apill 3.1.3 → 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/apill/configuration.rb +2 -1
- data/lib/apill/errors/{invalid_api_request_error.rb → invalid_api_request.rb} +1 -1
- data/lib/apill/errors/{invalid_subdomain_error.rb → invalid_subdomain.rb} +1 -1
- data/lib/apill/errors/invalid_token.rb +21 -0
- data/lib/apill/matchers/accept_header.rb +13 -0
- data/lib/apill/matchers/{generic_matcher.rb → generic.rb} +5 -9
- data/lib/apill/matchers/{subdomain_matcher.rb → subdomain.rb} +3 -9
- data/lib/apill/matchers/{version_matcher.rb → version.rb} +4 -6
- data/lib/apill/middleware/api_request.rb +22 -21
- data/lib/apill/parameters/index.rb +1 -1
- data/lib/apill/parameters/page.rb +1 -1
- data/lib/apill/parameters/sort.rb +1 -1
- data/lib/apill/requests/base.rb +86 -10
- data/lib/apill/requests/rack.rb +34 -0
- data/lib/apill/requests/rails.rb +31 -0
- data/lib/apill/resource/model.rb +1 -1
- data/lib/apill/resource/processors/filtering.rb +2 -0
- data/lib/apill/resource/processors/indexing.rb +2 -0
- data/lib/apill/resource/processors/paging.rb +2 -0
- data/lib/apill/resource/processors/sorting.rb +2 -0
- data/lib/apill/responses/{invalid_subdomain_response.rb → invalid_api_request.rb} +3 -3
- data/lib/apill/responses/{invalid_api_request_response.rb → invalid_subdomain.rb} +3 -3
- data/lib/apill/responses/invalid_token.rb +17 -0
- data/lib/apill/tokens/invalid_request_authorization.rb +21 -0
- data/lib/apill/tokens/null_request_authorization.rb +21 -0
- data/lib/apill/tokens/request_authorization.rb +62 -0
- data/lib/apill/version.rb +1 -1
- data/lib/apill.rb +5 -5
- data/spec/apill/accept_header_spec.rb +1 -1
- data/spec/apill/errors/{invalid_api_request_error_spec.rb → invalid_api_request_spec.rb} +6 -6
- data/spec/apill/errors/{invalid_subdomain_error_spec.rb → invalid_subdomain_spec.rb} +6 -6
- data/spec/apill/errors/invalid_token_spec.rb +23 -0
- data/spec/apill/{invalid_subdomain_response_spec.rb → invalid_subdomain_spec.rb} +7 -7
- data/spec/apill/invalid_token_spec.rb +42 -0
- data/spec/apill/matchers/{accept_header_matcher_spec.rb → accept_header_spec.rb} +32 -24
- data/spec/apill/matchers/subdomain_spec.rb +81 -0
- data/spec/apill/matchers/{version_matcher_spec.rb → version_spec.rb} +31 -20
- data/spec/apill/middleware/api_request_spec.rb +36 -38
- data/spec/apill/parameters_spec.rb +1 -1
- data/spec/apill/requests/rack_spec.rb +159 -0
- data/spec/apill/requests/rails_spec.rb +151 -0
- data/spec/apill/resource/model_spec.rb +1 -1
- data/spec/apill/resource/processors/filtering_spec.rb +1 -1
- data/spec/apill/resource/processors/indexing_spec.rb +1 -1
- data/spec/apill/resource/processors/paging_spec.rb +1 -1
- data/spec/apill/resource/processors/sorting_spec.rb +1 -1
- data/spec/apill/tokens/request_authorization_spec.rb +49 -0
- data/spec/fixtures/test_rsa_key +27 -0
- data/spec/fixtures/test_rsa_key.pub +9 -0
- data/spec/spec_helper.rb +3 -0
- data/spec/support/private_keys.rb +19 -0
- metadata +75 -29
- data/lib/apill/matchers/accept_header_matcher.rb +0 -15
- data/lib/apill/requests/rack_request.rb +0 -37
- data/lib/apill/requests/rails_request.rb +0 -29
- data/spec/apill/matchers/subdomain_matcher_spec.rb +0 -72
- data/spec/apill/requests/rack_request_spec.rb +0 -70
- data/spec/apill/requests/rails_request_spec.rb +0 -59
