apill 3.1.3 → 4.0.0

data/lib/apill.rb

@@ -1,13 +1,13 @@
 require 'apill/version'
 
 require 'apill/configuration'
-require 'apill/matchers/accept_header_matcher'
-require 'apill/matchers/subdomain_matcher'
-require 'apill/matchers/version_matcher'
+require 'apill/matchers/accept_header'
+require 'apill/matchers/subdomain'
+require 'apill/matchers/version'
 require 'apill/resource'
 require 'apill/serializers/json_api'
 
 require 'apill/middleware/api_request'
 
-require 'apill/responses/invalid_api_request_response'
-require 'apill/responses/invalid_subdomain_response'
+require 'apill/responses/invalid_api_request'
+require 'apill/responses/invalid_subdomain'

data/spec/apill/accept_header_spec.rb

@@ -1,4 +1,4 @@
-require 'rspectacular'
+require 'spec_helper'
 require 'apill/accept_header'
 
 module    Apill

data/spec/apill/errors/{invalid_api_request_error_spec.rb → invalid_api_request_spec.rb}

@@ -1,17 +1,17 @@
-require 'rspectacular'
-require 'apill/errors/invalid_api_request_error'
+require 'spec_helper'
+require 'apill/errors/invalid_api_request'
 
 module    Apill
 module    Errors
-describe  InvalidApiRequestError do
-  let(:error) { InvalidApiRequestError.new }
+describe  InvalidApiRequest do
+  let(:error) { InvalidApiRequest.new }
 
   it 'has a status of 400' do
     expect(error.http_status).to eql 400
   end
 
   it 'has a code' do
-    expect(error.code).to eql 'errors.invalid_api_request_error'
+    expect(error.code).to eql 'errors.invalid_api_request'
   end
 
   it 'can output the detail' do
@@ -21,7 +21,7 @@ describe  InvalidApiRequestError do
   end
 
   it 'can output the source' do
-    error = InvalidApiRequestError.new accept_header: 'foo'
+    error = InvalidApiRequest.new accept_header: 'foo'
 
     expect(error.source).to eql(accept_header: 'foo')
   end

data/spec/apill/errors/{invalid_subdomain_error_spec.rb → invalid_subdomain_spec.rb}

@@ -1,17 +1,17 @@
-require 'rspectacular'
-require 'apill/errors/invalid_subdomain_error'
+require 'spec_helper'
+require 'apill/errors/invalid_subdomain'
 
 module    Apill
 module    Errors
-describe  InvalidSubdomainError do
-  let(:error) { InvalidSubdomainError.new }
+describe  InvalidSubdomain do
+  let(:error) { InvalidSubdomain.new }
 
   it 'has a status of 404' do
     expect(error.http_status).to eql 404
   end
 
   it 'has a code' do
-    expect(error.code).to eql 'errors.invalid_subdomain_error'
+    expect(error.code).to eql 'errors.invalid_subdomain'
   end
 
   it 'can output the detail' do
@@ -21,7 +21,7 @@ describe  InvalidSubdomainError do
   end
 
   it 'can output the source' do
-    error = InvalidSubdomainError.new http_host: 'foo'
+    error = InvalidSubdomain.new http_host: 'foo'
 
     expect(error.source).to eql(http_host: 'foo')
   end

data/spec/apill/errors/invalid_token_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+require 'apill/errors/invalid_token'
+
+module    Apill
+module    Errors
+describe  InvalidToken do
+  let(:error) { InvalidToken.new }
+
+  it 'has a status of 401' do
+    expect(error.http_status).to eql 401
+  end
+
+  it 'has a code' do
+    expect(error.code).to eql 'errors.invalid_token'
+  end
+
+  it 'can output the detail' do
+    expect(error.detail).to eql \
+      'Either the token you passed is invalid or is not allowed to perform this action.'
+  end
+end
+end
+end

data/spec/apill/{invalid_subdomain_response_spec.rb → invalid_subdomain_spec.rb}

@@ -1,21 +1,21 @@
-require 'rspectacular'
-require 'apill/responses/invalid_subdomain_response'
+require 'spec_helper'
+require 'apill/responses/invalid_subdomain'
 
