aspera-cli 4.10.0 → 4.12.0

data/lib/aspera/secret_hider.rb

@@ -7,16 +7,17 @@ module Aspera
   class SecretHider
     # display string for hidden secrets
     HIDDEN_PASSWORD = '🔑'
+    # env vars for ascp with secrets
+    ASCP_ENV_SECRETS = %w[ASPERA_SCP_PASS ASPERA_SCP_KEY ASPERA_SCP_FILEPASS ASPERA_PROXY_PASS ASPERA_SCP_TOKEN].freeze
     # keys in hash that contain secrets
-    ASCP_SECRETS=%w[ASPERA_SCP_PASS ASPERA_SCP_KEY ASPERA_SCP_FILEPASS ASPERA_PROXY_PASS].freeze
-    KEY_SECRETS =%w[password secret private_key passphrase].freeze
-    ALL_SECRETS =[ASCP_SECRETS,KEY_SECRETS].flatten.freeze
-    # regex that define namec captures :begin and :end
-    REGEX_LOG_REPLACES=[
+    KEY_SECRETS = %w[password secret passphrase _key apikey crn token].freeze
+    ALL_SECRETS = [ASCP_ENV_SECRETS, KEY_SECRETS].flatten.freeze
+    # regex that define named captures :begin and :end
+    REGEX_LOG_REPLACES = [
       # CLI manager get/set options
       /(?<begin>[sg]et (#{KEY_SECRETS.join('|')})=).*(?<end>)/,
       # env var ascp exec
-      /(?<begin> (#{ASCP_SECRETS.join('|')})=)[^ ]*(?<end> )/,
+      /(?<begin> (#{ASCP_ENV_SECRETS.join('|')})=)(\\.|[^ ])*(?<end> )/,
       # rendered JSON
       /(?<begin>["':][^"]*(#{ALL_SECRETS.join('|')})[^"]*["']?[=>: ]+")[^"]+(?<end>")/,
       # option "secret"
@@ -26,13 +27,14 @@ module Aspera
       # private key values
       /(?<begin>--+BEGIN .+ KEY--+)[[:ascii:]]+?(?<end>--+?END .+ KEY--+)/
     ].freeze
-    private_constant :HIDDEN_PASSWORD,:ASCP_SECRETS,:KEY_SECRETS,:ALL_SECRETS,:REGEX_LOG_REPLACES
+    private_constant :HIDDEN_PASSWORD, :ASCP_ENV_SECRETS, :KEY_SECRETS, :ALL_SECRETS, :REGEX_LOG_REPLACES
     @log_secrets = false
     class << self
       attr_accessor :log_secrets
+
       def log_formatter(original_formatter)
         original_formatter ||= Logger::Formatter.new
-        # note that @log_secrets may be set AFTER this init is done, so it's done at runtime
+        # NOTE: that @log_secrets may be set AFTER this init is done, so it's done at runtime
         return lambda do |severity, datetime, progname, msg|
           if msg.is_a?(String) && !@log_secrets
             REGEX_LOG_REPLACES.each do |regx|
@@ -43,31 +45,32 @@ module Aspera
         end
       end
 
-      def secret?(keyword,value)
-        keyword=keyword.to_s if keyword.is_a?(Symbol)
+      def secret?(keyword, value)
+        keyword = keyword.to_s if keyword.is_a?(Symbol)
         # only Strings can be secrets, not booleans, or hash, arrays
         keyword.is_a?(String) && ALL_SECRETS.any?{|kw|keyword.include?(kw)} && value.is_a?(String)
       end
 
