apisonator 2.100.2.pre1 → 3.0.0.pre1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b94cc75d6c390281dd0bd610708dd395dbff74275cead465ca59d9742cb3cedf
-  data.tar.gz: 499e2bdb91ee859d20857b1ab863a4b722e9a578a781e71617f4364b9a0b0c7a
+  metadata.gz: 0fa79b460b2906815bfb027b35522ea438f4ecb8952643c2c66b886a28dcff09
+  data.tar.gz: 491656a6738201be52b2d3062b916db4f52cb38dd3edc8a2ba2b0c5816412a73
 SHA512:
-  metadata.gz: '005718b444db78ebd7cf83b6e3892353af4fbf2d36dca6cc37e8bd5573d62290ad25dc2219cdf666018cfb5b71584a58ad77988e98ec64069ea3619191de6532'
-  data.tar.gz: e5f4c817c100e83aa8daeee63250dde6940fe96efe5820ba454df47ee55aef67cb575f7e40e133f8db79a9f289f36dff05df6061a4cd8258dacb32324ccf1cdf
+  metadata.gz: 75f2a8668f08c65ea4b125c1a1c86939f1e75e7d8b0d0aa5c2c084881fbe380a7eed3a8863d391f029d78460fd5f3c8036ec8c208177dd1fda813808577ed351
+  data.tar.gz: eb6f93ad8861cb4916afa819a8d2bc35db94b6c240c34048dd5e6ec5039ae7ade2977b3d0c251b86a63e710a73f1918785ecfd12f195f6e1dfb4d7bf12004fb4

data/CHANGELOG.md

@@ -2,6 +2,46 @@
 
 Notable changes to Apisonator will be tracked in this document.
 
+## 2.101.1 - 2020-06-05
+
+### Fixed
+
+- Fixed a bug introduced in the previous version that made apisonator return an
+error when authorizing some requests with the `no_body` option enabled
+([#224](https://github.com/3scale/apisonator/pull/224)).
+
+
+## 2.101.0 - 2020-06-04
+
+### Added
+
+- Introduced the `CONFIG_REDIS_MAX_CONNS` and `CONFIG_QUEUES_MAX_CONNS` ENVs to
+configure the max number of Redis connections when using the async mode
+([#214](https://github.com/3scale/apisonator/pull/214)).
+
+### Changed
+
+- Perf optimization: loading the usage limits is now done more efficiently.
+There is a noticeable improvement in requests with `no_body` enabled for
+services with many metrics defined
+([#221](https://github.com/3scale/apisonator/pull/221)).
+- Updated activesupport to 5.2.4.3
+([#217](https://github.com/3scale/apisonator/pull/217)).
+
+
+## 2.100.2 - 2020-05-08
+
+### Changed
+
+- The Prometheus histogram buckets of the workers have been adjusted to be more
+informative ([#208](https://github.com/3scale/apisonator/pull/208)).
+
+### Removed
+
+- The deprecated endpoints to create, delete, and list oauth tokens have been
+disabled ([#212](https://github.com/3scale/apisonator/pull/212)).
+
+
 ## 2.100.1 - 2020-04-22
 
 ### Changed

data/Gemfile.base

@@ -25,7 +25,6 @@ group :test do
   gem 'resque_spec',   '~> 0.17.0'
   gem 'timecop',       '~> 0.9.1'
   gem 'rspec',         '~> 3.7.0', require: nil
-  gem 'geminabox',     '~> 0.13.11', require: false
   gem 'codeclimate-test-reporter', '~> 0.6.0', require: nil
   gem 'async-rspec'
 end

