access_token_wrapper 0.2.1 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 41caff490861ec2790a54b80f5fb40bcc7d8eacf
-  data.tar.gz: 762c31fa85773bda6e1c6dcdb4148a90f5b1a18f
+SHA256:
+  metadata.gz: 405caad8ee55bc656653df222a637247cbac4a6d7589383864dcb24d8d2934ed
+  data.tar.gz: 0d0462d4ac69b5d203fdef89383aa341459f8f8b0773e9498236dd39e7bfcce6
 SHA512:
-  metadata.gz: fcf00843f23b13c5d6b4dd5ddf73cd4424b910c9e81e5e39d482efada0202981e4a9f1e9a1307243984f9a020b949d5987763718b2a5c68d7536096e212312b9
-  data.tar.gz: 10a125e2293eabfab24f92fc161f5cd573ff3d84f0b723db837ef2d5e786efff89179d88fed861b796c1bd67c153a25e561d3538914b2820881f55513acb57dc
+  metadata.gz: fa7d945b0480387ae1c4354e3584443222e321149ec64b8e6bf533d3c0d3e9d6a45b1eef04c3efd240bbb37ed60efadf5932c330531cbcc77cc62dd989afa4f1
+  data.tar.gz: 11b3e0166640aef5c37e9470b15b18592c65806fd543fd8f0745fecb0966e1f65e30683e58bbdaf175f03b1fbc7c70f3a8a930a71345245d2b0cd7b2b2fcf223

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.5.0 (2020-06-25)
+- [FEATURE] Adds a basic configuration API with the ability to customize which exceptions are retried
+- [FEATURE] Adds in `AccessTokenWrapper::FromRecord` as an alternative refresh wrapper that uses ActiveRecord locking to remove race-conditions
+
 ## 0.2.1 (2018-01-23)
 - [BUGFIX] Allow the request to fallback to the old style if no expires_at provided
 

data/Gemfile.lock

@@ -1,34 +1,45 @@
 PATH
   remote: .
   specs:
-    access_token_wrapper (0.2.0)
+    access_token_wrapper (0.2.1)
       oauth2
 
 GEM
   remote: https://rubygems.org/
   specs:
-    faraday (0.12.2)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    faraday (1.0.1)
       multipart-post (>= 1.2, < 3)
-    jwt (1.5.6)
-    multi_json (1.12.2)
+    hashdiff (1.0.1)
+    jwt (2.2.1)
+    multi_json (1.14.1)
     multi_xml (0.6.0)
-    multipart-post (2.0.0)
-    oauth2 (1.4.0)
-      faraday (>= 0.8, < 0.13)
-      jwt (~> 1.0)
+    multipart-post (2.1.1)
+    oauth2 (1.4.4)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
-    rack (2.0.3)
-    rake (12.3.0)
+    public_suffix (4.0.5)
+    rack (2.2.2)
+    rake (13.0.1)
+    safe_yaml (1.0.5)
+    webmock (3.8.3)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   access_token_wrapper!
-  bundler (~> 1.3)
   rake
+  webmock
 
 BUNDLED WITH
-   1.16.1
+   2.1.4

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2013 TradeGecko Pte Ltd
+Copyright (c) 2020 TradeGecko Pte Ltd
 
 MIT License
 

data/README.md

@@ -18,6 +18,7 @@ Or install it yourself as:
 
 ## Usage
 
+`AccessTokenWrapper::Base`
 ```ruby
 def access_token
   @access_token ||= begin
@@ -43,8 +44,31 @@ def update_user_from_access_token(new_token)
 end
 ```
 
-## Note
-The `AccessTokenWrapper#token` is replaced with `AccessTokenWrapper#raw_token`
+or the more advanced `AccessTokenWrapper::FromRecord` that automatically locks the record on refresh to help ensure concurrency.
+
+```ruby
+def access_token
+  @access_token ||= begin
+    token = OAuth2::AccessToken.new(oauth_client, @user.access_token,
+            refresh_token: @user.refresh_token,
+            expires_at:    @user.expires_at
+    )
+    AccessTokenWrapper::FromRecord.new(client: oauth_client, record: @user) do |new_token, exception|
+      update_user_from_access_token(new_token)
+    end
+  end
+end
+```
+
+## Configuration
+```ruby
+AccessTokenWrapper.configure do |config|
+  config.skip_statuses << 520
+  config.skip_refresh do |response|
+    response.parsed['message'].start_with?('Duplicate Idempotency')
+  end
+end
+```
 
