RubyGems - aspera-cli - Versions diffs - 4.23.0 → 4.24.1 - Mend

aspera-cli 4.23.0 → 4.24.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/CHANGELOG.md +37 -1
data/CONTRIBUTING.md +86 -29
data/README.md +2109 -1300
data/bin/ascli +2 -1
data/bin/asession +4 -4
data/lib/aspera/agent/base.rb +4 -0
data/lib/aspera/agent/connect.rb +20 -18
data/lib/aspera/agent/desktop.rb +14 -11
data/lib/aspera/agent/direct.rb +39 -31
data/lib/aspera/agent/httpgw.rb +2 -2
data/lib/aspera/agent/node.rb +9 -11
data/lib/aspera/agent/transferd.rb +18 -11
data/lib/aspera/api/aoc.rb +44 -31
data/lib/aspera/api/cos_node.rb +7 -5
data/lib/aspera/api/httpgw.rb +15 -18
data/lib/aspera/api/node.rb +104 -22
data/lib/aspera/ascmd.rb +22 -16
data/lib/aspera/ascp/installation.rb +37 -40
data/lib/aspera/ascp/management.rb +5 -4
data/lib/aspera/assert.rb +54 -23
data/lib/aspera/cli/basic_auth_plugin.rb +8 -7
data/lib/aspera/cli/error.rb +1 -1
data/lib/aspera/cli/extended_value.rb +28 -29
data/lib/aspera/cli/formatter.rb +191 -168
data/lib/aspera/cli/hints.rb +29 -3
data/lib/aspera/cli/main.rb +138 -107
data/lib/aspera/cli/manager.rb +50 -30
data/lib/aspera/cli/plugin.rb +148 -77
data/lib/aspera/cli/plugin_factory.rb +2 -2
data/lib/aspera/cli/plugins/aoc.rb +189 -70
data/lib/aspera/cli/plugins/ats.rb +15 -13
data/lib/aspera/cli/plugins/config.rb +100 -214
data/lib/aspera/cli/plugins/console.rb +49 -18
data/lib/aspera/cli/plugins/cos.rb +4 -4
data/lib/aspera/cli/plugins/faspex.rb +45 -51
data/lib/aspera/cli/plugins/faspex5.rb +164 -165
data/lib/aspera/cli/plugins/faspio.rb +6 -5
data/lib/aspera/cli/plugins/httpgw.rb +2 -2
data/lib/aspera/cli/plugins/node.rb +144 -162
data/lib/aspera/cli/plugins/orchestrator.rb +10 -14
data/lib/aspera/cli/plugins/preview.rb +26 -29
data/lib/aspera/cli/plugins/server.rb +28 -28
data/lib/aspera/cli/plugins/shares.rb +40 -28
data/lib/aspera/cli/sync_actions.rb +101 -80
data/lib/aspera/cli/transfer_agent.rb +51 -50
data/lib/aspera/cli/transfer_progress.rb +29 -20
data/lib/aspera/cli/version.rb +1 -1
data/lib/aspera/cli/wizard.rb +157 -0
data/lib/aspera/colors.rb +13 -8
data/lib/aspera/command_line_builder.rb +28 -22
data/lib/aspera/command_line_converter.rb +31 -0
data/lib/aspera/environment.rb +145 -101
data/lib/aspera/faspex_gw.rb +1 -1
data/lib/aspera/faspex_postproc.rb +3 -2
data/lib/aspera/hash_ext.rb +1 -1
data/lib/aspera/id_generator.rb +10 -10
data/lib/aspera/keychain/base.rb +18 -0
data/lib/aspera/keychain/encrypted_hash.rb +6 -12
data/lib/aspera/keychain/factory.rb +9 -3
data/lib/aspera/keychain/hashicorp_vault.rb +9 -6
data/lib/aspera/keychain/macos_security.rb +13 -13
data/lib/aspera/log.rb +91 -19
data/lib/aspera/nagios.rb +5 -6
data/lib/aspera/node_simulator.rb +12 -7
data/lib/aspera/oauth/base.rb +5 -3
data/lib/aspera/oauth/factory.rb +24 -18
data/lib/aspera/oauth/jwt.rb +13 -1
data/lib/aspera/oauth/url_json.rb +3 -3
data/lib/aspera/oauth/web.rb +5 -3
data/lib/aspera/persistency_folder.rb +2 -2
data/lib/aspera/preview/file_types.rb +4 -3
data/lib/aspera/preview/generator.rb +25 -12
data/lib/aspera/preview/terminal.rb +10 -7
data/lib/aspera/preview/utils.rb +11 -9
data/lib/aspera/products/connect.rb +1 -1
data/lib/aspera/products/desktop.rb +1 -1
data/lib/aspera/products/other.rb +2 -2
data/lib/aspera/products/transferd.rb +8 -6
data/lib/aspera/proxy_auto_config.rb +1 -1
data/lib/aspera/rest.rb +29 -22
data/lib/aspera/rest_call_error.rb +1 -1
data/lib/aspera/resumer.rb +1 -1
data/lib/aspera/secret_hider.rb +46 -40
data/lib/aspera/ssh.rb +13 -3
data/lib/aspera/sync/args.schema.yaml +102 -0
data/lib/aspera/sync/conf.schema.yaml +701 -0
data/lib/aspera/sync/database.rb +83 -0
data/lib/aspera/sync/operations.rb +296 -0
data/lib/aspera/temp_file_manager.rb +3 -2
data/lib/aspera/transfer/error.rb +1 -1
data/lib/aspera/transfer/error_info.rb +1 -2
data/lib/aspera/transfer/faux_file.rb +11 -10
data/lib/aspera/transfer/parameters.rb +6 -5
data/lib/aspera/transfer/spec.rb +15 -1
data/lib/aspera/transfer/spec.schema.yaml +316 -293
data/lib/aspera/transfer/spec_doc.rb +34 -16
data/lib/aspera/transfer/uri.rb +5 -5
data/lib/aspera/uri_reader.rb +14 -10
data/lib/aspera/web_auth.rb +2 -2
data/lib/aspera/web_server_simple.rb +2 -2
data.tar.gz.sig +0 -0
metadata +15 -13
metadata.gz.sig +0 -0
data/lib/aspera/transfer/async_conf.schema.yaml +0 -716
data/lib/aspera/transfer/convert.rb +0 -29
data/lib/aspera/transfer/sync.rb +0 -232
data/lib/aspera/transfer/sync_instance.schema.yaml +0 -20
data/lib/aspera/transfer/sync_session.schema.yaml +0 -86