@@ -0,0 +1,159 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'apill/requests/rack'
|
3
|
+
|
4
|
+
module Apill
|
5
|
+
module Requests
|
6
|
+
describe Rack do
|
7
|
+
it 'finds the accept header from the headers if it is valid' do
|
8
|
+
raw_request = {
|
9
|
+
'HTTP_ACCEPT' => 'application/vnd.matrix+zion;version=10.0',
|
10
|
+
'QUERY_STRING' => '',
|
11
|
+
'HTTP_X_APPLICATION_NAME' => 'matrix',
|
12
|
+
}
|
13
|
+
request = Rack.new(request: raw_request)
|
14
|
+
|
15
|
+
expect(request.accept_header.to_s).to eql 'application/vnd.matrix+zion;version=10.0'
|
16
|
+
end
|
17
|
+
|
18
|
+
it 'finds the accept header from the headers if it is invalid but there is no ' \
|
19
|
+
'accept header in the params' do
|
20
|
+
|
21
|
+
raw_request = {
|
22
|
+
'HTTP_ACCEPT' => 'invalid/vnd.matrix+zion;version=10.0',
|
23
|
+
'QUERY_STRING' => '',
|
24
|
+
'HTTP_X_APPLICATION_NAME' => 'matrix',
|
25
|
+
}
|
26
|
+
request = Rack.new(request: raw_request)
|
27
|
+
|
28
|
+
expect(request.accept_header.to_s).to eql 'invalid/vnd.matrix+zion;version=10.0'
|
29
|
+
end
|
30
|
+
|
31
|
+
it 'finds the accept header from the params if it is valid' do
|
32
|
+
raw_request = {
|
33
|
+
'HTTP_ACCEPT' => '',
|
34
|
+
'QUERY_STRING' => 'accept=application/vnd.matrix+zion;version=10.0',
|
35
|
+
'HTTP_X_APPLICATION_NAME' => 'matrix',
|
36
|
+
}
|
37
|
+
request = Rack.new(request: raw_request)
|
38
|
+
|
39
|
+
expect(request.accept_header.to_s).to eql 'application/vnd.matrix+zion;version=10.0'
|
40
|
+
end
|
41
|
+
|
42
|
+
# rubocop:disable Metrics/LineLength
|
43
|
+
it 'finds the accept header from the query string if it is encoded' do
|
44
|
+
raw_request = {
|
45
|
+
'HTTP_ACCEPT' => '',
|
46
|
+
'QUERY_STRING' => 'accept=application%2Fvnd.matrix%2Bzion%3Bversion%3D10.0',
|
47
|
+
'HTTP_X_APPLICATION_NAME' => 'matrix',
|
48
|
+
}
|
49
|
+
request = Rack.new(request: raw_request)
|
50
|
+
|
51
|
+
expect(request.accept_header.to_s).to eql 'application/vnd.matrix+zion;version=10.0'
|
52
|
+
end
|
53
|
+
# rubocop:enable Metrics/LineLength
|
54
|
+
|
55
|
+
it 'finds the authorization token from the header' do
|
56
|
+
raw_request = {
|
57
|
+
'HTTP_AUTHORIZATION' => "Token #{valid_token}",
|
58
|
+
'QUERY_STRING' => '',
|
59
|
+
}
|
60
|
+
request = Rack.new(token_private_key: test_private_key,
|
61
|
+
request: raw_request)
|
62
|
+
|
63
|
+
expect(request.authorization_token).to be_valid
|
64
|
+
expect(request.authorization_token.to_h).to eql(
|
65
|
+
[
|
66
|
+
{ 'bar' => 'baz' },
|
67
|
+
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
68
|
+
])
|
69
|
+
end
|
70
|
+
|
71
|
+
it 'can process an authorization token if it is sent through incorrectly' do
|
72
|
+
raw_request = {
|
73
|
+
'HTTP_AUTHORIZATION' => "#{valid_token}",
|
74
|
+
'QUERY_STRING' => '',
|
75
|
+
}
|
76
|
+
request = Rack.new(token_private_key: test_private_key,
|
77
|
+
request: raw_request)
|
78
|
+
|
79
|
+
expect(request.authorization_token).not_to be_valid
|
80
|
+
expect(request.authorization_token.to_h).to eql({})
|
81
|
+
end
|
82
|
+
|
83
|
+
it 'finds the authorization token from the params if the authorization token from ' \
|
84
|
+
'the header is invalid and the authorization token from the params is valid' do
|
85
|
+
|
86
|
+
raw_request = {