-      def deep_remove_secret(obj,is_name_value: false)
+      def deep_remove_secret(obj, is_name_value: false)
         case obj
         when Array
           if is_name_value
             obj.each do |i|
-              i['value']=HIDDEN_PASSWORD if secret?(i['parameter'],i['value'])
+              i['value'] = HIDDEN_PASSWORD if secret?(i['parameter'], i['value'])
             end
           else
             obj.each{|i|deep_remove_secret(i)}
           end
         when Hash
-          obj.each do |k,v|
-            if secret?(k,v)
+          obj.each do |k, v|
+            if secret?(k, v)
               obj[k] = HIDDEN_PASSWORD
             elsif obj[k].is_a?(Hash)
               deep_remove_secret(obj[k])
             end
           end
         end
+        return obj
       end
     end
   end

data/lib/aspera/ssh.rb

@@ -2,9 +2,9 @@
 
 require 'net/ssh'
 
-# Hack: deactivate ed25519 and ecdsa private keys from ssh identities, as it usually hurts
+# HACK: deactivate ed25519 and ecdsa private keys from ssh identities, as it usually hurts
 begin
-  module Net;module SSH;module Authentication;class Session;private; def default_keys; %w[~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa];end;end;end;end;end # rubocop:disable Layout/AccessModifierIndentation, Layout/EmptyLinesAroundAccessModifier, Layout/LineLength
+  module Net; module SSH; module Authentication; class Session; private; def default_keys; %w[~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa]; end; end; end; end; end # rubocop:disable Layout/AccessModifierIndentation, Layout/EmptyLinesAroundAccessModifier, Layout/LineLength, Style/Semicolon
 rescue StandardError
   # ignore errors
 end
@@ -15,43 +15,44 @@ module Aspera
   class Ssh
     # ssh_options: same as Net::SSH.start
     # see: https://net-ssh.github.io/net-ssh/classes/Net/SSH.html#method-c-start
-    def initialize(host,username,ssh_options)
-      Log.log.debug("ssh:#{username}@#{host}")
-      Log.log.debug("ssh_options:#{ssh_options}")
+    def initialize(host, username, ssh_options)
+      Log.log.debug{"ssh:#{username}@#{host}"}
+      Log.log.debug{"ssh_options:#{ssh_options}"}
       @host = host
       @username = username
       @ssh_options = ssh_options
       @ssh_options[:logger] = Log.log
     end
 
-    def execute(cmd,input=nil)
+    def execute(cmd, input=nil)
       if cmd.is_a?(Array)
         # concatenate arguments, enclose in double quotes
         cmd = cmd.map{|v|%Q("#{v}")}.join(' ')
       end
-      Log.log.debug("cmd=#{cmd}")
+      Log.log.debug{"cmd=#{cmd}"}
       response = []
       Net::SSH.start(@host, @username, @ssh_options) do |session|
         ssh_channel = session.open_channel do |channel|
           # prepare stdout processing
-          channel.on_data{|_chan,data|response.push(data)}
+          channel.on_data{|_chan, data|response.push(data)}
           # prepare stderr processing, stderr if type = 1
           channel.on_extended_data do |_chan, _type, data|
-            errormsg = "#{cmd}: [#{data.chomp}]"
+            error_message = "#{cmd}: [#{data.chomp}]"
             # Happens when windows user hasn't logged in and created home account.
             if data.include?('Could not chdir to home directory')
-              errormsg += "\nHint: home not created in Windows?"
+              error_message += "\nHint: home not created in Windows?"
             end
-            raise errormsg
+            raise error_message
           end
-          # send commannd to SSH channel (execute)
-          channel.send('cexe'.reverse,cmd){|_ch,_success|channel.send_data(input) unless input.nil?}
+          # send command to SSH channel (execute)
+          channel.send('cexe'.reverse, cmd){|_ch, _success|channel.send_data(input) unless input.nil?}
         end
         # wait for channel to finish (command exit)
         ssh_channel.wait
         # main ssh session loop
         session.loop
-      end # session
+      end # start
+      # response as single string
       return response.join
     end
   end

data/lib/aspera/sync.rb

@@ -1,90 +1,205 @@
 # frozen_string_literal: true
 
 require 'aspera/command_line_builder'
+require 'aspera/fasp/installation'
+require 'json'
+require 'base64'
 