data/lib/aspera/keychain/encrypted_hash.rb CHANGED Viewed

@@ -4,20 +4,21 @@ require 'aspera/hash_ext'
 require 'aspera/environment'
 require 'aspera/log'
 require 'aspera/assert'
+require 'aspera/keychain/base'
 require 'symmetric_encryption/core'
 require 'yaml'
 module Aspera
   module Keychain
     # Manage secrets in a simple Hash
-    class EncryptedHash
+    class EncryptedHash < Base
       LEGACY_CIPHER_NAME = 'aes-256-cbc'
       DEFAULT_CIPHER_NAME = 'aes-256-cbc'
       FILE_TYPE = 'encrypted_hash_vault'
-      CONTENT_KEYS = %i[label username password url description].freeze
       FILE_KEYS = %w[version type cipher data].sort.freeze
-      private_constant :LEGACY_CIPHER_NAME, :DEFAULT_CIPHER_NAME, :FILE_TYPE, :CONTENT_KEYS, :FILE_KEYS
+      private_constant :LEGACY_CIPHER_NAME, :DEFAULT_CIPHER_NAME, :FILE_TYPE, :FILE_KEYS
       def initialize(file:, password:)
+        super()
         Aspera.assert_type(file, String){'path to vault file'}
         @path = file
         @all_secrets = {}
@@ -38,9 +39,7 @@ module Aspera
         end
         # setting password also creates the cipher
         @cipher = cipher(password)
-        if !vault_encrypted_data.nil?
-          @all_secrets = YAML.load_stream(@cipher.decrypt(vault_encrypted_data)).first
-        end
+        @all_secrets = YAML.load_stream(@cipher.decrypt(vault_encrypted_data)).first if !vault_encrypted_data.nil?
       end
       def info
@@ -63,12 +62,7 @@ module Aspera
       # set a secret
       # @param options [Hash] with keys :label, :username, :password, :url, :description
       def set(options)
-        Aspera.assert_type(options, Hash){'options'}
-        unsupported = options.keys - CONTENT_KEYS
-        Aspera.assert(unsupported.empty?){"unsupported options: #{unsupported}"}
-        options.each_pair do |k, v|
-          Aspera.assert_type(v, String){k.to_s}
-        end
+        validate_set(options)
         label = options.delete(:label)
         raise "secret #{label} already exist, delete first" if @all_secrets.key?(label)
         @all_secrets[label] = options.symbolize_keys