|
87
|
+
'HTTP_AUTHORIZATION' => "Token #{invalid_token}",
|
88
|
+
'QUERY_STRING' => "auth_token=#{valid_token}",
|
89
|
+
}
|
90
|
+
request = Rack.new(token_private_key: test_private_key,
|
91
|
+
request: raw_request)
|
92
|
+
|
93
|
+
expect(request.authorization_token).to be_valid
|
94
|
+
expect(request.authorization_token.to_h).to eql(
|
95
|
+
[
|
96
|
+
{ 'bar' => 'baz' },
|
97
|
+
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
98
|
+
])
|
99
|
+
end
|
100
|
+
|
101
|
+
it 'finds the authorization token from the params if the authorization token from ' \
|
102
|
+
'the header is not present and the authorization token from the params is valid' do
|
103
|
+
|
104
|
+
raw_request = {
|
105
|
+
'QUERY_STRING' => "auth_token=#{valid_token}",
|
106
|
+
}
|
107
|
+
request = Rack.new(token_private_key: test_private_key,
|
108
|
+
request: raw_request)
|
109
|
+
|
110
|
+
expect(request.authorization_token).to be_valid
|
111
|
+
expect(request.authorization_token.to_h).to eql(
|
112
|
+
[
|
113
|
+
{ 'bar' => 'baz' },
|
114
|
+
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
115
|
+
])
|
116
|
+
end
|
117
|
+
|
118
|
+
it 'is a null authorization token if neither authorization token is present' do
|
119
|
+
raw_request = {
|
120
|
+
'QUERY_STRING' => '',
|
121
|
+
}
|
122
|
+
request = Rack.new(token_private_key: test_private_key,
|
123
|
+
request: raw_request)
|
124
|
+
|
125
|
+
expect(request.authorization_token).to be_valid
|
126
|
+
expect(request.authorization_token.to_h).to eql({})
|
127
|
+
end
|
128
|
+
|
129
|
+
it 'finds the authorization token from the params' do
|
130
|
+
raw_request = {
|
131
|
+
'QUERY_STRING' => "auth_token=#{valid_token}",
|
132
|
+
}
|
133
|
+
request = Rack.new(token_private_key: test_private_key,
|
134
|
+
request: raw_request)
|
135
|
+
|
136
|
+
expect(request.authorization_token).to be_valid
|
137
|
+
expect(request.authorization_token.to_h).to eql(
|
138
|
+
[
|
139
|
+
{ 'bar' => 'baz' },
|
140
|
+
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
141
|
+
])
|
142
|
+
end
|
143
|
+
|
144
|
+
it 'defaults to the application name in the configuration if none is found in ' \
|
145
|
+
'the header' do
|
146
|
+
|
147
|
+
Apill.configuration.application_name = 'zion'
|
148
|
+
|
149
|
+
raw_request = {
|
150
|
+
'HTTP_ACCEPT' => '',
|
151
|
+
'QUERY_STRING' => 'accept=application/vnd.zion+zion;version=10.0',
|
152
|
+
}
|
153
|
+
request = Rack.new(request: raw_request)
|
154
|
+
|
155
|
+
expect(request.accept_header.to_s).to eql 'application/vnd.zion+zion;version=10.0'
|
156
|
+
end
|
157
|
+
end
|
158
|
+
end
|
159
|
+
end
|
@@ -0,0 +1,151 @@
|
|
1
|
+
require 'ostruct'
|
2
|
+
require 'spec_helper'
|
3
|
+
require 'apill/requests/rails'
|
4
|
+
|
5
|
+
module Apill
|
6
|
+
module Requests
|
7
|
+
describe Rails do
|
8
|
+
it 'finds the accept header from the headers if it is valid' do
|
9
|
+
raw_request = OpenStruct.new(
|
10
|
+
headers: {
|
11
|
+
'X-Application-Name' => 'matrix',
|
12
|
+
'Accept' => 'application/vnd.matrix+zion;version=10.0',
|
13
|
+
},
|
14
|
+
params: {})
|
15
|
+
request = Rails.new(request: raw_request)
|
16
|
+
|
17
|
+
expect(request.accept_header.to_s).to eql 'application/vnd.matrix+zion;version=10.0'