 module Aspera
   # builds command line arg for async
   class Sync
-    INSTANCE_PARAMS =
+    PARAMS_VX_INSTANCE =
       {
-        'alt_logdir'          => { cltype: :opt_with_arg, accepted_types: :string},
-        'watchd'              => { cltype: :opt_with_arg, accepted_types: :string},
-        'apply_local_docroot' => { cltype: :opt_without_arg},
-        'quiet'               => { cltype: :opt_without_arg}
+        'alt_logdir'          => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'watchd'              => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'apply_local_docroot' => { cli: { type: :opt_without_arg}},
+        'quiet'               => { cli: { type: :opt_without_arg}},
+        'ws_connect'          => { cli: { type: :opt_without_arg}}
       }.freeze
-    SESSION_PARAMS =
+
+    # map sync session parameters to transfer spec: sync -> ts, true if same
+    PARAMS_VX_SESSION =
       {
-        'name'                       => { cltype: :opt_with_arg, accepted_types: :string},
-        'local_dir'                  => { cltype: :opt_with_arg, accepted_types: :string},
-        'remote_dir'                 => { cltype: :opt_with_arg, accepted_types: :string},
-        'local_db_dir'               => { cltype: :opt_with_arg, accepted_types: :string},
-        'remote_db_dir'              => { cltype: :opt_with_arg, accepted_types: :string},
-        'host'                       => { cltype: :opt_with_arg, accepted_types: :string},
-        'user'                       => { cltype: :opt_with_arg, accepted_types: :string},
-        'private_key_path'           => { cltype: :opt_with_arg, accepted_types: :string},
-        'direction'                  => { cltype: :opt_with_arg, accepted_types: :string},
-        'checksum'                   => { cltype: :opt_with_arg, accepted_types: :string},
-        'tcp_port'                   => { cltype: :opt_with_arg, accepted_types: :int},
-        'rate_policy'                => { cltype: :opt_with_arg, accepted_types: :string},
-        'target_rate'                => { cltype: :opt_with_arg, accepted_types: :string},
-        'cooloff'                    => { cltype: :opt_with_arg, accepted_types: :int},
-        'pending_max'                => { cltype: :opt_with_arg, accepted_types: :int},
-        'scan_intensity'             => { cltype: :opt_with_arg, accepted_types: :string},
-        'cipher'                     => { cltype: :opt_with_arg, accepted_types: :string},
-        'transfer_threads'           => { cltype: :opt_with_arg, accepted_types: :int},
-        'preserve_time'              => { cltype: :opt_without_arg},
-        'preserve_access_time'       => { cltype: :opt_without_arg},
-        'preserve_modification_time' => { cltype: :opt_without_arg},
-        'preserve_uid'               => { cltype: :opt_without_arg},
-        'preserve_gid'               => { cltype: :opt_without_arg},
-        'create_dir'                 => { cltype: :opt_without_arg},
-        'reset'                      => { cltype: :opt_without_arg},
-        # note: only one env var, but multiple sessions... may be a problem
-        'remote_password'            => { cltype: :envvar, clvarname: 'ASPERA_SCP_PASS'},
-        'cookie'                     => { cltype: :envvar, clvarname: 'ASPERA_SCP_COOKIE'},
-        'token'                      => { cltype: :envvar, clvarname: 'ASPERA_SCP_TOKEN'},
-        'license'                    => { cltype: :envvar, clvarname: 'ASPERA_SCP_LICENSE'}
+        'name'                       => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'local_dir'                  => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'remote_dir'                 => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'local_db_dir'               => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'remote_db_dir'              => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'host'                       => { cli: { type: :opt_with_arg}, accepted_types: :string, ts: :remote_host},
+        'user'                       => { cli: { type: :opt_with_arg}, accepted_types: :string, ts: :remote_user},
+        'private_key_paths'          => { cli: { type: :opt_with_arg, switch: '--private-key-path'}, accepted_types: :array},
+        'direction'                  => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'checksum'                   => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'tags'                       => { cli: { type: :opt_with_arg, switch: '--tags64', convert: 'Aspera::Fasp::Parameters.convert_json64'},
+                                          accepted_types: :hash, ts: true},
+        'tcp_port'                   => { cli: { type: :opt_with_arg}, accepted_types: :int, ts: :ssh_port},
+        'rate_policy'                => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'target_rate'                => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'cooloff'                    => { cli: { type: :opt_with_arg}, accepted_types: :int},
+        'pending_max'                => { cli: { type: :opt_with_arg}, accepted_types: :int},
+        'scan_intensity'             => { cli: { type: :opt_with_arg}, accepted_types: :string},
+        'cipher'                     => { cli: { type: :opt_with_arg}, accepted_types: :string, ts: true},
+        'transfer_threads'           => { cli: { type: :opt_with_arg}, accepted_types: :int},
+        'preserve_time'              => { cli: { type: :opt_without_arg}, ts: :preserve_times},
+        'preserve_access_time'       => { cli: { type: :opt_without_arg}, ts: nil},
+        'preserve_modification_time' => { cli: { type: :opt_without_arg}, ts: nil},
+        'preserve_uid'               => { cli: { type: :opt_without_arg}, ts: :preserve_file_owner_uid},
+        'preserve_gid'               => { cli: { type: :opt_without_arg}, ts: :preserve_file_owner_gid},
+        'create_dir'                 => { cli: { type: :opt_without_arg}, ts: true},
+        'reset'                      => { cli: { type: :opt_without_arg}},
+        # NOTE: only one env var, but multiple sessions... could be a problem
+        'remote_password'            => { cli: { type: :envvar, variable: 'ASPERA_SCP_PASS'}, ts: true},
+        'cookie'                     => { cli: { type: :envvar, variable: 'ASPERA_SCP_COOKIE'}, ts: true},
+        'token'                      => { cli: { type: :envvar, variable: 'ASPERA_SCP_TOKEN'}, ts: true},
+        'license'                    => { cli: { type: :envvar, variable: 'ASPERA_SCP_LICENSE'}}
       }.freeze
 