data/lib/aspera/keychain/factory.rb CHANGED Viewed

@@ -6,6 +6,11 @@ module Aspera
     class Factory
       LIST = %i[file system vault].freeze
       class << self
+        # Create a vault instance
+        # @param info     [Hash]   vault options
+        # @param name     [String] name of the vault
+        # @param folder   [String] folder to store the vault (if needed)
+        # @param password [String] password to open the vault
         def create(info, name, folder, password)
           Aspera.assert_type(info, Hash)
           Aspera.assert(info.values.all?(String)){'vault info shall have only string values'}
@@ -14,7 +19,7 @@ module Aspera
           Aspera.assert_values(vault_type, LIST.map(&:to_s)){'vault.type'}
           case vault_type
           when 'file'
-            info[:file] ||= 'vault.bin'
+            info[:file] = name || 'vault.bin'
             info[:file] = File.join(folder, info[:file]) unless File.absolute_path?(info[:file])
             Aspera.assert(!password.nil?){'please provide password'}
             info[:password] = password
@@ -22,15 +27,16 @@ module Aspera
             require 'aspera/keychain/encrypted_hash'
             @vault = Keychain::EncryptedHash.new(**info)
           when 'system'
-            case Environment.os
+            case Environment.instance.os
             when Environment::OS_MACOS
               info[:name] ||= name
               @vault = Keychain::MacosSystem.new(**info)
             else
-              raise 'not implemented for this OS'
+              raise Error, 'not implemented for this OS'
             end
           when 'vault'
             require 'aspera/keychain/hashicorp_vault'
+            info[:token] ||= password
             @vault = Keychain::HashicorpVault.new(**info)
           else Aspera.error_unexpected_value(vault_type)
           end

data/lib/aspera/keychain/hashicorp_vault.rb CHANGED Viewed

@@ -3,17 +3,19 @@
 require 'aspera/environment'
 require 'aspera/log'
 require 'aspera/assert'
+require 'aspera/keychain/base'
 require 'vault'
 module Aspera
   module Keychain
     # Manage secrets in a Hashicorp Vault
-    class HashicorpVault
-      SECRET_PATH = 'secret/data/'
+    class HashicorpVault < Base
+      STORE_PATH = 'secret/data/'
-      private_constant :SECRET_PATH
+      private_constant :STORE_PATH
       def initialize(url:, token:)
+        super()
         Vault.configure do |config|
           config.address = url
           config.token = token
@@ -28,7 +30,7 @@ module Aspera
       end
       def list
-        metadata_path = SECRET_PATH.sub('/data/', '/metadata/')
+        metadata_path = STORE_PATH.sub('/data/', '/metadata/')
         return Vault.logical.list(metadata_path).filter_map do |label|
           get(label: label).merge(label: label)
         end
@@ -37,6 +39,7 @@ module Aspera
       # Set a secret
       # @param options [Hash] with keys :label, :username, :password, :url, :description
       def set(options)
+        validate_set(options)
         label = options.fetch(:label)
         data = {
           username:    options[:username],
@@ -51,7 +54,7 @@ module Aspera
         secret = Vault.logical.read(path(label))
         if secret.nil?
           raise "Secret '#{label}' not found" if exception
-          return nil
+          return
         end
         return secret.data[:data]
       end
@@ -64,7 +67,7 @@ module Aspera
       private
       def path(label)
-        "#{SECRET_PATH}#{label}"
+        "#{STORE_PATH}#{label}"
       end
     end
   end

