.4)
- rails-dom-testing (~> 2.0)
- rails-html-sanitizer (~> 1.1, >= 1.2.0)
- activejob (7.0.3)
- activesupport (= 7.0.3)
- globalid (>= 0.3.6)
- activemodel (7.0.3)
- activesupport (= 7.0.3)
- activerecord (7.0.3)
- activemodel (= 7.0.3)
- activesupport (= 7.0.3)
- activestorage (7.0.3)
- actionpack (= 7.0.3)
- activejob (= 7.0.3)
- activerecord (= 7.0.3)
- activesupport (= 7.0.3)
- marcel (~> 1.0)
- mini_mime (>= 1.1.0)
- activesupport (7.0.3)
- concurrent-ruby (~> 1.0, >= 1.0.2)
- i18n (>= 1.6, < 2)
- minitest (>= 5.1)
- tzinfo (~> 2.0)
- addressable (2.8.0)
- public_suffix (>= 2.0.2, < 5.0)
- aes_key_wrap (1.1.0)
- attr_required (1.0.1)
- bcrypt (3.1.17)
- bindata (2.4.10)
- bindex (0.8.1)
- bootsnap (1.11.1)
- msgpack (~> 1.2)
- builder (3.2.4)
- capybara (3.37.1)
- addressable
- matrix
- mini_mime (>= 0.1.3)
- nokogiri (~> 1.8)
- rack (>= 1.6.0)
- rack-test (>= 0.6.3)
- regexp_parser (>= 1.5, < 3.0)
- xpath (~> 3.2)
- childprocess (4.1.0)
- concurrent-ruby (1.1.10)
- crass (1.0.6)
- debug (1.5.0)
- irb (>= 1.3.6)
- reline (>= 0.2.7)
- devise (4.8.1)
- bcrypt (~> 3.0)
- orm_adapter (~> 0.1)
- railties (>= 4.1.0)
- responders
- warden (~> 1.2.3)
- digest (3.1.0)
- dotenv (2.7.6)
- dotenv-rails (2.7.6)
- dotenv (= 2.7.6)
- railties (>= 3.2)
- erubi (1.10.0)
- globalid (1.0.0)
- activesupport (>= 5.0)
- hashie (5.0.0)
- httpclient (2.8.3)
- i18n (1.10.0)
- concurrent-ruby (~> 1.0)
- importmap-rails (1.0.3)
- actionpack (>= 6.0.0)
- railties (>= 6.0.0)
- io-console (0.5.11)
- irb (1.4.1)
- reline (>= 0.3.0)
- jbuilder (2.11.5)
- actionview (>= 5.0.0)
- activesupport (>= 5.0.0)
- json-jwt (1.13.0)
- activesupport (>= 4.2)
- aes_key_wrap
- bindata
- loofah (2.17.0)
- crass (~> 1.0.2)
- nokogiri (>= 1.5.9)
- mail (2.7.1)
- mini_mime (>= 0.1.1)
- marcel (1.0.2)
- matrix (0.4.2)
- method_source (1.0.0)
- mini_mime (1.1.2)
- mini_portile2 (2.8.0)
- minitest (5.15.0)
- msgpack (1.5.1)
- net-imap (0.2.3)
- digest
- net-protocol
- strscan
- net-pop (0.1.1)
- digest
- net-protocol
- timeout
- net-protocol (0.1.3)
- timeout
- net-smtp (0.3.1)
- digest
- net-protocol
- timeout
- nio4r (2.5.8)
- nokogiri (1.13.6)
- mini_portile2 (~> 2.8.0)
- racc (~> 1.4)
- omniauth (2.1.0)
- hashie (>= 3.4.6)
- rack (>= 2.2.3)
- rack-protection
- omniauth_openid_connect (0.4.0)
- addressable (~> 2.5)
- omniauth (>= 1.9, < 3)
- openid_connect (~> 1.1)
- openid_connect (1.3.0)
- activemodel
- attr_required (>= 1.0.0)
- json-jwt (>= 1.5.0)
- rack-oauth2 (>= 1.6.1)
- swd (>= 1.0.0)
- tzinfo
- validate_email
- validate_url
- webfinger (>= 1.0.1)
- orm_adapter (0.5.0)
- pg (1.3.5)
- public_suffix (4.0.7)
- puma (5.6.4)
- nio4r (~> 2.0)
- racc (1.6.0)
- rack (2.2.3)
- rack-oauth2 (1.19.0)
- activesupport
- attr_required
- httpclient
- json-jwt (>= 1.11.0)
- rack (>= 2.1.0)
- rack-protection (2.2.0)
- rack
- rack-test (1.1.0)
- rack (>= 1.0, < 3)
- rails (7.0.3)
- actioncable (= 7.0.3)
- actionmailbox (= 7.0.3)
- actionmailer (= 7.0.3)
- actionpack (= 7.0.3)
- actiontext (= 7.0.3)
- actionview (= 7.0.3)
- activejob (= 7.0.3)
- activemodel (= 7.0.3)
- activerecord (= 7.0.3)
- activestorage (= 7.0.3)
- activesupport (= 7.0.3)
- bundler (>= 1.15.0)
- railties (= 7.0.3)
- rails-dom-testing (2.0.3)
- activesupport (>= 4.2.0)
- nokogiri (>= 1.6)
- rails-html-sanitizer (1.4.2)
- loofah (~> 2.3)
- railties (7.0.3)
- actionpack (= 7.0.3)
- activesupport (= 7.0.3)
- method_source
- rake (>= 12.2)
- thor (~> 1.0)
- zeitwerk (~> 2.5)
- rake (13.0.6)
- redis (4.6.0)
- regexp_parser (2.4.0)
- reline (0.3.1)
- io-console (~> 0.5)
- responders (3.0.1)
- actionpack (>= 5.0)
- railties (>= 5.0)
- rexml (3.2.5)
- rubyzip (2.3.2)
- selenium-webdriver (4.1.0)
- childprocess (>= 0.5, < 5.0)
- rexml (~> 3.2, >= 3.2.5)
- rubyzip (>= 1.2.2)
- sprockets (4.0.3)
- concurrent-ruby (~> 1.0)
- rack (> 1, < 3)
- sprockets-rails (3.4.2)
- actionpack (>= 5.2)
- activesupport (>= 5.2)
- sprockets (>= 3.0.0)
- stimulus-rails (1.0.4)
- railties (>= 6.0.0)
- strscan (3.0.3)
- swd (1.3.0)
- activesupport (>= 3)
- attr_required (>= 0.0.5)
- httpclient (>= 2.4)
- thor (1.2.1)
- timeout (0.2.0)
- turbo-rails (7.1.1)
- rails (>= 6.0.0)
- tzinfo (2.0.4)
- concurrent-ruby (~> 1.0)
- validate_email (0.1.6)
- activemodel (>= 3.0)
- mail (>= 2.2.5)
- validate_url (1.0.13)
- activemodel (>= 3.0.0)
- public_suffix
- warden (1.2.9)
- rack (>= 2.0.9)
- web-console (4.2.0)
- actionview (>= 6.0.0)
- activemodel (>= 6.0.0)
- bindex (>= 0.4.0)
- railties (>= 6.0.0)
- webdrivers (5.0.0)
- nokogiri (~> 1.6)
- rubyzip (>= 1.3.0)
- selenium-webdriver (~> 4.0)
- webfinger (1.2.0)
- activesupport
- httpclient (>= 2.4)
- websocket-driver (0.7.5)
- websocket-extensions (>= 0.1.0)
- websocket-extensions (0.1.5)
- xpath (3.2.0)
- nokogiri (~> 1.8)
- zeitwerk (2.5.4)
-
-PLATFORMS
- ruby
-
-DEPENDENCIES
- bootsnap
- capybara
- debug
- devise (~> 4.8)
- dotenv-rails (~> 2.7)
- importmap-rails
- jbuilder
- omniauth (~> 2.1)
- omniauth_openid_connect (~> 0.4.0)
- pg (~> 1.1)
- puma (~> 5.0)
- rails (~> 7.0.3)
- redis (~> 4.0)
- selenium-webdriver
- sprockets-rails
- stimulus-rails
- turbo-rails
- tzinfo-data
- web-console
- webdrivers
-
-RUBY VERSION
- ruby 2.7.4p191
-
-BUNDLED WITH
- 2.1.4
diff --git a/find-a-lost-trn-client/README.md b/find-a-lost-trn-client/README.md
deleted file mode 100644
index 7db80e4ca..000000000
--- a/find-a-lost-trn-client/README.md
+++ /dev/null
@@ -1,24 +0,0 @@
-# README
-
-This README would normally document whatever steps are necessary to get the
-application up and running.
-
-Things you may want to cover:
-
-* Ruby version
-
-* System dependencies
-
-* Configuration
-
-* Database creation
-
-* Database initialization
-
-* How to run the test suite
-
-* Services (job queues, cache servers, search engines, etc.)
-
-* Deployment instructions
-
-* ...
diff --git a/find-a-lost-trn-client/Rakefile b/find-a-lost-trn-client/Rakefile
deleted file mode 100644
index 488c551fe..000000000
--- a/find-a-lost-trn-client/Rakefile
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-# Add your own tasks in files placed in lib/tasks ending in .rake,
-# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-
-require_relative 'config/application'
-
-Rails.application.load_tasks
diff --git a/find-a-lost-trn-client/app/assets/config/manifest.js b/find-a-lost-trn-client/app/assets/config/manifest.js
deleted file mode 100644
index ddd546a0b..000000000
--- a/find-a-lost-trn-client/app/assets/config/manifest.js
+++ /dev/null
@@ -1,4 +0,0 @@
-//= link_tree ../images
-//= link_directory ../stylesheets .css
-//= link_tree ../../javascript .js
-//= link_tree ../../../vendor/javascript .js
diff --git a/find-a-lost-trn-client/app/assets/images/.keep b/find-a-lost-trn-client/app/assets/images/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/find-a-lost-trn-client/app/assets/stylesheets/application.css b/find-a-lost-trn-client/app/assets/stylesheets/application.css
deleted file mode 100644
index 288b9ab71..000000000
--- a/find-a-lost-trn-client/app/assets/stylesheets/application.css
+++ /dev/null
@@ -1,15 +0,0 @@
-/*
- * This is a manifest file that'll be compiled into application.css, which will include all the files
- * listed below.
- *
- * Any CSS (and SCSS, if configured) file within this directory, lib/assets/stylesheets, or any plugin's
- * vendor/assets/stylesheets directory can be referenced here using a relative path.
- *
- * You're free to add application-wide styles to this file and they'll appear at the bottom of the
- * compiled file so the styles you add here take precedence over styles defined in any other CSS
- * files in this directory. Styles in this file should be added after the last require_* statement.
- * It is generally better to create a new file per style scope.
- *
- *= require_tree .
- *= require_self
- */
diff --git a/find-a-lost-trn-client/app/channels/application_cable/channel.rb b/find-a-lost-trn-client/app/channels/application_cable/channel.rb
deleted file mode 100644
index 9aec23053..000000000
--- a/find-a-lost-trn-client/app/channels/application_cable/channel.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-module ApplicationCable
- class Channel < ActionCable::Channel::Base
- end
-end
diff --git a/find-a-lost-trn-client/app/channels/application_cable/connection.rb b/find-a-lost-trn-client/app/channels/application_cable/connection.rb
deleted file mode 100644
index 8d6c2a1bf..000000000
--- a/find-a-lost-trn-client/app/channels/application_cable/connection.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-module ApplicationCable
- class Connection < ActionCable::Connection::Base
- end
-end
diff --git a/find-a-lost-trn-client/app/controllers/application_controller.rb b/find-a-lost-trn-client/app/controllers/application_controller.rb
deleted file mode 100644
index 7944f9f99..000000000
--- a/find-a-lost-trn-client/app/controllers/application_controller.rb
+++ /dev/null
@@ -1,4 +0,0 @@
-# frozen_string_literal: true
-
-class ApplicationController < ActionController::Base
-end
diff --git a/find-a-lost-trn-client/app/controllers/concerns/.keep b/find-a-lost-trn-client/app/controllers/concerns/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/find-a-lost-trn-client/app/helpers/application_helper.rb b/find-a-lost-trn-client/app/helpers/application_helper.rb
deleted file mode 100644
index 15b06f0f6..000000000
--- a/find-a-lost-trn-client/app/helpers/application_helper.rb
+++ /dev/null
@@ -1,4 +0,0 @@
-# frozen_string_literal: true
-
-module ApplicationHelper
-end
diff --git a/find-a-lost-trn-client/app/javascript/application.js b/find-a-lost-trn-client/app/javascript/application.js
deleted file mode 100644
index 0d7b49404..000000000
--- a/find-a-lost-trn-client/app/javascript/application.js
+++ /dev/null
@@ -1,3 +0,0 @@
-// Configure your import map in config/importmap.rb. Read more: https://github.com/rails/importmap-rails
-import "@hotwired/turbo-rails"
-import "controllers"
diff --git a/find-a-lost-trn-client/app/javascript/controllers/application.js b/find-a-lost-trn-client/app/javascript/controllers/application.js
deleted file mode 100644
index 1213e85c7..000000000
--- a/find-a-lost-trn-client/app/javascript/controllers/application.js
+++ /dev/null
@@ -1,9 +0,0 @@
-import { Application } from "@hotwired/stimulus"
-
-const application = Application.start()
-
-// Configure Stimulus development experience
-application.debug = false
-window.Stimulus = application
-
-export { application }
diff --git a/find-a-lost-trn-client/app/javascript/controllers/hello_controller.js b/find-a-lost-trn-client/app/javascript/controllers/hello_controller.js
deleted file mode 100644
index 5975c0789..000000000
--- a/find-a-lost-trn-client/app/javascript/controllers/hello_controller.js
+++ /dev/null
@@ -1,7 +0,0 @@
-import { Controller } from "@hotwired/stimulus"
-
-export default class extends Controller {
- connect() {
- this.element.textContent = "Hello World!"
- }
-}
diff --git a/find-a-lost-trn-client/app/javascript/controllers/index.js b/find-a-lost-trn-client/app/javascript/controllers/index.js
deleted file mode 100644
index 54ad4cad4..000000000
--- a/find-a-lost-trn-client/app/javascript/controllers/index.js
+++ /dev/null
@@ -1,11 +0,0 @@
-// Import and register all your controllers from the importmap under controllers/*
-
-import { application } from "controllers/application"
-
-// Eager load all controllers defined in the import map under controllers/**/*_controller
-import { eagerLoadControllersFrom } from "@hotwired/stimulus-loading"
-eagerLoadControllersFrom("controllers", application)
-
-// Lazy load controllers as they appear in the DOM (remember not to preload controllers in import map!)
-// import { lazyLoadControllersFrom } from "@hotwired/stimulus-loading"
-// lazyLoadControllersFrom("controllers", application)
diff --git a/find-a-lost-trn-client/app/jobs/application_job.rb b/find-a-lost-trn-client/app/jobs/application_job.rb
deleted file mode 100644
index bef395997..000000000
--- a/find-a-lost-trn-client/app/jobs/application_job.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class ApplicationJob < ActiveJob::Base
- # Automatically retry jobs that encountered a deadlock
- # retry_on ActiveRecord::Deadlocked
-
- # Most jobs are safe to ignore if the underlying records are no longer available
- # discard_on ActiveJob::DeserializationError
-end
diff --git a/find-a-lost-trn-client/app/mailers/application_mailer.rb b/find-a-lost-trn-client/app/mailers/application_mailer.rb
deleted file mode 100644
index d84cb6e71..000000000
--- a/find-a-lost-trn-client/app/mailers/application_mailer.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-class ApplicationMailer < ActionMailer::Base
- default from: 'from@example.com'
- layout 'mailer'
-end
diff --git a/find-a-lost-trn-client/app/models/application_record.rb b/find-a-lost-trn-client/app/models/application_record.rb
deleted file mode 100644
index 08dc53798..000000000
--- a/find-a-lost-trn-client/app/models/application_record.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-# frozen_string_literal: true
-
-class ApplicationRecord < ActiveRecord::Base
- primary_abstract_class
-end
diff --git a/find-a-lost-trn-client/app/models/concerns/.keep b/find-a-lost-trn-client/app/models/concerns/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/find-a-lost-trn-client/app/models/user.rb b/find-a-lost-trn-client/app/models/user.rb
deleted file mode 100644
index 01734789d..000000000
--- a/find-a-lost-trn-client/app/models/user.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class User < ApplicationRecord
- # Include default devise modules. Others available are:
- # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
- devise :database_authenticatable, :registerable,
- :recoverable, :rememberable, :validatable,
- :omniauthable
-end
diff --git a/find-a-lost-trn-client/app/views/layouts/application.html.erb b/find-a-lost-trn-client/app/views/layouts/application.html.erb
deleted file mode 100644
index 948a84937..000000000
--- a/find-a-lost-trn-client/app/views/layouts/application.html.erb
+++ /dev/null
@@ -1,16 +0,0 @@
-
-
-
- FindALostTrnClient
-
- <%= csrf_meta_tags %>
- <%= csp_meta_tag %>
-
- <%= stylesheet_link_tag "application", "data-turbo-track": "reload" %>
- <%= javascript_importmap_tags %>
-
-
-
- <%= yield %>
-
-
diff --git a/find-a-lost-trn-client/app/views/layouts/mailer.html.erb b/find-a-lost-trn-client/app/views/layouts/mailer.html.erb
deleted file mode 100644
index cbd34d2e9..000000000
--- a/find-a-lost-trn-client/app/views/layouts/mailer.html.erb
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
-
-
-
-
-
-
- <%= yield %>
-
-
diff --git a/find-a-lost-trn-client/app/views/layouts/mailer.text.erb b/find-a-lost-trn-client/app/views/layouts/mailer.text.erb
deleted file mode 100644
index 37f0bddbd..000000000
--- a/find-a-lost-trn-client/app/views/layouts/mailer.text.erb
+++ /dev/null
@@ -1 +0,0 @@
-<%= yield %>
diff --git a/find-a-lost-trn-client/bin/bundle b/find-a-lost-trn-client/bin/bundle
deleted file mode 100755
index 73ec94756..000000000
--- a/find-a-lost-trn-client/bin/bundle
+++ /dev/null
@@ -1,118 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-#
-# This file was generated by Bundler.
-#
-# The application 'bundle' is installed as part of a gem, and
-# this file is here to facilitate running it.
-#
-
-require 'rubygems'
-
-m = Module.new do
- module_function
-
- def invoked_as_script?
- File.expand_path($PROGRAM_NAME) == File.expand_path(__FILE__)
- end
-
- def env_var_version
- ENV['BUNDLER_VERSION']
- end
-
- def cli_arg_version
- return unless invoked_as_script? # don't want to hijack other binstubs
- return unless 'update'.start_with?(ARGV.first || ' ') # must be running `bundle update`
-
- bundler_version = nil
- update_index = nil
- ARGV.each_with_index do |a, i|
- bundler_version = a if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN
- next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/
-
- bundler_version = Regexp.last_match(1)
- update_index = i
- end
- bundler_version
- end
-
- def gemfile
- gemfile = ENV['BUNDLE_GEMFILE']
- return gemfile if gemfile && !gemfile.empty?
-
- File.expand_path('../Gemfile', __dir__)
- end
-
- def lockfile
- lockfile =
- case File.basename(gemfile)
- when 'gems.rb' then gemfile.sub(/\.rb$/, gemfile)
- else "#{gemfile}.lock"
- end
- File.expand_path(lockfile)
- end
-
- def lockfile_version
- return unless File.file?(lockfile)
-
- lockfile_contents = File.read(lockfile)
- return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/
-
- Regexp.last_match(1)
- end
-
- def bundler_version
- @bundler_version ||=
- env_var_version || cli_arg_version ||
- lockfile_version
- end
-
- def bundler_requirement
- return "#{Gem::Requirement.default}.a" unless bundler_version
-
- bundler_gem_version = Gem::Version.new(bundler_version)
-
- requirement = bundler_gem_version.approximate_recommendation
-
- return requirement unless Gem::Version.new(Gem::VERSION) < Gem::Version.new('2.7.0')
-
- requirement += '.a' if bundler_gem_version.prerelease?
-
- requirement
- end
-
- def load_bundler!
- ENV['BUNDLE_GEMFILE'] ||= gemfile
-
- activate_bundler
- end
-
- def activate_bundler
- gem_error = activation_error_handling do
- gem 'bundler', bundler_requirement
- end
- return if gem_error.nil?
-
- require_error = activation_error_handling do
- require 'bundler/version'
- end
- if require_error.nil? && Gem::Requirement.new(bundler_requirement).satisfied_by?(Gem::Version.new(Bundler::VERSION))
- return
- end
-
- warn "Activating bundler (#{bundler_requirement}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_requirement}'`"
- exit 42
- end
-
- def activation_error_handling
- yield
- nil
- rescue StandardError, LoadError => e
- e
- end
-end
-
-m.load_bundler!
-
-load Gem.bin_path('bundler', 'bundle') if m.invoked_as_script?
diff --git a/find-a-lost-trn-client/bin/importmap b/find-a-lost-trn-client/bin/importmap
deleted file mode 100755
index d4238647b..000000000
--- a/find-a-lost-trn-client/bin/importmap
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require_relative '../config/application'
-require 'importmap/commands'
diff --git a/find-a-lost-trn-client/bin/rails b/find-a-lost-trn-client/bin/rails
deleted file mode 100755
index a31728ab9..000000000
--- a/find-a-lost-trn-client/bin/rails
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-APP_PATH = File.expand_path('../config/application', __dir__)
-require_relative '../config/boot'
-require 'rails/commands'
diff --git a/find-a-lost-trn-client/bin/rake b/find-a-lost-trn-client/bin/rake
deleted file mode 100755
index c19995500..000000000
--- a/find-a-lost-trn-client/bin/rake
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require_relative '../config/boot'
-require 'rake'
-Rake.application.run
diff --git a/find-a-lost-trn-client/bin/setup b/find-a-lost-trn-client/bin/setup
deleted file mode 100755
index 516b651e3..000000000
--- a/find-a-lost-trn-client/bin/setup
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require 'fileutils'
-
-# path to your application root.