-    Aspera::CommandLineBuilder.normalize_description(INSTANCE_PARAMS)
-    Aspera::CommandLineBuilder.normalize_description(SESSION_PARAMS)
+    Aspera::CommandLineBuilder.normalize_description(PARAMS_VX_INSTANCE)
+    Aspera::CommandLineBuilder.normalize_description(PARAMS_VX_SESSION)
 
-    private_constant :INSTANCE_PARAMS,:SESSION_PARAMS
+    PARAMS_VX_KEYS = %w[instance sessions].freeze
 
-    def initialize(sync_params)
-      @sync_params = sync_params
-    end
+    # new API
+    TS_TO_PARAMS = {
+      'remote_host'     => 'remote.host',
+      'remote_user'     => 'remote.user',
+      'remote_password' => 'remote.pass',
+      'sshfp'           => 'remote.fingerprint',
+      'ssh_port'        => 'remote.port',
+      'wss_port'        => 'remote.ws_port',
+      'proxy'           => 'remote.proxy',
+      'token'           => 'remote.token',
+      'tags'            => 'tags'
+    }.freeze
+
+    ASYNC_EXECUTABLE = 'async'
 
-    MANDATORY_KEYS = %w[instance sessions].freeze
+    private_constant :PARAMS_VX_INSTANCE, :PARAMS_VX_SESSION, :PARAMS_VX_KEYS, :ASYNC_EXECUTABLE
 