data/lib/aspera/keychain/macos_security.rb CHANGED Viewed

@@ -5,6 +5,7 @@ require 'aspera/cli/info'
 require 'aspera/log'
 require 'aspera/assert'
 require 'aspera/environment'
+require 'aspera/keychain/base'
 # enhance the gem to support other key chains
 module Aspera
@@ -37,13 +38,13 @@ module Aspera
           getpass:  :g
         }.freeze
         class << self
-          def execute(command, options=nil, supported=nil, last_opt=nil)
+          def execute(command, options = nil, supported = nil, last_opt = nil)
             url = options&.delete(:url)
             if !url.nil?
               uri = URI.parse(url)
               Aspera.assert(uri.scheme.eql?('https')){'only https'}
               options[:protocol] = 'htps' # cspell: disable-line
-              raise 'host required in URL' if uri.host.nil?
+              raise Error, 'host required in URL' if uri.host.nil?
               options[:server] = uri.host
               options[:path] = uri.path unless ['', '/'].include?(uri.path)
               options[:port] = uri.port unless uri.port.eql?(443) && !url.include?(':443/')
@@ -71,8 +72,8 @@ module Aspera
             key_chains(execute('login-keychain')).first
           end
-          def list(options={})
-            Aspera.assert_values(options[:domain], DOMAINS, exception_class: ArgumentError){'domain'} unless options[:domain].nil?
+          def list(options = {})
+            Aspera.assert_values(options[:domain], DOMAINS, type: ArgumentError){'domain'} unless options[:domain].nil?
             key_chains(execute('list-keychains', options, LIST_OPTIONS))
           end
@@ -122,9 +123,9 @@ module Aspera
       end
     end
-    class MacosSystem
-      OPTIONS = %i[label username password url description].freeze
+    class MacosSystem < Base
       def initialize(name: nil)
+        super()
         @keychain_name = name.nil? ? 'default keychain' : name
         @keychain = name.nil? ? MacosSecurity::Keychain.default : MacosSecurity::Keychain.by_name(name)
         raise "no such keychain #{name}" if @keychain.nil?
@@ -138,16 +139,15 @@ module Aspera
       def list
         # the only way to list is `dump-keychain` which triggers security alert
-        raise 'list not implemented, use macos keychain app'
+        raise Error, 'list not implemented, use macos keychain app'
       end
       def set(options)
-        Aspera.assert_type(options, Hash){'options'}
-        unsupported = options.keys - OPTIONS
-        Aspera.assert(unsupported.empty?){"unsupported options: #{unsupported}, use #{OPTIONS.join(', ')}"}
+        validate_set(options)
         @keychain.password(
           :add, :generic, service: options[:label],
-          account: options[:username] || 'none', password: options[:password], comment: options[:description])
+          account: options[:username] || 'none', password: options[:password], comment: options[:description]
+        )
       end
       def get(options)
@@ -155,7 +155,7 @@ module Aspera
         unsupported = options.keys - %i[label]
         Aspera.assert(unsupported.empty?){"unsupported options: #{unsupported}"}
         info = @keychain.password(:find, :generic, label: options[:label])
-        raise 'not found' if info.nil?
+        raise Error, 'not found' if info.nil?
         result = options.clone
         result[:secret] = info['password']
         result[:description] = info['icmt'] # cspell: disable-line
@@ -166,7 +166,7 @@ module Aspera
         Aspera.assert_type(options, Hash){'options'}
         unsupported = options.keys - %i[label]
         Aspera.assert(unsupported.empty?){"unsupported options: #{unsupported}"}
-        raise 'delete not implemented, use macos keychain app'
+        raise Error, 'delete not implemented, use macos keychain app'
       end
     end
   end