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'finds the accept header from the headers if it is invalid but there is no ' \
|
21
|
+
'accept header in the params' do
|
22
|
+
|
23
|
+
raw_request = OpenStruct.new(
|
24
|
+
headers: {
|
25
|
+
'X-Application-Name' => 'matrix',
|
26
|
+
'Accept' => 'invalid/vnd.matrix+zion;version=10.0',
|
27
|
+
},
|
28
|
+
params: {})
|
29
|
+
request = Rails.new(request: raw_request)
|
30
|
+
|
31
|
+
expect(request.accept_header.to_s).to eql 'invalid/vnd.matrix+zion;version=10.0'
|
32
|
+
end
|
33
|
+
|
34
|
+
it 'finds the accept header from the params if it is valid' do
|
35
|
+
raw_request = OpenStruct.new(
|
36
|
+
headers: {
|
37
|
+
'X-Application-Name' => 'matrix',
|
38
|
+
},
|
39
|
+
params: { 'accept' => 'application/vnd.matrix+zion;version=10.0' })
|
40
|
+
request = Rails.new(request: raw_request)
|
41
|
+
|
42
|
+
expect(request.accept_header.to_s).to eql 'application/vnd.matrix+zion;version=10.0'
|
43
|
+
end
|
44
|
+
|
45
|
+
it 'finds the authorization token from the header' do
|
46
|
+
raw_request = OpenStruct.new(
|
47
|
+
headers: {
|
48
|
+
'HTTP_AUTHORIZATION' => "Token #{valid_token}",
|
49
|
+
},
|
50
|
+
params: {})
|
51
|
+
request = Rails.new(token_private_key: test_private_key,
|
52
|
+
request: raw_request)
|
53
|
+
|
54
|
+
expect(request.authorization_token).to be_valid
|
55
|
+
expect(request.authorization_token.to_h).to eql(
|
56
|
+
[
|
57
|
+
{ 'bar' => 'baz' },
|
58
|
+
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
59
|
+
])
|
60
|
+
end
|
61
|
+
|
62
|
+
it 'can process an authorization token if it is sent through incorrectly' do
|
63
|
+
raw_request = OpenStruct.new(
|
64
|
+
headers: {
|
65
|
+
'HTTP_AUTHORIZATION' => "#{valid_token}",
|
66
|
+
},
|
67
|
+
params: {})
|
68
|
+
request = Rails.new(token_private_key: test_private_key,
|
69
|
+
request: raw_request)
|
70
|
+
|
71
|
+
expect(request.authorization_token).not_to be_valid
|
72
|
+
expect(request.authorization_token.to_h).to eql({})
|
73
|
+
end
|
74
|
+
|
75
|
+
it 'finds the authorization token from the params if the authorization token from ' \
|
76
|
+
'the header is invalid and the authorization token from the params is valid' do
|
77
|
+
|
78
|
+
raw_request = OpenStruct.new(
|
79
|
+
headers: {
|
80
|
+
'HTTP_AUTHORIZATION' => "Token #{invalid_token}",
|
81
|
+
},
|
82
|
+
params: { 'auth_token' => valid_token })
|
83
|
+
request = Rails.new(token_private_key: test_private_key,
|
84
|
+
request: raw_request)
|
85
|
+
|
86
|
+
expect(request.authorization_token).to be_valid
|
87
|
+
expect(request.authorization_token.to_h).to eql(
|
88
|
+
[
|
89
|
+
{ 'bar' => 'baz' },
|
90
|
+
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
91
|
+
])
|
92
|
+
end
|
93
|
+
|
94
|
+
it 'finds the authorization token from the params if the authorization token from ' \
|
95
|
+
'the header is not present and the authorization token from the params is valid' do
|
96
|
+
|
97
|
+
raw_request = OpenStruct.new(
|
98
|
+
headers: {},
|
99
|
+
params: { 'auth_token' => valid_token })
|
100
|
+
request = Rails.new(token_private_key: test_private_key,
|
101
|
+
request: raw_request)
|
102
|
+
|
103
|
+
expect(request.authorization_token).to be_valid
|
104
|
+
expect(request.authorization_token.to_h).to eql(
|
105
|
+
[
|
106
|
+
{ 'bar' => 'baz' },