data/Gemfile.lock

@@ -35,14 +35,14 @@ GIT
 PATH
   remote: .
   specs:
-    apisonator (2.100.2.pre1)
+    apisonator (3.0.0.pre1)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (5.1.4)
+    activesupport (5.2.4.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (~> 0.7)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
     airbrake (4.3.1)
@@ -95,7 +95,7 @@ GEM
     codeclimate-test-reporter (0.6.0)
       simplecov (>= 0.7.1, < 1.0.0)
     coderay (1.1.2)
-    concurrent-ruby (1.0.5)
+    concurrent-ruby (1.1.6)
     console (1.8.2)
     daemons (1.2.4)
     diff-lcs (1.3)
@@ -112,20 +112,10 @@ GEM
       process-metrics (~> 0.1.0)
       rack (>= 1.0)
       samovar (~> 2.1)
-    faraday (0.13.1)
-      multipart-post (>= 1.2, < 3)
     ffi (1.12.2)
-    geminabox (0.13.11)
-      builder
-      faraday
-      httpclient (>= 2.2.7)
-      nesty
-      reentrant_flock
-      sinatra (>= 1.2.7)
     gli (2.16.1)
     hiredis (0.6.3)
-    httpclient (2.8.3)
-    i18n (0.9.1)
+    i18n (1.8.2)
       concurrent-ruby (~> 1.0)
     jmespath (1.3.1)
     json (2.1.0)
@@ -141,15 +131,13 @@ GEM
     metaclass (0.0.4)
     method_source (0.9.0)
     mini_portile2 (2.4.0)
-    minitest (5.10.3)
+    minitest (5.14.1)
     mocha (1.3.0)
       metaclass (~> 0.0.1)
     mono_logger (1.1.0)
     multi_json (1.13.1)
-    multipart-post (2.0.0)
     mustache (1.0.5)
     mustermann (1.0.2)
-    nesty (1.0.2)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
     net-ssh (4.2.0)
@@ -191,7 +179,6 @@ GEM
     rake (13.0.1)
     redis-namespace (1.6.0)
       redis (>= 3.0.4)
-    reentrant_flock (0.1.1)
     resque_spec (0.17.0)
       resque (>= 1.19.0)
       rspec-core (>= 3.0.0)
@@ -256,7 +243,7 @@ GEM
     timers (4.3.0)
     toml (0.2.0)
       parslet (~> 1.8.0)
-    tzinfo (1.2.4)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     vegas (0.1.11)
       rack (>= 1.0.0)
@@ -288,7 +275,6 @@ DEPENDENCIES
   codeclimate-test-reporter (~> 0.6.0)
   daemons (= 1.2.4)
   falcon (~> 0.35)
-  geminabox (~> 0.13.11)
   gli (~> 2.16.1)
   hiredis (~> 0.6.1)
   license_finder (~> 5)

data/Gemfile.on_prem.lock

@@ -35,14 +35,14 @@ GIT
 PATH
   remote: .
   specs:
-    apisonator (2.100.2.pre1)
+    apisonator (3.0.0.pre1)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (5.1.4)
+    activesupport (5.2.4.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (~> 0.7)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
     async (1.24.2)
@@ -85,7 +85,7 @@ GEM
     codeclimate-test-reporter (0.6.0)
       simplecov (>= 0.7.1, < 1.0.0)
     coderay (1.1.2)
-    concurrent-ruby (1.0.5)
+    concurrent-ruby (1.1.6)
     console (1.8.2)
     daemons (1.2.4)
     diff-lcs (1.3)
@@ -102,20 +102,10 @@ GEM
       process-metrics (~> 0.1.0)
       rack (>= 1.0)
       samovar (~> 2.1)
-    faraday (0.13.1)
-      multipart-post (>= 1.2, < 3)
     ffi (1.12.2)
-    geminabox (0.13.11)
-      builder
-      faraday
-      httpclient (>= 2.2.7)
-      nesty
-      reentrant_flock
-      sinatra (>= 1.2.7)
     gli (2.16.1)
     hiredis (0.6.3)
-    httpclient (2.8.3)
-    i18n (0.9.1)
+    i18n (1.8.2)
       concurrent-ruby (~> 1.0)
     json (2.1.0)
     license_finder (5.9.2)
@@ -130,15 +120,13 @@ GEM
     metaclass (0.0.4)
     method_source (0.9.0)
     mini_portile2 (2.4.0)
-    minitest (5.10.3)
+    minitest (5.14.1)
     mocha (1.3.0)
       metaclass (~> 0.0.1)
     mono_logger (1.1.0)
     multi_json (1.13.1)
-    multipart-post (2.0.0)
     mustache (1.0.5)
     mustermann (1.0.2)
-    nesty (1.0.2)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
     net-ssh (4.2.0)
@@ -179,7 +167,6 @@ GEM
     rake (13.0.1)
     redis-namespace (1.6.0)
       redis (>= 3.0.4)
-    reentrant_flock (0.1.1)
     resque_spec (0.17.0)
       resque (>= 1.19.0)
       rspec-core (>= 3.0.0)
@@ -242,7 +229,7 @@ GEM
     timers (4.3.0)
     toml (0.2.0)
       parslet (~> 1.8.0)
-    tzinfo (1.2.4)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     vegas (0.1.11)
       rack (>= 1.0.0)
@@ -270,7 +257,6 @@ DEPENDENCIES
   codeclimate-test-reporter (~> 0.6.0)
   daemons (= 1.2.4)
   falcon (~> 0.35)
-  geminabox (~> 0.13.11)
   gli (~> 2.16.1)
   hiredis (~> 0.6.1)
   license_finder (~> 5)

