actionhook 1.0.1 → 1.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e29d71ca02f4d398eeed645f7c79076dbb5c079d62ab5be73c7ca733da1876f4
-  data.tar.gz: ec90f8666bb088688bc5f259acc9ddd2a5047fcf4e84396d0b33a1bdd3413da7
+  metadata.gz: 111528871816887536f0a86bb12725f173f4bfbb81ccc9b386c3416a61a4e8a5
+  data.tar.gz: 1801549784630e61f7c6634c77235c1a1344adb96407fa234f5f446792d35198
 SHA512:
-  metadata.gz: 0e0b5ddca39413d1b99df2a57a17da674adf22f1c61a918991a6c7c13e72dc63e3c2250e79a2b64c87f8cf9ac35fe32cd4c6866d07455c3c29ab0a226b303709
-  data.tar.gz: 2cb76f77f08f7ee8931c7e57e4126dc49b305c14de092c91ef2aa344affdfcc6e0acea5b83afe4781a88de3bc8ace438caafa0c27ab49a2f18e895f3327cd02e
+  metadata.gz: 352fcaefc122e052ef55348d0835a0563e0e25c47291b63c3f892578568ab00a2f999256c0824dcc1499dd8b5b421bdf65a6c9f55eff55cfa1f908d4b1213730
+  data.tar.gz: c2f27a19e2b6ff4c2371587567e26b2a1f0dca9a22abb51bf2f828a5ae36e986d412c74e6da2e29cab4881147e6896513a33c9baff3e0d0539c235284f86e442

data/Dockerfile

@@ -0,0 +1,8 @@
+FROM ruby:2.7
+
+WORKDIR /usr/src/app
+
+COPY . .
+
+RUN bundle install
+

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    actionhook (1.0.1)
+    actionhook (1.0.2)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -1,7 +1,6 @@
 # Why?
 
-`ActionHook` is a drop-in library for sending webhooks. You specify the content and destination, `ActionHook` takes care of securely delivering it.
-
+`ActionHook` is a drop-in ruby gem for sending webhooks. You specify the content and destination, `ActionHook` takes care of securely delivering it.
 
 ## Build Status
 
@@ -11,26 +10,25 @@
 
 - [x] **Core** Send webhooks
 - [x] **Configuration** Timeout, IP blocking, etc.
-- [x] **Security** Supports HTTP Basic, Token, and Bearer Token auth.
+- [x] **Security** Supports HTTP Basic, Token, and Bearer Token auth
 - [x] **Security** Blocks private IPs and allows custom IP blocking
-- [x] **Security** 2-factor authentication using a secret for each receiver.
+- [x] **Security** 2-factor authentication using a secret for each receiver
 - [x] **Usability** Works seamlessly on Ruby on Rails. [Example](examples/actionhook-rails-example)
 - [x] **Scale** Works seamlessly on AWS Lambda. [Example](examples/actionhook-aws-lambda-example)
 - [x] **More** Logging
 
-
 ## Send Webhooks
 
 ```ruby
 request = ActionHook::Core::JSONRequest.new(url: 'https://example.com',
   method: :post, body: { hello: "world" }, headers: {})
 
-ActionHook::Core::NetHttpSender.send(request)
+ActionHook::Core::NetHTTPSender.send(request)
 ```
 
 ## Configuration
 
-All configurations are optional, only use these if you want to override the defaults.
+All configs are optional, only use these if you want to override the defaults.
 You can set the following configs in `ActionHook.configuration` object.
 
 |Name|Description|Default Value|
@@ -41,10 +39,10 @@ You can set the following configs in `ActionHook.configuration` object.
 |`allow_private_ips` | If loopback or private IPs should be allowed as receiver | `false` |
 |`blocked_ip_ranges` | Custom IP ranges to block, e.g. `%w{172.8.9.8/24}`| `[]`|
 
-Instead of the global config using ActionHook.configuration, you can provide an instance of `ActionHook::Core::Configuration` to the `send` method. Please note that, global config will be ignored when you provide a configuration while calling `send`. Here's an example of providing a configuration while calling `send`.
+Instead of `ActionHook.configuration`, you can provide an instance of `ActionHook::Core::Configuration` to the `send` method as follows:
 
 ```ruby
-ActionHook::Core::NetHttpSender.send(request, ActionHook::Core::Configuration.new)
+ActionHook::Core::NetHTTPSender.send(request, ActionHook::Core::Configuration.new)
 ```
 
 ## Security: Authentication
@@ -63,26 +61,28 @@ ActionHook supports `Basic`, `Token`, and `BearerToken` authentication out of th
 
 ## Security: 2-Factor Authentication: Hashing With a Secure Key
 
-You can generate secure key for each receiving endpoint and pass it to `ActionHook`
-for adding a 2-factor authentication. Using this this key, `ActionHook` will automatically add the `SHA256-FINGERPRINT` header to the webhook. The receiver can compute the SHA256 digest of the request body using the same secret to verify the sender and message integrity.
+You can generate a secure key for each receiving endpoint and pass it to `ActionHook`
+for adding a 2<sup>nd</sup> factor authentication. Using this key, `ActionHook` will automatically add the `SHA256-FINGERPRINT` header to the webhook. The receiver can compute the SHA256 digest of the request body using the same secret to verify you as the sender and message integrity.
 
 ```ruby
 request = ActionHook::Core::JSONRequest.new(url: 'https://example.com',
   secret: '<Your Secret For This Hook>', # Remember to provide your secret
   method: :post, body: { hello: "world" }, headers: {})
 
-ActionHook::Core::NetHttpSender.send(request)
+ActionHook::Core::NetHTTPSender.send(request)
 ```
 
 ## Security: IP Blocking
 
-When a request is blocked due to private IP, `send` raises `ActionHook::Security::IPBlocking::PrivateIPError`.
+When a request is blocked due to private IP receiver, `send` raises `ActionHook::Security::IPBlocking::PrivateIPError`.
+
 When a request is blocked due to the `blocked_ip_ranges`, `send` raises `ActionHook::Security::IPBlocking::BlockedRequestError`.
+
 In both cases, the error message includes necessary context for debugging / logging.
 