-    def compute_args
-      raise StandardError,'parameter must be Hash' unless @sync_params.is_a?(Hash)
-      raise StandardError,"parameter hash must have at least 'sessions', and optionally 'instance' keys." unless
-        @sync_params.keys.push('instance').uniq.sort.eql?(MANDATORY_KEYS)
-      raise StandardError,'sessions key must be Array' unless @sync_params['sessions'].is_a?(Array)
-      raise StandardError,'sessions key must has at least one element (hash)' unless @sync_params['sessions'].first.is_a?(Hash)
+    class << self
+      def update_parameters_with_transfer_spec(sync_params, transfer_spec)
+        if sync_params.key?('local')
+          # async native JSON format
+          raise StandardError, 'local must be Hash' unless sync_params['local'].is_a?(Hash)
+          TS_TO_PARAMS.each do |ts_param, sy_path|
+            next unless transfer_spec.key?(ts_param)
+            sy_dig = sy_path.split('.')
+            param = sy_dig.pop
+            hash = sy_dig.empty? ? sync_params : sync_params[sy_dig.first]
+            hash = sync_params[sy_dig.first] = {} if hash.nil?
+            hash[param] = transfer_spec[ts_param]
+          end
+          # 'remote.path',
+          sync_params['remote']['connect_mode'] ||= sync_params['remote'].key?('ws_port') ? 'ws' : 'ssh'
+          sync_params['remote']['private_key_paths'] ||= Fasp::Installation.instance.bypass_keys if transfer_spec.key?('token')
+          sync_params['remote']['path'] ||= '/' if transfer_spec.dig(*%w[tags aspera node file_id])
+        elsif sync_params.key?('sessions')
+          sync_params['sessions'].each do |session|
+            PARAMS_VX_SESSION.each do |async_param, behaviour|
+              if behaviour.key?(:ts)
+                tspec_param = behaviour[:ts].is_a?(TrueClass) ? async_param : behaviour[:ts].to_s
+                session[async_param] ||= transfer_spec[tspec_param] if transfer_spec.key?(tspec_param)
+              end
+            end
+            session['private_key_paths'] = Fasp::Installation.instance.bypass_keys if transfer_spec.key?('token')
+            session['remote_dir'] = '/' if transfer_spec.dig(*%w[tags aspera node file_id])
+          end
+        else
+          raise 'At least one of `local` or `sessions` must be present in async parameters'
+        end
+        Log.dump(:sync, sync_params)
+      end
+    end
 
-      env_args = {
+    attr_reader :env_args
+
+    def initialize(sync_params)
+      raise StandardError, 'parameter must be Hash' unless sync_params.is_a?(Hash)
+      @env_args = {
         args: [],
         env:  {}
       }
+      if sync_params.key?('local')
+        # async native JSON format
+        raise StandardError, 'remote must be Hash' unless sync_params['remote'].is_a?(Hash)
+        @env_args[:args] = "--conf64=#{Base64.strict_encode64(JSON.generate(sync_params))}"
+      elsif sync_params.key?('sessions')
+        # ascli JSON format
+        raise StandardError, "Only 'sessions', and optionally 'instance' keys are allowed" unless
+          sync_params.keys.push('instance').uniq.sort.eql?(PARAMS_VX_KEYS)
+        raise StandardError, 'sessions key must be Array' unless sync_params['sessions'].is_a?(Array)
+        raise StandardError, 'sessions key requires at least one Hash' unless sync_params['sessions'].first.is_a?(Hash)
 
-      if @sync_params.has_key?('instance')
-        raise StandardError,'instance key must be hash' unless @sync_params['instance'].is_a?(Hash)
-        instance_builder = CommandLineBuilder.new(@sync_params['instance'],INSTANCE_PARAMS)
-        instance_builder.process_params
-        instance_builder.add_env_args(env_args[:env],env_args[:args])
+        if sync_params.key?('instance')
+          raise StandardError, 'instance key must be Hash' unless sync_params['instance'].is_a?(Hash)
+          instance_builder = Aspera::CommandLineBuilder.new(sync_params['instance'], PARAMS_VX_INSTANCE)
+          instance_builder.process_params
+          instance_builder.add_env_args(@env_args[:env], @env_args[:args])
+        end
+
+        sync_params['sessions'].each do |session_params|
+          raise StandardError, 'sessions must contain hashes' unless session_params.is_a?(Hash)
+          raise StandardError, 'session must contain at leat name' unless session_params.key?('name')
+          session_builder = Aspera::CommandLineBuilder.new(session_params, PARAMS_VX_SESSION)
+          session_builder.process_params
+          session_builder.add_env_args(@env_args[:env], @env_args[:args])
+        end
+      else
+        raise 'At least one of `local` or `sessions` must be present in async parameters'
       end
+    end
 