data/lib/3scale/backend.rb

@@ -35,7 +35,6 @@ require '3scale/backend/rack'
 require '3scale/backend/extensions'
 require '3scale/backend/background_job'
 require '3scale/backend/storage'
-require '3scale/backend/oauth'
 require '3scale/backend/memoizer'
 require '3scale/backend/application'
 require '3scale/backend/error_storage'

data/lib/3scale/backend/application.rb

@@ -91,8 +91,8 @@ module ThreeScale
           end
         end
 
-        def extract_id!(service_id, app_id, user_key, access_token)
-          with_app_id_from_params service_id, app_id, user_key, access_token do |appid|
+        def extract_id!(service_id, app_id, user_key)
+          with_app_id_from_params service_id, app_id, user_key do |appid|
             exists? service_id, appid and appid
           end
         end
@@ -106,7 +106,6 @@ module ThreeScale
           raise ApplicationNotFound, id unless exists?(service_id, id)
           delete_data service_id, id
           clear_cache service_id, id
-          OAuth::Token::Storage.remove_tokens(service_id, id)
         end
 
         def delete_data(service_id, id)
@@ -157,14 +156,12 @@ module ThreeScale
           )
         end
 
-        def with_app_id_from_params(service_id, app_id, user_key, access_token = nil)
+        def with_app_id_from_params(service_id, app_id, user_key)
           if app_id
             raise AuthenticationError unless user_key.nil?
           elsif user_key
             app_id = load_id_by_key(service_id, user_key)
             raise UserKeyInvalid, user_key if app_id.nil?
-          elsif access_token
-            app_id, * = OAuth::Token::Storage.get_credentials access_token, service_id
           else
             raise ApplicationNotFound
           end
@@ -223,6 +220,25 @@ module ThreeScale
         @usage_limits ||= UsageLimit.load_all(service_id, plan_id)
       end
 
+      def load_all_usage_limits
+        @usage_limits = UsageLimit.load_all(service_id, plan_id)
+      end
+
+      # Loads the usage limits affected by the metrics received, that is, the
+      # limits that are defined for those metrics plus all their ancestors in
+      # the metrics hierarchy.
+      # Raises MetricInvalid when a metric does not exist.
+      def load_usage_limits_affected_by(metric_names)
+        metric_ids = metric_names.flat_map do |name|
+          [name] + Metric.ascendants(service_id, name)
+        end.uniq.map do |name|
+          Metric.load_id(service_id, name) || raise(MetricInvalid.new(name))
+        end
+
+        # IDs are sorted to be able to use the memoizer
+        @usage_limits = UsageLimit.load_for_affecting_metrics(service_id, plan_id, metric_ids.sort)
+      end
+
       def active?
         state == :active
       end

data/lib/3scale/backend/configuration.rb

@@ -46,9 +46,9 @@ module ThreeScale
 
       # Add configuration sections
       config.add_section(:queues, :master_name, :sentinels, :role,
-                         :connect_timeout, :read_timeout, :write_timeout)
+                         :connect_timeout, :read_timeout, :write_timeout, :max_connections)
       config.add_section(:redis, :url, :proxy, :sentinels, :role,
-                         :connect_timeout, :read_timeout, :write_timeout,
+                         :connect_timeout, :read_timeout, :write_timeout, :max_connections,
                          :async)
       config.add_section(:analytics_redis, :server,
                          :connect_timeout, :read_timeout, :write_timeout)
@@ -57,7 +57,6 @@ module ThreeScale
       config.add_section(:redshift, :host, :port, :dbname, :user, :password)
       config.add_section(:statsd, :host, :port)
       config.add_section(:internal_api, :user, :password)
-      config.add_section(:oauth, :max_token_size)
       config.add_section(:master, :metrics)
       config.add_section(:worker_prometheus_metrics, :enabled, :port)
       config.add_section(:listener_prometheus_metrics, :enabled, :port)