|
107
|
+
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
108
|
+
])
|
109
|
+
end
|
110
|
+
|
111
|
+
it 'is a null authorization token if neither authorization token is present' do
|
112
|
+
raw_request = OpenStruct.new(
|
113
|
+
headers: {},
|
114
|
+
params: {})
|
115
|
+
request = Rails.new(token_private_key: test_private_key,
|
116
|
+
request: raw_request)
|
117
|
+
|
118
|
+
expect(request.authorization_token).to be_valid
|
119
|
+
expect(request.authorization_token.to_h).to eql({})
|
120
|
+
end
|
121
|
+
|
122
|
+
it 'finds the authorization token from the params' do
|
123
|
+
raw_request = OpenStruct.new(
|
124
|
+
headers: {},
|
125
|
+
params: { 'auth_token' => valid_token })
|
126
|
+
request = Rails.new(token_private_key: test_private_key,
|
127
|
+
request: raw_request)
|
128
|
+
|
129
|
+
expect(request.authorization_token).to be_valid
|
130
|
+
expect(request.authorization_token.to_h).to eql(
|
131
|
+
[
|
132
|
+
{ 'bar' => 'baz' },
|
133
|
+
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
134
|
+
])
|
135
|
+
end
|
136
|
+
|
137
|
+
it 'defaults to the application name in the configuration if none is found in ' \
|
138
|
+
'the header' do
|
139
|
+
|
140
|
+
Apill.configuration.application_name = 'zion'
|
141
|
+
|
142
|
+
raw_request = OpenStruct.new(
|
143
|
+
headers: {},
|
144
|
+
params: { 'accept' => 'application/vnd.zion+zion;version=10.0' })
|
145
|
+
request = Rails.new(request: raw_request)
|
146
|
+
|
147
|
+
expect(request.accept_header.to_s).to eql 'application/vnd.zion+zion;version=10.0'
|
148
|
+
end
|
149
|
+
end
|
150
|
+
end
|
151
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'apill/tokens/request_authorization'
|
3
|
+
|
4
|
+
module Apill
|
5
|
+
module Tokens
|
6
|
+
describe RequestAuthorization do
|
7
|
+
it 'can convert an empty token' do
|
8
|
+
token = RequestAuthorization.convert(token_private_key: test_private_key,
|
9
|
+
raw_token: nil)
|
10
|
+
|
11
|
+
expect(token).to be_a NullRequestAuthorization
|
12
|
+
end
|
13
|
+
|
14
|
+
it 'can convert an invalid token' do
|
15
|
+
token = RequestAuthorization.convert(token_private_key: test_private_key,
|
16
|
+
raw_token: invalid_token)
|
17
|
+
|
18
|
+
expect(token).to be_a InvalidRequestAuthorization
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'can verify an expired token' do
|
22
|
+
expired_jwe = valid_token('exp' => 1.day.ago.to_i,
|
23
|
+
'baz' => 'bar')
|
24
|
+
token = RequestAuthorization.convert(
|
25
|
+
token_private_key: test_private_key,
|
26
|
+
raw_token: expired_jwe)
|
27
|
+
|
28
|
+
expect(token).to be_a InvalidRequestAuthorization
|
29
|
+
end
|
30
|
+
|
31
|
+
it 'can convert an invalidly signed token' do
|
32
|
+
other_private_key = OpenSSL::PKey::RSA.new(2048)
|
33
|
+
token = RequestAuthorization.convert(
|
34
|
+
token_private_key: other_private_key,
|
35
|
+
raw_token: valid_token)
|
36
|
+
|
37
|
+
expect(token).to be_a InvalidRequestAuthorization
|
38
|
+
end
|
39
|
+
|
40
|
+
it 'can convert a valid token' do
|
41
|
+
token = RequestAuthorization.convert(token_private_key: test_private_key,
|
42
|
+
raw_token: valid_token)
|
43
|
+
|
44
|
+
expect(token).to be_a RequestAuthorization
|
45
|
+
expect(token.to_h).to eql([{ 'bar' => 'baz' }, { 'typ' => 'JWT', 'alg' => 'RS256' }])