 module    Apill
 module    Responses
-describe  InvalidSubdomainResponse, singletons: HumanError::Configuration do
+describe  InvalidSubdomain, singletons: HumanError::Configuration do
   it 'returns the proper response' do
     HumanError.configuration.url_mappings = {
       'external_documentation_urls'  => {
-        'errors.invalid_subdomain_response' => 'http://example.com/foo',
+        'errors.responses.invalid_subdomain' => 'http://example.com/foo',
       },
       'developer_documentation_urls' => {
-        'errors.invalid_subdomain_response' => 'http://example.com/foo',
+        'errors.responses.invalid_subdomain' => 'http://example.com/foo',
       },
     }
 
     request                   = { 'HTTP_HOST' => 'api.example.com' }
-    status, headers, response = InvalidSubdomainResponse.call(request)
+    status, headers, response = InvalidSubdomain.call(request)
 
     expect(status).to                 eql 404
     expect(headers).to                eql({})
@@ -28,7 +28,7 @@ describe  InvalidSubdomainResponse, singletons: HumanError::Configuration do
             'documentation' => nil,
           },
           'status' => 404,
-          'code'   => 'errors.invalid_subdomain_error',
+          'code'   => 'errors.invalid_subdomain',
           'title'  => 'Invalid Subdomain',
           'detail' => 'The resource you attempted to access is either not authorized ' \
                       'for the authenticated user or does not exist.',

data/spec/apill/invalid_token_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+require 'apill/responses/invalid_token'
+
+module    Apill
+module    Responses
+describe  InvalidToken, singletons: HumanError::Configuration do
+  it 'returns the proper response' do
+    HumanError.configuration.url_mappings = {
+      'external_documentation_urls'  => {
+        'errors.responses.invalid_token' => 'http://example.com/foo',
+      },
+      'developer_documentation_urls' => {
+        'errors.responses.invalid_token' => 'http://example.com/foo',
+      },
+    }
+
+    request                   = { 'HTTP_HOST' => 'api.example.com' }
+    status, headers, response = InvalidToken.call(request)
+
+    expect(status).to                 eql 401
+    expect(headers).to                eql({})
+    expect(JSON.load(response[0])).to include(
+      'errors'              => [
+        include(
+          'id'     => match(/[a-f0-9\-]+/),
+          'links'  => {
+            'about'         => nil,
+            'documentation' => nil,
+          },
+          'status' => 401,
+          'code'   => 'errors.invalid_token',
+          'title'  => 'Invalid or Unauthorized Token',
+          'detail' => 'Either the token you passed is invalid or is not allowed to ' \
+                      'perform this action.',
+          'source' => {},
+        ),
+      ],
+    )
+  end
+end
+end
+end

data/spec/apill/matchers/{accept_header_matcher_spec.rb → accept_header_spec.rb}

@@ -1,58 +1,63 @@
-require 'rspectacular'
-require 'apill/matchers/accept_header_matcher'
+require 'spec_helper'
+require 'apill/requests/base'
+require 'apill/matchers/accept_header'
 
 module    Apill
 module    Matchers
-describe  AcceptHeaderMatcher do
+describe  AcceptHeader do
   it 'matches if the subdomain is API and the accept header is valid' do
-    request = {
+    env = {
       'HTTP_ACCEPT'             => 'application/vnd.matrix+zion;version=1.0.0',
       'HTTP_X_APPLICATION_NAME' => 'matrix',
     }
+    request = Requests::Base.resolve(env)
 
-    matcher = AcceptHeaderMatcher.new
+    matcher = AcceptHeader.new(request: request)
 
-    expect(matcher.matches?(request)).to be_a TrueClass
+    expect(matcher).to be_matches
   end
 
   it 'matches if the subdomain is API and the accept header is passed in as ' \
      'a parameter' do
 
