agile-proxy-jruby 0.1.25-jruby

data/lib/agile_proxy/handlers/proxy_handler.rb

@@ -0,0 +1,111 @@
+require 'agile_proxy/handlers/handler'
+require 'eventmachine'
+require 'em-synchrony/em-http'
+
+module AgileProxy
+  # = The handler used for proxying the request on to the original server
+  #
+  # This handler is responsible for proxying the request through to the original server and passing back its response
+  #
+  # It works as a rack end point as usual :-)
+  #
+  class ProxyHandler
+    include Handler
+
+    # The endpoint called by 'rack'
+    #
+    # Requests the response back from the destination server and passes it back to the client
+    #
+    # @param env [Hash] The rack environment hash
+    # @return [Array] The rack response array (status, headers, body)
+    def call(env)
+      request = ActionDispatch::Request.new(env)
+      method = request.request_method.downcase
+      body = request.body.read
+      request.body.rewind
+      url = request.url
+      if handles_request?(request)
+        req = EventMachine::HttpRequest.new(request.url,
+                                            inactivity_timeout: AgileProxy.config.proxied_request_inactivity_timeout,
+                                            connect_timeout: AgileProxy.config.proxied_request_connect_timeout
+        )
+
+        req = req.send(method.downcase, build_request_options(request.headers, body))
+
+        if req.error
+          return [500, {}, ["Request to #{request.url} failed with error: #{req.error}"]]
+        end
+
+        if req.response
+          response = process_response(req)
+
+          unless allowed_response_code?(response[:status])
+            AgileProxy.log(:warn, "agile-proxy: Received response status code #{response[:status]} for '#{url}'")
+          end
+
+          AgileProxy.log(:info, "agile-proxy: PROXY #{request.request_method} succeeded for '#{request.url}'")
+          return [response[:status], response[:headers], response[:content]]
+        end
+      end
+      [404, {}, ['Not proxied']]
+    end
+
+    private
+
+    def handles_request?(request)
+      !disabled_request?(request.url)
+    end
+
+    def build_request_options(headers, body)
+      headers = Hash[headers.map { |k, v| [k.downcase, v] }]
+      headers.delete('accept-encoding')
+
+      req_opts = {
+        redirects: 0,
+        keepalive: false,
+        head: headers,
+        ssl: { verify: false }
+      }
+      req_opts[:body] = body if body
+      req_opts
+    end
+
+    def process_response(req)
+      response = {
+        status: req.response_header.status,
+        headers: req.response_header.raw,
+        content: [req.response.force_encoding('BINARY')] }
+      response[:headers].merge!('Connection' => 'close')
+      response[:headers].delete('Transfer-Encoding')
+      response[:headers].merge!('Cache-Control' => 'max-age=3600')
+      response
+    end
+
+    def disabled_request?(url)
+      return false unless AgileProxy.config.non_whitelisted_requests_disabled
+
+      uri = URI(url)
+      # In isolated environments, you may want to stop the request from happening
+      # or else you get "getaddrinfo: Name or service not known" errors
+      blacklisted_path?(uri.path) || !whitelisted_url?(uri)
+    end
+
+    def allowed_response_code?(status)
+      successful_status?(status)
+    end
+
+    def whitelisted_url?(url)
+      !AgileProxy.config.whitelist.index do |v|
+        v =~ /^#{url.host}(?::#{url.port})?$/
+      end.nil?
+    end
+
+    def blacklisted_path?(path)
+      !AgileProxy.config.path_blacklist.index { |bl| path.include?(bl) }.nil?
+    end
+
+    def successful_status?(status)
+      (200..299).include?(status) || status == 304
+    end
+  end
+end