-APP_ROOT = File.expand_path('..', __dir__)
-
-def system!(*args)
- system(*args) || abort("\n== Command #{args} failed ==")
-end
-
-FileUtils.chdir APP_ROOT do
- # This script is a way to set up or update your development environment automatically.
- # This script is idempotent, so that you can run it at any time and get an expectable outcome.
- # Add necessary setup steps to this file.
-
- puts '== Installing dependencies =='
- system! 'gem install bundler --conservative'
- system('bundle check') || system!('bundle install')
-
- # puts "\n== Copying sample files =="
- # unless File.exist?("config/database.yml")
- # FileUtils.cp "config/database.yml.sample", "config/database.yml"
- # end
-
- puts "\n== Preparing database =="
- system! 'bin/rails db:prepare'
-
- puts "\n== Removing old logs and tempfiles =="
- system! 'bin/rails log:clear tmp:clear'
-
- puts "\n== Restarting application server =="
- system! 'bin/rails restart'
-end
diff --git a/find-a-lost-trn-client/config.ru b/find-a-lost-trn-client/config.ru
deleted file mode 100644
index 6dc832180..000000000
--- a/find-a-lost-trn-client/config.ru
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-# This file is used by Rack-based servers to start the application.
-
-require_relative 'config/environment'
-
-run Rails.application
-Rails.application.load_server
diff --git a/find-a-lost-trn-client/config/application.rb b/find-a-lost-trn-client/config/application.rb
deleted file mode 100644
index 2e5370182..000000000
--- a/find-a-lost-trn-client/config/application.rb
+++ /dev/null
@@ -1,24 +0,0 @@
-# frozen_string_literal: true
-
-require_relative 'boot'
-
-require 'rails/all'
-
-# Require the gems listed in Gemfile, including any gems
-# you've limited to :test, :development, or :production.
-Bundler.require(*Rails.groups)
-
-module FindALostTrnClient
- class Application < Rails::Application
- # Initialize configuration defaults for originally generated Rails version.
- config.load_defaults 7.0
-
- # Configuration for the application, engines, and railties goes here.
- #
- # These settings can be overridden in specific environments using the files
- # in config/environments, which are processed later.
- #
- # config.time_zone = "Central Time (US & Canada)"
- # config.eager_load_paths << Rails.root.join("extras")
- end
-end
diff --git a/find-a-lost-trn-client/config/boot.rb b/find-a-lost-trn-client/config/boot.rb
deleted file mode 100644
index c04863fa7..000000000
--- a/find-a-lost-trn-client/config/boot.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
-
-require 'bundler/setup' # Set up gems listed in the Gemfile.
-require 'bootsnap/setup' # Speed up boot time by caching expensive operations.
diff --git a/find-a-lost-trn-client/config/cable.yml b/find-a-lost-trn-client/config/cable.yml
deleted file mode 100644
index b1618477c..000000000
--- a/find-a-lost-trn-client/config/cable.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-development:
- adapter: redis
- url: redis://localhost:6379/1
-
-test:
- adapter: test
-
-production:
- adapter: redis
- url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
- channel_prefix: find_a_lost_trn_client_production
diff --git a/find-a-lost-trn-client/config/credentials.yml.enc b/find-a-lost-trn-client/config/credentials.yml.enc
deleted file mode 100644
index 42f39120e..000000000
--- a/find-a-lost-trn-client/config/credentials.yml.enc
+++ /dev/null
@@ -1 +0,0 @@
-BUWkHj4fYSLSYlz3ylUk96Mdk2NW9zscXzoldJ4kAXTlWnnr9Sx3RX2uBHZkG6zBw0WFhtutPZZew9lS/lKCQ/GMgWEB0pclSr8JIX7BGanFJn3tKxXWEvLt4zM1OxC5pXbenw0rWQ9ZFMmTPB9O4ScZzvmhOyJlTOKOkj1xS8VSIxHaeYxhmoF4YhU8wllpMfEV8z2gta151DHGGqP9ERmnGDSpemxc61M51a9PQFBQXbUn1U2Vgp/rJzfgYPUCiimOy1QaOarWVQFusT+uvP/pjxjTpQyKCD+oIXKMBqbdGpyykYziXTyfTWs+LBIaTvT2LsQ0Yjj9tQNk3xC8IEX9XYwG7a/BjvWugsfqnNviCLT8X3iaaGfxQE5rJDJeSCeO1/dti1VDVBBTjpe0FO2EC9/oh/rxZ9ep--Zxfr/M7BbMoY5KTN--zqmLjpy2WHp8nMoSlqLkhw==
\ No newline at end of file
diff --git a/find-a-lost-trn-client/config/database.yml b/find-a-lost-trn-client/config/database.yml
deleted file mode 100644
index ed64e3283..000000000
--- a/find-a-lost-trn-client/config/database.yml
+++ /dev/null
@@ -1,86 +0,0 @@
-# PostgreSQL. Versions 9.3 and up are supported.
-#
-# Install the pg driver:
-# gem install pg
-# On macOS with Homebrew:
-# gem install pg -- --with-pg-config=/usr/local/bin/pg_config
-# On macOS with MacPorts:
-# gem install pg -- --with-pg-config=/opt/local/lib/postgresql84/bin/pg_config
-# On Windows:
-# gem install pg
-# Choose the win32 build.
-# Install PostgreSQL and put its /bin directory on your path.
-#
-# Configure Using Gemfile
-# gem "pg"
-#
-default: &default
- adapter: postgresql
- encoding: unicode
- # For details on connection pooling, see Rails configuration guide
- # https://guides.rubyonrails.org/configuring.html#database-pooling
- pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
-
-development:
- <<: *default
- database: find_a_lost_trn_client_development
-
- # The specified database role being used to connect to postgres.
- # To create additional roles in postgres see `$ createuser --help`.
- # When left blank, postgres will use the default role. This is
- # the same name as the operating system user running Rails.
- #username: find_a_lost_trn_client
-
- # The password associated with the postgres role (username).
- #password:
-
- # Connect on a TCP socket. Omitted by default since the client uses a
- # domain socket that doesn't need configuration. Windows does not have
- # domain sockets, so uncomment these lines.
- #host: localhost
-
- # The TCP port the server listens on. Defaults to 5432.
- # If your server runs on a different port number, change accordingly.
- #port: 5432
-
- # Schema search path. The server defaults to $user,public
- #schema_search_path: myapp,sharedapp,public
-
- # Minimum log levels, in increasing order:
- # debug5, debug4, debug3, debug2, debug1,
- # log, notice, warning, error, fatal, and panic
- # Defaults to warning.
- #min_messages: notice
-
-# Warning: The database defined as "test" will be erased and
-# re-generated from your development database when you run "rake".
-# Do not set this db to the same as development or production.
-test:
- <<: *default
- database: find_a_lost_trn_client_test
-
-# As with config/credentials.yml, you never want to store sensitive information,
-# like your database password, in your source code. If your source code is
-# ever seen by anyone, they now have access to your database.
-#
-# Instead, provide the password or a full connection URL as an environment
-# variable when you boot the app. For example:
-#
-# DATABASE_URL="postgres://myuser:mypass@localhost/somedatabase"
-#
-# If the connection URL is provided in the special DATABASE_URL environment
-# variable, Rails will automatically merge its configuration values on top of
-# the values provided in this file. Alternatively, you can specify a connection
-# URL environment variable explicitly:
-#
-# production:
-# url: <%= ENV["MY_APP_DATABASE_URL"] %>
-#
-# Read https://guides.rubyonrails.org/configuring.html#configuring-a-database
-# for a full overview on how database connection configuration can be specified.
-#
-production:
- <<: *default
- database: find_a_lost_trn_client_production
- username: find_a_lost_trn_client
- password: <%= ENV["FIND_A_LOST_TRN_CLIENT_DATABASE_PASSWORD"] %>
diff --git a/find-a-lost-trn-client/config/environment.rb b/find-a-lost-trn-client/config/environment.rb
deleted file mode 100644
index d5abe5580..000000000
--- a/find-a-lost-trn-client/config/environment.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-# Load the Rails application.
-require_relative 'application'
-
-# Initialize the Rails application.
-Rails.application.initialize!
diff --git a/find-a-lost-trn-client/config/environments/development.rb b/find-a-lost-trn-client/config/environments/development.rb
deleted file mode 100644
index 61243fb61..000000000
--- a/find-a-lost-trn-client/config/environments/development.rb
+++ /dev/null
@@ -1,74 +0,0 @@
-# frozen_string_literal: true
-
-require 'active_support/core_ext/integer/time'
-
-Rails.application.configure do
- # Settings specified here will take precedence over those in config/application.rb.
-
- # In the development environment your application's code is reloaded any time
- # it changes. This slows down response time but is perfect for development
- # since you don't have to restart the web server when you make code changes.
- config.cache_classes = false
-
- # Do not eager load code on boot.
- config.eager_load = false
-
- # Show full error reports.
- config.consider_all_requests_local = true
-
- # Enable server timing
- config.server_timing = true
-
- # Enable/disable caching. By default caching is disabled.
- # Run rails dev:cache to toggle caching.
- if Rails.root.join('tmp/caching-dev.txt').exist?
- config.action_controller.perform_caching = true
- config.action_controller.enable_fragment_cache_logging = true
-
- config.cache_store = :memory_store
- config.public_file_server.headers = {
- 'Cache-Control' => "public, max-age=#{2.days.to_i}"
- }
- else
- config.action_controller.perform_caching = false
-
- config.cache_store = :null_store
- end
-
- # Store uploaded files on the local file system (see config/storage.yml for options).
- config.active_storage.service = :local
-
- # Don't care if the mailer can't send.
- config.action_mailer.raise_delivery_errors = false
-
- config.action_mailer.perform_caching = false
-
- config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
-
- # Print deprecation notices to the Rails logger.
- config.active_support.deprecation = :log
-
- # Raise exceptions for disallowed deprecations.
- config.active_support.disallowed_deprecation = :raise
-
- # Tell Active Support which deprecation messages to disallow.
- config.active_support.disallowed_deprecation_warnings = []
-
- # Raise an error on page load if there are pending migrations.
- config.active_record.migration_error = :page_load
-
- # Highlight code that triggered database queries in logs.
- config.active_record.verbose_query_logs = true
-
- # Suppress logger output for asset requests.
- config.assets.quiet = true
-
- # Raises error for missing translations.
- # config.i18n.raise_on_missing_translations = true
-
- # Annotate rendered view with file names.
- # config.action_view.annotate_rendered_view_with_filenames = true
-
- # Uncomment if you wish to allow Action Cable access from any origin.
- # config.action_cable.disable_request_forgery_protection = true
-end
diff --git a/find-a-lost-trn-client/config/environments/production.rb b/find-a-lost-trn-client/config/environments/production.rb
deleted file mode 100644
index 9834d2f65..000000000
--- a/find-a-lost-trn-client/config/environments/production.rb
+++ /dev/null
@@ -1,95 +0,0 @@
-# frozen_string_literal: true
-
-require 'active_support/core_ext/integer/time'
-
-Rails.application.configure do
- # Settings specified here will take precedence over those in config/application.rb.
-
- # Code is not reloaded between requests.
- config.cache_classes = true
-
- # Eager load code on boot. This eager loads most of Rails and
- # your application in memory, allowing both threaded web servers
- # and those relying on copy on write to perform better.
- # Rake tasks automatically ignore this option for performance.
- config.eager_load = true
-
- # Full error reports are disabled and caching is turned on.
- config.consider_all_requests_local = false
- config.action_controller.perform_caching = true
-
- # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
- # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
- # config.require_master_key = true
-
- # Disable serving static files from the `/public` folder by default since
- # Apache or NGINX already handles this.
- config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
-
- # Compress CSS using a preprocessor.
- # config.assets.css_compressor = :sass
-
- # Do not fallback to assets pipeline if a precompiled asset is missed.
- config.assets.compile = false
-
- # Enable serving of images, stylesheets, and JavaScripts from an asset server.
- # config.asset_host = "http://assets.example.com"
-
- # Specifies the header that your server uses for sending files.
- # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
- # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
-
- # Store uploaded files on the local file system (see config/storage.yml for options).
- config.active_storage.service = :local
-
- # Mount Action Cable outside main process or domain.
- # config.action_cable.mount_path = nil
- # config.action_cable.url = "wss://example.com/cable"
- # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
-
- # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
- # config.force_ssl = true
-
- # Include generic and useful information about system operation, but avoid logging too much
- # information to avoid inadvertent exposure of personally identifiable information (PII).
- config.log_level = :info
-
- # Prepend all log lines with the following tags.
- config.log_tags = [:request_id]
-
- # Use a different cache store in production.
- # config.cache_store = :mem_cache_store
-
- # Use a real queuing backend for Active Job (and separate queues per environment).
- # config.active_job.queue_adapter = :resque
- # config.active_job.queue_name_prefix = "find_a_lost_trn_client_production"
-
- config.action_mailer.perform_caching = false
-
- # Ignore bad email addresses and do not raise email delivery errors.
- # Set this to true and configure the email server for immediate delivery to raise delivery errors.
- # config.action_mailer.raise_delivery_errors = false
-
- # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
- # the I18n.default_locale when a translation cannot be found).
- config.i18n.fallbacks = true
-
- # Don't log any deprecations.
- config.active_support.report_deprecations = false
-
- # Use default logging formatter so that PID and timestamp are not suppressed.
- config.log_formatter = ::Logger::Formatter.new
-
- # Use a different logger for distributed setups.
- # require "syslog/logger"
- # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
-
- if ENV['RAILS_LOG_TO_STDOUT'].present?
- logger = ActiveSupport::Logger.new($stdout)
- logger.formatter = config.log_formatter
- config.logger = ActiveSupport::TaggedLogging.new(logger)
- end
-
- # Do not dump schema after migrations.
- config.active_record.dump_schema_after_migration = false
-end
diff --git a/find-a-lost-trn-client/config/environments/test.rb b/find-a-lost-trn-client/config/environments/test.rb
deleted file mode 100644
index 8f3f63ce7..000000000
--- a/find-a-lost-trn-client/config/environments/test.rb
+++ /dev/null
@@ -1,62 +0,0 @@
-# frozen_string_literal: true
-
-require 'active_support/core_ext/integer/time'
-
-# The test environment is used exclusively to run your application's
-# test suite. You never need to work with it otherwise. Remember that
-# your test database is "scratch space" for the test suite and is wiped
-# and recreated between test runs. Don't rely on the data there!
-
-Rails.application.configure do
- # Settings specified here will take precedence over those in config/application.rb.
-
- # Turn false under Spring and add config.action_view.cache_template_loading = true.
- config.cache_classes = true
-
- # Eager loading loads your whole application. When running a single test locally,
- # this probably isn't necessary. It's a good idea to do in a continuous integration
- # system, or in some way before deploying your code.
- config.eager_load = ENV['CI'].present?
-
- # Configure public file server for tests with Cache-Control for performance.
- config.public_file_server.enabled = true
- config.public_file_server.headers = {
- 'Cache-Control' => "public, max-age=#{1.hour.to_i}"
- }
-
- # Show full error reports and disable caching.
- config.consider_all_requests_local = true
- config.action_controller.perform_caching = false
- config.cache_store = :null_store
-
- # Raise exceptions instead of rendering exception templates.
- config.action_dispatch.show_exceptions = false
-
- # Disable request forgery protection in test environment.
- config.action_controller.allow_forgery_protection = false
-
- # Store uploaded files on the local file system in a temporary directory.
- config.active_storage.service = :test
-
- config.action_mailer.perform_caching = false
-
- # Tell Action Mailer not to deliver emails to the real world.
- # The :test delivery method accumulates sent emails in the
- # ActionMailer::Base.deliveries array.
- config.action_mailer.delivery_method = :test
-
- # Print deprecation notices to the stderr.
- config.active_support.deprecation = :stderr
-
- # Raise exceptions for disallowed deprecations.
- config.active_support.disallowed_deprecation = :raise
-
- # Tell Active Support which deprecation messages to disallow.
- config.active_support.disallowed_deprecation_warnings = []
-
- # Raises error for missing translations.
- # config.i18n.raise_on_missing_translations = true
-
- # Annotate rendered view with file names.
- # config.action_view.annotate_rendered_view_with_filenames = true
-end
diff --git a/find-a-lost-trn-client/config/importmap.rb b/find-a-lost-trn-client/config/importmap.rb
deleted file mode 100644
index 6df820833..000000000
--- a/find-a-lost-trn-client/config/importmap.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-# Pin npm packages by running ./bin/importmap
-
-pin 'application', preload: true
-pin '@hotwired/turbo-rails', to: 'turbo.js'
-pin '@hotwired/stimulus', to: 'stimulus.min.js', preload: true
-pin '@hotwired/stimulus-loading', to: 'stimulus-loading.js', preload: true
-pin_all_from 'app/javascript/controllers', under: 'controllers'
diff --git a/find-a-lost-trn-client/config/initializers/.env.development.local b/find-a-lost-trn-client/config/initializers/.env.development.local
deleted file mode 100644
index 4a3bf4d76..000000000
--- a/find-a-lost-trn-client/config/initializers/.env.development.local
+++ /dev/null
@@ -1,4 +0,0 @@
-APP_URL=http://localhost:3001
-FIND_A_LOST_TRN_CLIENT_ID=1234567890
-FIND_A_LOST_TRN_CLIENT_SECRET=1234567890
-FIND_A_LOST_TRN_SERVER_URL=http://localhost:3000
diff --git a/find-a-lost-trn-client/config/initializers/assets.rb b/find-a-lost-trn-client/config/initializers/assets.rb
deleted file mode 100644
index bcafccdd3..000000000
--- a/find-a-lost-trn-client/config/initializers/assets.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Version of your assets, change this if you want to expire all your assets.
-Rails.application.config.assets.version = '1.0'
-
-# Add additional assets to the asset load path.
-# Rails.application.config.assets.paths << Emoji.images_path
-
-# Precompile additional assets.
-# application.js, application.css, and all non-JS/CSS in the app/assets
-# folder are already added.
-# Rails.application.config.assets.precompile += %w( admin.js admin.css )
diff --git a/find-a-lost-trn-client/config/initializers/content_security_policy.rb b/find-a-lost-trn-client/config/initializers/content_security_policy.rb
deleted file mode 100644
index 691cfa11a..000000000
--- a/find-a-lost-trn-client/config/initializers/content_security_policy.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-# frozen_string_literal: true
-# Be sure to restart your server when you modify this file.
-
-# Define an application-wide content security policy.
-# See the Securing Rails Applications Guide for more information:
-# https://guides.rubyonrails.org/security.html#content-security-policy-header
-
-# Rails.application.configure do
-# config.content_security_policy do |policy|
-# policy.default_src :self, :https
-# policy.font_src :self, :https, :data
-# policy.img_src :self, :https, :data
-# policy.object_src :none
-# policy.script_src :self, :https
-# policy.style_src :self, :https
-# # Specify URI for violation reports
-# # policy.report_uri "/csp-violation-report-endpoint"
-# end
-#
-# # Generate session nonces for permitted importmap and inline scripts
-# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
-# config.content_security_policy_nonce_directives = %w(script-src)
-#
-# # Report violations without enforcing the policy.
-# # config.content_security_policy_report_only = true
-# end
diff --git a/find-a-lost-trn-client/config/initializers/devise.rb b/find-a-lost-trn-client/config/initializers/devise.rb
deleted file mode 100644
index b15fae73d..000000000
--- a/find-a-lost-trn-client/config/initializers/devise.rb
+++ /dev/null
@@ -1,325 +0,0 @@
-# frozen_string_literal: true
-
-# Assuming you have not yet modified this file, each configuration option below
-# is set to its default value. Note that some are commented out while others
-# are not: uncommented lines are intended to protect your configuration from
-# breaking changes in upgrades (i.e., in the event that future versions of
-# Devise change the default values for those options).
-#
-# Use this hook to configure devise mailer, warden hooks and so forth.
-# Many of these configuration options can be set straight in your model.
-Devise.setup do |config|
- # The secret key used by Devise. Devise uses this key to generate
- # random tokens. Changing this key will render invalid all existing
- # confirmation, reset password and unlock tokens in the database.
- # Devise will use the `secret_key_base` as its `secret_key`
- # by default. You can change it below and use your own secret key.
- # config.secret_key = '51415b19e566ae659009a2a5174e49b6f4f03852c2a8000e3602a97b3a320bbc1adae9dbe939ef0ca94f71f333444406fd0989c4a11db4f57211ca9f6f6a6654'
-
- # ==> Controller configuration
- # Configure the parent class to the devise controllers.
- # config.parent_controller = 'DeviseController'
-
- # ==> Mailer Configuration
- # Configure the e-mail address which will be shown in Devise::Mailer,
- # note that it will be overwritten if you use your own mailer class
- # with default "from" parameter.
- config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
-
- # Configure the class responsible to send e-mails.
- # config.mailer = 'Devise::Mailer'
-
- # Configure the parent class responsible to send e-mails.
- # config.parent_mailer = 'ActionMailer::Base'
-
- # ==> ORM configuration
- # Load and configure the ORM. Supports :active_record (default) and
- # :mongoid (bson_ext recommended) by default. Other ORMs may be
- # available as additional gems.
- require 'devise/orm/active_record'
-
- # ==> Configuration for any authentication mechanism
- # Configure which keys are used when authenticating a user. The default is
- # just :email. You can configure it to use [:username, :subdomain], so for
- # authenticating a user, both parameters are required. Remember that those
- # parameters are used only when authenticating and not when retrieving from
- # session. If you need permissions, you should implement that in a before filter.
- # You can also supply a hash where the value is a boolean determining whether
- # or not authentication should be aborted when the value is not present.