-    request = {
+    env = {
       'QUERY_STRING'            => 'accept=application/vnd.matrix+zion;version=1.0.0',
       'HTTP_X_APPLICATION_NAME' => 'matrix',
     }
+    request = Requests::Base.resolve(env)
 
-    matcher = AcceptHeaderMatcher.new
+    matcher = AcceptHeader.new(request: request)
 
-    expect(matcher.matches?(request)).to be_a TrueClass
+    expect(matcher).to be_matches
   end
 
   it 'matches if the subdomain is API and the accept header is passed in as a ' \
      'secondary parameter' do
 
-    request = {
+    env = {
       'QUERY_STRING'            => 'first=my_param&accept=application/vnd.matrix+zion;' \
                                    'version=1.0.0',
       'HTTP_X_APPLICATION_NAME' => 'matrix',
     }
+    request = Requests::Base.resolve(env)
 
-    matcher = AcceptHeaderMatcher.new
+    matcher = AcceptHeader.new(request: request)
 
-    expect(matcher.matches?(request)).to be_a TrueClass
+    expect(matcher).to be_matches
   end
 
   it 'matches the header accept header if the subdomain is API and the accept header ' \
      'is passed both as a valid header and as a parameter' do
 
-    request = {
+    env = {
       'HTTP_ACCEPT'             => 'application/vnd.matrix+zion;version=1.0.0',
       'QUERY_STRING'            => 'accept=application/vnd.matrix+zion;version=2.0.0',
       'HTTP_X_APPLICATION_NAME' => 'matrix',
     }
+    request = Requests::Base.resolve(env)
 
-    matcher = AcceptHeaderMatcher.new
-    matcher.matches?(request)
+    matcher = AcceptHeader.new(request: request)
+    matcher.matches?
 
     expect(matcher.accept_header.version).to eql '1.0.0'
   end
@@ -60,14 +65,15 @@ describe  AcceptHeaderMatcher do
   it 'matches the accept header parameter if the subdomain is API and the accept ' \
      'header is passed both as an invalid header as well as as a parameter' do
 
-    request = {
+    env = {
       'HTTP_ACCEPT'             => 'application/vndmatrix+zion;version=1.0.0',
       'QUERY_STRING'            => 'accept=application/vnd.matrix+zion;version=2.0.0',
       'HTTP_X_APPLICATION_NAME' => 'matrix',
     }
+    request = Requests::Base.resolve(env)
 
-    matcher = AcceptHeaderMatcher.new
-    matcher.matches?(request)
+    matcher = AcceptHeader.new(request: request)
+    matcher.matches?
 
     expect(matcher.accept_header.version).to eql '2.0.0'
   end
@@ -75,29 +81,31 @@ describe  AcceptHeaderMatcher do
   it 'matches the accept header parameter if the subdomain is API and the accept ' \
      'header is passed both as an invalid header as well as as a parameter' do
 
-    request = {
+    env = {
       'HTTP_ACCEPT'             => 'application/vndmatrix+zion;version=1.0.0',
       'QUERY_STRING'            => '',
       'HTTP_X_APPLICATION_NAME' => 'matrix',
     }
+    request = Requests::Base.resolve(env)
 
-    matcher = AcceptHeaderMatcher.new
-    matcher.matches?(request)
+    matcher = AcceptHeader.new(request: request)
+    matcher.matches?
 
     expect(matcher.accept_header.raw_accept_header).to eql \
       'application/vndmatrix+zion;version=1.0.0'
   end
 
   it 'does not match if the subdomain is API but the accept header is invalid' do
-    request = {
+    env = {
       'HTTP_ACCEPT'             => 'application/vndmatrix+zion;version=1.0.0',
       'QUERY_STRING'            => '',
       'HTTP_X_APPLICATION_NAME' => 'matrix',
     }
+    request = Requests::Base.resolve(env)
 
-    matcher = AcceptHeaderMatcher.new
+    matcher = AcceptHeader.new(request: request)
 