-      @sync_params['sessions'].each do |session_params|
-        raise StandardError,'sessions must contain hashes' unless session_params.is_a?(Hash)
-        raise StandardError,'session must contain at leat name' unless session_params.has_key?('name')
-        session_builder = CommandLineBuilder.new(session_params,SESSION_PARAMS)
-        session_builder.process_params
-        session_builder.add_env_args(env_args[:env],env_args[:args])
+    def start
+      Log.log.debug{"execute: #{@env_args[:env].map{|k, v| "#{k}=\"#{v}\""}.join(' ')} \"#{ASYNC_EXECUTABLE}\" \"#{@env_args[:args].join('" "')}\""}
+      res = system(@env_args[:env], [ASYNC_EXECUTABLE, ASYNC_EXECUTABLE], *@env_args[:args])
+      Log.log.debug{"result=#{res}"}
+      case res
+      when true then return nil
+      when false then raise "failed: #{$CHILD_STATUS}"
+      when nil then raise "not started: #{$CHILD_STATUS}"
+      else raise 'internal error: unspecified case'
       end
+    end
+  end
+
+  class SyncAdmin
+    ASYNC_ADMIN_EXECUTABLE = 'asyncadmin'
+    private_constant :ASYNC_ADMIN_EXECUTABLE
+    def initialize(sync_params, session_name)
+      @cmdline = [ASYNC_ADMIN_EXECUTABLE, '--quiet']
+      if sync_params.key?('local')
+        raise 'Missing session name' if sync_params['name'].nil?
+        raise 'Session not found' unless session_name.nil? || session_name.eql?(sync_params['name'])
+        @cmdline.push("--name=#{sync_params['name']}")
+        if sync_params.key?('local_db_dir')
+          @cmdline.push("--local-db-dir=#{sync_params['local_db_dir']}")
+        elsif sync_params.dig('local', 'path')
+          @cmdline.push("--local-dir=#{sync_params.dig('local', 'path')}")
+        else
+          raise 'Missing either local_db_dir or local.path'
+        end
+      elsif sync_params.key?('sessions')
+        session = session_name.nil? ? sync_params['sessions'].first : sync_params['sessions'].find{|s|s['name'].eql?(session_name)}
+        raise 'Session not found' if session.nil?
+        raise 'Missing session name' if session['name'].nil?
+        @cmdline.push("--name=#{session['name']}")
+        if session.key?('local_db_dir')
+          @cmdline.push("--local-db-dir=#{session['local_db_dir']}")
+        elsif session.key?('local_dir')
+          @cmdline.push("--local-dir=#{session['local_dir']}")
+        else
+          raise 'Missing either local_db_dir or local_dir'
+        end
+      else
+        raise 'At least one of `local` or `sessions` must be present in async parameters'
+      end
+    end
 