- # config.authentication_keys = [:email]
-
- # Configure parameters from the request object used for authentication. Each entry
- # given should be a request method and it will automatically be passed to the
- # find_for_authentication method and considered in your model lookup. For instance,
- # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
- # The same considerations mentioned for authentication_keys also apply to request_keys.
- # config.request_keys = []
-
- # Configure which authentication keys should be case-insensitive.
- # These keys will be downcased upon creating or modifying a user and when used
- # to authenticate or find a user. Default is :email.
- config.case_insensitive_keys = [:email]
-
- # Configure which authentication keys should have whitespace stripped.
- # These keys will have whitespace before and after removed upon creating or
- # modifying a user and when used to authenticate or find a user. Default is :email.
- config.strip_whitespace_keys = [:email]
-
- # Tell if authentication through request.params is enabled. True by default.
- # It can be set to an array that will enable params authentication only for the
- # given strategies, for example, `config.params_authenticatable = [:database]` will
- # enable it only for database (email + password) authentication.
- # config.params_authenticatable = true
-
- # Tell if authentication through HTTP Auth is enabled. False by default.
- # It can be set to an array that will enable http authentication only for the
- # given strategies, for example, `config.http_authenticatable = [:database]` will
- # enable it only for database authentication.
- # For API-only applications to support authentication "out-of-the-box", you will likely want to
- # enable this with :database unless you are using a custom strategy.
- # The supported strategies are:
- # :database = Support basic authentication with authentication key + password
- # config.http_authenticatable = false
-
- # If 401 status code should be returned for AJAX requests. True by default.
- # config.http_authenticatable_on_xhr = true
-
- # The realm used in Http Basic Authentication. 'Application' by default.
- # config.http_authentication_realm = 'Application'
-
- # It will change confirmation, password recovery and other workflows
- # to behave the same regardless if the e-mail provided was right or wrong.
- # Does not affect registerable.
- # config.paranoid = true
-
- # By default Devise will store the user in session. You can skip storage for
- # particular strategies by setting this option.
- # Notice that if you are skipping storage for all authentication paths, you
- # may want to disable generating routes to Devise's sessions controller by
- # passing skip: :sessions to `devise_for` in your config/routes.rb
- config.skip_session_storage = [:http_auth]
-
- # By default, Devise cleans up the CSRF token on authentication to
- # avoid CSRF token fixation attacks. This means that, when using AJAX
- # requests for sign in and sign up, you need to get a new CSRF token
- # from the server. You can disable this option at your own risk.
- # config.clean_up_csrf_token_on_authentication = true
-
- # When false, Devise will not attempt to reload routes on eager load.
- # This can reduce the time taken to boot the app but if your application
- # requires the Devise mappings to be loaded during boot time the application
- # won't boot properly.
- # config.reload_routes = true
-
- # ==> Configuration for :database_authenticatable
- # For bcrypt, this is the cost for hashing the password and defaults to 12. If
- # using other algorithms, it sets how many times you want the password to be hashed.
- # The number of stretches used for generating the hashed password are stored
- # with the hashed password. This allows you to change the stretches without
- # invalidating existing passwords.
- #
- # Limiting the stretches to just one in testing will increase the performance of
- # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
- # a value less than 10 in other environments. Note that, for bcrypt (the default
- # algorithm), the cost increases exponentially with the number of stretches (e.g.
- # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
- config.stretches = Rails.env.test? ? 1 : 12
-
- # Set up a pepper to generate the hashed password.
- # config.pepper = '618e546a15b667721a542bb170373b2ce6bce29ab8748715c5903e72048e4ae1b45ea3f44844c661bf2edc2e1ff9a411a919569fa129860f96a68c9985961ca4'
-
- # Send a notification to the original email when the user's email is changed.
- # config.send_email_changed_notification = false
-
- # Send a notification email when the user's password is changed.
- # config.send_password_change_notification = false
-
- # ==> Configuration for :confirmable
- # A period that the user is allowed to access the website even without
- # confirming their account. For instance, if set to 2.days, the user will be
- # able to access the website for two days without confirming their account,
- # access will be blocked just in the third day.
- # You can also set it to nil, which will allow the user to access the website
- # without confirming their account.
- # Default is 0.days, meaning the user cannot access the website without
- # confirming their account.
- # config.allow_unconfirmed_access_for = 2.days
-
- # A period that the user is allowed to confirm their account before their
- # token becomes invalid. For example, if set to 3.days, the user can confirm
- # their account within 3 days after the mail was sent, but on the fourth day
- # their account can't be confirmed with the token any more.
- # Default is nil, meaning there is no restriction on how long a user can take
- # before confirming their account.
- # config.confirm_within = 3.days
-
- # If true, requires any email changes to be confirmed (exactly the same way as
- # initial account confirmation) to be applied. Requires additional unconfirmed_email
- # db field (see migrations). Until confirmed, new email is stored in
- # unconfirmed_email column, and copied to email column on successful confirmation.
- config.reconfirmable = true
-
- # Defines which key will be used when confirming an account
- # config.confirmation_keys = [:email]
-
- # ==> Configuration for :rememberable
- # The time the user will be remembered without asking for credentials again.
- # config.remember_for = 2.weeks
-
- # Invalidates all the remember me tokens when the user signs out.
- config.expire_all_remember_me_on_sign_out = true
-
- # If true, extends the user's remember period when remembered via cookie.
- # config.extend_remember_period = false
-
- # Options to be passed to the created cookie. For instance, you can set
- # secure: true in order to force SSL only cookies.
- # config.rememberable_options = {}
-
- # ==> Configuration for :validatable
- # Range for password length.
- config.password_length = 6..128
-
- # Email regex used to validate email formats. It simply asserts that
- # one (and only one) @ exists in the given string. This is mainly
- # to give user feedback and not to assert the e-mail validity.
- config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
-
- # ==> Configuration for :timeoutable
- # The time you want to timeout the user session without activity. After this
- # time the user will be asked for credentials again. Default is 30 minutes.
- # config.timeout_in = 30.minutes
-
- # ==> Configuration for :lockable
- # Defines which strategy will be used to lock an account.
- # :failed_attempts = Locks an account after a number of failed attempts to sign in.
- # :none = No lock strategy. You should handle locking by yourself.
- # config.lock_strategy = :failed_attempts
-
- # Defines which key will be used when locking and unlocking an account
- # config.unlock_keys = [:email]
-
- # Defines which strategy will be used to unlock an account.
- # :email = Sends an unlock link to the user email
- # :time = Re-enables login after a certain amount of time (see :unlock_in below)
- # :both = Enables both strategies
- # :none = No unlock strategy. You should handle unlocking by yourself.
- # config.unlock_strategy = :both
-
- # Number of authentication tries before locking an account if lock_strategy
- # is failed attempts.
- # config.maximum_attempts = 20
-
- # Time interval to unlock the account if :time is enabled as unlock_strategy.
- # config.unlock_in = 1.hour
-
- # Warn on the last attempt before the account is locked.
- # config.last_attempt_warning = true
-
- # ==> Configuration for :recoverable
- #
- # Defines which key will be used when recovering the password for an account
- # config.reset_password_keys = [:email]
-
- # Time interval you can reset your password with a reset password key.
- # Don't put a too small interval or your users won't have the time to
- # change their passwords.
- config.reset_password_within = 6.hours
-
- # When set to false, does not sign a user in automatically after their password is
- # reset. Defaults to true, so a user is signed in automatically after a reset.
- # config.sign_in_after_reset_password = true
-
- # ==> Configuration for :encryptable
- # Allow you to use another hashing or encryption algorithm besides bcrypt (default).
- # You can use :sha1, :sha512 or algorithms from others authentication tools as
- # :clearance_sha1, :authlogic_sha512 (then you should set stretches above to 20
- # for default behavior) and :restful_authentication_sha1 (then you should set
- # stretches to 10, and copy REST_AUTH_SITE_KEY to pepper).
- #
- # Require the `devise-encryptable` gem when using anything other than bcrypt
- # config.encryptor = :sha512
-
- # ==> Scopes configuration
- # Turn scoped views on. Before rendering "sessions/new", it will first check for
- # "users/sessions/new". It's turned off by default because it's slower if you
- # are using only default views.
- # config.scoped_views = false
-
- # Configure the default scope given to Warden. By default it's the first
- # devise role declared in your routes (usually :user).
- # config.default_scope = :user
-
- # Set this configuration to false if you want /users/sign_out to sign out
- # only the current scope. By default, Devise signs out all scopes.
- # config.sign_out_all_scopes = true
-
- # ==> Navigation configuration
- # Lists the formats that should be treated as navigational. Formats like
- # :html, should redirect to the sign in page when the user does not have
- # access, but formats like :xml or :json, should return 401.
- #
- # If you have any extra navigational formats, like :iphone or :mobile, you
- # should add them to the navigational formats lists.
- #
- # The "*/*" below is required to match Internet Explorer requests.
- # config.navigational_formats = ['*/*', :html]
-
- # The default HTTP method used to sign out a resource. Default is :delete.
- config.sign_out_via = :delete
-
- # ==> OmniAuth
- # Add a new OmniAuth provider. Check the wiki for more information on setting
- # up on your models and hooks.
- # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
- server = URI(ENV.fetch('FIND_A_LOST_TRN_SERVER_URL', 'http://localhost:3000'))
-
- config.omniauth :openid_connect,
- client_options: {
- host: server.host,
- identifier: ENV.fetch('FIND_A_LOST_TRN_CLIENT_ID', ''),
- port: server.port,
- redirect_uri: "#{ENV.fetch('APP_URL', 'http://localhost:3001')}/users/auth/find_a_lost_trn/callback",
- scheme: server.scheme,
- secret: ENV.fetch('FIND_A_LOST_TRN_CLIENT_SECRET', '')
- },
- name: :find_a_lost_trn,
- response_type: :code,
- scope: %i[openid email]
-
- # ==> Warden configuration
- # If you want to use other strategies, that are not supported by Devise, or
- # change the failure app, you can configure them inside the config.warden block.
- #
- # config.warden do |manager|
- # manager.intercept_401 = false
- # manager.default_strategies(scope: :user).unshift :some_external_strategy
- # end
-
- # ==> Mountable engine configurations
- # When using Devise inside an engine, let's call it `MyEngine`, and this engine
- # is mountable, there are some extra configurations to be taken into account.
- # The following options are available, assuming the engine is mounted as:
- #
- # mount MyEngine, at: '/my_engine'
- #
- # The router that invoked `devise_for`, in the example above, would be:
- # config.router_name = :my_engine
- #
- # When using OmniAuth, Devise cannot automatically set OmniAuth path,
- # so you need to do it manually. For the users scope, it would be:
- # config.omniauth_path_prefix = '/my_engine/users/auth'
-
- # ==> Turbolinks configuration
- # If your app is using Turbolinks, Turbolinks::Controller needs to be included to make redirection work correctly:
- #
- # ActiveSupport.on_load(:devise_failure_app) do
- # include Turbolinks::Controller
- # end
-
- # ==> Configuration for :registerable
-
- # When set to false, does not sign a user in automatically after their password is
- # changed. Defaults to true, so a user is signed in automatically after changing a password.
- # config.sign_in_after_change_password = true
-end
diff --git a/find-a-lost-trn-client/config/initializers/filter_parameter_logging.rb b/find-a-lost-trn-client/config/initializers/filter_parameter_logging.rb
deleted file mode 100644
index 3df77c5be..000000000
--- a/find-a-lost-trn-client/config/initializers/filter_parameter_logging.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Configure parameters to be filtered from the log file. Use this to limit dissemination of
-# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
-# notations and behaviors.
-Rails.application.config.filter_parameters += %i[
- passw secret token _key crypt salt certificate otp ssn
-]
diff --git a/find-a-lost-trn-client/config/initializers/inflections.rb b/find-a-lost-trn-client/config/initializers/inflections.rb
deleted file mode 100644
index 6c78420e7..000000000
--- a/find-a-lost-trn-client/config/initializers/inflections.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-# Be sure to restart your server when you modify this file.
-
-# Add new inflection rules using the following format. Inflections
-# are locale specific, and you may define rules for as many different
-# locales as you wish. All of these examples are active by default:
-# ActiveSupport::Inflector.inflections(:en) do |inflect|
-# inflect.plural /^(ox)$/i, "\\1en"
-# inflect.singular /^(ox)en/i, "\\1"
-# inflect.irregular "person", "people"
-# inflect.uncountable %w( fish sheep )
-# end
-
-# These inflection rules are supported but not enabled by default:
-# ActiveSupport::Inflector.inflections(:en) do |inflect|
-# inflect.acronym "RESTful"
-# end
diff --git a/find-a-lost-trn-client/config/initializers/permissions_policy.rb b/find-a-lost-trn-client/config/initializers/permissions_policy.rb
deleted file mode 100644
index 50bcf4ead..000000000
--- a/find-a-lost-trn-client/config/initializers/permissions_policy.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-# Define an application-wide HTTP permissions policy. For further
-# information see https://developers.google.com/web/updates/2018/06/feature-policy
-#
-# Rails.application.config.permissions_policy do |f|
-# f.camera :none
-# f.gyroscope :none
-# f.microphone :none
-# f.usb :none
-# f.fullscreen :self
-# f.payment :self, "https://secure.example.com"
-# end
diff --git a/find-a-lost-trn-client/config/locales/devise.en.yml b/find-a-lost-trn-client/config/locales/devise.en.yml
deleted file mode 100644
index 260e1c4ba..000000000
--- a/find-a-lost-trn-client/config/locales/devise.en.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-# Additional translations at https://github.com/heartcombo/devise/wiki/I18n
-
-en:
- devise:
- confirmations:
- confirmed: "Your email address has been successfully confirmed."
- send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes."
- send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
- failure:
- already_authenticated: "You are already signed in."
- inactive: "Your account is not activated yet."
- invalid: "Invalid %{authentication_keys} or password."
- locked: "Your account is locked."
- last_attempt: "You have one more attempt before your account is locked."
- not_found_in_database: "Invalid %{authentication_keys} or password."
- timeout: "Your session expired. Please sign in again to continue."
- unauthenticated: "You need to sign in or sign up before continuing."
- unconfirmed: "You have to confirm your email address before continuing."
- mailer:
- confirmation_instructions:
- subject: "Confirmation instructions"
- reset_password_instructions:
- subject: "Reset password instructions"
- unlock_instructions:
- subject: "Unlock instructions"
- email_changed:
- subject: "Email Changed"
- password_change:
- subject: "Password Changed"
- omniauth_callbacks:
- failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
- success: "Successfully authenticated from %{kind} account."
- passwords:
- no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
- send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
- send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
- updated: "Your password has been changed successfully. You are now signed in."
- updated_not_active: "Your password has been changed successfully."
- registrations:
- destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon."
- signed_up: "Welcome! You have signed up successfully."
- signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
- signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
- signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
- update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address."
- updated: "Your account has been updated successfully."
- updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again."
- sessions:
- signed_in: "Signed in successfully."
- signed_out: "Signed out successfully."
- already_signed_out: "Signed out successfully."
- unlocks:
- send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes."
- send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
- unlocked: "Your account has been unlocked successfully. Please sign in to continue."
- errors:
- messages:
- already_confirmed: "was already confirmed, please try signing in"
- confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
- expired: "has expired, please request a new one"
- not_found: "not found"
- not_locked: "was not locked"
- not_saved:
- one: "1 error prohibited this %{resource} from being saved:"
- other: "%{count} errors prohibited this %{resource} from being saved:"
diff --git a/find-a-lost-trn-client/config/locales/en.yml b/find-a-lost-trn-client/config/locales/en.yml
deleted file mode 100644
index 8ca56fc74..000000000
--- a/find-a-lost-trn-client/config/locales/en.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-# Files in the config/locales directory are used for internationalization
-# and are automatically loaded by Rails. If you want to use locales other
-# than English, add the necessary files in this directory.
-#
-# To use the locales, use `I18n.t`:
-#
-# I18n.t "hello"
-#
-# In views, this is aliased to just `t`:
-#
-# <%= t("hello") %>
-#
-# To use a different locale, set it with `I18n.locale`:
-#
-# I18n.locale = :es
-#
-# This would use the information in config/locales/es.yml.
-#
-# The following keys must be escaped otherwise they will not be retrieved by
-# the default I18n backend:
-#
-# true, false, on, off, yes, no
-#
-# Instead, surround them with single quotes.
-#
-# en:
-# "true": "foo"
-#
-# To learn more, please read the Rails Internationalization guide
-# available at https://guides.rubyonrails.org/i18n.html.
-
-en:
- hello: "Hello world"
diff --git a/find-a-lost-trn-client/config/puma.rb b/find-a-lost-trn-client/config/puma.rb
deleted file mode 100644
index 1713441e5..000000000
--- a/find-a-lost-trn-client/config/puma.rb
+++ /dev/null
@@ -1,45 +0,0 @@
-# frozen_string_literal: true
-
-# Puma can serve each request in a thread from an internal thread pool.
-# The `threads` method setting takes two numbers: a minimum and maximum.
-# Any libraries that use thread pools should be configured to match
-# the maximum value specified for Puma. Default is set to 5 threads for minimum
-# and maximum; this matches the default thread size of Active Record.
-#
-max_threads_count = ENV.fetch('RAILS_MAX_THREADS', 5)
-min_threads_count = ENV.fetch('RAILS_MIN_THREADS') { max_threads_count }
-threads min_threads_count, max_threads_count
-
-# Specifies the `worker_timeout` threshold that Puma will use to wait before
-# terminating a worker in development environments.
-#
-worker_timeout 3600 if ENV.fetch('RAILS_ENV', 'development') == 'development'
-
-# Specifies the `port` that Puma will listen on to receive requests; default is 3000.
-#
-port ENV.fetch('PORT', 3000)
-
-# Specifies the `environment` that Puma will run in.
-#
-environment ENV.fetch('RAILS_ENV', 'development')
-
-# Specifies the `pidfile` that Puma will use.
-pidfile ENV.fetch('PIDFILE', 'tmp/pids/server.pid')
-
-# Specifies the number of `workers` to boot in clustered mode.
-# Workers are forked web server processes. If using threads and workers together
-# the concurrency of the application would be max `threads` * `workers`.
-# Workers do not work on JRuby or Windows (both of which do not support
-# processes).
-#
-# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
-
-# Use the `preload_app!` method when specifying a `workers` number.
-# This directive tells Puma to first boot the application and load code
-# before forking the application. This takes advantage of Copy On Write
-# process behavior so workers use less memory.
-#
-# preload_app!
-
-# Allow puma to be restarted by `bin/rails restart` command.
-plugin :tmp_restart
diff --git a/find-a-lost-trn-client/config/routes.rb b/find-a-lost-trn-client/config/routes.rb
deleted file mode 100644
index db29be453..000000000
--- a/find-a-lost-trn-client/config/routes.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-Rails.application.routes.draw do
- devise_for :users
- # Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html
-
- # Defines the root path route ("/")
- # root "articles#index"
-end
diff --git a/find-a-lost-trn-client/config/storage.yml b/find-a-lost-trn-client/config/storage.yml
deleted file mode 100644
index 4942ab669..000000000
--- a/find-a-lost-trn-client/config/storage.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-test:
- service: Disk
- root: <%= Rails.root.join("tmp/storage") %>
-
-local:
- service: Disk
- root: <%= Rails.root.join("storage") %>
-
-# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
-# amazon:
-# service: S3
-# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
-# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
-# region: us-east-1
-# bucket: your_own_bucket-<%= Rails.env %>
-
-# Remember not to checkin your GCS keyfile to a repository
-# google:
-# service: GCS
-# project: your_project
-# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
-# bucket: your_own_bucket-<%= Rails.env %>
-
-# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
-# microsoft:
-# service: AzureStorage
-# storage_account_name: your_account_name
-# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
-# container: your_container_name-<%= Rails.env %>
-
-# mirror:
-# service: Mirror
-# primary: local
-# mirrors: [ amazon, google, microsoft ]
diff --git a/find-a-lost-trn-client/db/migrate/20220511083454_devise_create_users.rb b/find-a-lost-trn-client/db/migrate/20220511083454_devise_create_users.rb
deleted file mode 100644
index e052375d3..000000000
--- a/find-a-lost-trn-client/db/migrate/20220511083454_devise_create_users.rb
+++ /dev/null
@@ -1,43 +0,0 @@
-# frozen_string_literal: true
-
-class DeviseCreateUsers < ActiveRecord::Migration[7.0]
- def change
- create_table :users do |t|
- ## Database authenticatable
- t.string :email, null: false, default: ''
- t.string :encrypted_password, null: false, default: ''
-
- ## Recoverable
- t.string :reset_password_token
- t.datetime :reset_password_sent_at
-
- ## Rememberable
- t.datetime :remember_created_at
-
- ## Trackable
- # t.integer :sign_in_count, default: 0, null: false
- # t.datetime :current_sign_in_at
- # t.datetime :last_sign_in_at
- # t.string :current_sign_in_ip
- # t.string :last_sign_in_ip
-
- ## Confirmable
- # t.string :confirmation_token
- # t.datetime :confirmed_at
- # t.datetime :confirmation_sent_at
- # t.string :unconfirmed_email # Only if using reconfirmable
-
- ## Lockable
- # t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
- # t.string :unlock_token # Only if unlock strategy is :email or :both
- # t.datetime :locked_at
-
- t.timestamps null: false
- end
-
- add_index :users, :email, unique: true
- add_index :users, :reset_password_token, unique: true
- # add_index :users, :confirmation_token, unique: true
- # add_index :users, :unlock_token, unique: true
- end
-end
diff --git a/find-a-lost-trn-client/db/schema.rb b/find-a-lost-trn-client/db/schema.rb
deleted file mode 100644
index 5babc190d..000000000
--- a/find-a-lost-trn-client/db/schema.rb
+++ /dev/null
@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-# This file is auto-generated from the current state of the database. Instead
-# of editing this file, please use the migrations feature of Active Record to
-# incrementally modify your database, and then regenerate this schema definition.