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIEpQIBAAKCAQEAzQNhPtJl68EAoLBh92nBpDlif2M61dS+HBoRinfWT5sD3CeJ
|
3
|
+
eMPmlj9vqOdmBzBfMuoHkr3QPVjTAvsTMthoVFKVUEA28eglFABZYP99+VDIKJtr
|
4
|
+
rpXMkwjKBXaXP58QZ1bkQfMdNHuKC9xY7w4tpZP3q3PcW7xqI2bR/APQPfW3xfhU
|
5
|
+
8gDAVWkv0+LM76wcGdqfqXd/Z7P9ZtXb74qI575KZR6l+4v22ZYOn0yYL3wc0g3l
|
6
|
+
jskF5qeTD4nuSqSzIanYAIo+0jy/BLY9gzFUQPS1Z4INtkEVwX9TO1IpwJvYpqYU
|
7
|
+
0KpJSo5G5eyxM37iQWTTCbmq2byanRLlinXstQIDAQABAoIBAQChO+VBGQubTCEI
|
8
|
+
P2/suznVxGPYt9vPzA7v3vioo/LijJGOlXGijr9MrvtMJSCyyrI0QqZOHAYoGTFr
|
9
|
+
CLdip5v1pTVU9gvAWMjAYD3q8UTLzWJ9vS4FEj7f7GulvEzbdmfaPhYqX986JWa+
|
10
|
+
ST+QUuBHdoW0S9ykMRxwVy8SOpWOA8YqfRbb9J4IYwbYXIDv7yJNE039x3cVqp1Q
|
11
|
+
oSoOjW0rka0NObjjEJuJTZKpshze08B6gL1Vi7lcUWyeCXuDbMh18dSGEYU2YN2f
|
12
|
+
9eMLXI981zgBP8BnnR6UuSR2PpsLRSkqC7ZPGZZXC/xP3Ln+I8YPmqMlUDtXeaMf
|
13
|
+
zLmBGCoJAoGBAPl1sMFne3E4kFscjyYQytqED2h0DUF4zT4tefUL7wTwsTm6WTgW
|
14
|
+
8xYlegW5kvdFsVq7PM1hLTNKK74QRoHFn+uwyCw9w9/fmU2FJ3BIB4MhFyQRu0MM
|
15
|
+
J/3qJHHjILFz+gHYMtxsWEnAviWPPznxR0ocP+6eSE9HerZqOyBnpoP3AoGBANJj
|
16
|
+
YDH1K8RneSTYDSqJ93yM2wE+Y0YutOeteJOyOtpA8Xdi7V81BcHo4aemjZ6kyjIF
|
17
|
+
KydYbWh/9dekY89QrUOjQOwfFon7Gf3RHZAklgy4Kibkyt29fakP3m+CCdQJhPrM
|
18
|
+
y/c5HpCG1M/pyizAg8O3l6bmn4QfNgH+DmOCTdGzAoGAEsvFV60+ZdeHOPY76vhU
|
19
|
+
8IYGyy4DWa2KeWbfy5Dsn4irMdhSpKFGC6MjQI8s/aiopld5S1hJGZY7GYUMavbD
|
20
|
+
B/U3/+1fdtzYJjkkMZebyUuS/MrBO1oNIVqlCFe+vOAqND1gB6+6L0Rwj0/tyaXe
|
21
|
+
Yz0hrA8ND7wpCNmUPurQZx0CgYEAi3VYJIVx16UHRob4Y0RFCwiLe42RXMpFHHV+
|
22
|
+
wdiY7meyKAMpeby57kmimvDqW0i8xt9qNZCGJYj8u0664oeF8pnaxSnuVNRf7EGb
|
23
|
+
qRq3ZAMH3fQ3DTk4fMKKHbxDK4yL23u5kE0Kl57onlFItNWAAlJGclnZT0kpEbUI
|
24
|
+
cKnFT8UCgYEApdfJ7GCA3vz45AWV9ya16BwfwTcmLnL2YsfbF+d1Rb3Frzl1G+kj
|
25
|
+
UG8TuiRAF2oTQSlXaU1118Fty9DN5goC+N8NQuz6neVPD47on8J7BkjtfTVY7Jbi
|
26
|
+
hDxOp9E0EpC5EfHarYyfst1/iWQqRbqJZe7414EhAlfL2T5a6Y05j/g=
|
27
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,9 @@
|
|
1
|
+
-----BEGIN PUBLIC KEY-----
|
2
|
+
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQNhPtJl68EAoLBh92nB
|
3
|
+
pDlif2M61dS+HBoRinfWT5sD3CeJeMPmlj9vqOdmBzBfMuoHkr3QPVjTAvsTMtho
|
4
|
+
VFKVUEA28eglFABZYP99+VDIKJtrrpXMkwjKBXaXP58QZ1bkQfMdNHuKC9xY7w4t
|
5
|
+
pZP3q3PcW7xqI2bR/APQPfW3xfhU8gDAVWkv0+LM76wcGdqfqXd/Z7P9ZtXb74qI
|
6
|
+
575KZR6l+4v22ZYOn0yYL3wc0g3ljskF5qeTD4nuSqSzIanYAIo+0jy/BLY9gzFU
|
7
|
+
QPS1Z4INtkEVwX9TO1IpwJvYpqYU0KpJSo5G5eyxM37iQWTTCbmq2byanRLlinXs
|
8
|
+
tQIDAQAB
|
9
|
+
-----END PUBLIC KEY-----
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'json/jwt'
|
2
|
+
|
3
|
+
def test_private_key
|
4
|
+
OpenSSL::PKey::RSA.new File.read(File.expand_path('../fixtures/test_rsa_key', __dir__))
|
5
|
+
end
|
6
|
+
|
7
|
+
def valid_token(payload = { 'bar' => 'baz' })
|
8
|
+
@valid_token ||= begin
|
9
|
+
jwt = JSON::JWT.new(payload)
|
10
|
+
jws = jwt.sign(test_private_key, :RS256)
|
11
|
+
jwe = jws.encrypt(test_private_key, :'RSA-OAEP', :A256GCM)
|
12
|
+
|
13
|
+
jwe.to_s
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
def invalid_token
|
18
|
+
@invalid_token ||= valid_token.tr('a', 'f')
|
19
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: apill
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 4.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- jfelchner
