api_valve 0.3.0 → 0.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/api_valve/cascade.rb +1 -1
- data/lib/api_valve/error_responder.rb +2 -0
- data/lib/api_valve/forwarder/permission_handler.rb +2 -2
- data/lib/api_valve/forwarder/request.rb +4 -4
- data/lib/api_valve/forwarder/response.rb +1 -0
- data/lib/api_valve/forwarder.rb +2 -1
- data/lib/api_valve/middleware/logging.rb +6 -0
- data/lib/api_valve/proxy.rb +2 -0
- data/lib/api_valve/router.rb +2 -0
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6e02e6ea22e34fe53e6b776abc3844b1581ea0ca12eade5f6ee5f857a6bb779d
|
4
|
+
data.tar.gz: 846954dd57564d157906ca5956a9ec43fa9ad9ecc750aac4dcddcb536c7ad9d1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ff191c95817ae0d9e335131afe42a5163224c69400e055596ff419f9d93404c0e82da26fe296ddc1d2fe4adb49d79bd8541e0108a16a0e87a13a9d710ee84cc5
|
7
|
+
data.tar.gz: c8436b6a7402b1fab1831a38f2b1662d6eddcfefe46b44a5e487b0c8d382174eaea88fea153eda252a1c89655d3f8ade2be0b92a906359b573588a12b44649fc
|
data/lib/api_valve/cascade.rb
CHANGED
@@ -17,6 +17,7 @@ module ApiValve
|
|
17
17
|
def status
|
18
18
|
status = @error.try(:http_status)
|
19
19
|
return status if status&.is_a?(Integer)
|
20
|
+
|
20
21
|
Rack::Utils::SYMBOL_TO_STATUS_CODE[status] || 500
|
21
22
|
end
|
22
23
|
|
@@ -41,6 +42,7 @@ module ApiValve
|
|
41
42
|
def json_detail
|
42
43
|
return if json_title == @error.message
|
43
44
|
return if @error.message == @error.class.name
|
45
|
+
|
44
46
|
@error.message
|
45
47
|
end
|
46
48
|
|
@@ -33,9 +33,9 @@ module ApiValve
|
|
33
33
|
@options = options
|
34
34
|
end
|
35
35
|
|
36
|
-
#
|
36
|
+
# Run permission checks
|
37
37
|
# Simple implementation is always true. Override in your implementation.
|
38
|
-
#
|
38
|
+
# For example raise ApiValve::Error::Forbidden in certain conditions
|
39
39
|
def check_permissions!
|
40
40
|
true
|
41
41
|
end
|
@@ -25,10 +25,8 @@ module ApiValve
|
|
25
25
|
@options = options.with_indifferent_access
|
26
26
|
end
|
27
27
|
|
28
|
-
#
|
29
|
-
|
30
|
-
permission_handler.check_permissions!
|
31
|
-
end
|
28
|
+
# Called by forwarder before actual request is executed
|
29
|
+
delegate :check_permissions!, to: :permission_handler
|
32
30
|
|
33
31
|
# HTTP method to use when forwarding. Must return sym.
|
34
32
|
# Returns original request method
|
@@ -62,6 +60,7 @@ module ApiValve
|
|
62
60
|
# Override to control the payload that is passed through
|
63
61
|
def body
|
64
62
|
return unless %i(put post patch).include? method
|
63
|
+
|
65
64
|
original_request.body.read
|
66
65
|
end
|
67
66
|
|
@@ -69,6 +68,7 @@ module ApiValve
|
|
69
68
|
# Override to control the query parameters that can be passed through
|
70
69
|
def url_params
|
71
70
|
return unless original_request.query_string.present?
|
71
|
+
|
72
72
|
@url_params ||= Rack::Utils.parse_nested_query(original_request.query_string)
|
73
73
|
end
|
74
74
|
|
data/lib/api_valve/forwarder.rb
CHANGED
@@ -16,7 +16,8 @@ module ApiValve
|
|
16
16
|
def initialize(options = {})
|
17
17
|
@options = options.with_indifferent_access
|
18
18
|
uri = URI(options[:endpoint])
|
19
|
-
|
19
|
+
# Target prefix must be without trailing slash
|
20
|
+
@target_prefix = uri.path.gsub(%r{/$}, '')
|
20
21
|
end
|
21
22
|
|
22
23
|
# Takes the original rack request with optional options and returns a rack response
|
@@ -52,6 +52,7 @@ module ApiValve::Middleware
|
|
52
52
|
|
53
53
|
def log_url_params
|
54
54
|
return unless env['QUERY_STRING'].present?