-#
-# This file is the source Rails uses to define your schema when running `bin/rails
-# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
-# be faster and is potentially less error prone than running all of your
-# migrations from scratch. Old migrations may fail to apply correctly if those
-# migrations use external dependencies or application code.
-#
-# It's strongly recommended that you check this file into your version control system.
-
-ActiveRecord::Schema[7.0].define(version: 20_220_511_083_454) do
- # These are extensions that must be enabled in order to support this database
- enable_extension 'plpgsql'
-
- create_table 'users', force: :cascade do |t|
- t.string 'email', default: '', null: false
- t.string 'encrypted_password', default: '', null: false
- t.string 'reset_password_token'
- t.datetime 'reset_password_sent_at'
- t.datetime 'remember_created_at'
- t.datetime 'created_at', null: false
- t.datetime 'updated_at', null: false
- t.index ['email'], name: 'index_users_on_email', unique: true
- t.index ['reset_password_token'], name: 'index_users_on_reset_password_token', unique: true
- end
-end
diff --git a/find-a-lost-trn-client/db/seeds.rb b/find-a-lost-trn-client/db/seeds.rb
deleted file mode 100644
index 0664d1be6..000000000
--- a/find-a-lost-trn-client/db/seeds.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-# This file should contain all the record creation needed to seed the database with its default values.
-# The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup).
-#
-# Examples:
-#
-# movies = Movie.create([{ name: "Star Wars" }, { name: "Lord of the Rings" }])
-# Character.create(name: "Luke", movie: movies.first)
diff --git a/find-a-lost-trn-client/lib/assets/.keep b/find-a-lost-trn-client/lib/assets/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/find-a-lost-trn-client/lib/tasks/.keep b/find-a-lost-trn-client/lib/tasks/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/find-a-lost-trn-client/log/.keep b/find-a-lost-trn-client/log/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/find-a-lost-trn-client/public/404.html b/find-a-lost-trn-client/public/404.html
deleted file mode 100644
index 2be3af26f..000000000
--- a/find-a-lost-trn-client/public/404.html
+++ /dev/null
@@ -1,67 +0,0 @@
-
-
-
- The page you were looking for doesn't exist (404)
-
-
-
-
-
-
-
-
-
The page you were looking for doesn't exist.
-
You may have mistyped the address or the page may have moved.
-
-
If you are the application owner check the logs for more information.
-
-
-
diff --git a/find-a-lost-trn-client/public/422.html b/find-a-lost-trn-client/public/422.html
deleted file mode 100644
index c08eac0d1..000000000
--- a/find-a-lost-trn-client/public/422.html
+++ /dev/null
@@ -1,67 +0,0 @@
-
-
-
- The change you wanted was rejected (422)
-
-
-
-
-
-
-
-
-
The change you wanted was rejected.
-
Maybe you tried to change something you didn't have access to.
-
-
If you are the application owner check the logs for more information.
- <%= f.label :current_password %> (we need your current password to confirm your changes)
- <%= f.password_field :current_password, autocomplete: "current-password" %>
-
-
-
- <%= f.submit "Update" %>
-
-<% end %>
-
-
Cancel my account
-
-
Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %>
-
-
diff --git a/openid_connect_poc/app/views/layouts/mailer.html.erb b/openid_connect_poc/app/views/layouts/mailer.html.erb
deleted file mode 100644
index cbd34d2e9..000000000
--- a/openid_connect_poc/app/views/layouts/mailer.html.erb
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
-
-
-
-
-
-
- <%= yield %>
-
-
diff --git a/openid_connect_poc/app/views/layouts/mailer.text.erb b/openid_connect_poc/app/views/layouts/mailer.text.erb
deleted file mode 100644
index 37f0bddbd..000000000
--- a/openid_connect_poc/app/views/layouts/mailer.text.erb
+++ /dev/null
@@ -1 +0,0 @@
-<%= yield %>
diff --git a/openid_connect_poc/babel.config.js b/openid_connect_poc/babel.config.js
deleted file mode 100644
index 19a07f314..000000000
--- a/openid_connect_poc/babel.config.js
+++ /dev/null
@@ -1,82 +0,0 @@
-module.exports = function(api) {
- var validEnv = ['development', 'test', 'production']
- var currentEnv = api.env()
- var isDevelopmentEnv = api.env('development')
- var isProductionEnv = api.env('production')
- var isTestEnv = api.env('test')
-
- if (!validEnv.includes(currentEnv)) {
- throw new Error(
- 'Please specify a valid `NODE_ENV` or ' +
- '`BABEL_ENV` environment variables. Valid values are "development", ' +
- '"test", and "production". Instead, received: ' +
- JSON.stringify(currentEnv) +
- '.'
- )
- }
-
- return {
- presets: [
- isTestEnv && [
- '@babel/preset-env',
- {
- targets: {
- node: 'current'
- }
- }
- ],
- (isProductionEnv || isDevelopmentEnv) && [
- '@babel/preset-env',
- {
- forceAllTransforms: true,
- useBuiltIns: 'entry',
- corejs: 3,
- modules: false,
- exclude: ['transform-typeof-symbol']
- }
- ]
- ].filter(Boolean),
- plugins: [
- 'babel-plugin-macros',
- '@babel/plugin-syntax-dynamic-import',
- isTestEnv && 'babel-plugin-dynamic-import-node',
- '@babel/plugin-transform-destructuring',
- [
- '@babel/plugin-proposal-class-properties',
- {
- loose: true
- }
- ],
- [
- '@babel/plugin-proposal-object-rest-spread',
- {
- useBuiltIns: true
- }
- ],
- [
- '@babel/plugin-proposal-private-methods',
- {
- loose: true
- }
- ],
- [
- '@babel/plugin-proposal-private-property-in-object',
- {
- loose: true
- }
- ],
- [
- '@babel/plugin-transform-runtime',
- {
- helpers: false
- }
- ],
- [
- '@babel/plugin-transform-regenerator',
- {
- async: false
- }
- ]
- ].filter(Boolean)
- }
-}
diff --git a/openid_connect_poc/bin/bundle b/openid_connect_poc/bin/bundle
deleted file mode 100755
index 73ec94756..000000000
--- a/openid_connect_poc/bin/bundle
+++ /dev/null
@@ -1,118 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-#
-# This file was generated by Bundler.
-#
-# The application 'bundle' is installed as part of a gem, and
-# this file is here to facilitate running it.
-#
-
-require 'rubygems'
-
-m = Module.new do
- module_function
-
- def invoked_as_script?
- File.expand_path($PROGRAM_NAME) == File.expand_path(__FILE__)
- end
-
- def env_var_version
- ENV['BUNDLER_VERSION']
- end
-
- def cli_arg_version
- return unless invoked_as_script? # don't want to hijack other binstubs
- return unless 'update'.start_with?(ARGV.first || ' ') # must be running `bundle update`
-
- bundler_version = nil
- update_index = nil
- ARGV.each_with_index do |a, i|
- bundler_version = a if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN
- next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/
-
- bundler_version = Regexp.last_match(1)
- update_index = i
- end
- bundler_version
- end
-
- def gemfile
- gemfile = ENV['BUNDLE_GEMFILE']
- return gemfile if gemfile && !gemfile.empty?
-
- File.expand_path('../Gemfile', __dir__)
- end
-
- def lockfile
- lockfile =
- case File.basename(gemfile)
- when 'gems.rb' then gemfile.sub(/\.rb$/, gemfile)
- else "#{gemfile}.lock"
- end
- File.expand_path(lockfile)
- end
-
- def lockfile_version
- return unless File.file?(lockfile)
-
- lockfile_contents = File.read(lockfile)
- return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/
-
- Regexp.last_match(1)
- end
-
- def bundler_version
- @bundler_version ||=
- env_var_version || cli_arg_version ||
- lockfile_version
- end
-
- def bundler_requirement
- return "#{Gem::Requirement.default}.a" unless bundler_version
-
- bundler_gem_version = Gem::Version.new(bundler_version)
-
- requirement = bundler_gem_version.approximate_recommendation
-
- return requirement unless Gem::Version.new(Gem::VERSION) < Gem::Version.new('2.7.0')
-
- requirement += '.a' if bundler_gem_version.prerelease?
-
- requirement
- end
-
- def load_bundler!
- ENV['BUNDLE_GEMFILE'] ||= gemfile
-
- activate_bundler
- end
-
- def activate_bundler
- gem_error = activation_error_handling do
- gem 'bundler', bundler_requirement
- end
- return if gem_error.nil?
-
- require_error = activation_error_handling do
- require 'bundler/version'
- end
- if require_error.nil? && Gem::Requirement.new(bundler_requirement).satisfied_by?(Gem::Version.new(Bundler::VERSION))
- return
- end
-
- warn "Activating bundler (#{bundler_requirement}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_requirement}'`"
- exit 42
- end
-
- def activation_error_handling
- yield
- nil
- rescue StandardError, LoadError => e
- e
- end
-end
-
-m.load_bundler!
-
-load Gem.bin_path('bundler', 'bundle') if m.invoked_as_script?
diff --git a/openid_connect_poc/bin/rails b/openid_connect_poc/bin/rails
deleted file mode 100755
index 4804cad72..000000000
--- a/openid_connect_poc/bin/rails
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-begin
- load File.expand_path('../spring', __FILE__)
-rescue LoadError => e
- raise unless e.message.include?('spring')
-end
-
-load File.expand_path('spring', __dir__)
-APP_PATH = File.expand_path('../config/application', __dir__)
-require_relative '../config/boot'
-require 'rails/commands'
diff --git a/openid_connect_poc/bin/rake b/openid_connect_poc/bin/rake
deleted file mode 100755
index 22bda5421..000000000
--- a/openid_connect_poc/bin/rake
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-begin
- load File.expand_path('../spring', __FILE__)
-rescue LoadError => e
- raise unless e.message.include?('spring')
-end
-
-load File.expand_path('spring', __dir__)
-require_relative '../config/boot'
-require 'rake'
-Rake.application.run
diff --git a/openid_connect_poc/bin/setup b/openid_connect_poc/bin/setup
deleted file mode 100755
index 0e38d3004..000000000
--- a/openid_connect_poc/bin/setup
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require 'fileutils'
-
-# path to your application root.
-APP_ROOT = File.expand_path('..', __dir__)
-
-def system!(*args)
- system(*args) || abort("\n== Command #{args} failed ==")
-end
-
-FileUtils.chdir APP_ROOT do
- # This script is a way to set up or update your development environment automatically.
- # This script is idempotent, so that you can run it at any time and get an expectable outcome.
- # Add necessary setup steps to this file.
-
- puts '== Installing dependencies =='
- system! 'gem install bundler --conservative'
- system('bundle check') || system!('bundle install')
-
- # Install JavaScript dependencies
- system! 'bin/yarn'
-
- # puts "\n== Copying sample files =="
- # unless File.exist?('config/database.yml')
- # FileUtils.cp 'config/database.yml.sample', 'config/database.yml'
- # end
-
- puts "\n== Preparing database =="
- system! 'bin/rails db:prepare'
-
- puts "\n== Removing old logs and tempfiles =="
- system! 'bin/rails log:clear tmp:clear'
-
- puts "\n== Restarting application server =="
- system! 'bin/rails restart'
-end
diff --git a/openid_connect_poc/bin/spring b/openid_connect_poc/bin/spring
deleted file mode 100755
index d89ee495f..000000000
--- a/openid_connect_poc/bin/spring
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/usr/bin/env ruby
-
-# This file loads Spring without using Bundler, in order to be fast.
-# It gets overwritten when you run the `spring binstub` command.
-
-unless defined?(Spring)
- require 'rubygems'
- require 'bundler'
-
- lockfile = Bundler::LockfileParser.new(Bundler.default_lockfile.read)
- spring = lockfile.specs.detect { |spec| spec.name == 'spring' }
- if spring
- Gem.use_paths Gem.dir, Bundler.bundle_path.to_s, *Gem.path
- gem 'spring', spring.version
- require 'spring/binstub'
- end
-end
diff --git a/openid_connect_poc/bin/webpack b/openid_connect_poc/bin/webpack
deleted file mode 100755
index 62114baeb..000000000
--- a/openid_connect_poc/bin/webpack
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-ENV['RAILS_ENV'] ||= ENV['RACK_ENV'] || 'development'
-ENV['NODE_ENV'] ||= 'development'
-
-require 'pathname'
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
- Pathname.new(__FILE__).realpath)
-
-require 'bundler/setup'
-
-require 'webpacker'
-require 'webpacker/webpack_runner'
-
-APP_ROOT = File.expand_path('..', __dir__)
-Dir.chdir(APP_ROOT) do
- Webpacker::WebpackRunner.run(ARGV)
-end
diff --git a/openid_connect_poc/bin/webpack-dev-server b/openid_connect_poc/bin/webpack-dev-server
deleted file mode 100755
index e4f41ccd4..000000000
--- a/openid_connect_poc/bin/webpack-dev-server
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-ENV['RAILS_ENV'] ||= ENV['RACK_ENV'] || 'development'
-ENV['NODE_ENV'] ||= 'development'
-
-require 'pathname'
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
- Pathname.new(__FILE__).realpath)
-
-require 'bundler/setup'
-
-require 'webpacker'
-require 'webpacker/dev_server_runner'
-
-APP_ROOT = File.expand_path('..', __dir__)
-Dir.chdir(APP_ROOT) do
- Webpacker::DevServerRunner.run(ARGV)
-end
diff --git a/openid_connect_poc/bin/yarn b/openid_connect_poc/bin/yarn
deleted file mode 100755
index 9da8e5c57..000000000
--- a/openid_connect_poc/bin/yarn
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-APP_ROOT = File.expand_path('..', __dir__)
-Dir.chdir(APP_ROOT) do
- yarn = ENV['PATH'].split(File::PATH_SEPARATOR)
- .reject { |dir| File.expand_path(dir) == __dir__ }
- .product(['yarn', 'yarn.cmd', 'yarn.ps1'])
- .map { |dir, file| File.expand_path(file, dir) }
- .find { |file| File.executable?(file) }
-
- if yarn
- exec yarn, *ARGV
- else
- warn 'Yarn executable was not detected in the system.'
- warn 'Download Yarn at https://yarnpkg.com/en/docs/install'
- exit 1
- end
-end
diff --git a/openid_connect_poc/config.ru b/openid_connect_poc/config.ru
deleted file mode 100644
index ea2613988..000000000
--- a/openid_connect_poc/config.ru
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-# This file is used by Rack-based servers to start the application.
-
-require_relative 'config/environment'
-require 'localhost'
-
-run Rails.application
-Rails.application.load_server
diff --git a/openid_connect_poc/config/application.rb b/openid_connect_poc/config/application.rb
deleted file mode 100644
index b64f7687b..000000000
--- a/openid_connect_poc/config/application.rb
+++ /dev/null
@@ -1,46 +0,0 @@
-# frozen_string_literal: true
-
-require_relative 'boot'
-
-require 'rails'
-# Pick the frameworks you want:
-require 'active_model/railtie'
-require 'active_job/railtie'
-require 'active_record/railtie'
-require 'active_storage/engine'
-require 'action_controller/railtie'
-require 'action_mailer/railtie'
-require 'action_mailbox/engine'
-require 'action_text/engine'
-require 'action_view/railtie'
-require 'action_cable/engine'
-require 'sprockets/railtie'
-# require "rails/test_unit/railtie"
-
-# Require the gems listed in Gemfile, including any gems
-# you've limited to :test, :development, or :production.
-Bundler.require(*Rails.groups)
-
-module TeacherId
- class Application < Rails::Application
- # Initialize configuration defaults for originally generated Rails version.
- config.load_defaults 6.1
-
- # Configuration for the application, engines, and railties goes here.
- #
- # These settings can be overridden in specific environments using the files
- # in config/environments, which are processed later.
- #
- # config.time_zone = "Central Time (US & Canada)"
- # config.eager_load_paths << Rails.root.join("extras")
-
- # Don't generate system test files.
- config.generators.system_tests = nil
- config.generators.helpers = nil
-
- config.session_store :cookie_store, key: '_teacher_id_session'
- config.middleware.use ActionDispatch::Cookies # Required for all session management
- config.middleware.use ActionDispatch::Session::CookieStore, config.session_options
- config.hosts << 'lvh.me'
- end
-end
diff --git a/openid_connect_poc/config/boot.rb b/openid_connect_poc/config/boot.rb
deleted file mode 100644
index c04863fa7..000000000
--- a/openid_connect_poc/config/boot.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
-
-require 'bundler/setup' # Set up gems listed in the Gemfile.
-require 'bootsnap/setup' # Speed up boot time by caching expensive operations.
diff --git a/openid_connect_poc/config/cable.yml b/openid_connect_poc/config/cable.yml
deleted file mode 100644
index d575c51d0..000000000
--- a/openid_connect_poc/config/cable.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-development:
- adapter: async
-
-test:
- adapter: test
-
-production:
- adapter: redis
- url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
- channel_prefix: teacher_id_production
diff --git a/openid_connect_poc/config/credentials.yml.enc b/openid_connect_poc/config/credentials.yml.enc
deleted file mode 100644
index 92a98d8d5..000000000
--- a/openid_connect_poc/config/credentials.yml.enc
+++ /dev/null
@@ -1 +0,0 @@
-xb/aNRcV8bhPP3SCLykHMyFyXEImeXlE/qrKCyIq7sqjbVJ+AG+ctLxacoXGhPEpG3L7jMbdLiiejlgv8Ve+12axIeQHU0ItYMD1XxO2wxSKnGMNzLWCwuXhC0kyldyQtjneDgDbRQHI1uMXRZIKtc5+ufJNuXAr9imQXjU5WfDZggS26fAF93JFpqKQGQtWdsgp21I4T21ThqCgn6VFDtKo6NU/tkNif7K98GE4APp3QUywNwCwT6LfPI0ibtEVhPKgJyV2onH93gSovX1UgQiERIkLZQZz2/88HveDSLWGbKgmKZBSszewL/z3/Bj798bt436DRQcsNo9997H2HYTJl7d38Jg/b0mTP+M/LJu9vXOnefFChFNyJ8QpLkM6fP9mBvWk5O1kH3rWSH7PvLF1hMKCgGQ0+TjG--cScPKrlDNZMY+WGU--Ippden6OEhMNC8qrdJgZOQ==
\ No newline at end of file
diff --git a/openid_connect_poc/config/database.yml b/openid_connect_poc/config/database.yml
deleted file mode 100644
index 51de0ad41..000000000
--- a/openid_connect_poc/config/database.yml
+++ /dev/null
@@ -1,86 +0,0 @@
-# PostgreSQL. Versions 9.3 and up are supported.
-#
-# Install the pg driver:
-# gem install pg
-# On macOS with Homebrew:
-# gem install pg -- --with-pg-config=/usr/local/bin/pg_config
-# On macOS with MacPorts:
-# gem install pg -- --with-pg-config=/opt/local/lib/postgresql84/bin/pg_config
-# On Windows:
-# gem install pg
-# Choose the win32 build.
-# Install PostgreSQL and put its /bin directory on your path.
-#
-# Configure Using Gemfile
-# gem 'pg'
-#
-default: &default
- adapter: postgresql
- encoding: unicode
- # For details on connection pooling, see Rails configuration guide
- # https://guides.rubyonrails.org/configuring.html#database-pooling
- pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
-
-development:
- <<: *default
- database: teacher_id_development
-
- # The specified database role being used to connect to postgres.
- # To create additional roles in postgres see `$ createuser --help`.
- # When left blank, postgres will use the default role. This is
- # the same name as the operating system user running Rails.
- #username: teacher_id
-
- # The password associated with the postgres role (username).
- #password:
-
- # Connect on a TCP socket. Omitted by default since the client uses a
- # domain socket that doesn't need configuration. Windows does not have
- # domain sockets, so uncomment these lines.
- #host: localhost
-
- # The TCP port the server listens on. Defaults to 5432.
- # If your server runs on a different port number, change accordingly.
- #port: 5432
-
- # Schema search path. The server defaults to $user,public
- #schema_search_path: myapp,sharedapp,public
-
- # Minimum log levels, in increasing order:
- # debug5, debug4, debug3, debug2, debug1,
- # log, notice, warning, error, fatal, and panic
- # Defaults to warning.
- #min_messages: notice
-
-# Warning: The database defined as "test" will be erased and
-# re-generated from your development database when you run "rake".
-# Do not set this db to the same as development or production.
-test:
- <<: *default
- database: teacher_id_test
-
-# As with config/credentials.yml, you never want to store sensitive information,
-# like your database password, in your source code. If your source code is
-# ever seen by anyone, they now have access to your database.
-#
-# Instead, provide the password or a full connection URL as an environment
-# variable when you boot the app. For example:
-#
-# DATABASE_URL="postgres://myuser:mypass@localhost/somedatabase"
-#
-# If the connection URL is provided in the special DATABASE_URL environment
-# variable, Rails will automatically merge its configuration values on top of
-# the values provided in this file. Alternatively, you can specify a connection
-# URL environment variable explicitly:
-#
-# production:
-# url: <%= ENV['MY_APP_DATABASE_URL'] %>
-#
-# Read https://guides.rubyonrails.org/configuring.html#configuring-a-database
-# for a full overview on how database connection configuration can be specified.
-#
-production:
- <<: *default
- database: teacher_id_production
- username: teacher_id
- password: <%= ENV['TEACHER_ID_DATABASE_PASSWORD'] %>
diff --git a/openid_connect_poc/config/environment.rb b/openid_connect_poc/config/environment.rb
deleted file mode 100644
index d5abe5580..000000000
--- a/openid_connect_poc/config/environment.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-# Load the Rails application.
-require_relative 'application'
-
-# Initialize the Rails application.
