apill 4.0.1 → 4.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 03e1a8c3d7621029eab5a87a4180786a121230f9
-  data.tar.gz: 434bd913e8c60b006c33f4144a22a5ac5917ae28
+  metadata.gz: e1641afa6f8ba1b4980f0fa413f0d5a52fb95985
+  data.tar.gz: e0604ba7685db87663373263f091c5f166911cbd
 SHA512:
-  metadata.gz: b9ac29a6cc63975df8d0b54b3b369fd54be33c675a81fad922221877c65812cf681d40346363c4b249341e3b91e78d8bc0b012c25e095a9be01a2d8a3340995a
-  data.tar.gz: 79b641b0689d7ae9e4c2ed79f17c370b212ac775ae09a701e5c6563901d291088b9f8be4ce63cd19dc7052d1f72d3730467b503ecda8e25bf6f433b24be095ff
+  metadata.gz: 6f642704c7502d12a6f4404b7eea14df91cbcce17f2ad14f8cdb8d0e767ad985d79ccf3ba4a192d048742c0565415896d52f89e9c043b7f07091dd9bb2d8edaf
+  data.tar.gz: 463965f01869807e112368b3cd1208585697802d3170ff9facc6d04d6b5f5f07c836f18f2c184cdc7b2b6d5b9a9217cb3256118f2e80e6244a047f1e9344e77c

data/lib/apill/middleware/api_request.rb

@@ -10,11 +10,13 @@ require 'apill/responses/invalid_token'
 module  Apill
 module  Middleware
 class   ApiRequest
+  JSON_API_MIME_TYPE_PATTERN = %r{application/vnd\.api\+json(?=\z|;)}
+
   def initialize(app)
     @app = app
   end
 
-  # rubocop:disable Metrics/LineLength
+  # rubocop:disable Metrics/LineLength, Metrics/AbcSize
   def call(env)
     env['HTTP_X_APPLICATION_NAME'] = Apill.configuration.application_name
 
@@ -23,21 +25,23 @@ class   ApiRequest
     accept_header_matcher = Matchers::AcceptHeader.new
     token                 = request.authorization_token
 
-    return Responses::InvalidSubdomain.call(env)  unless subdomain_matcher.matches?(request)
-    return Responses::InvalidApiRequest.call(env) unless !subdomain_matcher.matches_api_subdomain?(request) ||
-                                                         accept_header_matcher.matches?(request)
-    return Responses::InvalidToken.call(env)      unless token.valid?
-
-    env['HTTP_X_JSON_WEB_TOKEN'] = token.to_h
-    env['QUERY_STRING']          = Parameters.process(env['QUERY_STRING'])
+    return Responses::InvalidSubdomain.call(env)      unless subdomain_matcher.matches?(request)
+    return Responses::InvalidApiRequest.call(env)     unless !subdomain_matcher.matches_api_subdomain?(request) ||
+                                                             accept_header_matcher.matches?(request)
+    return Responses::InvalidToken.call(env,
+                                        application_name: request.application_name) \
+           unless token.valid?
 
-    if env['CONTENT_TYPE'] == 'application/vnd.api+json'
-      env['CONTENT_TYPE'] = 'application/json'
-    end
+    env['X_DECRYPTED_JSON_WEB_TOKEN'] = token.to_h
+    env['QUERY_STRING']               = Parameters.process(env['QUERY_STRING'])
+    env['CONTENT_TYPE']               = env['CONTENT_TYPE'].
+                                        to_s.
+                                        gsub! JSON_API_MIME_TYPE_PATTERN,
+                                              'application/json'
 
     @app.call(env)
   end
-  # rubocop:enable Metrics/LineLength
+  # rubocop:enable Metrics/LineLength, Metrics/AbcSize
 end
 end
 end

data/lib/apill/requests/base.rb

@@ -51,7 +51,9 @@ class   Base
   end
 
   def self.resolve(original_request)
-    if original_request.respond_to? :headers
+    if original_request.is_a? self
+      original_request
+    elsif original_request.respond_to? :headers
       rails_request_class.new(request: original_request)
     else
       rack_request_class.new(request: original_request)

data/lib/apill/responses/invalid_token.rb

@@ -3,12 +3,14 @@ require 'apill/errors/invalid_token'
 module  Apill
 module  Responses
 class   InvalidToken
-  def self.call(_env)
+  def self.call(_env, application_name:)
     error = Apill::Errors::InvalidToken.new
 
     [
       error.http_status, # HTTP Status Code
-      {},                # Response Headers
+      {                  # Response Headers
+        'WWW-Authenticate' => %Q{Token realm="#{application_name}"},
+      },
       [error.to_json],   # Message
     ]
   end

data/lib/apill/tokens/invalid_request_authorization.rb

@@ -14,7 +14,7 @@ class   InvalidRequestAuthorization
   end
 
   def to_h
-    {}
+    [{}, {}]
   end
 end
 end

data/lib/apill/tokens/null_request_authorization.rb

@@ -14,7 +14,7 @@ class   NullRequestAuthorization
   end
 
   def to_h
-    {}
+    [{}, {}]
   end
 end
 end

data/lib/apill/version.rb

@@ -1,3 +1,3 @@
 module Apill
-  VERSION = '4.0.1'.freeze
+  VERSION = '4.0.2'.freeze
 end

data/spec/apill/invalid_token_spec.rb

@@ -15,10 +15,10 @@ describe  InvalidToken, singletons: HumanError::Configuration do
     }
 