data/lib/aspera/log.rb CHANGED Viewed

@@ -17,12 +17,17 @@ $VERBOSE = nil
 class Logger
   # Two additionnal trace levels
   TRACE_MAX = 2
   # Add custom level to logger severity, below debug level
   module Severity
     1.upto(TRACE_MAX).each{ |level| const_set(:"TRACE#{level}", - level)}
   end
-  # Quick access to label
+  # Hash : key: log level int, value: uppercase log level label
   SEVERITY_LABEL = Severity.constants.each_with_object({}){ |name, hash| hash[Severity.const_get(name)] = name}
+  # @param severity [Integer] Log severity as int
+  # @return [String] Log severity upper case label
   def format_severity(severity)
     SEVERITY_LABEL[severity] || 'ANY'
   end
@@ -51,28 +56,45 @@ module Aspera
     # Where logs are sent to
     LOG_TYPES = %i[stderr stdout syslog].freeze
-    @@format = :json # rubocop:disable Style/ClassVars
+    # Levels are :trace2,:trace1,:debug,:info,:warn,:error,fatal,:unknown
+    LEVELS = Logger::Severity.constants.sort{ |a, b| Logger::Severity.const_get(a) <=> Logger::Severity.const_get(b)}.map{ |c| c.downcase.to_sym}.freeze
     # Class methods
     class << self
-      # levels are :debug,:info,:warn,:error,fatal,:unknown
-      def levels; Logger::Severity.constants.sort{ |a, b| Logger::Severity.const_get(a) <=> Logger::Severity.const_get(b)}.map{ |c| c.downcase.to_sym}; end
+      # Applies the provided list of string decoration (colors) to the value.
+      # @param value [String]         Value to enhance.
+      # @param colors [Array(Symbol)] List of decorations
+      def apply_colors(value, colors)
+        colors.inject(value){ |s, c| s.send(c)}
+      end
-      # get the logger object of singleton
+      # Get the logger object of singleton
       def log; instance.logger; end
-      # dump object suitable for Log.log.debug
-      # @param name string or symbol
-      # @param format either pp or json format
-      def dump(name, object)
-        result =
-          case @@format
+      # Dump object (`Hash`) to log using specified level
+      #
+      # @param name   [String, Symbol]  Name of object dumped
+      # @param object [Hash, nil]       Data to dump
+      # @param level  [Symbol]          Debug level
+      # @param block  [Proc, nil]       Give computed object
+      def dump(name, object = nil, level: :debug)
+        return unless instance.logger.send(:"#{level}?")
+        object = yield if block_given?
+        instance.logger.send(level, obj_dump(name, object))
+      end
+      # @return [String] Dump of object
+      def obj_dump(name, object)
+        dump_text =
+          case instance.dump_format
           when :json
             JSON.pretty_generate(object) rescue PP.pp(object, +'')
           when :ruby
             PP.pp(object, +'')
-          else error_unexpected_value(@@format){'dump format'}
+          else error_unexpected_value(instance.dump_format){'dump format'}
           end
-        "#{name.to_s.green} (#{@@format})=\n#{result}"
+        "#{name.to_s.green} (#{instance.dump_format})=\n#{dump_text}"
       end
       # Capture the output of $stderr and log it at debug level
@@ -87,14 +109,36 @@ module Aspera
     end
     attr_reader :logger_type, :logger
-    attr_writer :program_name
+    attr_accessor :dump_format
+    def program_name=(value)
+      @program_name = value
+      self.logger_type = @logger_type
+    end
     # Set log level of underlying logger given symbol level
+    # @param new_level [Symbol] One of LEVELS
     def level=(new_level)
       @logger.level = Logger::Severity.const_get(new_level.to_sym.upcase)
     end
+    def formatter=(formatter)
+      if formatter.is_a?(String)
+        raise Error, "Unknown formatter #{formatter}, use one of: #{FORMATTERS.keys.join(', ')}" unless FORMATTERS.key?(formatter.to_sym)
+        formatter = FORMATTERS[formatter.to_sym]
+      elsif !formatter.respond_to?(:call) && !formatter.is_a?(Logger::Formatter)
+        raise Error, 'Formatter must be a String, a Logger::Formatter or a Proc'
+      end
+      # Update formatter with password hiding
+      @logger.formatter = SecretHider.instance.log_formatter(formatter)
+    end
+    def formatter
+      @logger.formatter
+    end
     # Get symbol of debug level of underlying logger
+    # @return [Symbol] One of LEVELS
     def level
       Logger::Severity.constants.each do |name|
         return name.downcase.to_sym if @logger.level.eql?(Logger::Severity.const_get(name))
@@ -109,9 +153,9 @@ module Aspera
       current_severity_integer = Logger::Severity::WARN if current_severity_integer.nil?
       case new_log_type
       when :stderr
-        @logger = Logger.new($stderr)
+        @logger = Logger.new($stderr, progname: @program_name, formatter: DEFAULT_FORMATTER)
       when :stdout
-        @logger = Logger.new($stdout)
+        @logger = Logger.new($stdout, progname: @program_name, formatter: DEFAULT_FORMATTER)
       when :syslog
         require 'syslog/logger'
         # the syslog class automatically creates methods from the severity names
@@ -122,13 +166,14 @@ module Aspera
         Logger::Severity.constants.each do |severity|
           Syslog::Logger.make_methods(severity.downcase)
         end
+        # Use `local2` facility, like other Aspera components
         @logger = Syslog::Logger.new(@program_name, Syslog::LOG_LOCAL2)
       else error_unexpected_value(new_log_type){"log type (#{LOG_TYPES.join(', ')})"}
       end
       @logger.level = current_severity_integer
       @logger_type = new_log_type
-      # Update formatter with password hiding
-      @logger.formatter = SecretHider.log_formatter(@logger.formatter)
+      # add secret hider to default logger
+      self.formatter = @logger.formatter
     end
     private
@@ -136,8 +181,35 @@ module Aspera
     def initialize
       @logger = nil
       @program_name = 'aspera'
+      @dump_format = :json
+      @logger_type = :stderr
       # This sets @logger and @logger_type (self needed to call method instead of local var)
-      self.logger_type = :stderr
+      self.logger_type = @logger_type
     end
+    # Define decoration of levels
+    LVL_DECO = {
+      TRACE2:  %i{dim},
+      TRACE1:  %i{blue},
+      DEBUG:   %i{cyan},
+      INFO:    %i{green},
+      WARN:    %i{bg_brown black},
+      ERROR:   %i{bg_red blink},
+      FATAL:   %i{magenta},
+      UNKNOWN: %i{blink}
+    }.freeze
+    # Short levels with color
+    LVL_COLOR = LVL_DECO.map{ |k, v| [k, apply_colors("#{k[..2]}#{k[-1]}", v)]}.to_h.freeze
+    DEFAULT_FORMATTER = ->(s, _d, _p, m){"#{LVL_COLOR[s]} #{m}\n"}
+    # pre-defined formatters
+    FORMATTERS = {
+      standard: Logger::Formatter.new,
+      default:  DEFAULT_FORMATTER
+    }.freeze
+    private_constant :LVL_DECO, :LVL_COLOR, :DEFAULT_FORMATTER, :FORMATTERS
   end
 end