data/lib/agile_proxy/handlers/request_handler.rb

@@ -0,0 +1,75 @@
+require 'agile_proxy/model/application'
+require 'agile_proxy/model/recording'
+require 'rack'
+require 'forwardable'
+require 'agile_proxy/rack/get_only_cache'
+module AgileProxy
+  #
+  # =The Central Request Handler
+  #
+  # As a request is made from the client to the server via the proxy server, it comes through an instance of this class.
+  #
+  # This class will then pass the request on to the StubHandler, then finally the ProxyHandler
+  class RequestHandler
+    extend Forwardable
+    include Handler
+
+    def_delegators :stub_handler, :stub
+
+    def initialize(options = {})
+      @options = options
+    end
+    # A rack endpoint
+    #
+    # This method is called as a rack endpoint and returns a rack response.
+    #
+    # @param env [Hash] The 'rack' environment
+    # @return [Array] The rack response (status, headers, content)
+    def call(env)
+      request = ActionDispatch::Request.new(env)
+      username, password = username_password env
+      application = Application.where(username: username, password: password).first
+      body = request.body.read
+      request.body.rewind
+      rack_response = rack_app.call(env)
+      if rack_response[0] == 404
+        rack_response = [
+          500,
+          {},
+          "Connection to #{request.url}#{body} not stubbed and new http connections are disabled"
+        ]
+      end
+      request_spec = env['agile_proxy.request_spec']
+      exclude_headers = ['@env', 'rack.errors', 'rack.logger']
+      if application.record_requests || (request_spec && request_spec.record_requests)
+        application.recordings.create request_headers: request.headers.reject {|key, value| exclude_headers.include?(key)},
+                                      request_body: body,
+                                      request_url: request.url,
+                                      request_method: request.request_method,
+                                      response_headers: rack_response[1],
+                                      response_body: rack_response[2],
+                                      response_status: rack_response[0],
+                                      request_spec_id: request_spec ? request_spec.id : nil
+      end
+      rack_response
+    end
+
+    private
+
+    def rack_app
+      stub_handler = stub_handler_app
+      proxy_handler = proxy_handler_app
+      options = @options
+      @__app ||= ::Rack::Builder.new do
+        use Rack::GetOnlyCache if options[:enable_cache]
+        run ::Rack::Cascade.new([stub_handler, proxy_handler])
+      end
+    end
+    def stub_handler_app
+      @_stub_handler_app ||= StubHandler.new
+    end
+    def proxy_handler_app
+      @_proxy_handler_app ||= ProxyHandler.new
+    end
+  end
+end