-    expect(matcher.matches?(request)).to be_a FalseClass
+    expect(matcher).not_to be_matches
   end
 end
 end

data/spec/apill/matchers/subdomain_spec.rb

@@ -0,0 +1,81 @@
+require 'spec_helper'
+require 'apill/requests/base'
+require 'apill/matchers/subdomain'
+require 'apill/configuration'
+
+module    Apill
+module    Matchers
+describe  Subdomain do
+  before(:each) do
+    Apill.configuration.allowed_subdomains     = %w{api}
+    Apill.configuration.allowed_api_subdomains = %w{api}
+  end
+
+  it 'matches if the subdomain is API' do
+    env     = { 'HTTP_HOST' => 'api.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(request: request)
+
+    expect(matcher.matches?).to be_a TrueClass
+  end
+
+  it 'matches if the first subdomain is API' do
+    env     = { 'HTTP_HOST' => 'api.matrix.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(request: request)
+
+    expect(matcher.matches?).to be_a TrueClass
+  end
+
+  it 'does not match if the first subdomain is not API' do
+    env     = { 'HTTP_HOST' => 'matrix.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(request: request)
+
+    expect(matcher.matches?).to be_a FalseClass
+  end
+
+  it 'allows the matched subdomain to be specified' do
+    env     = { 'HTTP_HOST' => 'matrix.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(allowed_subdomains: 'matrix',
+                            request:            request)
+
+    expect(matcher.matches?).to be_a TrueClass
+  end
+
+  it 'allows more than one subdomain to be matched' do
+    env     = { 'HTTP_HOST' => 'matrix.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(allowed_subdomains: %w{api matrix},
+                            request:            request)
+
+    expect(matcher.matches?).to be_a TrueClass
+
+    env     = { 'HTTP_HOST' => 'api.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(allowed_subdomains: %w{api matrix},
+                            request:            request)
+
+    expect(matcher.matches?).to be_a TrueClass
+  end
+
+  it 'can match only the api subdomain' do
+    env     = { 'HTTP_HOST' => 'matrix.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(allowed_api_subdomains: %w{matrix},
+                            request:                request)
+
+    expect(matcher.matches_api_subdomain?).to be_a TrueClass
+  end
+
+  it 'matches "api" as an api subdomain by default' do
+    env     = { 'HTTP_HOST' => 'api.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(request: request)
+
+    expect(matcher.matches_api_subdomain?).to be_a TrueClass
+  end
+end
+end
+end

data/spec/apill/matchers/{version_matcher_spec.rb → version_spec.rb}

@@ -1,34 +1,39 @@
-require 'rspectacular'
-require 'apill/matchers/version_matcher'
+require 'spec_helper'
+require 'apill/requests/base'
+require 'apill/matchers/version'
 
 module    Apill
 module    Matchers
-describe  VersionMatcher do
+describe  Version do
   context 'when the version is passed in the accept header' do
     it 'does not match if the subdomain is API but the requested version does not ' \
        'equal the version constraint' do
 
-      request = {
+      env     = {
         'HTTP_X_APPLICATION_NAME' => 'matrix',
         'HTTP_ACCEPT'             => 'application/vnd.matrix+zion;version=10.0',
       }
+      request = Requests::Base.resolve(env)
 
-      matcher = VersionMatcher.new(version_constraint: '10.1')
+      matcher = Version.new(request:            request,
+                            version_constraint: '10.1')
 
-      expect(matcher.matches?(request)).to be_a FalseClass
+      expect(matcher).not_to be_matches
     end
 
     it 'does match if the subdomain is API and the requested version equals the ' \
        'version constraint' do
 
-      request = {
+      env     = {
         'HTTP_X_APPLICATION_NAME' => 'matrix',
         'HTTP_ACCEPT'             => 'application/vnd.matrix+zion;version=10.0',
       }
+      request = Requests::Base.resolve(env)
 
-      matcher = VersionMatcher.new(version_constraint: '10.0')
+      matcher = Version.new(request:            request,
+                            version_constraint: '10.0')
 
-      expect(matcher.matches?(request)).to be_a TrueClass
+      expect(matcher).to be_matches
     end
   end
 
@@ -36,43 +41,49 @@ describe  VersionMatcher do
     it 'does not match if the subdomain is API but the requested version does not ' \
        'equal the version constraint' do
 