-Rails.application.initialize!
diff --git a/openid_connect_poc/config/environments/development.rb b/openid_connect_poc/config/environments/development.rb
deleted file mode 100644
index 66427a65e..000000000
--- a/openid_connect_poc/config/environments/development.rb
+++ /dev/null
@@ -1,79 +0,0 @@
-# frozen_string_literal: true
-
-require 'active_support/core_ext/integer/time'
-
-Rails.application.configure do
- # Settings specified here will take precedence over those in config/application.rb.
-
- # In the development environment your application's code is reloaded any time
- # it changes. This slows down response time but is perfect for development
- # since you don't have to restart the web server when you make code changes.
- config.cache_classes = false
-
- # Do not eager load code on boot.
- config.eager_load = false
-
- # Show full error reports.
- config.consider_all_requests_local = true
-
- # Enable/disable caching. By default caching is disabled.
- # Run rails dev:cache to toggle caching.
- if Rails.root.join('tmp', 'caching-dev.txt').exist?
- config.action_controller.perform_caching = true
- config.action_controller.enable_fragment_cache_logging = true
-
- config.cache_store = :memory_store
- config.public_file_server.headers = {
- 'Cache-Control' => "public, max-age=#{2.days.to_i}"
- }
- else
- config.action_controller.perform_caching = false
-
- config.cache_store = :null_store
- end
-
- # Store uploaded files on the local file system (see config/storage.yml for options).
- config.active_storage.service = :local
-
- # Don't care if the mailer can't send.
- config.action_mailer.raise_delivery_errors = false
-
- config.action_mailer.perform_caching = false
- config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
-
- # Print deprecation notices to the Rails logger.
- config.active_support.deprecation = :log
-
- # Raise exceptions for disallowed deprecations.
- config.active_support.disallowed_deprecation = :raise
-
- # Tell Active Support which deprecation messages to disallow.
- config.active_support.disallowed_deprecation_warnings = []
-
- # Raise an error on page load if there are pending migrations.
- config.active_record.migration_error = :page_load
-
- # Highlight code that triggered database queries in logs.
- config.active_record.verbose_query_logs = true
-
- # Debug mode disables concatenation and preprocessing of assets.
- # This option may cause significant delays in view rendering with a large
- # number of complex assets.
- config.assets.debug = true
-
- # Suppress logger output for asset requests.
- config.assets.quiet = true
-
- # Raises error for missing translations.
- # config.i18n.raise_on_missing_translations = true
-
- # Annotate rendered view with file names.
- # config.action_view.annotate_rendered_view_with_filenames = true
-
- # Use an evented file watcher to asynchronously detect changes in source code,
- # routes, locales, etc. This feature depends on the listen gem.
- config.file_watcher = ActiveSupport::EventedFileUpdateChecker
-
- # Uncomment if you wish to allow Action Cable access from any origin.
- # config.action_cable.disable_request_forgery_protection = true
-end
diff --git a/openid_connect_poc/config/environments/production.rb b/openid_connect_poc/config/environments/production.rb
deleted file mode 100644
index 2d03d9ef4..000000000
--- a/openid_connect_poc/config/environments/production.rb
+++ /dev/null
@@ -1,122 +0,0 @@
-# frozen_string_literal: true
-
-require 'active_support/core_ext/integer/time'
-
-Rails.application.configure do
- # Settings specified here will take precedence over those in config/application.rb.
-
- # Code is not reloaded between requests.
- config.cache_classes = true
-
- # Eager load code on boot. This eager loads most of Rails and
- # your application in memory, allowing both threaded web servers
- # and those relying on copy on write to perform better.
- # Rake tasks automatically ignore this option for performance.
- config.eager_load = true
-
- # Full error reports are disabled and caching is turned on.
- config.consider_all_requests_local = false
- config.action_controller.perform_caching = true
-
- # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
- # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
- # config.require_master_key = true
-
- # Disable serving static files from the `/public` folder by default since
- # Apache or NGINX already handles this.
- config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
-
- # Compress CSS using a preprocessor.
- # config.assets.css_compressor = :sass
-
- # Do not fallback to assets pipeline if a precompiled asset is missed.
- config.assets.compile = false
-
- # Enable serving of images, stylesheets, and JavaScripts from an asset server.
- # config.asset_host = 'http://assets.example.com'
-
- # Specifies the header that your server uses for sending files.
- # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
- # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
-
- # Store uploaded files on the local file system (see config/storage.yml for options).
- config.active_storage.service = :local
-
- # Mount Action Cable outside main process or domain.
- # config.action_cable.mount_path = nil
- # config.action_cable.url = 'wss://example.com/cable'
- # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
-
- # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
- # config.force_ssl = true
-
- # Include generic and useful information about system operation, but avoid logging too much
- # information to avoid inadvertent exposure of personally identifiable information (PII).
- config.log_level = :info
-
- # Prepend all log lines with the following tags.
- config.log_tags = [:request_id]
-
- # Use a different cache store in production.
- # config.cache_store = :mem_cache_store
-
- # Use a real queuing backend for Active Job (and separate queues per environment).
- # config.active_job.queue_adapter = :resque
- # config.active_job.queue_name_prefix = "teacher_id_production"
-
- config.action_mailer.perform_caching = false
-
- # Ignore bad email addresses and do not raise email delivery errors.
- # Set this to true and configure the email server for immediate delivery to raise delivery errors.
- # config.action_mailer.raise_delivery_errors = false
-
- # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
- # the I18n.default_locale when a translation cannot be found).
- config.i18n.fallbacks = true
-
- # Send deprecation notices to registered listeners.
- config.active_support.deprecation = :notify
-
- # Log disallowed deprecations.
- config.active_support.disallowed_deprecation = :log
-
- # Tell Active Support which deprecation messages to disallow.
- config.active_support.disallowed_deprecation_warnings = []
-
- # Use default logging formatter so that PID and timestamp are not suppressed.
- config.log_formatter = ::Logger::Formatter.new
-
- # Use a different logger for distributed setups.
- # require "syslog/logger"
- # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
-
- if ENV['RAILS_LOG_TO_STDOUT'].present?
- logger = ActiveSupport::Logger.new($stdout)
- logger.formatter = config.log_formatter
- config.logger = ActiveSupport::TaggedLogging.new(logger)
- end
-
- # Do not dump schema after migrations.
- config.active_record.dump_schema_after_migration = false
-
- # Inserts middleware to perform automatic connection switching.
- # The `database_selector` hash is used to pass options to the DatabaseSelector
- # middleware. The `delay` is used to determine how long to wait after a write
- # to send a subsequent read to the primary.
- #
- # The `database_resolver` class is used by the middleware to determine which
- # database is appropriate to use based on the time delay.
- #
- # The `database_resolver_context` class is used by the middleware to set
- # timestamps for the last write to the primary. The resolver uses the context
- # class timestamps to determine how long to wait before reading from the
- # replica.
- #
- # By default Rails will store a last write timestamp in the session. The
- # DatabaseSelector middleware is designed as such you can define your own
- # strategy for connection switching and pass that into the middleware through
- # these configuration options.
- # config.active_record.database_selector = { delay: 2.seconds }
- # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver
- # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session
-end
diff --git a/openid_connect_poc/config/environments/test.rb b/openid_connect_poc/config/environments/test.rb
deleted file mode 100644
index 74b1be28c..000000000
--- a/openid_connect_poc/config/environments/test.rb
+++ /dev/null
@@ -1,62 +0,0 @@
-# frozen_string_literal: true
-
-require 'active_support/core_ext/integer/time'
-
-# The test environment is used exclusively to run your application's
-# test suite. You never need to work with it otherwise. Remember that
-# your test database is "scratch space" for the test suite and is wiped
-# and recreated between test runs. Don't rely on the data there!
-
-Rails.application.configure do
- # Settings specified here will take precedence over those in config/application.rb.
-
- config.cache_classes = false
- config.action_view.cache_template_loading = true
-
- # Do not eager load code on boot. This avoids loading your whole application
- # just for the purpose of running a single test. If you are using a tool that
- # preloads Rails for running tests, you may have to set it to true.
- config.eager_load = false
-
- # Configure public file server for tests with Cache-Control for performance.
- config.public_file_server.enabled = true
- config.public_file_server.headers = {
- 'Cache-Control' => "public, max-age=#{1.hour.to_i}"
- }
-
- # Show full error reports and disable caching.
- config.consider_all_requests_local = true
- config.action_controller.perform_caching = false
- config.cache_store = :null_store
-
- # Raise exceptions instead of rendering exception templates.
- config.action_dispatch.show_exceptions = false
-
- # Disable request forgery protection in test environment.
- config.action_controller.allow_forgery_protection = false
-
- # Store uploaded files on the local file system in a temporary directory.
- config.active_storage.service = :test
-
- config.action_mailer.perform_caching = false
-
- # Tell Action Mailer not to deliver emails to the real world.
- # The :test delivery method accumulates sent emails in the
- # ActionMailer::Base.deliveries array.
- config.action_mailer.delivery_method = :test
-
- # Print deprecation notices to the stderr.
- config.active_support.deprecation = :stderr
-
- # Raise exceptions for disallowed deprecations.
- config.active_support.disallowed_deprecation = :raise
-
- # Tell Active Support which deprecation messages to disallow.
- config.active_support.disallowed_deprecation_warnings = []
-
- # Raises error for missing translations.
- # config.i18n.raise_on_missing_translations = true
-
- # Annotate rendered view with file names.
- # config.action_view.annotate_rendered_view_with_filenames = true
-end
diff --git a/openid_connect_poc/config/initializers/application_controller_renderer.rb b/openid_connect_poc/config/initializers/application_controller_renderer.rb
deleted file mode 100644
index f4556db39..000000000
--- a/openid_connect_poc/config/initializers/application_controller_renderer.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-# Be sure to restart your server when you modify this file.
-
-# ActiveSupport::Reloader.to_prepare do
-# ApplicationController.renderer.defaults.merge!(
-# http_host: 'example.org',
-# https: false
-# )
-# end
diff --git a/openid_connect_poc/config/initializers/assets.rb b/openid_connect_poc/config/initializers/assets.rb
deleted file mode 100644
index a9b0d0f10..000000000
--- a/openid_connect_poc/config/initializers/assets.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Version of your assets, change this if you want to expire all your assets.
-Rails.application.config.assets.version = '1.0'
-
-# Add additional assets to the asset load path.
-# Rails.application.config.assets.paths << Emoji.images_path
-# Add Yarn node_modules folder to the asset load path.
-Rails.application.config.assets.paths << Rails.root.join('node_modules')
-
-# Precompile additional assets.
-# application.js, application.css, and all non-JS/CSS in the app/assets
-# folder are already added.
-# Rails.application.config.assets.precompile += %w( admin.js admin.css )
diff --git a/openid_connect_poc/config/initializers/backtrace_silencers.rb b/openid_connect_poc/config/initializers/backtrace_silencers.rb
deleted file mode 100644
index d43cc1d2f..000000000
--- a/openid_connect_poc/config/initializers/backtrace_silencers.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
-# Rails.backtrace_cleaner.add_silencer { |line| /my_noisy_library/.match?(line) }
-
-# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code
-# by setting BACKTRACE=1 before calling your invocation, like "BACKTRACE=1 ./bin/rails runner 'MyClass.perform'".
-Rails.backtrace_cleaner.remove_silencers! if ENV['BACKTRACE']
diff --git a/openid_connect_poc/config/initializers/content_security_policy.rb b/openid_connect_poc/config/initializers/content_security_policy.rb
deleted file mode 100644
index f3bcce546..000000000
--- a/openid_connect_poc/config/initializers/content_security_policy.rb
+++ /dev/null
@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-# Be sure to restart your server when you modify this file.
-
-# Define an application-wide content security policy
-# For further information see the following documentation
-# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
-
-# Rails.application.config.content_security_policy do |policy|
-# policy.default_src :self, :https
-# policy.font_src :self, :https, :data
-# policy.img_src :self, :https, :data
-# policy.object_src :none
-# policy.script_src :self, :https
-# policy.style_src :self, :https
-# # If you are using webpack-dev-server then specify webpack-dev-server host
-# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development?
-
-# # Specify URI for violation reports
-# # policy.report_uri "/csp-violation-report-endpoint"
-# end
-
-# If you are using UJS then enable automatic nonce generation
-# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) }
-
-# Set the nonce only to specific directives
-# Rails.application.config.content_security_policy_nonce_directives = %w(script-src)
-
-# Report CSP violations to a specified URI
-# For further information see the following documentation:
-# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
-# Rails.application.config.content_security_policy_report_only = true
diff --git a/openid_connect_poc/config/initializers/cookies_serializer.rb b/openid_connect_poc/config/initializers/cookies_serializer.rb
deleted file mode 100644
index ee8dff9c9..000000000
--- a/openid_connect_poc/config/initializers/cookies_serializer.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Specify a serializer for the signed and encrypted cookie jars.
-# Valid options are :json, :marshal, and :hybrid.
-Rails.application.config.action_dispatch.cookies_serializer = :json
diff --git a/openid_connect_poc/config/initializers/devise.rb b/openid_connect_poc/config/initializers/devise.rb
deleted file mode 100644
index 28260a8f5..000000000
--- a/openid_connect_poc/config/initializers/devise.rb
+++ /dev/null
@@ -1,337 +0,0 @@
-# frozen_string_literal: true
-
-# Assuming you have not yet modified this file, each configuration option below
-# is set to its default value. Note that some are commented out while others
-# are not: uncommented lines are intended to protect your configuration from
-# breaking changes in upgrades (i.e., in the event that future versions of
-# Devise change the default values for those options).
-#
-# Use this hook to configure devise mailer, warden hooks and so forth.
-# Many of these configuration options can be set straight in your model.
-Devise.setup do |config|
- # The secret key used by Devise. Devise uses this key to generate
- # random tokens. Changing this key will render invalid all existing
- # confirmation, reset password and unlock tokens in the database.
- # Devise will use the `secret_key_base` as its `secret_key`
- # by default. You can change it below and use your own secret key.
- # config.secret_key = '3f97570dffa78203385c903a59343b9a643bc29a6d40e94536072b08b0f762913177837fa3262a5a436c7a14a674208d7a05803137bd3a4fd3ecef64724291a5'
-
- # ==> Controller configuration
- # Configure the parent class to the devise controllers.
- # config.parent_controller = 'DeviseController'
-
- # ==> Mailer Configuration
- # Configure the e-mail address which will be shown in Devise::Mailer,
- # note that it will be overwritten if you use your own mailer class
- # with default "from" parameter.
- config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
-
- # Configure the class responsible to send e-mails.
- # config.mailer = 'Devise::Mailer'
-
- # Configure the parent class responsible to send e-mails.
- # config.parent_mailer = 'ActionMailer::Base'
-
- # ==> ORM configuration
- # Load and configure the ORM. Supports :active_record (default) and
- # :mongoid (bson_ext recommended) by default. Other ORMs may be
- # available as additional gems.
- require 'devise/orm/active_record'
-
- # ==> Configuration for any authentication mechanism
- # Configure which keys are used when authenticating a user. The default is
- # just :email. You can configure it to use [:username, :subdomain], so for
- # authenticating a user, both parameters are required. Remember that those
- # parameters are used only when authenticating and not when retrieving from
- # session. If you need permissions, you should implement that in a before filter.
- # You can also supply a hash where the value is a boolean determining whether
- # or not authentication should be aborted when the value is not present.
- # config.authentication_keys = [:email]
-
- # Configure parameters from the request object used for authentication. Each entry
- # given should be a request method and it will automatically be passed to the
- # find_for_authentication method and considered in your model lookup. For instance,
- # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
- # The same considerations mentioned for authentication_keys also apply to request_keys.
- # config.request_keys = []
-
- # Configure which authentication keys should be case-insensitive.
- # These keys will be downcased upon creating or modifying a user and when used
- # to authenticate or find a user. Default is :email.
- config.case_insensitive_keys = [:email]
-
- # Configure which authentication keys should have whitespace stripped.
- # These keys will have whitespace before and after removed upon creating or
- # modifying a user and when used to authenticate or find a user. Default is :email.
- config.strip_whitespace_keys = [:email]
-
- # Tell if authentication through request.params is enabled. True by default.
- # It can be set to an array that will enable params authentication only for the
- # given strategies, for example, `config.params_authenticatable = [:database]` will
- # enable it only for database (email + password) authentication.
- # config.params_authenticatable = true
-
- # Tell if authentication through HTTP Auth is enabled. False by default.
- # It can be set to an array that will enable http authentication only for the
- # given strategies, for example, `config.http_authenticatable = [:database]` will
- # enable it only for database authentication.
- # For API-only applications to support authentication "out-of-the-box", you will likely want to
- # enable this with :database unless you are using a custom strategy.
- # The supported strategies are:
- # :database = Support basic authentication with authentication key + password
- # config.http_authenticatable = false
-
- # If 401 status code should be returned for AJAX requests. True by default.
- # config.http_authenticatable_on_xhr = true
-
- # The realm used in Http Basic Authentication. 'Application' by default.
- # config.http_authentication_realm = 'Application'
-
- # It will change confirmation, password recovery and other workflows
- # to behave the same regardless if the e-mail provided was right or wrong.
- # Does not affect registerable.
- # config.paranoid = true
-
- # By default Devise will store the user in session. You can skip storage for
- # particular strategies by setting this option.
- # Notice that if you are skipping storage for all authentication paths, you
- # may want to disable generating routes to Devise's sessions controller by
- # passing skip: :sessions to `devise_for` in your config/routes.rb
- config.skip_session_storage = [:http_auth]
-
- # By default, Devise cleans up the CSRF token on authentication to
- # avoid CSRF token fixation attacks. This means that, when using AJAX
- # requests for sign in and sign up, you need to get a new CSRF token
- # from the server. You can disable this option at your own risk.
- # config.clean_up_csrf_token_on_authentication = true
-
- # When false, Devise will not attempt to reload routes on eager load.
- # This can reduce the time taken to boot the app but if your application
- # requires the Devise mappings to be loaded during boot time the application
- # won't boot properly.
- # config.reload_routes = true
-
- # ==> Configuration for :database_authenticatable
- # For bcrypt, this is the cost for hashing the password and defaults to 12. If
- # using other algorithms, it sets how many times you want the password to be hashed.
- # The number of stretches used for generating the hashed password are stored
- # with the hashed password. This allows you to change the stretches without
- # invalidating existing passwords.
- #
- # Limiting the stretches to just one in testing will increase the performance of
- # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
- # a value less than 10 in other environments. Note that, for bcrypt (the default
- # algorithm), the cost increases exponentially with the number of stretches (e.g.
- # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
- config.stretches = Rails.env.test? ? 1 : 12
-
- # Set up a pepper to generate the hashed password.
- # config.pepper = '375e7eca4b56f80956cfa1446ad95dc3470d47357f3757a4fdafafec4d9b6dd4f3db3f1d17ac9dec0b72cf84cfe216bc2f399b85d18b889f5156f2228fbc9653'
-
- # Send a notification to the original email when the user's email is changed.
- # config.send_email_changed_notification = false
-
- # Send a notification email when the user's password is changed.
- # config.send_password_change_notification = false
-
- # ==> Configuration for :confirmable
- # A period that the user is allowed to access the website even without
- # confirming their account. For instance, if set to 2.days, the user will be
- # able to access the website for two days without confirming their account,
- # access will be blocked just in the third day.
- # You can also set it to nil, which will allow the user to access the website
- # without confirming their account.
- # Default is 0.days, meaning the user cannot access the website without
- # confirming their account.
- # config.allow_unconfirmed_access_for = 2.days
-
- # A period that the user is allowed to confirm their account before their
- # token becomes invalid. For example, if set to 3.days, the user can confirm
- # their account within 3 days after the mail was sent, but on the fourth day
- # their account can't be confirmed with the token any more.
- # Default is nil, meaning there is no restriction on how long a user can take
- # before confirming their account.
- # config.confirm_within = 3.days
-
- # If true, requires any email changes to be confirmed (exactly the same way as
- # initial account confirmation) to be applied. Requires additional unconfirmed_email
- # db field (see migrations). Until confirmed, new email is stored in
- # unconfirmed_email column, and copied to email column on successful confirmation.
- config.reconfirmable = true
-
- # Defines which key will be used when confirming an account
- # config.confirmation_keys = [:email]
-
- # ==> Configuration for :rememberable
- # The time the user will be remembered without asking for credentials again.
- # config.remember_for = 2.weeks
-
- # Invalidates all the remember me tokens when the user signs out.
- config.expire_all_remember_me_on_sign_out = true
-
- # If true, extends the user's remember period when remembered via cookie.
- # config.extend_remember_period = false
-
- # Options to be passed to the created cookie. For instance, you can set
- # secure: true in order to force SSL only cookies.
- # config.rememberable_options = {}
-
- # ==> Configuration for :validatable
- # Range for password length.
- config.password_length = 6..128
-
- # Email regex used to validate email formats. It simply asserts that
- # one (and only one) @ exists in the given string. This is mainly
- # to give user feedback and not to assert the e-mail validity.
- config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
-
- # ==> Configuration for :timeoutable
- # The time you want to timeout the user session without activity. After this
- # time the user will be asked for credentials again. Default is 30 minutes.
- # config.timeout_in = 30.minutes
-
- # ==> Configuration for :lockable
- # Defines which strategy will be used to lock an account.
- # :failed_attempts = Locks an account after a number of failed attempts to sign in.
- # :none = No lock strategy. You should handle locking by yourself.
- # config.lock_strategy = :failed_attempts
-
- # Defines which key will be used when locking and unlocking an account
- # config.unlock_keys = [:email]
-
- # Defines which strategy will be used to unlock an account.
- # :email = Sends an unlock link to the user email
- # :time = Re-enables login after a certain amount of time (see :unlock_in below)
- # :both = Enables both strategies
- # :none = No unlock strategy. You should handle unlocking by yourself.
- # config.unlock_strategy = :both
-
- # Number of authentication tries before locking an account if lock_strategy
- # is failed attempts.
- # config.maximum_attempts = 20
-
- # Time interval to unlock the account if :time is enabled as unlock_strategy.