data/lib/agile_proxy/handlers/stub_handler.rb

@@ -0,0 +1,146 @@
+require 'agile_proxy/handlers/handler'
+require 'agile_proxy/model/request_spec'
+require 'agile_proxy/router'
+require 'agile_proxy/model/application'
+require 'action_dispatch'
+require 'base64'
+module AgileProxy
+  # = The stub handler
+  #
+  # This class is resonsible for matching incoming requests
+  # with a stub (request spec) and if one exists, respond with it
+  # rather than the real response from the destination server.
+  class StubHandler
+    include Handler
+
+    # Called by 'rack' as an endpoint.
+    #
+    # Fetches a 'short list' of potential matching request specs and builds a routing table to allow
+    # a router to do the hard work of parsing parameters, matching them, matching URL's etc...
+    #
+    # @param env [Hash] The rack environment
+    # @return [Array] The rack response [status, headers, body]
+    def call(env)
+      request = ActionDispatch::Request.new(env)
+      username, password = username_password env
+      @route_set = ActionDispatch::Routing::RouteSet.new
+
+      my_short_list = short_list(username, password, request.request_method, request.url).all.to_a.reverse
+      headers = downcased_headers(env)
+      body = request.body.read
+      request.body.rewind
+      setup_router my_short_list, request, headers, body
+      rack_app.call(env)
+    end
+
+    private
+
+    def setup_router(my_short_list, request, headers, body)
+      me = self
+      @route_set.draw do
+        route_set_instance = self
+        me.instance_eval do
+          my_short_list.each(&add_to_router(request, headers, body, route_set_instance))
+        end
+      end
+    end
+
+    def add_to_router(request, headers, body, route_set)
+      # This needs a bit of explaining as the router did not quite behave as expected.
+      # This proc calls route definition methods such as get, post etc.. with the path and handler
+      # the handler being an inline proc.
+      # But, we also pass a constraints handler
+      # After constraints are handled though, the 'action_dispatch.request.parameters' are deleted
+      # from the env, so our handler preserves them in agile_proxy.parameters.
+      # A bit weird, but it works reliably.
+      proc do |spec|
+        path = URI.parse(spec.url).path
+        path = '/' if path == ''
+        method = spec.http_method.downcase.to_sym
+        method = :get if method == :head
+        route_spec = {
+          path => proc do |router_env|
+            AgileProxy.log(:info, "agile-proxy: STUB #{method} for '#{request.url}'")
+            router_env['agile_proxy.request_spec'] = spec
+            spec.call(HashWithIndifferentAccess.new(router_env['action_dispatch.request.path_parameters'].merge(router_env['action_dispatch.request.query_parameters']).merge(router_env['action_dispatch.request.request_parameters'])), headers, body)
+          end
+        }
+        route_spec[:constraints] = ->(request) {
+          ret_value = spec.conditions_json.all? do |k, v|
+            request.params.key?(k) && request.params[k] == v
+          end
+          ret_value
+        }
+        route_set.send method, route_spec
+      end
+    end
+
+    def collection(username, password)
+      #An empty string and NULL are the same thing here.  The UI has no way of sending NULL when creating an application
+      if (username.nil? && password.nil?)
+        Application.where('(username = ? OR username IS NULL) AND (password = ? OR password IS NULL)', '', '').first.request_specs
+      else
+        Application.where(username: username, password: password).first.request_specs
+      end
+    end
+
+    def short_list(username, password, _method, url)
+      parsed_url = URI.parse(url)
+      parsed_url.path = ''
+      parsed_url.query = nil
+      parsed_url.fragment = nil
+      # @TODO This is being lazy - the ruby code will do all the finding work.
+      # This has to change as we go towards mutli user and larger data sets
+      collection(username, password).where('url LIKE ?', "#{parsed_url}%")
+    end
+
+    def rack_app
+      route_set = @route_set
+      text_handler = plain_text_handler
+      ::Rack::Builder.new do
+        use ActionDispatch::ParamsParser, Mime::TEXT => text_handler
+        use MergePostAndGetParams
+        use ::Rack::ContentLength
+        run route_set
+      end
+    end
+
+    def plain_text_handler
+      proc do |raw_post|
+        data_as_array = raw_post.split("\n").map do |line|
+          arr = line.split('=')
+          arr << nil if arr.length == 1
+          arr
+        end.flatten
+        data = Hash[*data_as_array]
+        ActionDispatch::Request::Utils.deep_munge(data).with_indifferent_access
+      end
+    end
+  end
+  #
+  # @private
+  # A rack middleware to merge post and get parameters ready for routing
+  class MergePostAndGetParams
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      request = ActionDispatch::Request.new(env)
+      request.params  #Might seem odd, but action dispatch request is a bit naughty and adds the appropriate
+                      # bits to ENV during access to this getter when used for the first time
+      env['action_dispatch.request.parameters'].merge!(
+          env['action_dispatch.request.request_parameters']
+      ) unless request.content_length.zero?
+      @app.call(env)
+    end
+  end
+end
+module ActionDispatch
+  module Routing
+    # Extension to action dispatch to ensure all request parameters are collected not just GET
+    class RouteSet
+      PARAMETERS_KEY = 'action_dispatch.request.parameters'
+    end
+  end
+end

data/lib/agile_proxy/mitm.crt

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDojCCAooCCQCYeVsjl+UFxzANBgkqhkiG9w0BAQUFADCBkjELMAkGA1UEBhMC
+VVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MSEwHwYDVQQK
+ExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFjAUBgNVBAMTDVB1ZmZpbmcgQmls
+bHkxIzAhBgkqhkiG9w0BCQEWFG9sbHkuc21pdGhAZ21haWwuY29tMB4XDTEyMTAw
+MjA2NDIxMVoXDTEzMTAwMjA2NDIxMVowgZIxCzAJBgNVBAYTAlVTMQswCQYDVQQI
+EwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEhMB8GA1UEChMYSW50ZXJuZXQg
+V2lkZ2l0cyBQdHkgTHRkMRYwFAYDVQQDEw1QdWZmaW5nIEJpbGx5MSMwIQYJKoZI
+hvcNAQkBFhRvbGx5LnNtaXRoQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALW7WQIIGCgUk28x1eIV0+VDG6SZV8dosJPU3WM4zLT0KLsv
+2+5KNO373KyXhIDQqkv+4+1myVYj5wkvDSFMLYvBTNmypS7Xh6+wyKjQQ5wupXoB
+BNrJw5CbfUX9Kwq31H6aO1ItWZ6QHjW4dpE3AOu7ohwwyyL2Q0QkzTeP5b6SofbV
+9y1DpeH5L2an84LIjm1XrNbswY0p0CDT7TTsmYoXnw0MD5I73rT4arOOKWdVrD/G
+lbvfcZN6c+nN713tGI9XfM5cQEXUsbSY4NKuF+jn7B2tsx+QRVwUyMwS8ZVpDt5q
+DMBwROskWTMLKxeuxxpmjFWHlLuBlJ0M/rKII98CAwEAATANBgkqhkiG9w0BAQUF
+AAOCAQEAMkhR7JDQKcYDy5Yb80cPIjw5kaEfTb+/Vh6DLLEtwEVIc2PcIvXCBZRo
+79Esa42BaNEaWPxRVAs0Doubh4IdGk9qp9a/71gqhi3iNe//depX5VLf1+5LnQtV
+BbFruXUkzOF4kykm5Fcf9yQ9W951d0qaT6K9LefSsaoMrQjgKCeFAcIOXjqHyWns
+KAO34C1kzAFemMY20RcgZf9/+09Zs/ZiDBeoWTc+juaa9zCgvg/1FKHqsA/iLg6/
+VcdOquI9fJ5hRTZFkPoFLpxf2O1H3IpyNXmpcJDFvKfh7wIcHkLWIg5BFXc2S4+v
+bNFEKqipZH+D9++jXGyumxA8VoZOOA==
+-----END CERTIFICATE-----