     request                   = { 'HTTP_HOST' => 'api.example.com' }
-    status, headers, response = InvalidToken.call(request)
+    status, headers, response = InvalidToken.call(request, application_name: 'my_app')
 
     expect(status).to                 eql 401
-    expect(headers).to                eql({})
+    expect(headers).to                eql('WWW-Authenticate' => 'Token realm="my_app"')
     expect(JSON.load(response[0])).to include(
       'errors'              => [
         include(

data/spec/apill/middleware/api_request_spec.rb

@@ -177,6 +177,42 @@ describe  ApiRequest, singletons: HumanError::Configuration do
                                            'nice_to_meet=you-bob&'  \
                                            'hows_the_weather=today-bob'
   end
+
+  it 'properly converts the content type for Rails when it is the only one' do
+    api_request_middleware = ApiRequest.new(app)
+
+    request = {
+      'CONTENT_TYPE' => 'application/vnd.api+json',
+      'HTTP_HOST'    => 'matrix.example.com',
+      'HTTP_ACCEPT'  => '',
+      'QUERY_STRING' => '',
+    }
+
+    allow(app).to receive(:call)
+
+    _response = api_request_middleware.call(request)
+
+    expect(app).to have_received(:call).
+                   with(a_hash_including('CONTENT_TYPE' => 'application/json'))
+  end
+
+  it 'properly converts the content type for Rails when it is not the only one' do
+    api_request_middleware = ApiRequest.new(app)
+
+    request = {
+      'CONTENT_TYPE' => 'application/vnd.api+json;other',
+      'HTTP_HOST'    => 'matrix.example.com',
+      'HTTP_ACCEPT'  => '',
+      'QUERY_STRING' => '',
+    }
+
+    allow(app).to receive(:call)
+
+    _response = api_request_middleware.call(request)
+
+    expect(app).to have_received(:call).
+                   with(a_hash_including('CONTENT_TYPE' => 'application/json;other'))
+  end
 end
 end
 end

data/spec/apill/requests/base_spec.rb

@@ -0,0 +1,35 @@
+require 'ostruct'
+require 'spec_helper'
+require 'apill/requests/base'
+
+module    Apill
+module    Requests
+describe  Base do
+  it 'can resolve itself by returning itself' do
+    raw_request      = Base.new(token_private_key: '', request: {})
+    resolved_request = Base.resolve(raw_request)
+
+    expect(resolved_request).to eql raw_request
+  end
+
+  it 'can resolve a Rails request' do
+    raw_request      = OpenStruct.new(
+                         headers: {},
+                         params:  {})
+    resolved_request = Base.resolve(raw_request)
+
+    expect(resolved_request).to be_a Requests::Rails
+  end
+
+  it 'can resolve a Rack request' do
+    raw_request      = {
+      'HTTP_ACCEPT'  => 'accept_string',
+      'QUERY_STRING' => '',
+    }
+    resolved_request = Base.resolve(raw_request)
+
+    expect(resolved_request).to be_a Requests::Rack
+  end
+end
+end
+end

data/spec/apill/requests/rack_spec.rb

@@ -77,7 +77,7 @@ describe  Rack do
                            request:           raw_request)
 
     expect(request.authorization_token).not_to  be_valid
-    expect(request.authorization_token.to_h).to eql({})
+    expect(request.authorization_token.to_h).to eql([{}, {}])
   end
 
   it 'finds the authorization token from the params if the authorization token from ' \
@@ -123,7 +123,7 @@ describe  Rack do
                            request:           raw_request)
 
     expect(request.authorization_token).to      be_valid
-    expect(request.authorization_token.to_h).to eql({})
+    expect(request.authorization_token.to_h).to eql([{}, {}])
   end
 
   it 'finds the authorization token from the params' do

data/spec/apill/requests/rails_spec.rb

@@ -69,7 +69,7 @@ describe  Rails do
                             request:           raw_request)
 
     expect(request.authorization_token).not_to  be_valid
-    expect(request.authorization_token.to_h).to eql({})
+    expect(request.authorization_token.to_h).to eql([{}, {}])
   end
 
   it 'finds the authorization token from the params if the authorization token from ' \
@@ -116,7 +116,7 @@ describe  Rails do
                             request:           raw_request)
 
     expect(request.authorization_token).to      be_valid
-    expect(request.authorization_token.to_h).to eql({})
+    expect(request.authorization_token.to_h).to eql([{}, {}])
   end
 
   it 'finds the authorization token from the params' do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: apill
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.0.2
 platform: ruby
 authors:
 - jfelchner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-19 00:00:00.000000000 Z
+date: 2015-10-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: human_error
@@ -134,6 +134,7 @@ files:
 - spec/apill/matchers/version_spec.rb
 - spec/apill/middleware/api_request_spec.rb
 - spec/apill/parameters_spec.rb
+- spec/apill/requests/base_spec.rb
 - spec/apill/requests/rack_spec.rb
 - spec/apill/requests/rails_spec.rb
 - spec/apill/resource/model_spec.rb
@@ -182,6 +183,7 @@ test_files:
 - spec/apill/matchers/version_spec.rb
 - spec/apill/middleware/api_request_spec.rb
 - spec/apill/parameters_spec.rb
+- spec/apill/requests/base_spec.rb
 - spec/apill/requests/rack_spec.rb
 - spec/apill/requests/rails_spec.rb
 - spec/apill/resource/model_spec.rb