data/lib/aspera/nagios.rb CHANGED Viewed

@@ -36,9 +36,8 @@ module Aspera
         # build message: if multiple components: concatenate
         # message = data.map{|i|"#{i['component']}:#{i['message']}"}.join(', ').gsub("\n",' ')
         message = data
-          .map{ |i| i['component']}
-          .uniq
-          .map{ |comp| comp + ':' + data.select{ |d| d['component'].eql?(comp)}.map{ |d| d['message']}.join(',')}
+          .group_by{ |d| d['component']}
+          .map{ |comp, items| "#{comp}:#{items.map{ |d| d['message']}.join(',')}"}
           .join(', ')
           .tr("\n", ' ')
         status = data.first['status'].upcase
@@ -58,8 +57,8 @@ module Aspera
     # compare remote time with local time
     def check_time_offset(remote_date, component)
       # check date if specified : 2015-10-13T07:32:01Z
-      remote_time = DateTime.strptime(remote_date)
-      diff_time = (remote_time - DateTime.now).abs
+      remote_time = Time.strptime(remote_date)
+      diff_time = (remote_time - Time.now).abs
       diff_rounded = diff_time.round(-2)
       Log.log.debug{"DATE: #{remote_date} #{remote_time} diff=#{diff_rounded}"}
       msg = "offset #{diff_rounded} sec"
@@ -79,7 +78,7 @@ module Aspera
     # translate for display
     def result
-      raise 'missing result' if @data.empty?
+      Aspera.assert(!@data.empty?){'missing result'}
       {type: :object_list, data: @data.map{ |i| {'status' => LEVELS[i[:code]].to_s, 'component' => i[:comp], 'message' => i[:msg]}}}
     end
   end

data/lib/aspera/node_simulator.rb CHANGED Viewed

@@ -119,9 +119,10 @@ module Aspera
           checksum:        nil,
           start_byte:      0,
           bytes_written:   26,
-          session_id:      'bafc72b8-366c-4501-8095-47208183d6b8'}]
+          session_id:      'bafc72b8-366c-4501-8095-47208183d6b8'
+        }]
       }
-      Log.log.trace2{Log.dump(:job, result)}
+      Log.dump(:job, result, level: :trace2)
       return result
     end
@@ -276,7 +277,8 @@ module Aspera
               token_encryption_key
               byok_enabled
               bandwidth_flow_network_rc_module
-              file_checksum_type],
+              file_checksum_type
+            ],
             server:   %w[
               activity_event_logging
               activity_file_event_logging
@@ -289,7 +291,8 @@ module Aspera
               discovery
               auto_delete
               allow
-              deny]
+              deny
+            ]
           },
           capabilities:                          [
             {name:  'sync', value: true},
@@ -302,7 +305,8 @@ module Aspera
             {name:  'aej_version', value: '1.0'},
             {name:  'page', value: true},
             {name:  'file_id_version', value: '2.0'},
-            {name:  'auto_delete', value: false}],
+            {name:  'auto_delete', value: false}
+          ],
           settings:                              [
             {name:  'content_protection_required', value: false},
             {name:  'content_protection_strong_pass_required', value: false},
@@ -310,7 +314,8 @@ module Aspera
             {name:  'ssh_fingerprint', value: nil},
             {name:  'wss_enabled', value: false},
             {name:  'wss_port', value: 443}
-          ]})
+          ]
+        })
       when PATH_TRANSFERS
         set_json_response(request, response, @simulator.all_sessions)
       when PATH_ONE_TRANSFER
@@ -325,7 +330,7 @@ module Aspera
       response.status = code
       response['Content-Type'] = Rest::MIME_JSON
       response.body = json.to_json
-      Log.log.trace1{Log.dump("response for #{request.request_method} #{request.path}", json)}
+      Log.log.trace1{Log.obj_dump("response for #{request.request_method} #{request.path}", json)}
     end
   end
 end