-      return env_args
+    def status
+      stdout, stderr, status = Open3.capture3(*@cmdline)
+      Log.log.debug{"status=#{status}, stderr=#{stderr}"}
+      raise "Sync failed: #{status.exitstatus} : #{stderr}" unless status.success?
+      return stdout.split("\n").each_with_object({}){|l, m|i = l.split(/:  */); m[i.first.lstrip] = i.last.lstrip} # rubocop:disable Style/Semicolon
     end
   end
 end

data/lib/aspera/temp_file_manager.rb

@@ -11,7 +11,7 @@ module Aspera
     SEC_IN_DAY = 86_400
     # assume no transfer last longer than this
     # (garbage collect file list which were not deleted after transfer)
-    FILE_LIST_AGE_MAX_SEC = 5 * SEC_IN_DAY
+    FILE_LIST_AGE_MAX_SEC = SEC_IN_DAY * 5
     private_constant :SEC_IN_DAY, :FILE_LIST_AGE_MAX_SEC
     include Singleton
     def initialize
@@ -53,7 +53,7 @@ module Aspera
         age_sec = (Time.now - File.stat(file_path).mtime).to_i
         # check age of file, delete too old
         if File.file?(file_path) && (age_sec > FILE_LIST_AGE_MAX_SEC)
-          Log.log.debug("garbage collecting #{name}")
+          Log.log.debug{"garbage collecting #{name}"}
           File.delete(file_path)
         end
       end

data/lib/aspera/uri_reader.rb

@@ -10,12 +10,12 @@ module Aspera
       def read(uri_to_read)
         proxy_uri = URI.parse(uri_to_read)
         case proxy_uri.scheme
-        when 'http','https'
-          return Rest.new(base_url: uri_to_read,redirect_max: 5).call(operation: 'GET', subpath: '', headers: {'Accept' => 'text/plain'})[:data]
-        when 'file',NilClass
+        when 'http', 'https'
+          return Rest.new(base_url: uri_to_read, redirect_max: 5).call(operation: 'GET', subpath: '', headers: {'Accept' => 'text/plain'})[:data]
+        when 'file', NilClass
           local_file_path = proxy_uri.path
           raise 'URL shall have a path, check syntax' if local_file_path.nil?
-          local_file_path = File.expand_path(local_file_path.gsub(/^\//,'')) if /^\/(~|.|..)\//.match?(local_file_path)
+          local_file_path = File.expand_path(local_file_path.gsub(%r{^/}, '')) if %r{^/(~|.|..)/}.match?(local_file_path)
           return File.read(local_file_path)
         else
           raise "unknown scheme: [#{proxy_uri.scheme}] for [#{uri_to_read}]"

data/lib/aspera/web_auth.rb

@@ -1,22 +1,21 @@
 # frozen_string_literal: true
 
-require 'webrick'
-require 'webrick/https'
+require 'aspera/web_server_simple'
 require 'stringio'
 
 module Aspera
   # servlet called on callback: it records the callback request
   class WebAuthServlet < WEBrick::HTTPServlet::AbstractServlet
-    def initialize(server,application) # additional args get here
+    def initialize(server, application) # additional args get here
       Log.log.debug('WebAuthServlet initialize')
       super(server)
       @app = application
     end
 
     def service(request, response)
-      Log.log.debug("received request from browser #{request.request_method} #{request.path}")
-      raise WEBrick::HTTPStatus::MethodNotAllowed,"unexpected method: #{request.request_method}" unless request.request_method.eql?('GET')
-      raise WEBrick::HTTPStatus::NotFound,"unexpected path: #{request.path}" unless request.path.eql?(@app.expected_path)
+      Log.log.debug{"received request from browser #{request.request_method} #{request.path}"}
+      raise WEBrick::HTTPStatus::MethodNotAllowed, "unexpected method: #{request.request_method}" unless request.request_method.eql?('GET')
+      raise WEBrick::HTTPStatus::NotFound, "unexpected path: #{request.path}" unless request.path.eql?(@app.expected_path)
       # acquire lock and signal change
       @app.mutex.synchronize do
         @app.query = request.query
@@ -29,81 +28,31 @@ module Aspera
     end
   end # WebAuthServlet
 