|
55
|
+
|
55
56
|
logger.info URL_PARAMS % Rack::Utils.parse_nested_query(env['QUERY_STRING']).inspect
|
56
57
|
end
|
57
58
|
|
@@ -60,25 +61,30 @@ module ApiValve::Middleware
|
|
60
61
|
env.each_pair do |k, v|
|
61
62
|
next unless k =~ /^HTTP_/ && v.present?
|
62
63
|
next if v.blank? || (!k.start_with?('HTTP_') && !NON_STANDARD_REQUEST_HEADERS.include?(k))
|
64
|
+
|
63
65
|
headers[k] = v
|
64
66
|
end
|
65
67
|
return if headers.empty?
|
68
|
+
|
66
69
|
logger.debug REQUEST_HEADERS % headers
|
67
70
|
end
|
68
71
|
|
69
72
|
def log_request_payload
|
70
73
|
return unless %w(PATCH POST PUT).include? env['REQUEST_METHOD']
|
74
|
+
|
71
75
|
logger.debug REQUEST_PAYLOAD % env['rack.input'].read(1000)
|
72
76
|
env['rack.input'].rewind
|
73
77
|
end
|
74
78
|
|
75
79
|
def log_response_headers
|
76
80
|
return if response_headers&.empty?
|
81
|
+
|
77
82
|
logger.debug RESPONSE_HEADERS % response_headers.inspect
|
78
83
|
end
|
79
84
|
|
80
85
|
def log_response_payload
|
81
86
|
return if response_payload&.empty?
|
87
|
+
|
82
88
|
logger.debug RESPONSE_PAYLOAD % response_payload.first(config_log_body_size)
|
83
89
|
end
|
84
90
|
|
data/lib/api_valve/proxy.rb
CHANGED
@@ -16,6 +16,7 @@ module ApiValve
|
|
16
16
|
file_name ||= name.underscore
|
17
17
|
path = find_config(file_name)
|
18
18
|
raise "Config not found for #{name.underscore}(.yml|.yml.erb) in #{ApiValve.config_paths.inspect}" unless path
|
19
|
+
|
19
20
|
yaml = File.read(path)
|
20
21
|
yaml = ERB.new(yaml, nil, '-').result if path.fnmatch? '*.erb'
|
21
22
|
from_yaml yaml
|
@@ -37,6 +38,7 @@ module ApiValve
|
|
37
38
|
ApiValve.config_paths.each do |dir|
|
38
39
|
path = dir.join("#{file_name}.yml")
|
39
40
|
return path if path.exist?
|
41
|
+
|
40
42
|
path = dir.join("#{file_name}.yml.erb")
|
41
43
|
return path if path.exist?
|
42
44
|
end
|
data/lib/api_valve/router.rb
CHANGED
@@ -7,6 +7,7 @@ module ApiValve
|
|
7
7
|
|
8
8
|
def match(path_info)
|
9
9
|
return {} if regexp.nil? # return empty 'match data' on catch all
|
10
|
+
|
10
11
|
regexp.match(path_info)
|
11
12
|
end
|
12
13
|
end
|
@@ -63,6 +64,7 @@ module ApiValve
|
|
63
64
|
# For security reasons do not allow URLs that could break out of the proxy namespace on the
|
64
65
|
# server. Preferably an nxing/apache rewrite will kill these URLs before they hit us
|
65
66
|
raise 'URL not supported' if request.path_info.include?('/../')
|
67
|
+
|
66
68
|
@routes && @routes[request.request_method.downcase.to_sym].each do |route|
|
67
69
|
if match_data = route.match(request.path_info)
|
68
70
|
return route.call request, match_data
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: api_valve
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- mkon
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-09-
|
11
|
+
date: 2018-09-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -120,14 +120,14 @@ dependencies:
|
|
120
120
|
requirements:
|
121
121
|
- - '='
|
122
122
|
- !ruby/object:Gem::Version
|
123
|
-
version: 0.
|
123
|
+
version: 0.59.1
|
124
124
|
type: :development
|
125
125
|
prerelease: false
|
126
126
|
version_requirements: !ruby/object:Gem::Requirement
|
127
127
|
requirements:
|
128
128
|
- - '='
|
129
129
|
- !ruby/object:Gem::Version
|
130
|
-
version: 0.
|
130
|
+
version: 0.59.1
|
131
131
|
- !ruby/object:Gem::Dependency
|
132
132
|
name: rubocop-rspec
|
133
133
|
requirement: !ruby/object:Gem::Requirement
|