- # config.unlock_in = 1.hour
-
- # Warn on the last attempt before the account is locked.
- # config.last_attempt_warning = true
-
- # ==> Configuration for :recoverable
- #
- # Defines which key will be used when recovering the password for an account
- # config.reset_password_keys = [:email]
-
- # Time interval you can reset your password with a reset password key.
- # Don't put a too small interval or your users won't have the time to
- # change their passwords.
- config.reset_password_within = 6.hours
-
- # When set to false, does not sign a user in automatically after their password is
- # reset. Defaults to true, so a user is signed in automatically after a reset.
- # config.sign_in_after_reset_password = true
-
- # ==> Configuration for :encryptable
- # Allow you to use another hashing or encryption algorithm besides bcrypt (default).
- # You can use :sha1, :sha512 or algorithms from others authentication tools as
- # :clearance_sha1, :authlogic_sha512 (then you should set stretches above to 20
- # for default behavior) and :restful_authentication_sha1 (then you should set
- # stretches to 10, and copy REST_AUTH_SITE_KEY to pepper).
- #
- # Require the `devise-encryptable` gem when using anything other than bcrypt
- # config.encryptor = :sha512
-
- # ==> Scopes configuration
- # Turn scoped views on. Before rendering "sessions/new", it will first check for
- # "users/sessions/new". It's turned off by default because it's slower if you
- # are using only default views.
- # config.scoped_views = false
-
- # Configure the default scope given to Warden. By default it's the first
- # devise role declared in your routes (usually :user).
- # config.default_scope = :user
-
- # Set this configuration to false if you want /users/sign_out to sign out
- # only the current scope. By default, Devise signs out all scopes.
- # config.sign_out_all_scopes = true
-
- # ==> Navigation configuration
- # Lists the formats that should be treated as navigational. Formats like
- # :html, should redirect to the sign in page when the user does not have
- # access, but formats like :xml or :json, should return 401.
- #
- # If you have any extra navigational formats, like :iphone or :mobile, you
- # should add them to the navigational formats lists.
- #
- # The "*/*" below is required to match Internet Explorer requests.
- # config.navigational_formats = ['*/*', :html]
-
- # The default HTTP method used to sign out a resource. Default is :delete.
- config.sign_out_via = :delete
-
- # ==> OmniAuth
- # Add a new OmniAuth provider. Check the wiki for more information on setting
- # up on your models and hooks.
- # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
- config.omniauth :auth0,
- ENV.fetch('AUTH0_CLIENT_ID', 'YEaTjFdbFYlXxOb5hMtVjnMbgE7Hz5ss'),
- ENV.fetch('AUTH0_CLIENT_SECRET', 'r2SvOYRSSSDXS5DxGz5CK8yKNgPAg7n52QVCmNz_QxrdwMaAYAiWuknDQDOevzE7'),
- ENV.fetch('AUTH0_DOMAIN', 'dev-dfe-twd-tid-exp.eu.auth0.com'),
- {
- authorize_params: {
- scope: 'openid profile email',
- audience: 'https://experiment1.com',
- max_age: 3600
- }
- }
-
- config.omniauth :openid_connect,
- client_options: {
- host: 'oidc.integration.account.gov.uk',
- identifier: ENV.fetch('GDS_IDENTIFIER', '32zo3r_YxKC1B2aOkZv-4leN_yE'),
- private_key: OpenSSL::PKey::RSA.new(File.read('./private_key.pem')),
- redirect_uri: ENV.fetch('GDS_REDIRECT_URL', 'http://lvh.me:3000/users/auth/gds/callback'),
- scheme: 'https'
- },
- client_auth_method: :jwt_bearer,
- discovery: true,
- issuer: 'https://oidc.integration.account.gov.uk/',
- name: :gds,
- response_type: :code,
- scope: 'email openid'
-
- # ==> Warden configuration
- # If you want to use other strategies, that are not supported by Devise, or
- # change the failure app, you can configure them inside the config.warden block.
- #
- # config.warden do |manager|
- # manager.intercept_401 = false
- # manager.default_strategies(scope: :user).unshift :some_external_strategy
- # end
-
- # ==> Mountable engine configurations
- # When using Devise inside an engine, let's call it `MyEngine`, and this engine
- # is mountable, there are some extra configurations to be taken into account.
- # The following options are available, assuming the engine is mounted as:
- #
- # mount MyEngine, at: '/my_engine'
- #
- # The router that invoked `devise_for`, in the example above, would be:
- # config.router_name = :my_engine
- #
- # When using OmniAuth, Devise cannot automatically set OmniAuth path,
- # so you need to do it manually. For the users scope, it would be:
- # config.omniauth_path_prefix = '/my_engine/users/auth'
-
- # ==> Turbolinks configuration
- # If your app is using Turbolinks, Turbolinks::Controller needs to be included to make redirection work correctly:
- #
- # ActiveSupport.on_load(:devise_failure_app) do
- # include Turbolinks::Controller
- # end
-
- # ==> Configuration for :registerable
-
- # When set to false, does not sign a user in automatically after their password is
- # changed. Defaults to true, so a user is signed in automatically after changing a password.
- # config.sign_in_after_change_password = true
-end
diff --git a/openid_connect_poc/config/initializers/doorkeeper.rb b/openid_connect_poc/config/initializers/doorkeeper.rb
deleted file mode 100644
index 74d450fb2..000000000
--- a/openid_connect_poc/config/initializers/doorkeeper.rb
+++ /dev/null
@@ -1,520 +0,0 @@
-# frozen_string_literal: true
-
-Doorkeeper.configure do
- # Change the ORM that doorkeeper will use (requires ORM extensions installed).
- # Check the list of supported ORMs here: https://github.com/doorkeeper-gem/doorkeeper#orms
- orm :active_record
-
- # This block will be called to check whether the resource owner is authenticated or not.
- resource_owner_authenticator do
- current_user || begin
- session[:return_to] = request.fullpath
- redirect_to(new_user_session_url)
- end
-
- # Put your resource owner authentication logic here.
- # Example implementation:
- # User.find_by(id: session[:user_id]) || redirect_to(new_user_session_url)
- end
-
- # If you didn't skip applications controller from Doorkeeper routes in your application routes.rb
- # file then you need to declare this block in order to restrict access to the web interface for
- # adding oauth authorized applications. In other case it will return 403 Forbidden response
- # every time somebody will try to access the admin web interface.
- #
- admin_authenticator do
- return User.first if Rails.env.development?
-
- redirect_to sign_in_url
- # Put your admin authentication logic here.
- # Example implementation:
- # if current_user
- # head :forbidden unless current_user.admin?
- # else
- # redirect_to sign_in_url
- # end
- end
-
- # You can use your own model classes if you need to extend (or even override) default
- # Doorkeeper models such as `Application`, `AccessToken` and `AccessGrant.
- #
- # Be default Doorkeeper ActiveRecord ORM uses it's own classes:
- #
- # access_token_class "Doorkeeper::AccessToken"
- # access_grant_class "Doorkeeper::AccessGrant"
- # application_class "Doorkeeper::Application"
- #
- # Don't forget to include Doorkeeper ORM mixins into your custom models:
- #
- # * ::Doorkeeper::Orm::ActiveRecord::Mixins::AccessToken - for access token
- # * ::Doorkeeper::Orm::ActiveRecord::Mixins::AccessGrant - for access grant
- # * ::Doorkeeper::Orm::ActiveRecord::Mixins::Application - for application (OAuth2 clients)
- #
- # For example:
- #
- # access_token_class "MyAccessToken"
- #
- # class MyAccessToken < ApplicationRecord
- # include ::Doorkeeper::Orm::ActiveRecord::Mixins::AccessToken
- #
- # self.table_name = "hey_i_wanna_my_name"
- #
- # def destroy_me!
- # destroy
- # end
- # end
-
- # Enables polymorphic Resource Owner association for Access Tokens and Access Grants.
- # By default this option is disabled.
- #
- # Make sure you properly setup you database and have all the required columns (run
- # `bundle exec rails generate doorkeeper:enable_polymorphic_resource_owner` and execute Rails
- # migrations).
- #
- # If this option enabled, Doorkeeper will store not only Resource Owner primary key
- # value, but also it's type (class name). See "Polymorphic Associations" section of
- # Rails guides: https://guides.rubyonrails.org/association_basics.html#polymorphic-associations
- #
- # [NOTE] If you apply this option on already existing project don't forget to manually
- # update `resource_owner_type` column in the database and fix migration template as it will
- # set NOT NULL constraint for Access Grants table.
- #
- # use_polymorphic_resource_owner
-
- # If you are planning to use Doorkeeper in Rails 5 API-only application, then you might
- # want to use API mode that will skip all the views management and change the way how
- # Doorkeeper responds to a requests.
- #
- # api_only
-
- # Enforce token request content type to application/x-www-form-urlencoded.
- # It is not enabled by default to not break prior versions of the gem.
- #
- # enforce_content_type
-
- # Authorization Code expiration time (default: 10 minutes).
- #
- # authorization_code_expires_in 10.minutes
-
- # Access token expiration time (default: 2 hours).
- # If you want to disable expiration, set this to `nil`.
- #
- # access_token_expires_in 2.hours
-
- # Assign custom TTL for access tokens. Will be used instead of access_token_expires_in
- # option if defined. In case the block returns `nil` value Doorkeeper fallbacks to
- # +access_token_expires_in+ configuration option value. If you really need to issue a
- # non-expiring access token (which is not recommended) then you need to return
- # Float::INFINITY from this block.
- #
- # `context` has the following properties available:
- #
- # * `client` - the OAuth client application (see Doorkeeper::OAuth::Client)
- # * `grant_type` - the grant type of the request (see Doorkeeper::OAuth)
- # * `acopes` - the requested scopes (see Doorkeeper::OAuth::Scopes)
- # * `resource_owner` - authorized resource owner instance (if present)
- #
- # custom_access_token_expires_in do |context|
- # context.client.additional_settings.implicit_oauth_expiration
- # end
-
- # Use a custom class for generating the access token.
- # See https://doorkeeper.gitbook.io/guides/configuration/other-configurations#custom-access-token-generator
- #
- # access_token_generator '::Doorkeeper::JWT'
-
- # The controller +Doorkeeper::ApplicationController+ inherits from.
- # Defaults to +ActionController::Base+ unless +api_only+ is set, which changes the default to
- # +ActionController::API+. The return value of this option must be a stringified class name.
- # See https://doorkeeper.gitbook.io/guides/configuration/other-configurations#custom-controllers
- #
- # base_controller 'ApplicationController'
-
- # Reuse access token for the same resource owner within an application (disabled by default).
- #
- # This option protects your application from creating new tokens before old valid one becomes
- # expired so your database doesn't bloat. Keep in mind that when this option is `on` Doorkeeper
- # doesn't updates existing token expiration time, it will create a new token instead.
- # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
- #
- # You can not enable this option together with +hash_token_secrets+.
- #
- # reuse_access_token
-
- # In case you enabled `reuse_access_token` option Doorkeeper will try to find matching
- # token using `matching_token_for` Access Token API that searches for valid records
- # in batches in order not to pollute the memory with all the database records. By default
- # Doorkeeper uses batch size of 10 000 records. You can increase or decrease this value
- # depending on your needs and server capabilities.
- #
- # token_lookup_batch_size 10_000
-
- # Set a limit for token_reuse if using reuse_access_token option
- #
- # This option limits token_reusability to some extent.
- # If not set then access_token will be reused unless it expires.
- # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1189
- #
- # This option should be a percentage(i.e. (0,100])
- #
- # token_reuse_limit 100
-
- # Only allow one valid access token obtained via client credentials
- # per client. If a new access token is obtained before the old one
- # expired, the old one gets revoked (disabled by default)
- #
- # When enabling this option, make sure that you do not expect multiple processes
- # using the same credentials at the same time (e.g. web servers spanning
- # multiple machines and/or processes).
- #
- # revoke_previous_client_credentials_token
-
- # Hash access and refresh tokens before persisting them.
- # This will disable the possibility to use +reuse_access_token+
- # since plain values can no longer be retrieved.
- #
- # Note: If you are already a user of doorkeeper and have existing tokens
- # in your installation, they will be invalid without adding 'fallback: :plain'.
- #
- # hash_token_secrets
- # By default, token secrets will be hashed using the
- # +Doorkeeper::Hashing::SHA256+ strategy.
- #
- # If you wish to use another hashing implementation, you can override
- # this strategy as follows:
- #
- # hash_token_secrets using: '::Doorkeeper::Hashing::MyCustomHashImpl'
- #
- # Keep in mind that changing the hashing function will invalidate all existing
- # secrets, if there are any.
-
- # Hash application secrets before persisting them.
- #
- # hash_application_secrets
- #
- # By default, applications will be hashed
- # with the +Doorkeeper::SecretStoring::SHA256+ strategy.
- #
- # If you wish to use bcrypt for application secret hashing, uncomment
- # this line instead:
- #
- # hash_application_secrets using: '::Doorkeeper::SecretStoring::BCrypt'
-
- # When the above option is enabled, and a hashed token or secret is not found,
- # you can allow to fall back to another strategy. For users upgrading
- # doorkeeper and wishing to enable hashing, you will probably want to enable
- # the fallback to plain tokens.
- #
- # This will ensure that old access tokens and secrets
- # will remain valid even if the hashing above is enabled.
- #
- # This can be done by adding 'fallback: plain', e.g. :
- #
- # hash_application_secrets using: '::Doorkeeper::SecretStoring::BCrypt', fallback: :plain
-
- # Issue access tokens with refresh token (disabled by default), you may also
- # pass a block which accepts `context` to customize when to give a refresh
- # token or not. Similar to +custom_access_token_expires_in+, `context` has
- # the following properties:
- #
- # `client` - the OAuth client application (see Doorkeeper::OAuth::Client)
- # `grant_type` - the grant type of the request (see Doorkeeper::OAuth)
- # `scopes` - the requested scopes (see Doorkeeper::OAuth::Scopes)
- #
- # use_refresh_token
-
- # Provide support for an owner to be assigned to each registered application (disabled by default)
- # Optional parameter confirmation: true (default: false) if you want to enforce ownership of
- # a registered application
- # NOTE: you must also run the rails g doorkeeper:application_owner generator
- # to provide the necessary support
- #
- # enable_application_owner confirmation: false
-
- # Define access token scopes for your provider
- # For more information go to
- # https://doorkeeper.gitbook.io/guides/ruby-on-rails/scopes
- #
- default_scopes :profile, :openid
- optional_scopes :trn, :'write:trn', :'read:phone', :email, :openid
-
- # Allows to restrict only certain scopes for grant_type.
- # By default, all the scopes will be available for all the grant types.
- #
- # Keys to this hash should be the name of grant_type and
- # values should be the array of scopes for that grant type.
- # Note: scopes should be from configured_scopes (i.e. default or optional)
- #
- # scopes_by_grant_type password: [:write], client_credentials: [:update]
-
- # Forbids creating/updating applications with arbitrary scopes that are
- # not in configuration, i.e. +default_scopes+ or +optional_scopes+.
- # (disabled by default)
- #
- enforce_configured_scopes
-
- # Change the way client credentials are retrieved from the request object.
- # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
- # falls back to the `:client_id` and `:client_secret` params from the `params` object.
- # Check out https://github.com/doorkeeper-gem/doorkeeper/wiki/Changing-how-clients-are-authenticated
- # for more information on customization
- #
- # client_credentials :from_basic, :from_params
-
- # Change the way access token is authenticated from the request object.
- # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
- # falls back to the `:access_token` or `:bearer_token` params from the `params` object.
- # Check out https://github.com/doorkeeper-gem/doorkeeper/wiki/Changing-how-clients-are-authenticated
- # for more information on customization
- #
- # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
-
- # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
- # by default in non-development environments). OAuth2 delegates security in
- # communication to the HTTPS protocol so it is wise to keep this enabled.
- #
- # Callable objects such as proc, lambda, block or any object that responds to
- # #call can be used in order to allow conditional checks (to allow non-SSL
- # redirects to localhost for example).
- #
- # force_ssl_in_redirect_uri !Rails.env.development?
- #
- # force_ssl_in_redirect_uri { |uri| uri.host != 'localhost' }
-
- # Specify what redirect URI's you want to block during Application creation.
- # Any redirect URI is allowed by default.
- #
- # You can use this option in order to forbid URI's with 'javascript' scheme
- # for example.
- #
- # forbid_redirect_uri { |uri| uri.scheme.to_s.downcase == 'javascript' }
-
- # Allows to set blank redirect URIs for Applications in case Doorkeeper configured
- # to use URI-less OAuth grant flows like Client Credentials or Resource Owner
- # Password Credentials. The option is on by default and checks configured grant
- # types, but you **need** to manually drop `NOT NULL` constraint from `redirect_uri`
- # column for `oauth_applications` database table.
- #
- # You can completely disable this feature with:
- #
- # allow_blank_redirect_uri false
- #
- # Or you can define your custom check:
- #
- # allow_blank_redirect_uri do |grant_flows, client|
- # client.superapp?
- # end
-
- # Specify how authorization errors should be handled.
- # By default, doorkeeper renders json errors when access token
- # is invalid, expired, revoked or has invalid scopes.
- #
- # If you want to render error response yourself (i.e. rescue exceptions),
- # set +handle_auth_errors+ to `:raise` and rescue Doorkeeper::Errors::InvalidToken
- # or following specific errors:
- #
- # Doorkeeper::Errors::TokenForbidden, Doorkeeper::Errors::TokenExpired,
- # Doorkeeper::Errors::TokenRevoked, Doorkeeper::Errors::TokenUnknown
- #
- # handle_auth_errors :raise
-
- # Customize token introspection response.
- # Allows to add your own fields to default one that are required by the OAuth spec
- # for the introspection response. It could be `sub`, `aud` and so on.
- # This configuration option can be a proc, lambda or any Ruby object responds
- # to `.call` method and result of it's invocation must be a Hash.
- #
- # custom_introspection_response do |token, context|
- # {
- # "sub": "Z5O3upPC88QrAjx00dis",
- # "aud": "https://protected.example.net/resource",
- # "username": User.find(token.resource_owner_id).username
- # }
- # end
- #
- # or
- #
- # custom_introspection_response CustomIntrospectionResponder
-
- # Specify what grant flows are enabled in array of Strings. The valid
- # strings and the flows they enable are:
- #
- # "authorization_code" => Authorization Code Grant Flow
- # "implicit" => Implicit Grant Flow
- # "password" => Resource Owner Password Credentials Grant Flow
- # "client_credentials" => Client Credentials Grant Flow
- #
- # If not specified, Doorkeeper enables authorization_code and
- # client_credentials.
- #
- # implicit and password grant flows have risks that you should understand
- # before enabling:
- # https://datatracker.ietf.org/doc/html/rfc6819#section-4.4.2
- # https://datatracker.ietf.org/doc/html/rfc6819#section-4.4.3
- #
- # grant_flows %w[authorization_code client_credentials assertion]
- grant_flows %w[authorization_code assertion implicit_oidc]
-
- # Allows to customize OAuth grant flows that +each+ application support.
- # You can configure a custom block (or use a class respond to `#call`) that must
- # return `true` in case Application instance supports requested OAuth grant flow
- # during the authorization request to the server. This configuration +doesn't+
- # set flows per application, it only allows to check if application supports
- # specific grant flow.
- #
- # For example you can add an additional database column to `oauth_applications` table,
- # say `t.array :grant_flows, default: []`, and store allowed grant flows that can
- # be used with this application there. Then when authorization requested Doorkeeper
- # will call this block to check if specific Application (passed with client_id and/or
- # client_secret) is allowed to perform the request for the specific grant type
- # (authorization, password, client_credentials, etc).
- #
- # Example of the block:
- #
- # ->(flow, client) { client.grant_flows.include?(flow) }
- #
- # In case this option invocation result is `false`, Doorkeeper server returns
- # :unauthorized_client error and stops the request.
- #
- # @param allow_grant_flow_for_client [Proc] Block or any object respond to #call
- # @return [Boolean] `true` if allow or `false` if forbid the request
- #
- # allow_grant_flow_for_client do |grant_flow, client|
- # # `grant_flows` is an Array column with grant
- # # flows that application supports
- #
- # client.grant_flows.include?(grant_flow)
- # end
-
- # If you need arbitrary Resource Owner-Client authorization you can enable this option
- # and implement the check your need. Config option must respond to #call and return
- # true in case resource owner authorized for the specific application or false in other
- # cases.
- #
- # Be default all Resource Owners are authorized to any Client (application).
- #
- # authorize_resource_owner_for_client do |client, resource_owner|
- # resource_owner.admin? || client.owners_allowlist.include?(resource_owner)
- # end
-
- resource_owner_from_assertion do
- if server.client && params[:provider] && params[:assertion]
- if params[:provider] == 'auth0'
- devise_config = ::Devise.omniauth_configs[:auth0]
- client_id, client_secret, domain = devise_config.args
- auth = begin
- Doorkeeper::GrantsAssertion::OmniAuth.oauth2_wrapper(
- provider: params[:provider],
- strategy_class: OmniAuth::Strategies::Auth0,
- client_id: client_id,
- client_secret: client_secret,
- client_options: { domain: domain },
- assertion: params[:assertion]
- ).auth_hash
- rescue StandardError
- nil
- end
- end
- User.where(email: auth.info.email).first if auth
- end
- end
-
- # Hook into the strategies' request & response life-cycle in case your
- # application needs advanced customization or logging:
- #
- # before_successful_strategy_response do |request|
- # puts "BEFORE HOOK FIRED! #{request}"
- # end
- #
- # after_successful_strategy_response do |request, response|
- # puts "AFTER HOOK FIRED! #{request}, #{response}"
- # end
-
- # Hook into Authorization flow in order to implement Single Sign Out
- # or add any other functionality. Inside the block you have an access
- # to `controller` (authorizations controller instance) and `context`
- # (Doorkeeper::OAuth::Hooks::Context instance) which provides pre auth
- # or auth objects with issued token based on hook type (before or after).