-  # generates and adds self signed cert to provided webrick options
-  #def fill_self_signed_cert(cert,key)
-  #  cert.subject = cert.issuer = OpenSSL::X509::Name.parse('/C=FR/O=Test/OU=Test/CN=Test')
-  #  cert.not_before = Time.now
-  #  cert.not_after = Time.now + 365 * 24 * 60 * 60
-  #  cert.public_key = key.public_key
-  #  cert.serial = 0x0
-  #  cert.version = 2
-  #  ef = OpenSSL::X509::ExtensionFactory.new
-  #  ef.issuer_certificate = cert
-  #  ef.subject_certificate = cert
-  #  cert.extensions = [
-  #    ef.create_extension('basicConstraints','CA:TRUE', true),
-  #    ef.create_extension('subjectKeyIdentifier', 'hash'),
-  #    # ef.create_extension('keyUsage', 'cRLSign,keyCertSign', true),
-  #  ]
-  #  cert.add_extension(ef.create_extension('authorityKeyIdentifier','keyid:always,issuer:always'))
-  #  cert.sign(key, OpenSSL::Digest::SHA256.new)
-  #end
-
   # start a local web server, then start a browser that will callback the local server upon authentication
-  class WebAuth
-    attr_reader :expected_path,:mutex,:cond
+  class WebAuth < WebServerSimple
+    attr_reader :expected_path, :mutex, :cond
     attr_writer :query
+
     # @param endpoint_url [String] e.g. 'https://127.0.0.1:12345'
     def initialize(endpoint_url)
       uri = URI.parse(endpoint_url)
+      super(uri)
       # parameters for servlet
-      @query = nil
       @mutex = Mutex.new
       @cond = ConditionVariable.new
       @expected_path = uri.path.empty? ? '/' : uri.path
-      # see https://www.rubydoc.info/stdlib/webrick/WEBrick/Config
-      webrick_options = {
-        BindAddress: uri.host,
-        Port:        uri.port,
-        Logger:      Log.log,
-        AccessLog:   [[self, WEBrick::AccessLog::COMMON_LOG_FORMAT]] # replace default access log to call local method "<<" below
-      }
-      case uri.scheme
-      when 'http'
-        Log.log.debug('HTTP mode')
-      when 'https'
-        webrick_options[:SSLEnable] = true
-        # a- automatic certificate generation
-        webrick_options[:SSLCertName] = [['CN',WEBrick::Utils.getservername]]
-        # b- generate self signed cert
-        #webrick_options[:SSLPrivateKey]   = OpenSSL::PKey::RSA.new(4096)
-        #webrick_options[:SSLCertificate]  = OpenSSL::X509::Certificate.new
-        #self.class.fill_self_signed_cert(webrick_options[:SSLCertificate],webrick_options[:SSLPrivateKey])
-        ## c- good cert
-        #webrick_options[:SSLPrivateKey]  = OpenSSL::PKey::RSA.new(File.read('.../myserver.key'))
-        #webrick_options[:SSLCertificate] = OpenSSL::X509::Certificate.new(File.read('.../myserver.crt'))
-      end
-      # self signed certificate generates characters on STDERR, see create_self_signed_cert in webrick/ssl.rb
-      Log.capture_stderr { @server = WEBrick::HTTPServer.new(webrick_options) }
-      @server.mount(@expected_path, WebAuthServlet, self) # additional args provided to constructor
-      Thread.new { @server.start }
-    end
-
-    # log web server access ( option AccessLog )
-    def <<(access_log)
-      Log.log.debug{"webrick log #{access_log.chomp}"}
+      @query = nil
+      mount(@expected_path, WebAuthServlet, self) # additional args provided to constructor
+      Thread.new { start }
     end
 
     # wait for request on web server
     # @return Hash the query
     def received_request
-      # shall be called only once
-      raise 'error, received_request called twice ?' if @server.nil?
       # wait for signal from thread
       @mutex.synchronize{@cond.wait(@mutex)}
       # tell server thread to stop
-      @server.shutdown
-      @server = nil
+      shutdown
       return @query
     end
   end