 ## Logging
 
-You should pass an instance of `Logger` to put all `ActionLog`. Otherwise, logs are written into `STDOUT`.
+You should pass an instance of `Logger` to put all `ActionHook` logs into where your application log is. Otherwise, logs are written into `STDOUT` by default.
 
 ```ruby
 # For example, in Rails, you can pass the Rails logger in an initializer
@@ -90,4 +90,5 @@ You should pass an instance of `Logger` to put all `ActionLog`. Otherwise, logs
 
 ActionHook.logger = Rails.logger
 ```
-For debugging, you can set the log level to `debug` for detailed information. Even in debug, the secure header values aren't logged, only the header names are mentioned.
+
+Set the log level to `debug` for detailed information. Even in debug, the secure header values aren't logged for accidental credential leakage, only the header names are mentioned.

data/buildspec.yml

@@ -0,0 +1,57 @@
+version: 0.2
+
+#env:
+  #variables:
+     # key: "value"
+     # key: "value"
+  #parameter-store:
+     # key: "value"
+     # key: "value"
+  #secrets-manager:
+     # key: secret-id:json-key:version-stage:version-id
+     # key: secret-id:json-key:version-stage:version-id
+  #exported-variables:
+     # - variable
+     # - variable
+  #git-credential-helper: yes
+
+phases:
+  #install:
+    #If you use the Ubuntu standard image 2.0 or later, you must specify runtime-versions.
+    #If you specify runtime-versions and use an image other than Ubuntu standard image 2.0, the build fails.
+    #runtime-versions:
+      # name: version
+      # name: version
+    #commands:
+      # - command
+      # - command
+  #pre_build:
+    #commands:
+      # - command
+      # - command
+  build:
+    commands:
+      - docker build . -t actionhook:latest && docker run --rm actionhook:latest rspec
+      # - command
+  #post_build:
+    #commands:
+      # - command
+      # - command
+#reports:
+  #report-name-or-arn:
+    #files:
+      # - location
+      # - location
+    #base-directory: location
+    #discard-paths: yes
+    #file-format: JunitXml | CucumberJson
+#artifacts:
+  #files:
+    # - location
+    # - location
+  #name: $(date +%Y-%m-%d)
+  #discard-paths: yes
+  #base-directory: location
+#cache:
+  #paths:
+    # - paths

data/lib/actionhook/core/configuration.rb

@@ -7,7 +7,7 @@ module ActionHook
       DEFAULT_READ_TIMEOUT_IN_SECONDS = 15
       DEFAULT_HASH_HEADER_NAME = 'SHA256-FINGERPRINT'
       attr_accessor :open_timeout, :read_timeout, :hash_header_name,
-        :allow_private_ips
+        :allow_private_ips, :ca_file
 
       attr_writer :blocked_custom_ip_ranges
 
@@ -15,20 +15,23 @@ module ActionHook
         read_timeout: DEFAULT_READ_TIMEOUT_IN_SECONDS,
         hash_header_name: DEFAULT_HASH_HEADER_NAME,
         allow_private_ips: false,
-        blocked_custom_ip_ranges: []
+        blocked_custom_ip_ranges: [],
+        ca_file: nil
       )
         @open_timeout = open_timeout
         @read_timeout = read_timeout
         @hash_header_name = hash_header_name
         @allow_private_ips = allow_private_ips
         @blocked_custom_ip_ranges = blocked_custom_ip_ranges || []
+        @ca_file = ca_file
       end
 
       def net_http_options
         {
           open_timeout: @open_timeout,
-          read_timeout: @read_timeout
-        }
+          read_timeout: @read_timeout,
+          ca_file: @ca_file
+        }.compact
       end
 
       def blocked_custom_ip_ranges
@@ -41,4 +44,4 @@ module ActionHook
 
     end
   end
-end
+end

data/lib/actionhook/version.rb

@@ -1,3 +1,3 @@
 module ActionHook
-  VERSION = "1.0.1"
+  VERSION = "1.0.2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: actionhook
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.2
 platform: ruby
 authors:
 - smsohan
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-04-12 00:00:00.000000000 Z
+date: 2021-07-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -50,6 +50,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - CODE_OF_CONDUCT.md
+- Dockerfile
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt
@@ -58,6 +59,7 @@ files:
 - actionhook.gemspec
 - bin/console
 - bin/setup
+- buildspec.yml
 - lib/actionhook.rb
 - lib/actionhook/core/configuration.rb
 - lib/actionhook/core/json_request.rb
@@ -89,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.2.22
 signing_key: 
 specification_version: 4
 summary: Drop-in library for sending webhooks