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-10-
|
11
|
+
date: 2015-10-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: human_error
|
@@ -24,6 +24,34 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '3.0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: json-jwt
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.5'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '1.5'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: jwt
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1.5'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.5'
|
27
55
|
- !ruby/object:Gem::Dependency
|
28
56
|
name: rspec
|
29
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -64,12 +92,13 @@ files:
|
|
64
92
|
- lib/apill.rb
|
65
93
|
- lib/apill/accept_header.rb
|
66
94
|
- lib/apill/configuration.rb
|
67
|
-
- lib/apill/errors/
|
68
|
-
- lib/apill/errors/
|
69
|
-
- lib/apill/
|
70
|
-
- lib/apill/matchers/
|
71
|
-
- lib/apill/matchers/
|
72
|
-
- lib/apill/matchers/
|
95
|
+
- lib/apill/errors/invalid_api_request.rb
|
96
|
+
- lib/apill/errors/invalid_subdomain.rb
|
97
|
+
- lib/apill/errors/invalid_token.rb
|
98
|
+
- lib/apill/matchers/accept_header.rb
|
99
|
+
- lib/apill/matchers/generic.rb
|
100
|
+
- lib/apill/matchers/subdomain.rb
|
101
|
+
- lib/apill/matchers/version.rb
|
73
102
|
- lib/apill/middleware/api_request.rb
|
74
103
|
- lib/apill/parameters.rb
|
75
104
|
- lib/apill/parameters/filter.rb
|
@@ -78,34 +107,45 @@ files:
|
|
78
107
|
- lib/apill/parameters/sort.rb
|
79
108
|
- lib/apill/processable_resource.rb
|
80
109
|
- lib/apill/requests/base.rb
|
81
|
-
- lib/apill/requests/
|
82
|
-
- lib/apill/requests/
|
110
|
+
- lib/apill/requests/rack.rb
|
111
|
+
- lib/apill/requests/rails.rb
|
83
112
|
- lib/apill/resource.rb
|
84
113
|
- lib/apill/resource/model.rb
|
85
114
|
- lib/apill/resource/processors/filtering.rb
|
86
115
|
- lib/apill/resource/processors/indexing.rb
|
87
116
|
- lib/apill/resource/processors/paging.rb
|
88
117
|
- lib/apill/resource/processors/sorting.rb
|
89
|
-
- lib/apill/responses/
|
90
|
-
- lib/apill/responses/
|
118
|
+
- lib/apill/responses/invalid_api_request.rb
|
119
|
+
- lib/apill/responses/invalid_subdomain.rb
|
120
|
+
- lib/apill/responses/invalid_token.rb
|
91
121
|
- lib/apill/serializers/json_api.rb
|
122
|
+
- lib/apill/tokens/invalid_request_authorization.rb
|
123
|
+
- lib/apill/tokens/null_request_authorization.rb
|
124
|
+
- lib/apill/tokens/request_authorization.rb
|
92
125
|
- lib/apill/version.rb
|
93
126
|
- spec/apill/accept_header_spec.rb
|
94
|
-
- spec/apill/errors/
|
95
|
-
- spec/apill/errors/
|
96
|
-
- spec/apill/
|
97
|
-
- spec/apill/
|
98
|
-
- spec/apill/
|
99
|
-
- spec/apill/matchers/
|
127
|
+
- spec/apill/errors/invalid_api_request_spec.rb
|
128
|
+
- spec/apill/errors/invalid_subdomain_spec.rb
|
129
|
+
- spec/apill/errors/invalid_token_spec.rb
|
130
|
+
- spec/apill/invalid_subdomain_spec.rb
|
131
|
+
- spec/apill/invalid_token_spec.rb
|
132
|
+
- spec/apill/matchers/accept_header_spec.rb
|
133
|
+
- spec/apill/matchers/subdomain_spec.rb
|
134
|
+
- spec/apill/matchers/version_spec.rb
|
100
135
|
- spec/apill/middleware/api_request_spec.rb
|
101
136
|
- spec/apill/parameters_spec.rb
|
102
|
-
- spec/apill/requests/
|
103
|
-
- spec/apill/requests/
|
137
|
+