 ## Contributing
 

data/access_token_wrapper.gemspec

@@ -18,8 +18,8 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 1.3"
   spec.add_development_dependency "rake"
+  spec.add_development_dependency "webmock"
 
   spec.add_dependency "oauth2"
 end

data/lib/access_token_wrapper.rb

@@ -1 +1,21 @@
+# frozen_string_literal: true
+
 require "access_token_wrapper/base"
+require "access_token_wrapper/from_record"
+require "access_token_wrapper/configuration"
+
+module AccessTokenWrapper
+  class << self
+    def configuration
+      @configuration ||= Configuration.new
+    end
+
+    def configure
+      yield(configuration)
+    end
+
+    def reset_configuration!
+      @configuration = Configuration.new
+    end
+  end
+end

data/lib/access_token_wrapper/base.rb

@@ -1,26 +1,56 @@
+# frozen_string_literal: true
+
 module AccessTokenWrapper
   class Base
-    NON_ERROR_CODES = [402, 404, 422, 414, 429, 500, 503]
     EXPIRY_GRACE_SEC = 30
+
+    def config
+      AccessTokenWrapper.configuration
+    end
+
     attr_reader :raw_token
 
+    # This is the core functionality
+    #
+    # @example
+    #   AccessTokenWrapper::Base.new(token) do |new_token, exception|
+    #     update_user_from_access_token(new_token)
+    #   end
+    #
+    # @param [<OAuth2::AccessToken] raw_token An instance of an OAuth2::AccessToken object
+    # @param [&block] callback A callback that gets called when a token is refreshed,
+    #  the callback is provided `new_token` and optional `exception` parameters
+    #
+    # @return <AccessTokenWrapper::Base>
+    #
+    # @api public
     def initialize(raw_token, &callback)
       @raw_token = raw_token
       @callback  = callback
     end
 
+  private
+
     def method_missing(method_name, *args, &block)
       refresh_token! if token_expiring?
       @raw_token.send(method_name, *args, &block)
     rescue OAuth2::Error => exception
-      if NON_ERROR_CODES.include?(exception.response.status)
-        raise exception
+      if non_refreshable_exception?(exception)
+        raise
       else
         refresh_token!(exception)
         @raw_token.send(method_name, *args, &block)
       end
     end
 
+    def non_refreshable_exception?(exception)
+      if config.skip_statuses.include?(exception.response.status)
+        true
+      else
+        config.skip_refresh_block.call(exception.response)
+      end
+    end
+
     def refresh_token!(exception = nil)
       @raw_token = @raw_token.refresh!
       @callback.call(@raw_token, exception)

data/lib/access_token_wrapper/configuration.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module AccessTokenWrapper
+  #  Global configuration object
+  #
+  #  AccessTokenWrapper.configure do |config|
+  #    config.skip_statuses << 520
+  #    config.skip_refresh do |response|
+  #      response.parsed['message'] == 'Duplicate Idempotency Key header detected'
+  #    end
+  #  end
+  class Configuration
+    attr_accessor :skip_statuses, :skip_refresh_block
+
+    def initialize
+      @skip_statuses = [402, 404, 414, 422, 429, 500, 503]
+      @skip_refresh_block = ->(_response) { false }
+    end
+
+    def skip_refresh(&block)
+      @skip_refresh_block = block
+    end
+  end
+end

data/lib/access_token_wrapper/from_record.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+module AccessTokenWrapper
+  class FromRecord < Base
+    attr_reader :record
+
+    # This is the core functionality
+    #
+    # @example
+    #   AccessTokenWrapper::FromRecord.new(client: client, record: user) do |new_token, exception|
+    #     update_user_from_access_token(new_token)
+    #   end
+    #
+    # @param [<OAuth2::Client>] client An instance of an OAuth2::Client object
+    # @param [<Object>] record An AR-like object that responds to `access_token`,
+    #   `refresh_token`, `expires_at`, `with_lock` and `reload`.
+    # @param [&block] callback A callback that gets called when a token is refreshed,
+    #   the callback is provided `new_token` and optional `exception` parameters
+    #
+    # @return <AccessTokenWrapper::FromRecord>
+    #
+    # @api public
+    def initialize(client:, record:, &callback)
+      @oauth_client = client
+      @record       = record
+      super(build_token, &callback)
+    end
+
+  private
+
+    # Override the refresh_token! method from the Base class to extend with locking logic
+    def refresh_token!(exception = nil)
+      @record.with_lock do
+        fetch_fresh_record
+
+        if token_requires_refresh?
+          @raw_token = @raw_token.refresh!
+          @callback.call(@raw_token, exception)
+        end
+      end
+    end
+
+    def build_token
+      OAuth2::AccessToken.new(@oauth_client, record.access_token, {
+        refresh_token: record.refresh_token,
+        expires_at:    record.expires_at
+      })
+    end
+
+    def fetch_fresh_record
+      @last_token = @raw_token
+      @record.reload
+      @raw_token = build_token
+    end
+
+    def token_requires_refresh?
+      @last_token.token == @raw_token.token
+    end
+  end
+end