data/lib/3scale/backend/errors.rb

@@ -73,36 +73,6 @@ module ThreeScale
       end
     end
 
-    class AccessTokenInvalid < NotFound
-      def initialize(id = nil)
-        super %(token "#{id}" is invalid: expired or never defined)
-      end
-    end
-
-    class AccessTokenAlreadyExists < Error
-      def initialize(id = nil)
-        super %(token "#{id}" already exists)
-      end
-    end
-
-    class AccessTokenStorageError < Error
-      def initialize(id = nil)
-        super %(storage error when saving token "#{id}")
-      end
-    end
-
-    class AccessTokenFormatInvalid < Invalid
-      def initialize
-        super 'token is either too big or has an invalid format'.freeze
-      end
-    end
-
-    class AccessTokenInvalidTTL < Invalid
-      def initialize
-        super 'the specified TTL should be a positive integer'.freeze
-      end
-    end
-
     class ServiceNotActive < Error
       def initialize
         super 'service is not active'.freeze
@@ -182,12 +152,6 @@ module ThreeScale
       end
     end
 
-    class RequiredParamsMissing < Invalid
-      def initialize
-        super 'missing required parameters'.freeze
-      end
-    end
-
     class UsageValueInvalid < Error
       def initialize(metric_name, value)
         if !value.is_a?(String) || value.blank?

data/lib/3scale/backend/listener.rb

@@ -30,9 +30,6 @@ module ThreeScale
       ##~ @parameter_app_id_inline = @parameter_app_id.clone
       ##~ @parameter_app_id_inline["description_inline"] = true
       ##
-      ##~ @parameter_access_token = {"name" => "access_token", "dataType" => "string", "required" => false, "paramType" => "query", "threescale_name" => "access_tokens"}
-      ##~ @parameter_access_token["description"] = "OAuth token used for authorizing if you don't use client_id with client_secret."
-      ##
       ##~ @parameter_client_id = {"name" => "app_id", "dataType" => "string", "required" => false, "paramType" => "query", "threescale_name" => "app_ids"}
       ##~ @parameter_client_id["description"] = "Client Id (identifier of the application if the auth. pattern is OAuth, note that client_id == app_id)"
       ##~ @parameter_client_id_inline = @parameter_client_id.clone
@@ -114,8 +111,7 @@ module ThreeScale
 
 
       AUTH_AUTHREP_COMMON_PARAMS = ['service_id'.freeze, 'app_id'.freeze, 'app_key'.freeze,
-                                    'user_key'.freeze, 'provider_key'.freeze,
-                                    'access_token'.freeze].freeze
+                                    'user_key'.freeze, 'provider_key'.freeze].freeze
       private_constant :AUTH_AUTHREP_COMMON_PARAMS
 
       REPORT_EXPECTED_PARAMS = ['provider_key'.freeze,
@@ -128,8 +124,6 @@ module ThreeScale
         disable :dump_errors
       end
 
-      set :views, File.dirname(__FILE__) + '/views'
-
       use Backend::Rack::ExceptionCatcher
 
       before do
@@ -252,7 +246,7 @@ module ThreeScale
       ##~ op.summary = "Authorize (OAuth authentication mode pattern)"
       ##
       ##~ op.description = "<p>Read-only operation to authorize an application in the OAuth authentication pattern."
-      ##~ @oauth_security = "<p>When using this endpoint please pay attention at your handling of app_id and app_key parameters. If you don't specify an app_key, the endpoint assumes the app_id specified has already been authenticated by other means. If you specify the app_key parameter, even if it is empty, it will be checked against the application's keys. If you don't trust the app_id value you have, either use app keys and specify one or use access_token and avoid the app_id parameter."
+      ##~ @oauth_security = "<p>When using this endpoint please pay attention at your handling of app_id and app_key parameters. If you don't specify an app_key, the endpoint assumes the app_id specified has already been authenticated by other means. If you specify the app_key parameter, even if it is empty, it will be checked against the application's keys. If you don't trust the app_id value you have, use app keys and specify one."
       ##~ @oauth_desc_response = "<p>This call returns extra data (secret and redirect_url) needed to power OAuth APIs. It's only available for users with OAuth enabled APIs."
       ##~ op.description = op.description + @oauth_security + @oauth_desc_response
       ##~ op.description = op.description + " " + @authorize_desc + " " + @authorize_desc_response
@@ -263,7 +257,6 @@ module ThreeScale
       ##
       ##~ op.parameters.add @parameter_service_token
       ##~ op.parameters.add @parameter_service_id
-      ##~ op.parameters.add @parameter_access_token
       ##~ op.parameters.add @parameter_client_id
       ##~ op.parameters.add @parameter_app_key_oauth
       ##~ op.parameters.add @parameter_referrer
@@ -337,7 +330,6 @@ module ThreeScale
       ##
       ##~ op.parameters.add @parameter_service_token
       ##~ op.parameters.add @parameter_service_id
-      ##~ op.parameters.add @parameter_access_token
       ##~ op.parameters.add @parameter_client_id
       ##~ op.parameters.add @parameter_app_key_oauth
       ##~ op.parameters.add @parameter_referrer
@@ -430,62 +422,6 @@ module ThreeScale
         202
       end
 