data/lib/aspera/oauth/base.rb CHANGED Viewed

@@ -31,9 +31,11 @@ module Aspera
         cache_ids: nil,
         **rest_params
       )
-        Aspera.assert(respond_to?(:create_token), 'create_token method must be defined', exception_class: InternalError)
+        Aspera.assert(respond_to?(:create_token), 'create_token method must be defined', type: InternalError)
         # this is the OAuth API
         @api = Rest.new(**rest_params)
+        @scope = nil
+        @token_cache_id = nil
         @path_token = path_token
         @token_field = token_field
         @client_id = client_id
@@ -54,7 +56,7 @@ module Aspera
         @token_cache_id = Factory.cache_id(@api.base_url, self.class, @base_cache_ids, @scope)
       end
-      attr_reader :scope
+      attr_reader :scope, :api, :path_token
       # helper method to create token as per RFC
       def create_token_call(creation_params)
@@ -84,7 +86,7 @@ module Aspera
       # @return value suitable for Authorization header
       def authorization(**kwargs)
-        return OAuth::Factory.bearer_build(token(**kwargs))
+        return OAuth::Factory.bearer_authorization(token(**kwargs))
       end
       # get an OAuth v2 token (generated, cached, refreshed)

data/lib/aspera/oauth/factory.rb CHANGED Viewed

@@ -12,32 +12,37 @@ module Aspera
       # a prefix for persistency of tokens (simplify garbage collect)
       PERSIST_CATEGORY_TOKEN = 'token'
-      # prefix for bearer token when in header
-      BEARER_PREFIX = 'Bearer '
+      # prefix for bearer authorization when in header
+      SPACE_BEARER_AUTH_SCHEME = 'Bearer '
       TOKEN_FIELD = 'access_token'
-      private_constant :PERSIST_CATEGORY_TOKEN, :BEARER_PREFIX
+      private_constant :PERSIST_CATEGORY_TOKEN, :SPACE_BEARER_AUTH_SCHEME
       class << self
-        def bearer_build(token)
-          return "#{BEARER_PREFIX}#{token}"
+        # @param token [String] The token alone
+        # @return [String] Value suitable for Authorization header
+        def bearer_authorization(token)
+          return "#{SPACE_BEARER_AUTH_SCHEME}#{token}"
         end
-        def bearer?(token)
-          return token.start_with?(BEARER_PREFIX)
+        # @return true if the authorization contains a bearer token , i.e. auth scheme is bearer
+        def bearer_auth?(authorization)
+          return authorization.start_with?(SPACE_BEARER_AUTH_SCHEME)
         end
-        def bearer_extract(token)
-          Aspera.assert(bearer?(token)){'not a bearer token, wrong prefix'}
-          return token[BEARER_PREFIX.length..-1]
+        # Extract only token from Authorization (remove scheme)
+        def bearer_token(authorization)
+          Aspera.assert(bearer_auth?(authorization)){'not a bearer token, wrong prefix scheme'}
+          return authorization[SPACE_BEARER_AUTH_SCHEME.length..-1]
         end
-        # @return a cache identifier
+        # @return a unique cache identifier
         def cache_id(url, creator_class, *params)
           return IdGenerator.from_list([
             PERSIST_CATEGORY_TOKEN,
             url,
-            Factory.class_to_id(creator_class)] +
+            Factory.class_to_id(creator_class)
+          ] +
             params)
         end
@@ -54,6 +59,7 @@ module Aspera
         @persist = nil
         # token creation methods
         @token_type_classes = {}
+        # list of lambda
         @decoders = []
         # default parameters, others can be added by handlers
         @parameters = {
@@ -80,7 +86,7 @@ module Aspera
           Log.log.debug('Not using persistency')
           # create NULL persistency class
           @persist = Class.new do
-            def get(_x); nil; end; def delete(_x); nil; end; def put(_x, _y); nil; end; def garbage_collect(_x, _y); nil; end # rubocop:disable Layout/EmptyLineBetweenDefs, Style/Semicolon, Layout/LineLength