data/lib/access_token_wrapper/version.rb

@@ -1,3 +1,3 @@
 module AccessTokenWrapper
-  VERSION = "0.2.1"
+  VERSION = "0.5.0"
 end

data/test/base_test.rb

@@ -60,7 +60,6 @@ class AccessTokenWrapperTest < Minitest::Test
     assert token.refreshed
   end
 
-
   def test_runs_refresh_block_if_expiring
     @run = false
 
@@ -88,4 +87,28 @@ class AccessTokenWrapperTest < Minitest::Test
     assert !@run
     assert !token.refreshed
   end
+
+  def test_doesnt_run_refresh_block_with_skip_block
+    AccessTokenWrapper.configure do |config|
+      config.skip_refresh do |response|
+        true
+      end
+    end
+
+    @run = false
+
+    token = described_class.new(FakeToken.new) do |new_token, exception|
+      @run = true
+    end
+
+    begin
+      token.get_and_raise(401)
+    rescue OAuth2::Error
+    end
+
+    assert !@run
+    assert !token.refreshed
+  ensure
+    AccessTokenWrapper.reset_configuration!
+  end
 end

data/test/from_record_test.rb

@@ -0,0 +1,187 @@
+require 'test_helper'
+
+class FromRecordTest < Minitest::Test
+  def described_class
+    AccessTokenWrapper::FromRecord
+  end
+
+  class FakeRecord
+    class << self
+      attr_accessor :locked
+    end
+
+    attr_reader :id, :reloaded
+    attr_accessor :access_token, :refresh_token, :expires_at
+    attr_writer :fresh_token
+
+    def initialize(access_token: 'ABC', refresh_token: 'DEF', expires_at: Time.now.to_i + 3600)
+      update_from_access_token(OpenStruct.new(token: access_token, refresh_token: refresh_token, expires_at: expires_at))
+      @id = 42
+      @fresh_token = nil
+    end
+
+    def update_from_access_token(token)
+      @access_token = token.token
+      @refresh_token = token.refresh_token
+      @expires_at = token.expires_at
+    end
+
+    def reload
+      @reloaded = true
+      if @fresh_token
+        update_from_access_token(@fresh_token)
+        @fresh_token = nil
+      end
+    end
+
+    def with_lock
+      true while self.class.locked
+
+      self.class.locked = true
+      sleep 0.1
+      yield
+      self.class.locked = false
+    end
+  end
+
+  class ExpiringFakeRecord < FakeRecord
+    def reload
+      @access_token  = access_token  + "*"
+      @refresh_token = refresh_token + "*"
+      @expires_at    = Time.now.to_i + 3600
+      super
+    end
+  end
+
+  def client
+    @client ||= OAuth2::Client.new('AAA', 'BBB', site: 'http://localhost:3000')
+  end
+
+  def setup
+    stub_request(:get, "http://localhost:3000/200").to_return(status: 200, body: "")
+    stub_request(:get, "http://localhost:3000/401").to_return({ status: 401, body: "" }, { status: 200, body: "" })
+    stub_request(:get, "http://localhost:3000/429").to_return(status: 429, body: "")
+  end
+
+  def stub_token_refresh
+    stub_request(:post, "http://localhost:3000/oauth/token").with(body: {"client_id"=>"AAA", "client_secret"=>"BBB", "grant_type"=>"refresh_token", "refresh_token"=>"DEF"}).to_return(status: 200, headers: { 'Content-Type' => 'application/json' }, body: token_response.to_json).times(1)
+  end
+
+  def stub_token_refresh_with_wait
+    stub_request(:post, "http://localhost:3000/oauth/token").to_return(status: 200, headers: { 'Content-Type' => 'application/json' }, body: lambda { |request| sleep 0.1; token_response.to_json }).times(1)
+  end
+
+  def token_response
+    {
+      "access_token": "57ed301af04bf35b40f255feb5ef469ab2f046aff14",
+      "expires_in": 7200,
+      "refresh_token": "026b343de07818b3ffebfb3001eff9a00aea43da0 ",
+      "scope": "public",
+      "token_type": "bearer"
+    }
+  end
+
+  def test_doesnt_run_block_if_no_exception
+    @run = false
+
+    token = described_class.new(client: client, record: FakeRecord.new) do |new_token, exception|