-      request = {
+      env     = {
         'HTTP_X_APPLICATION_NAME' => 'matrix',
         'HTTP_ACCEPT'             => 'application/vnd.matrix+zion',
       }
+      request = Requests::Base.resolve(env)
 
-      matcher = VersionMatcher.new(version_constraint: '10.1',
-                                   default_version:    '10.0')
+      matcher = Version.new(request:            request,
+                            version_constraint: '10.1',
+                            default_version:    '10.0')
 
-      expect(matcher.matches?(request)).to be_a FalseClass
+      expect(matcher).not_to be_matches
     end
 
     it 'does match if the subdomain is API and the requested version equals the ' \
        'version constraint' do
 
-      request = {
+      env     = {
         'HTTP_X_APPLICATION_NAME' => 'matrix',
         'HTTP_ACCEPT'             => 'application/vnd.matrix+zion',
       }
+      request = Requests::Base.resolve(env)
 
-      matcher = VersionMatcher.new(version_constraint: '10.0',
-                                   default_version:    '10.0')
+      matcher = Version.new(request:            request,
+                            version_constraint: '10.0',
+                            default_version:    '10.0')
 
-      expect(matcher.matches?(request)).to be_a TrueClass
+      expect(matcher).to be_matches
     end
   end
 
   it 'matches the default version in the configuration if none is passed in' do
     Apill.configuration.default_api_version = '100.0'
 
-    request = {
+    env     = {
       'HTTP_X_APPLICATION_NAME' => 'matrix',
       'HTTP_ACCEPT'             => 'application/vnd.matrix+zion',
     }
+    request = Requests::Base.resolve(env)
 
-    matcher = VersionMatcher.new(version_constraint: '100.0')
+    matcher = Version.new(request:            request,
+                          version_constraint: '100.0')
 
-    expect(matcher.matches?(request)).to be_a TrueClass
+    expect(matcher).to be_matches
   end
 end
 end

data/spec/apill/middleware/api_request_spec.rb

@@ -1,4 +1,4 @@
-require 'rspectacular'
+require 'spec_helper'
 require 'apill/middleware/api_request'
 
 module    Apill
@@ -9,10 +9,10 @@ describe  ApiRequest, singletons: HumanError::Configuration do
   before(:each) do
     HumanError.configuration.url_mappings = {
       'external_documentation_urls'  => {
-        'errors.invalid_subdomain_response' => 'http://example.com/foo',
+        'errors.responses.invalid_subdomain' => 'http://example.com/foo',
       },
       'developer_documentation_urls' => {
-        'errors.invalid_subdomain_response' => 'http://example.com/foo',
+        'errors.responses.invalid_subdomain' => 'http://example.com/foo',
       },
     }
 
@@ -61,7 +61,7 @@ describe  ApiRequest, singletons: HumanError::Configuration do
             'documentation' => nil,
           },
           'status' => 404,
-          'code'   => 'errors.invalid_subdomain_error',
+          'code'   => 'errors.invalid_subdomain',
           'title'  => 'Invalid Subdomain',
           'detail' => 'The resource you attempted to access is either not authorized ' \
                       'for the authenticated user or does not exist.',
@@ -97,7 +97,7 @@ describe  ApiRequest, singletons: HumanError::Configuration do
             'documentation' => nil,
           },
           'status' => 400,
-          'code'   => 'errors.invalid_api_request_error',
+          'code'   => 'errors.invalid_api_request',
           'title'  => 'Invalid API Request',
           'detail' => 'The accept header that you passed in the request cannot be ' \
                       'parsed, please refer to the documentation to verify.',
@@ -125,59 +125,57 @@ describe  ApiRequest, singletons: HumanError::Configuration do
     expect(response).to eql 'response'
   end
 