+            def get(_x); nil; end; def delete(_x); nil; end; def put(_x, _y); nil; end; def garbage_collect(_x, _y); nil; end # rubocop:disable Style/Semicolon
           end.new
         end
         return @persist
@@ -107,17 +113,17 @@ module Aspera
       # @return [Hash] token internal information , including Date object for `expiration_date`
       def get_token_info(id)
         token_raw_string = persist_mgr.get(id)
-        return nil if token_raw_string.nil?
+        return if token_raw_string.nil?
         token_data = JSON.parse(token_raw_string)
         Aspera.assert_type(token_data, Hash)
         decoded_token = decode_token(token_data[TOKEN_FIELD])
         info = {data: token_data}
-        Log.log.debug{Log.dump('decoded_token', decoded_token)}
+        Log.dump(:decoded_token, decoded_token)
         if decoded_token.is_a?(Hash)
           info[:decoded] = decoded_token
           # TODO: move date decoding to token decoder ?
           expiration_date =
-            if    decoded_token['expires_at'].is_a?(String) then DateTime.parse(decoded_token['expires_at']).to_time
+            if    decoded_token['expires_at'].is_a?(String) then Time.parse(decoded_token['expires_at']).to_time
             elsif decoded_token['exp'].is_a?(Integer)       then Time.at(decoded_token['exp'])
             end
           unless expiration_date.nil?
@@ -140,7 +146,7 @@ module Aspera
           result = decoder.call(token) rescue nil
           return result unless result.nil?
         end
-        return nil
+        return
       end
       # register a token creation method
@@ -164,6 +170,6 @@ module Aspera
       end
     end
     # JSON Web Signature (JWS) compact serialization: https://datatracker.ietf.org/doc/html/rfc7515
-    Factory.instance.register_decoder(lambda{ |token| parts = token.split('.'); Aspera.assert(parts.length.eql?(3)){'not JWS token'}; JSON.parse(Base64.decode64(parts[1]))}) # rubocop:disable Style/Semicolon, Layout/LineLength
+    Factory.instance.register_decoder(lambda{ |token| parts = token.split('.'); Aspera.assert(parts.length.eql?(3)){'not JWS token'}; JSON.parse(Base64.decode64(parts[1]))}) # rubocop:disable Style/Semicolon
   end
 end

data/lib/aspera/oauth/jwt.rb CHANGED Viewed

@@ -3,6 +3,7 @@
 require 'aspera/oauth/base'
 require 'aspera/assert'
 require 'securerandom'
+require 'openssl'
 module Aspera
   module OAuth
     # remove 5 minutes to account for time offset between client and server (TODO: configurable?)
@@ -13,6 +14,17 @@ module Aspera
     # https://tools.ietf.org/html/rfc7523
     # https://tools.ietf.org/html/rfc7519
     class Jwt < Base
+      class << self
+        def generate_rsa_private_key(path:, length: DEFAULT_PRIV_KEY_LENGTH)
+          priv_key = OpenSSL::PKey::RSA.new(length)
+          File.write(path, priv_key.to_s)
+          File.write("#{path}.pub", priv_key.public_key.to_s)
+          Environment.restrict_file_access(path)
+          Environment.restrict_file_access("#{path}.pub")
+          nil
+        end
+      end
+      DEFAULT_PRIV_KEY_LENGTH = 4096
       GRANT_TYPE = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
       # @param private_key_obj private key object
       # @param payload payload to be included in the JWT
@@ -45,7 +57,7 @@ module Aspera
           iat: seconds_since_epoch - OAuth::Factory.instance.parameters[:jwt_accepted_offset_sec] + 1, # issued at
           jti: SecureRandom.uuid # JWT id
         }.merge(@additional_payload)
-        Log.log.debug{Log.dump(:jwt_payload, jwt_payload)}
+        Log.dump(:jwt_payload, jwt_payload)
         Log.log.debug{"private=[#{@private_key_obj}]"}
         assertion = JWT.encode(jwt_payload, @private_key_obj, 'RS256', @headers)
         Log.log.debug{"assertion=[#{assertion}]"}