data/lib/agile_proxy/mitm.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAtbtZAggYKBSTbzHV4hXT5UMbpJlXx2iwk9TdYzjMtPQouy/b
+7ko07fvcrJeEgNCqS/7j7WbJViPnCS8NIUwti8FM2bKlLteHr7DIqNBDnC6legEE
+2snDkJt9Rf0rCrfUfpo7Ui1ZnpAeNbh2kTcA67uiHDDLIvZDRCTNN4/lvpKh9tX3
+LUOl4fkvZqfzgsiObVes1uzBjSnQINPtNOyZihefDQwPkjvetPhqs44pZ1WsP8aV
+u99xk3pz6c3vXe0Yj1d8zlxARdSxtJjg0q4X6OfsHa2zH5BFXBTIzBLxlWkO3moM
+wHBE6yRZMwsrF67HGmaMVYeUu4GUnQz+sogj3wIDAQABAoIBAEM8cF7vDbjue+m8
+32wJNV9yJ60LSs2tLv9S1yHZpusgFl3DBDSyYcjW0TtNx6k9CnSZdkykJcNn/xeH
+v+zc2VEGkF9O2Axvk3TuDB9hBlKnc3OjIt+rnF5JGN0nIKCTiNvaRi5ONwUSPwsT
+F1L8rauJvR1+8/kYcaSplP+EjrSlvaKtUPNKfB8V6IktVLHiBUFs7nWoOGSaEB4/
+8jlji4s8xzVammTRg175mhOkgqdI+cWfXnn8PhOJZ2XjZz5eFOWxdvNldBbsm9Yc
+g3URB9FpOPMY8DvgZNrAYp6/7C9ACecAIZAnDK0/aQOa95UeeCEbmAv59F2OqOc2
+35HUSrkCgYEA55e+o7pxUY7YPVopBz27JWANk/zwMN1ZgDlR87Q0ENmrjOB8kPmz
+02SHuVoXMPj/SD/S4J1NY2o7u5ofSpxUsdofCETsCeCbqhshRLqCu7yCjGagHknY
+M4dJdRoFPN03gy+qHB7EKT0U89lvwRsjShc8h56wXsRHP6qM2uVgGyUCgYEAyOJh
+ZPKBa0WVG9NxFS4Ej7CDpmWA415PyCrTK9cA2LCA0sWXHAhJ9guUx4zlqwLkfYBr
+mmobAKjllFOUiECFLs49Oy/vD9Kw/ga9KO6eU9E/j9XHLVYupkPEVWeM7jzaQBul
+CvMcPGgXX/84Xgtjjim8RuAPIgmRHSDfqRFUtbMCgYEAmQwxEiZuKMXLpY/luUFU
+Yfi+QGRRnxlIwnIe9HzMQ651rl3UNEKwUi0HfLhKxzRmECsNgx6xO9fCrdHGiBoT
+5o0NIPvbORPUC3BuZesT5llHtN1FR37pf/QR2W9essBGpU1kj7zNSatyI0w4jFcQ
+1S/R8pYuXBI+O5bMCwS2pHkCgYBqFKG53RXav/PtrcqZlKNz/ZKH3DIj3zniSjsZ
+e4BG7W4Z353cf8QO2i7G8fCWTgC7BYXNFRsNTiNuIHTfPrMV9HMBPl7PzEMK4iQh
+6WBSgr0+B3YWytv3kPGs5/HUHO5jzDVrgtX2UEGHwA7UGs+H0yJJiyhyoPqwlxuE
+/FHvYQKBgEJaI/DaSpxJotq56lBHzTte1icbD8IFXMlbmWyIFxONWxlz98tQ2ypp
+WhMGIzMsFE1X+P8vRbc865t36UMpucjRuAJ3MTeeCa60EghmdfajzA2ZWh/MnEyA
+yvTr72g5gj5Yi/Zbiy1xeTo3UeaBxiCi8xyWAGodYg8891UVKqJu
+-----END RSA PRIVATE KEY-----