-  it 'converts JSON API compliant dasherized query params to underscored' do
-    app                    = ->(env) { [200, env, 'response'] }
-    api_request_middleware = ApiRequest.new(app)
+  it 'does allow requests if the subdomain, the accept header and the token are valid' do
+    Apill.configuration.token_private_key = test_private_key
+    api_request_middleware                = ApiRequest.new(app)
 
     request = {
-      'HTTP_HOST'    => 'api.example.com',
-      'HTTP_ACCEPT'  => 'application/vnd.matrix+zion;version=1.0.0',
-      'QUERY_STRING' => 'hello-there=bob-jones&'     \
-                        'nice-to-meet=you-bob&'      \
-                        'hows-the-weather=today-bob',
+      'HTTP_HOST'          => 'api.example.com',
+      'HTTP_ACCEPT'        => 'application/vnd.matrix+zion;version=1.0.0',
+      'HTTP_AUTHORIZATION' => "Token #{valid_token}",
+      'QUERY_STRING'       => 'accept=application/vnd.matrix+zion;version=1.0.0',
     }
 
-    _status, headers, _response = api_request_middleware.call(request)
+    status, headers, response = api_request_middleware.call(request)
 
-    expect(headers['QUERY_STRING']).to eql 'hello_there=bob-jones&' \
-                                           'nice_to_meet=you-bob&'  \
-                                           'hows_the_weather=today-bob'
+    expect(status).to   eql 200
+    expect(headers).to  eql({})
+    expect(response).to eql 'response'
   end
 
-  it 'properly converts the content type for Rails when it is the only one' do
-    api_request_middleware = ApiRequest.new(app)
+  it 'returns the proper response if the token is invalid' do
+    Apill.configuration.token_private_key = test_private_key
+    api_request_middleware                = ApiRequest.new(app)
 
     request = {
-      'CONTENT_TYPE' => 'application/vnd.api+json',
-      'HTTP_HOST'    => 'matrix.example.com',
-      'HTTP_ACCEPT'  => '',
-      'QUERY_STRING' => '',
+      'HTTP_HOST'          => 'api.example.com',
+      'HTTP_ACCEPT'        => 'application/vnd.matrix+zion;version=1.0.0',
+      'HTTP_AUTHORIZATION' => "Token #{invalid_token}",
+      'QUERY_STRING'       => 'accept=application/vnd.matrix+zion;version=1.0.0',
     }
 
-    allow(app).to receive(:call)
-
-    _response = api_request_middleware.call(request)
+    _status, _headers, response = api_request_middleware.call(request)
 
-    expect(app).to have_received(:call).
-                   with(a_hash_including('CONTENT_TYPE' => 'application/json'))
+    expect(response.first).to include 'errors.invalid_token'
   end
 
-  it 'properly converts the content type for Rails when it is not the only one' do
+  it 'converts JSON API compliant dasherized query params to underscored' do
+    app                    = ->(env) { [200, env, 'response'] }
     api_request_middleware = ApiRequest.new(app)
 
     request = {
-      'CONTENT_TYPE' => 'application/vnd.api+json;other',
-      'HTTP_HOST'    => 'matrix.example.com',
-      'HTTP_ACCEPT'  => '',
-      'QUERY_STRING' => '',
+      'HTTP_HOST'    => 'api.example.com',
+      'HTTP_ACCEPT'  => 'application/vnd.matrix+zion;version=1.0.0',
+      'QUERY_STRING' => 'hello-there=bob-jones&'     \
+                        'nice-to-meet=you-bob&'      \
+                        'hows-the-weather=today-bob',
     }
 
-    allow(app).to receive(:call)
-
-    _response = api_request_middleware.call(request)
+    _status, headers, _response = api_request_middleware.call(request)
 
-    expect(app).to have_received(:call).
-                   with(a_hash_including('CONTENT_TYPE' => 'application/json;other'))
+    expect(headers['QUERY_STRING']).to eql 'hello_there=bob-jones&' \
+                                           'nice_to_meet=you-bob&'  \
+                                           'hows_the_weather=today-bob'
   end
 end
 end

data/spec/apill/parameters_spec.rb

@@ -1,4 +1,4 @@
-require 'rspectacular'
+require 'spec_helper'
 require 'apill/parameters'
 
 module    Apill