- #
- # before_successful_authorization do |controller, context|
- # Rails.logger.info(controller.request.params.inspect)
- #
- # Rails.logger.info(context.pre_auth.inspect)
- # end
- #
- # after_successful_authorization do |controller, context|
- # controller.session[:logout_urls] <<
- # Doorkeeper::Application
- # .find_by(controller.request.params.slice(:redirect_uri))
- # .logout_uri
- #
- # Rails.logger.info(context.auth.inspect)
- # Rails.logger.info(context.issued_token)
- # end
-
- # Under some circumstances you might want to have applications auto-approved,
- # so that the user skips the authorization step.
- # For example if dealing with a trusted application.
- #
- # skip_authorization do |resource_owner, client|
- # client.superapp? or resource_owner.admin?
- # end
-
- # Configure custom constraints for the Token Introspection request.
- # By default this configuration option allows to introspect a token by another
- # token of the same application, OR to introspect the token that belongs to
- # authorized client (from authenticated client) OR when token doesn't
- # belong to any client (public token). Otherwise requester has no access to the
- # introspection and it will return response as stated in the RFC.
- #
- # Block arguments:
- #
- # @param token [Doorkeeper::AccessToken]
- # token to be introspected
- #
- # @param authorized_client [Doorkeeper::Application]
- # authorized client (if request is authorized using Basic auth with
- # Client Credentials for example)
- #
- # @param authorized_token [Doorkeeper::AccessToken]
- # Bearer token used to authorize the request
- #
- # In case the block returns `nil` or `false` introspection responses with 401 status code
- # when using authorized token to introspect, or you'll get 200 with { "active": false } body
- # when using authorized client to introspect as stated in the
- # RFC 7662 section 2.2. Introspection Response.
- #
- # Using with caution:
- # Keep in mind that these three parameters pass to block can be nil as following case:
- # `authorized_client` is nil if and only if `authorized_token` is present, and vice versa.
- # `token` will be nil if and only if `authorized_token` is present.
- # So remember to use `&` or check if it is present before calling method on
- # them to make sure you doesn't get NoMethodError exception.
- #
- # You can define your custom check:
- #
- # allow_token_introspection do |token, authorized_client, authorized_token|
- # if authorized_token
- # # customize: require `introspection` scope
- # authorized_token.application == token&.application ||
- # authorized_token.scopes.include?("introspection")
- # elsif token.application
- # # `protected_resource` is a new database boolean column, for example
- # authorized_client == token.application || authorized_client.protected_resource?
- # else
- # # public token (when token.application is nil, token doesn't belong to any application)
- # true
- # end
- # end
- #
- # Or you can completely disable any token introspection:
- #
- # allow_token_introspection false
- #
- # If you need to block the request at all, then configure your routes.rb or web-server
- # like nginx to forbid the request.
-
- # WWW-Authenticate Realm (default: "Doorkeeper").
- #
- # realm "Doorkeeper"
-end
diff --git a/openid_connect_poc/config/initializers/doorkeeper_openid_connect.rb b/openid_connect_poc/config/initializers/doorkeeper_openid_connect.rb
deleted file mode 100644
index 54bdd18e5..000000000
--- a/openid_connect_poc/config/initializers/doorkeeper_openid_connect.rb
+++ /dev/null
@@ -1,102 +0,0 @@
-# frozen_string_literal: true
-
-Doorkeeper::OpenidConnect.configure do
- issuer do |_resource_owner, _application|
- 'http://localhost:3000/'
- end
-
- signing_key <<~KEY
- -----BEGIN PRIVATE KEY-----
- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDG+SFYhORiprbf
- oji56qNjztaX8cGOrnF4meEhP7pahVnKwA8peIZhevT8VkxLB7ntjW/MSpqfGKT9
- p5RM7xy0ATojux0dGOTi0yQRYcYl4Xdvrw8ow3iSNhtmBel9YalAwTzlaZpS+g7Q
- 0SR195PV9kqfSFCK2fX3QstbYOQhGbpUvDvtrbmgiLQRm25UmPxGliaE370yN9UA
- ULuMgpzC//xzG43ayLA75637pkXrNjAVTuut5N5wMxyDCEBuSCfleT8bSPiWMQUK
- Sp3Ra7w5+Xb2puI99RRD0g9c5izdStW8NrNaPdROCJC7tS8/ckFyxSewFijfzi6f
- +GAz9tIxAgMBAAECggEBAKab48U4efj1OnomXzOmeyxO/Tf8EqSEA7YFvBLYRxYX
- RWnVypxiNLwZdlx5cqb9ED4PSccZzUFdJILVuQN20WUVBfb3blh4COi5/iCj64S6
- uAUH5Dyw+RwNPIIAf1Qi29PCO1iqRbQneRJ3nf0900e9VRztM6wg+KoT/y5EAqKH
- a5sNHV/RoFM+C2CNbrwo6Kfiddxh6sxwAGApyKmqEyCL+34dRTim110E322U4UXM
- 0DFzKjcpO3RmyOxseoeE+8FZ6Av7kr+nIqYZrNcflWQAZCJX/KdX4APY5VcgWQl9
- Pk+JncZw6LBocuUW4xUx7dYKip0RbipHkjPCfphdiRUCgYEA4obPfqYchGlF/pfE
- LvndOuhpyI410rM/LyJKrjRj/+ep1yvfqKjj2ljDvrSz9C2vUrA89EDsJ0sReWNa
- dRAVhuSVh+X5ow9kEHjppBlkEAQynBNw9Jzt6WQfQIZrYjpfgUlAcIA0sE87Ccoh
- hI8BnJ4v9jfx19qSt2YKJmNovQcCgYEA4NyQlKvWFLhhexmsVT/DHhcFw/peZzU1
- pxfpHbdY1SadX/7yUoYQVOkdd4jLw5E6UARJ89UFlBuso1ZdUuGDttt6XCTLAQAy
- p7YWBNTv1kC2ZqktggoBliRBYf/FVRzEZZueGdZCMCHSetvd9dw8GiGkTNAEDpx1
- RswwOWs2YQcCgYA1AUR2JxpPJW76ZrrCHzdT/GQcSKJxff3P4p9E6f9oNuX38k0w
- YuyF//U1n4ToIvR+TbzFjpdzjk41cDkPYUcYPE588SQbspNAg3pwKnzOfpz1BluM
- 8Vd+IC5r48gmwO/uCZzpdiZeBvwSi1iScv/2jNE+NNMDJiLkhRzk5KfyawKBgQCy
- KVBM25G1vRlPhdnreafJMYiZ7Mfbkmc+S02jA+BYkk3i/4dUJ3DNNh7o1PRNscW4
- HI3TqhbPcNXqXMV4o8HOojtiwqwt0NBR3Y24qlaVNZTP5n9uJyt2oKdFVHgvpale
- sFwmMIMky8ePHKHS6XqdYcZiLfbo9MJfI+2ZsP7XBQKBgCoPHvig8FVVg7J02Wfd
- VV4uuX6NR5UTASYHjVB5TPkiDassj/HfghvViZAetFTDANpj0twJ4f2mxYA+kpi9
- rPfbNBlg8AfKYzNX8bQibvEq8Pqa8zsXInbW8NZ45rzoXnmKGo7/+dUflP/2p3Sw
- A2QXGCvCZzhnP1wnuO9KaMj8
- -----END PRIVATE KEY-----
- KEY
-
- subject_types_supported [:public]
-
- resource_owner_from_access_token do |access_token|
- # Example implementation:
- User.find_by(id: access_token.resource_owner_id)
- end
-
- auth_time_from_resource_owner do |resource_owner|
- # Example implementation:
- # resource_owner.current_sign_in_at
- end
-
- reauthenticate_resource_owner do |resource_owner, return_to|
- # Example implementation:
- # store_location_for resource_owner, return_to
- # sign_out resource_owner
- # redirect_to new_user_session_url
- end
-
- # Depending on your configuration, a DoubleRenderError could be raised
- # if render/redirect_to is called at some point before this callback is executed.
- # To avoid the DoubleRenderError, you could add these two lines at the beginning
- # of this callback: (Reference: https://github.com/rails/rails/issues/25106)
- # self.response_body = nil
- # @_response_body = nil
- select_account_for_resource_owner do |resource_owner, return_to|
- # Example implementation:
- # store_location_for resource_owner, return_to
- # redirect_to account_select_url
- end
-
- subject do |resource_owner, _application|
- # Example implementation:
- resource_owner.id
-
- # or if you need pairwise subject identifier, implement like below:
- # Digest::SHA256.hexdigest("#{resource_owner.id}#{URI.parse(application.redirect_uri).host}#{'your_secret_salt'}")
- end
-
- # Protocol to use when generating URIs for the discovery endpoint,
- # for example if you also use HTTPS in development
- # protocol do
- # :https
- # end
-
- # Expiration time on or after which the ID Token MUST NOT be accepted for processing. (default 120 seconds).
- # expiration 600
-
- # Example claims:
- # claims do
- # normal_claim :_foo_ do |resource_owner|
- # resource_owner.foo
- # end
-
- # normal_claim :_bar_ do |resource_owner|
- # resource_owner.bar
- # end
- # end
- claims do
- normal_claim :trn do |resource_owner|
- resource_owner.trn
- end
- end
-end
diff --git a/openid_connect_poc/config/initializers/filter_parameter_logging.rb b/openid_connect_poc/config/initializers/filter_parameter_logging.rb
deleted file mode 100644
index 3babc73f0..000000000
--- a/openid_connect_poc/config/initializers/filter_parameter_logging.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Configure sensitive parameters which will be filtered from the log file.
-Rails.application.config.filter_parameters += %i[
- passw secret token _key crypt salt certificate otp ssn
-]
diff --git a/openid_connect_poc/config/initializers/inflections.rb b/openid_connect_poc/config/initializers/inflections.rb
deleted file mode 100644
index aa7435fbc..000000000
--- a/openid_connect_poc/config/initializers/inflections.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-# Be sure to restart your server when you modify this file.
-
-# Add new inflection rules using the following format. Inflections
-# are locale specific, and you may define rules for as many different
-# locales as you wish. All of these examples are active by default:
-# ActiveSupport::Inflector.inflections(:en) do |inflect|
-# inflect.plural /^(ox)$/i, '\1en'
-# inflect.singular /^(ox)en/i, '\1'
-# inflect.irregular 'person', 'people'
-# inflect.uncountable %w( fish sheep )
-# end
-
-# These inflection rules are supported but not enabled by default:
-# ActiveSupport::Inflector.inflections(:en) do |inflect|
-# inflect.acronym 'RESTful'
-# end
diff --git a/openid_connect_poc/config/initializers/mime_types.rb b/openid_connect_poc/config/initializers/mime_types.rb
deleted file mode 100644
index 6e1d16f02..000000000
--- a/openid_connect_poc/config/initializers/mime_types.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-# frozen_string_literal: true
-# Be sure to restart your server when you modify this file.
-
-# Add new mime types for use in respond_to blocks:
-# Mime::Type.register "text/richtext", :rtf
diff --git a/openid_connect_poc/config/initializers/omniauth.rb b/openid_connect_poc/config/initializers/omniauth.rb
deleted file mode 100644
index af1caf117..000000000
--- a/openid_connect_poc/config/initializers/omniauth.rb
+++ /dev/null
@@ -1,3 +0,0 @@
-# frozen_string_literal: true
-
-OmniAuth.config.logger = Rails.logger
diff --git a/openid_connect_poc/config/initializers/permissions_policy.rb b/openid_connect_poc/config/initializers/permissions_policy.rb
deleted file mode 100644
index 50bcf4ead..000000000
--- a/openid_connect_poc/config/initializers/permissions_policy.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-# Define an application-wide HTTP permissions policy. For further
-# information see https://developers.google.com/web/updates/2018/06/feature-policy
-#
-# Rails.application.config.permissions_policy do |f|
-# f.camera :none
-# f.gyroscope :none
-# f.microphone :none
-# f.usb :none
-# f.fullscreen :self
-# f.payment :self, "https://secure.example.com"
-# end
diff --git a/openid_connect_poc/config/initializers/wrap_parameters.rb b/openid_connect_poc/config/initializers/wrap_parameters.rb
deleted file mode 100644
index 2f3c0db47..000000000
--- a/openid_connect_poc/config/initializers/wrap_parameters.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# This file contains settings for ActionController::ParamsWrapper which
-# is enabled by default.
-
-# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
-ActiveSupport.on_load(:action_controller) do
- wrap_parameters format: [:json]
-end
-
-# To enable root element in JSON for ActiveRecord objects.
-# ActiveSupport.on_load(:active_record) do
-# self.include_root_in_json = true
-# end
diff --git a/openid_connect_poc/config/locales/devise.en.yml b/openid_connect_poc/config/locales/devise.en.yml
deleted file mode 100644
index 260e1c4ba..000000000
--- a/openid_connect_poc/config/locales/devise.en.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-# Additional translations at https://github.com/heartcombo/devise/wiki/I18n
-
-en:
- devise:
- confirmations:
- confirmed: "Your email address has been successfully confirmed."
- send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes."
- send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
- failure:
- already_authenticated: "You are already signed in."
- inactive: "Your account is not activated yet."
- invalid: "Invalid %{authentication_keys} or password."
- locked: "Your account is locked."
- last_attempt: "You have one more attempt before your account is locked."
- not_found_in_database: "Invalid %{authentication_keys} or password."
- timeout: "Your session expired. Please sign in again to continue."
- unauthenticated: "You need to sign in or sign up before continuing."
- unconfirmed: "You have to confirm your email address before continuing."
- mailer:
- confirmation_instructions:
- subject: "Confirmation instructions"
- reset_password_instructions:
- subject: "Reset password instructions"
- unlock_instructions:
- subject: "Unlock instructions"
- email_changed:
- subject: "Email Changed"
- password_change:
- subject: "Password Changed"
- omniauth_callbacks:
- failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
- success: "Successfully authenticated from %{kind} account."
- passwords:
- no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
- send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
- send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
- updated: "Your password has been changed successfully. You are now signed in."
- updated_not_active: "Your password has been changed successfully."
- registrations:
- destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon."
- signed_up: "Welcome! You have signed up successfully."
- signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
- signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
- signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
- update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address."
- updated: "Your account has been updated successfully."
- updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again."
- sessions:
- signed_in: "Signed in successfully."
- signed_out: "Signed out successfully."
- already_signed_out: "Signed out successfully."
- unlocks:
- send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes."
- send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
- unlocked: "Your account has been unlocked successfully. Please sign in to continue."
- errors:
- messages:
- already_confirmed: "was already confirmed, please try signing in"
- confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
- expired: "has expired, please request a new one"
- not_found: "not found"
- not_locked: "was not locked"
- not_saved:
- one: "1 error prohibited this %{resource} from being saved:"
- other: "%{count} errors prohibited this %{resource} from being saved:"
diff --git a/openid_connect_poc/config/locales/doorkeeper.en.yml b/openid_connect_poc/config/locales/doorkeeper.en.yml
deleted file mode 100644
index 99fa3d4d8..000000000
--- a/openid_connect_poc/config/locales/doorkeeper.en.yml
+++ /dev/null
@@ -1,151 +0,0 @@
-en:
- activerecord:
- attributes:
- doorkeeper/application:
- name: 'Name'
- redirect_uri: 'Redirect URI'
- errors:
- models:
- doorkeeper/application:
- attributes:
- redirect_uri:
- fragment_present: 'cannot contain a fragment.'
- invalid_uri: 'must be a valid URI.'
- unspecified_scheme: 'must specify a scheme.'
- relative_uri: 'must be an absolute URI.'
- secured_uri: 'must be an HTTPS/SSL URI.'
- forbidden_uri: 'is forbidden by the server.'
- scopes:
- not_match_configured: "doesn't match configured on the server."
-
- doorkeeper:
- applications:
- confirmations:
- destroy: 'Are you sure?'
- buttons:
- edit: 'Edit'
- destroy: 'Destroy'
- submit: 'Submit'
- cancel: 'Cancel'
- authorize: 'Authorize'
- form:
- error: 'Whoops! Check your form for possible errors'
- help:
- confidential: 'Application will be used where the client secret can be kept confidential. Native mobile apps and Single Page Apps are considered non-confidential.'
- redirect_uri: 'Use one line per URI'
- blank_redirect_uri: "Leave it blank if you configured your provider to use Client Credentials, Resource Owner Password Credentials or any other grant type that doesn't require redirect URI."
- scopes: 'Separate scopes with spaces. Leave blank to use the default scopes.'
- edit:
- title: 'Edit application'
- index:
- title: 'Your applications'
- new: 'New Application'
- name: 'Name'
- callback_url: 'Callback URL'
- confidential: 'Confidential?'
- actions: 'Actions'
- confidentiality:
- 'yes': 'Yes'
- 'no': 'No'
- new:
- title: 'New Application'
- show:
- title: 'Application: %{name}'
- application_id: 'UID'
- secret: 'Secret'
- secret_hashed: 'Secret hashed'
- scopes: 'Scopes'
- confidential: 'Confidential'
- callback_urls: 'Callback urls'
- actions: 'Actions'
- not_defined: 'Not defined'
-
- authorizations:
- buttons:
- authorize: 'Authorize'
- deny: 'Deny'
- error:
- title: 'An error has occurred'
- new:
- title: 'Authorization required'
- prompt: 'Authorize %{client_name} to use your account?'
- able_to: 'This application will be able to'
- show:
- title: 'Authorization code'
- form_post:
- title: 'Submit this form'
-
- authorized_applications:
- confirmations:
- revoke: 'Are you sure?'
- buttons:
- revoke: 'Revoke'
- index:
- title: 'Your authorized applications'
- application: 'Application'
- created_at: 'Created At'
- date_format: '%Y-%m-%d %H:%M:%S'
-
- pre_authorization:
- status: 'Pre-authorization'
-
- errors:
- messages:
- # Common error messages
- invalid_request:
- unknown: 'The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.'
- missing_param: 'Missing required parameter: %{value}.'
- request_not_authorized: 'Request need to be authorized. Required parameter for authorizing request is missing or invalid.'
- invalid_redirect_uri: "The requested redirect uri is malformed or doesn't match client redirect URI."
- unauthorized_client: 'The client is not authorized to perform this request using this method.'
- access_denied: 'The resource owner or authorization server denied the request.'
- invalid_scope: 'The requested scope is invalid, unknown, or malformed.'
- invalid_code_challenge_method: 'The code challenge method must be plain or S256.'
- server_error: 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.'
- temporarily_unavailable: 'The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.'
-
- # Configuration error messages
- credential_flow_not_configured: 'Resource Owner Password Credentials flow failed due to Doorkeeper.configure.resource_owner_from_credentials being unconfigured.'
- resource_owner_authenticator_not_configured: 'Resource Owner find failed due to Doorkeeper.configure.resource_owner_authenticator being unconfigured.'
- admin_authenticator_not_configured: 'Access to admin panel is forbidden due to Doorkeeper.configure.admin_authenticator being unconfigured.'
-
- # Access grant errors
- unsupported_response_type: 'The authorization server does not support this response type.'
- unsupported_response_mode: 'The authorization server does not support this response mode.'
-
- # Access token errors
- invalid_client: 'Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.'
- invalid_grant: 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.'
- unsupported_grant_type: 'The authorization grant type is not supported by the authorization server.'
-
- invalid_token:
- revoked: "The access token was revoked"
- expired: "The access token expired"
- unknown: "The access token is invalid"
- revoke:
- unauthorized: "You are not authorized to revoke this token"
-
- forbidden_token:
- missing_scope: 'Access to this resource requires scope "%{oauth_scopes}".'
-
- flash:
- applications:
- create:
- notice: 'Application created.'
- destroy:
- notice: 'Application deleted.'
- update:
- notice: 'Application updated.'
- authorized_applications:
- destroy:
- notice: 'Application revoked.'
-
- layouts:
- admin:
- title: 'Doorkeeper'
- nav:
- oauth2_provider: 'OAuth2 Provider'
- applications: 'Applications'
- home: 'Home'
- application:
- title: 'OAuth authorization required'
diff --git a/openid_connect_poc/config/locales/doorkeeper_openid_connect.en.yml b/openid_connect_poc/config/locales/doorkeeper_openid_connect.en.yml
deleted file mode 100644
index 1bed506b2..000000000
--- a/openid_connect_poc/config/locales/doorkeeper_openid_connect.en.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-en:
- doorkeeper:
- scopes:
- openid: 'Authenticate your account'
- profile: 'View your profile information'
- email: 'View your email address'
- address: 'View your physical address'
- phone: 'View your phone number'
- errors:
- messages:
- login_required: 'The authorization server requires end-user authentication'
- consent_required: 'The authorization server requires end-user consent'
- interaction_required: 'The authorization server requires end-user interaction'
- account_selection_required: 'The authorization server requires end-user account selection'
- openid_connect:
- errors:
- messages:
- # Configuration error messages
- resource_owner_from_access_token_not_configured: 'Failure due to Doorkeeper::OpenidConnect.configure.resource_owner_from_access_token missing configuration.'
- auth_time_from_resource_owner_not_configured: 'Failure due to Doorkeeper::OpenidConnect.configure.auth_time_from_resource_owner missing configuration.'
- reauthenticate_resource_owner_not_configured: 'Failure due to Doorkeeper::OpenidConnect.configure.reauthenticate_resource_owner missing configuration.'
- select_account_for_resource_owner_not_configured: 'Failure due to Doorkeeper::OpenidConnect.configure.select_account_for_resource_owner missing configuration.'
- subject_not_configured: 'ID Token generation failed due to Doorkeeper::OpenidConnect.configure.subject missing configuration.'
diff --git a/openid_connect_poc/config/locales/en.yml b/openid_connect_poc/config/locales/en.yml
deleted file mode 100644
index cf9b342d0..000000000
--- a/openid_connect_poc/config/locales/en.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-# Files in the config/locales directory are used for internationalization
-# and are automatically loaded by Rails. If you want to use locales other
-# than English, add the necessary files in this directory.