- spec/apill/requests/rack_spec.rb
|
138
|
+
- spec/apill/requests/rails_spec.rb
|
104
139
|
- spec/apill/resource/model_spec.rb
|
105
140
|
- spec/apill/resource/processors/filtering_spec.rb
|
106
141
|
- spec/apill/resource/processors/indexing_spec.rb
|
107
142
|
- spec/apill/resource/processors/paging_spec.rb
|
108
143
|
- spec/apill/resource/processors/sorting_spec.rb
|
144
|
+
- spec/apill/tokens/request_authorization_spec.rb
|
145
|
+
- spec/fixtures/test_rsa_key
|
146
|
+
- spec/fixtures/test_rsa_key.pub
|
147
|
+
- spec/spec_helper.rb
|
148
|
+
- spec/support/private_keys.rb
|
109
149
|
homepage: https://github.com/jfelchner/apill
|
110
150
|
licenses:
|
111
151
|
- MIT
|
@@ -132,19 +172,25 @@ specification_version: 4
|
|
132
172
|
summary: Common API functionality
|
133
173
|
test_files:
|
134
174
|
- spec/apill/accept_header_spec.rb
|
135
|
-
- spec/apill/errors/
|
136
|
-
- spec/apill/errors/
|
137
|
-
- spec/apill/
|
138
|
-
- spec/apill/
|
139
|
-
- spec/apill/
|
140
|
-
- spec/apill/matchers/
|
175
|
+
- spec/apill/errors/invalid_api_request_spec.rb
|
176
|
+
- spec/apill/errors/invalid_subdomain_spec.rb
|
177
|
+
- spec/apill/errors/invalid_token_spec.rb
|
178
|
+
- spec/apill/invalid_subdomain_spec.rb
|
179
|
+
- spec/apill/invalid_token_spec.rb
|
180
|
+
- spec/apill/matchers/accept_header_spec.rb
|
181
|
+
- spec/apill/matchers/subdomain_spec.rb
|
182
|
+
- spec/apill/matchers/version_spec.rb
|
141
183
|
- spec/apill/middleware/api_request_spec.rb
|
142
184
|
- spec/apill/parameters_spec.rb
|
143
|
-
- spec/apill/requests/
|
144
|
-
- spec/apill/requests/
|
185
|
+
- spec/apill/requests/rack_spec.rb
|
186
|
+
- spec/apill/requests/rails_spec.rb
|
145
187
|
- spec/apill/resource/model_spec.rb
|
146
188
|
- spec/apill/resource/processors/filtering_spec.rb
|
147
189
|
- spec/apill/resource/processors/indexing_spec.rb
|
148
190
|
- spec/apill/resource/processors/paging_spec.rb
|
149
191
|
- spec/apill/resource/processors/sorting_spec.rb
|
150
|
-
|
192
|
+
- spec/apill/tokens/request_authorization_spec.rb
|
193
|
+
- spec/fixtures/test_rsa_key
|
194
|
+
- spec/fixtures/test_rsa_key.pub
|
195
|
+
- spec/spec_helper.rb
|
196
|
+
- spec/support/private_keys.rb
|
@@ -1,37 +0,0 @@
|
|
1
|
-
require 'apill/configuration'
|
2
|
-
require 'apill/requests/base'
|
3
|
-
require 'apill/accept_header'
|
4
|
-
|
5
|
-
module Apill
|
6
|
-
module Requests
|
7
|
-
class RackRequest < Base
|
8
|
-
ACCEPT_PARAM_PATTERN = /(?:\A|&)accept=(.+?)(?=\z|&)/
|
9
|
-
|
10
|
-
attr_accessor :request
|
11
|
-
|
12
|
-
def initialize(request)
|
13
|
-
self.request = request
|
14
|
-
end
|
15
|
-
|
16
|
-
def accept_header_from_header
|
17
|
-
AcceptHeader.new(application: application_name,
|
18
|
-
header: request['HTTP_ACCEPT'] || '')
|
19
|
-
end
|
20
|
-
|
21
|
-
def accept_header_from_params
|
22
|
-
AcceptHeader.new(application: application_name,
|
23
|
-
header: raw_accept_header_from_params || '')
|
24
|
-
end
|
25
|
-
|
26
|
-
def application_name
|
27
|
-
request['HTTP_X_APPLICATION_NAME'] || Apill.configuration.application_name
|
28
|
-
end
|
29
|
-
|
30
|
-
private
|
31
|
-
|
32
|
-
def raw_accept_header_from_params
|
33
|
-
URI.unescape(request['QUERY_STRING'][ACCEPT_PARAM_PATTERN, 1] || '')
|
34
|
-
end
|
35
|
-
end
|
36
|
-
end
|
37
|
-
end
|