-      ## OAUTH ACCESS TOKENS
-
-      # These endpoints are deprecated and are going to be removed. For now,
-      # let's disable them.
-      if Backend.test?
-        post '/services/:service_id/oauth_access_tokens.xml' do
-          check_post_content_type!
-          require_params! :service_id, :token
-
-          service_id = params[:service_id]
-          ensure_authenticated!(params[:provider_key], params[:service_token], service_id)
-
-          app_id = params[:app_id]
-          raise ApplicationNotFound, app_id unless Application.exists?(service_id, app_id)
-
-          OAuth::Token::Storage.create(params[:token], service_id, app_id, params[:ttl])
-        end
-
-        delete '/services/:service_id/oauth_access_tokens/:token.xml' do
-          require_params! :service_id, :token
-
-          service_id = params[:service_id]
-          ensure_authenticated!(params[:provider_key], params[:service_token], service_id)
-
-          token = params[:token]
-
-          # TODO: perhaps improve this to list the deleted tokens?
-          raise AccessTokenInvalid, token unless OAuth::Token::Storage.delete(token, service_id)
-        end
-
-        get '/services/:service_id/applications/:app_id/oauth_access_tokens.xml' do
-          require_params! :service_id, :app_id
-
-          service_id = params[:service_id]
-          ensure_authenticated!(params[:provider_key], params[:service_token], service_id)
-
-          app_id = params[:app_id]
-
-          raise ApplicationNotFound, app_id unless Application.exists?(service_id, app_id)
-
-          @tokens = OAuth::Token::Storage.all_by_service_and_app service_id, app_id
-          builder :oauth_access_tokens
-        end
-
-        get '/services/:service_id/oauth_access_tokens/:token.xml' do
-          require_params! :service_id, :token
-
-          service_id = params[:service_id]
-          ensure_authenticated!(params[:provider_key], params[:service_token], service_id)
-
-          @token_to_app_id = OAuth::Token::Storage.get_credentials(params[:token], service_id)
-
-          builder :oauth_app_id_by_token
-        end
-      end
-
       get '/check.txt' do
         content_type 'text/plain'
         body 'ok'
@@ -518,10 +454,6 @@ module ThreeScale
         params[:usage].nil? || params[:usage].is_a?(Hash)
       end
 
-      def require_params!(*keys)
-        raise RequiredParamsMissing unless params && keys.all? { |key| !blank?(params[key]) }
-      end
-
       def check_params_value_encoding!(input_params, params_to_validate)
         params_to_validate.each do |p|
           param_value = input_params[p]
@@ -604,10 +536,6 @@ module ThreeScale
         end
       end
 
-      def application
-        @application ||= Application.load_by_id_or_user_key!(service_id, params[:app_id], params[:user_key])
-      end
-
       def service_id
         if params[:service_id].nil? || params[:service_id].empty?
           @service_id ||= Service.default_id!(params[:provider_key])
@@ -655,15 +583,6 @@ module ThreeScale
         raise ServiceTokenInvalid.new(token, id)
       end
 
-      def ensure_authenticated!(provider_key, service_token, service_id)
-        if blank?(provider_key)
-          key = provider_key_from(service_token, service_id)
-          raise_provider_key_error(params) if blank?(key)
-        elsif !Service.authenticate_service_id(service_id, provider_key)
-          raise ProviderKeyInvalid, provider_key
-        end
-      end
-
       def response_auth_call(auth_status)
         status(auth_status.authorized? ? 200 : 409)
         optionally_set_headers(auth_status)