-#
-# To use the locales, use `I18n.t`:
-#
-# I18n.t 'hello'
-#
-# In views, this is aliased to just `t`:
-#
-# <%= t('hello') %>
-#
-# To use a different locale, set it with `I18n.locale`:
-#
-# I18n.locale = :es
-#
-# This would use the information in config/locales/es.yml.
-#
-# The following keys must be escaped otherwise they will not be retrieved by
-# the default I18n backend:
-#
-# true, false, on, off, yes, no
-#
-# Instead, surround them with single quotes.
-#
-# en:
-# 'true': 'foo'
-#
-# To learn more, please read the Rails Internationalization guide
-# available at https://guides.rubyonrails.org/i18n.html.
-
-en:
- hello: "Hello world"
diff --git a/openid_connect_poc/config/master.key b/openid_connect_poc/config/master.key
deleted file mode 100644
index 7c889bf34..000000000
--- a/openid_connect_poc/config/master.key
+++ /dev/null
@@ -1 +0,0 @@
-b8402335ed051f80a1d70f3a9c234a72
\ No newline at end of file
diff --git a/openid_connect_poc/config/puma.rb b/openid_connect_poc/config/puma.rb
deleted file mode 100644
index 8ae6a7853..000000000
--- a/openid_connect_poc/config/puma.rb
+++ /dev/null
@@ -1,45 +0,0 @@
-# frozen_string_literal: true
-
-# Puma can serve each request in a thread from an internal thread pool.
-# The `threads` method setting takes two numbers: a minimum and maximum.
-# Any libraries that use thread pools should be configured to match
-# the maximum value specified for Puma. Default is set to 5 threads for minimum
-# and maximum; this matches the default thread size of Active Record.
-#
-max_threads_count = ENV.fetch('RAILS_MAX_THREADS', 5)
-min_threads_count = ENV.fetch('RAILS_MIN_THREADS') { max_threads_count }
-threads min_threads_count, max_threads_count
-
-# Specifies the `worker_timeout` threshold that Puma will use to wait before
-# terminating a worker in development environments.
-#
-worker_timeout 3600 if ENV.fetch('RAILS_ENV', 'development') == 'development'
-
-# Specifies the `port` that Puma will listen on to receive requests; default is 3000.
-#
-port ENV.fetch('PORT', 3000)
-
-# Specifies the `environment` that Puma will run in.
-#
-environment ENV.fetch('RAILS_ENV', 'development')
-
-# Specifies the `pidfile` that Puma will use.
-pidfile ENV.fetch('PIDFILE', 'tmp/pids/server.pid')
-
-# Specifies the number of `workers` to boot in clustered mode.
-# Workers are forked web server processes. If using threads and workers together
-# the concurrency of the application would be max `threads` * `workers`.
-# Workers do not work on JRuby or Windows (both of which do not support
-# processes).
-#
-# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
-
-# Use the `preload_app!` method when specifying a `workers` number.
-# This directive tells Puma to first boot the application and load code
-# before forking the application. This takes advantage of Copy On Write
-# process behavior so workers use less memory.
-#
-# preload_app!
-
-# Allow puma to be restarted by `rails restart` command.
-plugin :tmp_restart
diff --git a/openid_connect_poc/config/routes.rb b/openid_connect_poc/config/routes.rb
deleted file mode 100644
index 87cde7b14..000000000
--- a/openid_connect_poc/config/routes.rb
+++ /dev/null
@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-Rails.application.routes.draw do
- use_doorkeeper_openid_connect
- use_doorkeeper
- devise_for :users, controllers: { omniauth_callbacks: 'omniauth_callbacks' }
-
- # devise_scope :user do
- # get 'auth/auth0/callback' => 'omniauth_callbacks#auth0'
- # get 'auth/auth0', to: '/devise/omniauth_callbacks#passthru', as: :omniauth_authorize, via: %i[get post]
- # end
-
- # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
- root to: 'home#index'
-end
diff --git a/openid_connect_poc/config/spring.rb b/openid_connect_poc/config/spring.rb
deleted file mode 100644
index 93cd0ff8c..000000000
--- a/openid_connect_poc/config/spring.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-Spring.watch(
- '.ruby-version',
- '.rbenv-vars',
- 'tmp/restart.txt',
- 'tmp/caching-dev.txt'
-)
diff --git a/openid_connect_poc/config/storage.yml b/openid_connect_poc/config/storage.yml
deleted file mode 100644
index d32f76e8f..000000000
--- a/openid_connect_poc/config/storage.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-test:
- service: Disk
- root: <%= Rails.root.join("tmp/storage") %>
-
-local:
- service: Disk
- root: <%= Rails.root.join("storage") %>
-
-# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
-# amazon:
-# service: S3
-# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
-# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
-# region: us-east-1
-# bucket: your_own_bucket
-
-# Remember not to checkin your GCS keyfile to a repository
-# google:
-# service: GCS
-# project: your_project
-# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
-# bucket: your_own_bucket
-
-# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
-# microsoft:
-# service: AzureStorage
-# storage_account_name: your_account_name
-# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
-# container: your_container_name
-
-# mirror:
-# service: Mirror
-# primary: local
-# mirrors: [ amazon, google, microsoft ]
diff --git a/openid_connect_poc/config/webpack/development.js b/openid_connect_poc/config/webpack/development.js
deleted file mode 100644
index c5edff94a..000000000
--- a/openid_connect_poc/config/webpack/development.js
+++ /dev/null
@@ -1,5 +0,0 @@
-process.env.NODE_ENV = process.env.NODE_ENV || 'development'
-
-const environment = require('./environment')
-
-module.exports = environment.toWebpackConfig()
diff --git a/openid_connect_poc/config/webpack/environment.js b/openid_connect_poc/config/webpack/environment.js
deleted file mode 100644
index d16d9af74..000000000
--- a/openid_connect_poc/config/webpack/environment.js
+++ /dev/null
@@ -1,3 +0,0 @@
-const { environment } = require('@rails/webpacker')
-
-module.exports = environment
diff --git a/openid_connect_poc/config/webpack/production.js b/openid_connect_poc/config/webpack/production.js
deleted file mode 100644
index be0f53aac..000000000
--- a/openid_connect_poc/config/webpack/production.js
+++ /dev/null
@@ -1,5 +0,0 @@
-process.env.NODE_ENV = process.env.NODE_ENV || 'production'
-
-const environment = require('./environment')
-
-module.exports = environment.toWebpackConfig()
diff --git a/openid_connect_poc/config/webpack/test.js b/openid_connect_poc/config/webpack/test.js
deleted file mode 100644
index c5edff94a..000000000
--- a/openid_connect_poc/config/webpack/test.js
+++ /dev/null
@@ -1,5 +0,0 @@
-process.env.NODE_ENV = process.env.NODE_ENV || 'development'
-
-const environment = require('./environment')
-
-module.exports = environment.toWebpackConfig()
diff --git a/openid_connect_poc/config/webpacker.yml b/openid_connect_poc/config/webpacker.yml
deleted file mode 100644
index a6b146566..000000000
--- a/openid_connect_poc/config/webpacker.yml
+++ /dev/null
@@ -1,92 +0,0 @@
-# Note: You must restart bin/webpack-dev-server for changes to take effect
-
-default: &default
- source_path: app/javascript
- source_entry_path: packs
- public_root_path: public
- public_output_path: packs
- cache_path: tmp/cache/webpacker
- webpack_compile_output: true
-
- # Additional paths webpack should lookup modules
- # ['app/assets', 'engine/foo/app/assets']
- additional_paths: []
-
- # Reload manifest.json on all requests so we reload latest compiled packs
- cache_manifest: false
-
- # Extract and emit a css file
- extract_css: false
-
- static_assets_extensions:
- - .jpg
- - .jpeg
- - .png
- - .gif
- - .tiff
- - .ico
- - .svg
- - .eot
- - .otf
- - .ttf
- - .woff
- - .woff2
-
- extensions:
- - .mjs
- - .js
- - .sass
- - .scss
- - .css
- - .module.sass
- - .module.scss
- - .module.css
- - .png
- - .svg
- - .gif
- - .jpeg
- - .jpg
-
-development:
- <<: *default
- compile: true
-
- # Reference: https://webpack.js.org/configuration/dev-server/
- dev_server:
- https: false
- host: localhost
- port: 3035
- public: localhost:3035
- hmr: false
- # Inline should be set to true if using HMR
- inline: true
- overlay: true
- compress: true
- disable_host_check: true
- use_local_ip: false
- quiet: false
- pretty: false
- headers:
- 'Access-Control-Allow-Origin': '*'
- watch_options:
- ignored: '**/node_modules/**'
-
-
-test:
- <<: *default
- compile: true
-
- # Compile test packs to a separate directory
- public_output_path: packs-test
-
-production:
- <<: *default
-
- # Production depends on precompilation of packs prior to booting for performance.
- compile: false
-
- # Extract and emit a css file
- extract_css: true
-
- # Cache manifest.json for performance
- cache_manifest: true
diff --git a/openid_connect_poc/db/migrate/20210929101819_devise_create_users.rb b/openid_connect_poc/db/migrate/20210929101819_devise_create_users.rb
deleted file mode 100644
index c461a9ed5..000000000
--- a/openid_connect_poc/db/migrate/20210929101819_devise_create_users.rb
+++ /dev/null
@@ -1,43 +0,0 @@
-# frozen_string_literal: true
-
-class DeviseCreateUsers < ActiveRecord::Migration[6.1]
- def change
- create_table :users do |t|
- ## Database authenticatable
- t.string :email, null: false, default: ''
- t.string :encrypted_password, null: false, default: ""
-
- ## Recoverable
- # t.string :reset_password_token
- # t.datetime :reset_password_sent_at
-
- ## Rememberable
- t.datetime :remember_created_at
-
- ## Trackable
- t.integer :sign_in_count, default: 0, null: false
- t.datetime :current_sign_in_at
- t.datetime :last_sign_in_at
- t.string :current_sign_in_ip
- t.string :last_sign_in_ip
-
- ## Confirmable
- # t.string :confirmation_token
- # t.datetime :confirmed_at
- # t.datetime :confirmation_sent_at
- # t.string :unconfirmed_email # Only if using reconfirmable
-
- ## Lockable
- # t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
- # t.string :unlock_token # Only if unlock strategy is :email or :both
- # t.datetime :locked_at
-
- t.timestamps null: false
- end
-
- add_index :users, :email, unique: true
- # add_index :users, :reset_password_token, unique: true
- # add_index :users, :confirmation_token, unique: true
- # add_index :users, :unlock_token, unique: true
- end
-end
diff --git a/openid_connect_poc/db/migrate/20211101121955_create_doorkeeper_tables.rb b/openid_connect_poc/db/migrate/20211101121955_create_doorkeeper_tables.rb
deleted file mode 100644
index 862a9442b..000000000
--- a/openid_connect_poc/db/migrate/20211101121955_create_doorkeeper_tables.rb
+++ /dev/null
@@ -1,88 +0,0 @@
-# frozen_string_literal: true
-
-class CreateDoorkeeperTables < ActiveRecord::Migration[6.1]
- def change
- create_table :oauth_applications do |t|
- t.string :name, null: false
- t.string :uid, null: false
- t.string :secret, null: false
-
- # Remove `null: false` if you are planning to use grant flows
- # that doesn't require redirect URI to be used during authorization
- # like Client Credentials flow or Resource Owner Password.
- t.text :redirect_uri, null: false
- t.string :scopes, null: false, default: ''
- t.boolean :confidential, null: false, default: true
- t.timestamps null: false
- end
-
- add_index :oauth_applications, :uid, unique: true
-
- create_table :oauth_access_grants do |t|
- t.references :resource_owner, null: false
- t.references :application, null: false
- t.string :token, null: false
- t.integer :expires_in, null: false
- t.text :redirect_uri, null: false
- t.datetime :created_at, null: false
- t.datetime :revoked_at
- t.string :scopes, null: false, default: ''
- end
-
- add_index :oauth_access_grants, :token, unique: true
- add_foreign_key(
- :oauth_access_grants,
- :oauth_applications,
- column: :application_id
- )
-
- create_table :oauth_access_tokens do |t|
- t.references :resource_owner, index: true
-
- # Remove `null: false` if you are planning to use Password
- # Credentials Grant flow that doesn't require an application.
- t.references :application, null: false
-
- # If you use a custom token generator you may need to change this column
- # from string to text, so that it accepts tokens larger than 255
- # characters. More info on custom token generators in:
- # https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator
- #
- # t.text :token, null: false
- t.string :token, null: false
-
- t.string :refresh_token
- t.integer :expires_in
- t.datetime :revoked_at
- t.datetime :created_at, null: false
- t.string :scopes
-
- # The authorization server MAY issue a new refresh token, in which case
- # *the client MUST discard the old refresh token* and replace it with the
- # new refresh token. The authorization server MAY revoke the old
- # refresh token after issuing a new refresh token to the client.
- # @see https://datatracker.ietf.org/doc/html/rfc6749#section-6
- #
- # Doorkeeper implementation: if there is a `previous_refresh_token` column,
- # refresh tokens will be revoked after a related access token is used.
- # If there is no `previous_refresh_token` column, previous tokens are
- # revoked as soon as a new access token is created.
- #
- # Comment out this line if you want refresh tokens to be instantly
- # revoked after use.
- t.string :previous_refresh_token, null: false, default: ''
- end
-
- add_index :oauth_access_tokens, :token, unique: true
- add_index :oauth_access_tokens, :refresh_token, unique: true
- add_foreign_key(
- :oauth_access_tokens,
- :oauth_applications,
- column: :application_id
- )
-
- # Uncomment below to ensure a valid reference to the resource owner's table
- add_foreign_key :oauth_access_grants, :users, column: :resource_owner_id
- add_foreign_key :oauth_access_tokens, :users, column: :resource_owner_id
- end
-end
diff --git a/openid_connect_poc/db/migrate/20211103115259_create_doorkeeper_openid_connect_tables.rb b/openid_connect_poc/db/migrate/20211103115259_create_doorkeeper_openid_connect_tables.rb
deleted file mode 100644
index a09de0c4d..000000000
--- a/openid_connect_poc/db/migrate/20211103115259_create_doorkeeper_openid_connect_tables.rb
+++ /dev/null
@@ -1,15 +0,0 @@
-class CreateDoorkeeperOpenidConnectTables < ActiveRecord::Migration[6.1]
- def change
- create_table :oauth_openid_requests do |t|
- t.references :access_grant, null: false, index: true
- t.string :nonce, null: false
- end
-
- add_foreign_key(
- :oauth_openid_requests,
- :oauth_access_grants,
- column: :access_grant_id,
- on_delete: :cascade
- )
- end
-end
diff --git a/openid_connect_poc/db/migrate/20211104124706_add_omniauth_to_users.rb b/openid_connect_poc/db/migrate/20211104124706_add_omniauth_to_users.rb
deleted file mode 100644
index 9a76776f3..000000000
--- a/openid_connect_poc/db/migrate/20211104124706_add_omniauth_to_users.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-class AddOmniauthToUsers < ActiveRecord::Migration[6.1]
- def change
- add_column :users, :provider, :string
- add_column :users, :uid, :string
- end
-end
diff --git a/openid_connect_poc/db/schema.rb b/openid_connect_poc/db/schema.rb
deleted file mode 100644
index 2ffaa7b81..000000000
--- a/openid_connect_poc/db/schema.rb
+++ /dev/null
@@ -1,87 +0,0 @@
-# This file is auto-generated from the current state of the database. Instead
-# of editing this file, please use the migrations feature of Active Record to
-# incrementally modify your database, and then regenerate this schema definition.
-#
-# This file is the source Rails uses to define your schema when running `bin/rails
-# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
-# be faster and is potentially less error prone than running all of your
-# migrations from scratch. Old migrations may fail to apply correctly if those
-# migrations use external dependencies or application code.
-#
-# It's strongly recommended that you check this file into your version control system.
-
-ActiveRecord::Schema.define(version: 2021_11_04_124706) do
-
- # These are extensions that must be enabled in order to support this database
- enable_extension "plpgsql"
-
- create_table "oauth_access_grants", force: :cascade do |t|
- t.bigint "resource_owner_id", null: false
- t.bigint "application_id", null: false
- t.string "token", null: false
- t.integer "expires_in", null: false
- t.text "redirect_uri", null: false
- t.datetime "created_at", null: false
- t.datetime "revoked_at"
- t.string "scopes", default: "", null: false
- t.index ["application_id"], name: "index_oauth_access_grants_on_application_id"
- t.index ["resource_owner_id"], name: "index_oauth_access_grants_on_resource_owner_id"
- t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
- end
-
- create_table "oauth_access_tokens", force: :cascade do |t|
- t.bigint "resource_owner_id"
- t.bigint "application_id", null: false
- t.string "token", null: false
- t.string "refresh_token"
- t.integer "expires_in"
- t.datetime "revoked_at"
- t.datetime "created_at", null: false
- t.string "scopes"
- t.string "previous_refresh_token", default: "", null: false
- t.index ["application_id"], name: "index_oauth_access_tokens_on_application_id"
- t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
- t.index ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
- t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
- end
-
- create_table "oauth_applications", force: :cascade do |t|
- t.string "name", null: false
- t.string "uid", null: false
- t.string "secret", null: false
- t.text "redirect_uri", null: false
- t.string "scopes", default: "", null: false
- t.boolean "confidential", default: true, null: false
- t.datetime "created_at", precision: 6, null: false
- t.datetime "updated_at", precision: 6, null: false
- t.index ["uid"], name: "index_oauth_applications_on_uid", unique: true
- end
-
- create_table "oauth_openid_requests", force: :cascade do |t|
- t.bigint "access_grant_id", null: false
- t.string "nonce", null: false
- t.index ["access_grant_id"], name: "index_oauth_openid_requests_on_access_grant_id"
- end
-
- create_table "users", force: :cascade do |t|
- t.string "email", default: "", null: false
- t.string "encrypted_password", default: "", null: false
- t.datetime "remember_created_at"
- t.integer "sign_in_count", default: 0, null: false
- t.datetime "current_sign_in_at"
- t.datetime "last_sign_in_at"
- t.string "current_sign_in_ip"
- t.string "last_sign_in_ip"
- t.datetime "created_at", precision: 6, null: false
- t.datetime "updated_at", precision: 6, null: false
- t.string "provider"
- t.string "uid"
- t.index ["email"], name: "index_users_on_email", unique: true
- end
-
- add_foreign_key "oauth_access_grants", "oauth_applications", column: "application_id"
- add_foreign_key "oauth_access_grants", "users", column: "resource_owner_id"
- add_foreign_key "oauth_access_tokens", "oauth_applications", column: "application_id"
- add_foreign_key "oauth_access_tokens", "users", column: "resource_owner_id"
- add_foreign_key "oauth_openid_requests", "oauth_access_grants", column: "access_grant_id", on_delete: :cascade
-end
diff --git a/openid_connect_poc/db/seeds.rb b/openid_connect_poc/db/seeds.rb
deleted file mode 100644
index c8c1b7532..000000000
--- a/openid_connect_poc/db/seeds.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-# This file should contain all the record creation needed to seed the database with its default values.
-# The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup).
-#
-# Examples:
-#
-# movies = Movie.create([{ name: 'Star Wars' }, { name: 'Lord of the Rings' }])
-# Character.create(name: 'Luke', movie: movies.first)
diff --git a/openid_connect_poc/lib/assets/.keep b/openid_connect_poc/lib/assets/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/openid_connect_poc/lib/tasks/.keep b/openid_connect_poc/lib/tasks/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/openid_connect_poc/log/.keep b/openid_connect_poc/log/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/openid_connect_poc/package.json b/openid_connect_poc/package.json
deleted file mode 100644
index 4ea18c436..000000000
--- a/openid_connect_poc/package.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
- "name": "teacher-id",
- "private": true,
- "dependencies": {
- "@rails/actioncable": "^6.0.0",
- "@rails/activestorage": "^6.0.0",
- "@rails/ujs": "^6.0.0",
- "@rails/webpacker": "5.4.3",
- "turbolinks": "^5.2.0",
- "webpack": "^4.46.0",
- "webpack-cli": "^3.3.12"
- },
- "version": "0.1.0",
- "devDependencies": {
- "webpack-dev-server": "^3"
- }
-}
diff --git a/openid_connect_poc/postcss.config.js b/openid_connect_poc/postcss.config.js
deleted file mode 100644
index aa5998a80..000000000
--- a/openid_connect_poc/postcss.config.js
+++ /dev/null
@@ -1,12 +0,0 @@
-module.exports = {
- plugins: [
- require('postcss-import'),
- require('postcss-flexbugs-fixes'),
- require('postcss-preset-env')({
- autoprefixer: {
- flexbox: 'no-2009'
- },
- stage: 3
- })
- ]
-}
diff --git a/openid_connect_poc/public/404.html b/openid_connect_poc/public/404.html
deleted file mode 100644
index 2be3af26f..000000000
--- a/openid_connect_poc/public/404.html
+++ /dev/null
@@ -1,67 +0,0 @@
-
-
-
- The page you were looking for doesn't exist (404)
-
-
-
-
-
-
-
-
-
The page you were looking for doesn't exist.
-
You may have mistyped the address or the page may have moved.
-
-
If you are the application owner check the logs for more information.
-
-
-
diff --git a/openid_connect_poc/public/422.html b/openid_connect_poc/public/422.html
deleted file mode 100644
index c08eac0d1..000000000
--- a/openid_connect_poc/public/422.html
+++ /dev/null
@@ -1,67 +0,0 @@
-
-
-
- The change you wanted was rejected (422)
-
-
-
-
-
-
-
-
-
The change you wanted was rejected.
-
Maybe you tried to change something you didn't have access to.
-
-
If you are the application owner check the logs for more information.