+      @run = true
+    end
+
+    token.get('/200')
+    assert !@run
+    assert !token.record.reloaded
+  end
+
+  def test_runs_refresh_block_if_exception
+    @run = false
+    stub_refresh = stub_token_refresh
+
+    token = described_class.new(client: client, record: FakeRecord.new) do |new_token, exception|
+      @run = true
+    end
+
+    token.get('/401')
+    assert @run
+    assert token.record.reloaded
+    assert_requested(stub_refresh)
+  end
+
+  def test_runs_refresh_block_if_expiring
+    @run = false
+    stub_refresh = stub_token_refresh
+    token = described_class.new(client: client, record: FakeRecord.new(expires_at: Time.now.to_i - 1)) do |new_token, exception|
+      @run = true
+    end
+
+    token.get('/200')
+    assert @run
+    assert token.record.reloaded
+    assert_requested(stub_refresh)
+  end
+
+  def test_doesnt_run_block_if_non_auth_exception
+    @run = false
+
+    token = described_class.new(client: client, record: FakeRecord.new) do |new_token, exception|
+      @run = true
+    end
+
+    begin
+      token.get('/429')
+    rescue OAuth2::Error
+    end
+
+    assert !@run
+    assert !token.record.reloaded
+  end
+
+  def test_refreshes_record_and_halts_api_request_if_not_needed
+    @run = false
+    stub_refresh = stub_token_refresh
+
+    token = described_class.new(client: client, record: ExpiringFakeRecord.new) do |new_token, exception|
+      @run = true
+    end
+
+    token.get('/401')
+
+    assert !@run
+    assert_not_requested(stub_refresh)
+    assert token.record.reloaded
+  end
+
+  def test_that_the_lock_locks_multiple_requests
+    @results = []
+    record      = FakeRecord.new(expires_at: Time.now.to_i-1)
+    record_copy = FakeRecord.new(expires_at: Time.now.to_i-1)
+
+    token = described_class.new(client: client, record: record) do |new_token, exception|
+      record.update_from_access_token(new_token)
+      record_copy.fresh_token = new_token
+      @run = true
+    end
+
+    token2 = described_class.new(client: client, record: record_copy) do |new_token, exception|
+      @run = true
+    end
+
+    stub_refresh = stub_token_refresh_with_wait
+
+    new_thread = Thread.new do
+      @results << :before_primary
+      token.get('/200')
+      @results << :after_primary
+    end
+
+    sleep 0.01
+
+    @results << :before_secondary
+    token2.get('/200')
+    @results << :after_secondary
+
+    new_thread.join
+    assert_equal [:before_primary, :before_secondary, :after_primary, :after_secondary], @results
+    assert_requested(stub_refresh)
+  end
+end

data/test/test_helper.rb

@@ -1,3 +1,4 @@
 require 'minitest/autorun'
 require 'access_token_wrapper'
 require 'oauth2'
+require 'webmock/minitest'

metadata

@@ -1,31 +1,31 @@
 --- !ruby/object:Gem::Specification
 name: access_token_wrapper
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.5.0
 platform: ruby
 authors:
 - Bradley Priest
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-01-23 00:00:00.000000000 Z
+date: 2020-06-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -70,8 +70,11 @@ files:
 - access_token_wrapper.gemspec
 - lib/access_token_wrapper.rb
 - lib/access_token_wrapper/base.rb
+- lib/access_token_wrapper/configuration.rb
+- lib/access_token_wrapper/from_record.rb
 - lib/access_token_wrapper/version.rb
 - test/base_test.rb
+- test/from_record_test.rb
 - test/test_helper.rb
 homepage: https://github.com/tradegecko/access_token_wrapper
 licenses:
@@ -92,12 +95,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Wrapper for OAuth2::Token to automatically refresh the expiry token when
   expired.
 test_files:
 - test/base_test.rb
+- test/from_record_test.rb
 - test/test_helper.rb