data/lib/agile_proxy/model/application.rb

@@ -0,0 +1,20 @@
+require_relative 'user'
+require_relative 'recording'
+module AgileProxy
+  #
+  # = The Application Model
+  #
+  # The application model is responsible for storing and retrieving information about the application
+  # that the application under test / development is using.
+  #
+  # This is found using the username and password, therefore, a username and password must be globally unique.
+  #
+  # The reason for doing it this way is because we can only pass username and password in the URL for the proxy server
+  #
+  class Application < ActiveRecord::Base
+    belongs_to :user
+    has_many :request_specs, :dependent => :destroy
+    has_many :recordings, :dependent => :delete_all
+    validates_uniqueness_of :password, scope: :username
+  end
+end

data/lib/agile_proxy/model/recording.rb

@@ -0,0 +1,17 @@
+require_relative 'application'
+require 'active_record'
+module AgileProxy
+  #
+  # = The recording model
+  #
+  # When an application is set to allow recording, every HTTP(s) request/response cycle coming through the proxy
+  # will create an instance of this model and persist it to the database.
+  #
+  # An API is then available to access this data via REST for the UI or test suite etc...
+  #
+  class Recording < ActiveRecord::Base
+    belongs_to :application
+    serialize :request_headers, JSON
+    serialize :response_headers, JSON
+  end
+end

data/lib/agile_proxy/model/request_spec.rb

@@ -0,0 +1,48 @@
+require_relative 'application'
+require_relative 'user'
+require_relative 'response'
+module AgileProxy
+  #
+  # = The Request Spec model
+  # The request spec is an input/output specification that incoming HTTP(s) requests are matched against.
+  #
+  # It uses the action dispatch router to do this matching,
+  # which is fed data from the database as it's input - i.e. its routing
+  # table is generated on the fly.
+  #
+  # This model is responsible not only for retrieving and persisting these
+  # request specifications, but also for creating the response
+  #
+  class RequestSpec < ActiveRecord::Base
+    belongs_to :application
+    belongs_to :user
+    belongs_to :response, :dependent => :destroy
+    accepts_nested_attributes_for :response
+    validates_inclusion_of :url_type, in: %w(url regex)
+    validates_presence_of :application_id
+    def initialize(attrs = {})
+      attrs[:http_method] = attrs.delete(:method) if attrs.key?(:method)
+      super
+    end
+    # The conditions are at present, stored as a JSON string.  This is editable as a string in the UI, and therefore
+    # accessible using 'conditions' as normal.
+    # This method returns a JSON decoded version of this as a HASH
+    # @return [Hash] decoded conditions
+    def conditions_json
+      ActiveSupport::JSON.decode(conditions).with_indifferent_access
+    end
+    # This method's output is a 'rack' response, but its input is not.
+    # When the router has determined that this request spec is the one that is going to be sent to the client,
+    # it will call this method with the request's parameters, headers and body.
+    #
+    # if no response has been specified, an empty body will be returned,
+    # otherwise a 'rack' version of the response is returned
+    # @param params [Hash] the request parameters
+    # @param headers [Hash] The request headers
+    # @param body [String] The request body
+    # @return [Array] The rack response
+    def call(params, headers, body)
+      response.nil? ? [204, { 'Content-Type' => 'text/plain'}, ''] : response.to_rack(params, headers, body)
+    end
+  end
+end