aspera-cli 4.6.0 → 4.7.0

data/lib/aspera/rest_errors_aspera.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'aspera/rest_error_analyzer'
 require 'aspera/log'
 
@@ -5,8 +6,8 @@ module Aspera
   # REST error handlers for various Aspera REST APIs
   class RestErrorsAspera
     # handlers should probably be defined by plugins for modularity
-    def self.registerHandlers
-      Log.log.debug("registering Aspera REST error handlers")
+    def self.register_handlers
+      Log.log.debug('registering Aspera REST error handlers')
       # Faspex 4: both user_message and internal_message, and code 200
       # example: missing meta data on package creation
       RestErrorAnalyzer.instance.add_simple_handler('Type 1: error:user_message','error','user_message',true)
@@ -16,23 +17,23 @@ module Aspera
       RestErrorAnalyzer.instance.add_simple_handler('AoC Automation','error')
       RestErrorAnalyzer.instance.add_simple_handler('Type 5','error_description')
       RestErrorAnalyzer.instance.add_simple_handler('Type 6','message')
-      RestErrorAnalyzer.instance.add_handler('Type 7: errors[]') do |name,context|
-        if context[:data].is_a?(Hash) and context[:data]['errors'].is_a?(Hash)
-          context[:data]['errors'].each do |k,v|
-            RestErrorAnalyzer.add_error(context,name,"#{k}: #{v}")
+      RestErrorAnalyzer.instance.add_handler('Type 7: errors[]') do |name,call_context|
+        if call_context[:data].is_a?(Hash) && call_context[:data]['errors'].is_a?(Hash)
+          call_context[:data]['errors'].each do |k,v|
+            RestErrorAnalyzer.add_error(call_context,name,"#{k}: #{v}")
           end
         end
       end
       # call to upload_setup and download_setup of node api
-      RestErrorAnalyzer.instance.add_handler('T8:node: *_setup') do |type,context|
-        if context[:data].is_a?(Hash)
-          d_t_s=context[:data]['transfer_specs']
+      RestErrorAnalyzer.instance.add_handler('T8:node: *_setup') do |type,call_context|
+        if call_context[:data].is_a?(Hash)
+          d_t_s=call_context[:data]['transfer_specs']
           if d_t_s.is_a?(Array)
             d_t_s.each do |res|
               #r_err=res['transfer_spec']['error']
               r_err=res['error']
               if r_err.is_a?(Hash)
-                RestErrorAnalyzer.add_error(context,type,"#{r_err['code']}: #{r_err['reason']}: #{r_err['user_message']}")
+                RestErrorAnalyzer.add_error(call_context,type,"#{r_err['code']}: #{r_err['reason']}: #{r_err['user_message']}")
               end
             end
           end
@@ -40,14 +41,14 @@ module Aspera
       end
       RestErrorAnalyzer.instance.add_simple_handler('T9:IBM cloud IAM','errorMessage')
       RestErrorAnalyzer.instance.add_simple_handler('T10:faspex v4','user_message')
-      RestErrorAnalyzer.instance.add_handler('bss graphql') do |type,context|
-        if context[:data].is_a?(Hash)
-          d_t_s=context[:data]['errors']
+      RestErrorAnalyzer.instance.add_handler('bss graphql') do |type,call_context|
+        if call_context[:data].is_a?(Hash)
+          d_t_s=call_context[:data]['errors']
           if d_t_s.is_a?(Array)
             d_t_s.each do |res|
               r_err=res['message']
               if r_err.is_a?(String)
-                RestErrorAnalyzer.add_error(context,type,r_err)
+                RestErrorAnalyzer.add_error(call_context,type,r_err)
               end
             end
           end

data/lib/aspera/ssh.rb

@@ -1,9 +1,11 @@
+# frozen_string_literal: true
 require 'net/ssh'
 
 # Hack: deactivate ed25519 and ecdsa private keys from ssh identities, as it usually hurts
 begin
-module Net; module SSH; module Authentication; class Session; private def default_keys; %w(~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa);end;end;end;end;end
-rescue
+  module Net;module SSH;module Authentication;class Session;private; def default_keys; %w[~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa];end;end;end;end;end # rubocop:disable Layout/AccessModifierIndentation, Layout/EmptyLinesAroundAccessModifier
+rescue StandardError
+  # ignore errors
 end
 
 module Aspera
@@ -23,31 +25,31 @@ module Aspera
     def execute(cmd,input=nil)
       if cmd.is_a?(Array)
         # concatenate arguments, enclose in double quotes
-        cmd=cmd.map{|v|'"'+v+'"'}.join(" ")
+        cmd=cmd.map{|v|%Q("#{v}")}.join(' ')
       end
       Log.log.debug("cmd=#{cmd}")
-      response = ''
+      response = []
       Net::SSH.start(@host, @username, @ssh_options) do |session|
         ssh_channel=session.open_channel do |channel|
           # prepare stdout processing
-          channel.on_data{|chan,data|response << data}
+          channel.on_data{|_chan,data|response.push(data)}
           # prepare stderr processing, stderr if type = 1
-          channel.on_extended_data do |chan, type, data|
+          channel.on_extended_data do |_chan, _type, data|
             errormsg="#{cmd}: [#{data.chomp}]"
             # Happens when windows user hasn't logged in and created home account.
-            if data.include?("Could not chdir to home directory")
-              errormsg=errormsg+"\nHint: home not created in Windows?"
+            if data.include?('Could not chdir to home directory')
+              errormsg+="\nHint: home not created in Windows?"
             end
             raise errormsg
           end
-          channel.exec(cmd){|ch,success|channel.send_data(input) unless input.nil?}
+          channel.exec(cmd){|_ch,_success|channel.send_data(input) unless input.nil?}
         end
         # wait for channel to finish (command exit)
         ssh_channel.wait
         # main ssh session loop
         session.loop
       end # session
-      return response
+      return response.join
     end
   end
 end

data/lib/aspera/sync.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'aspera/command_line_builder'
 
 module Aspera
@@ -5,43 +6,43 @@ module Aspera
   class Sync
     INSTANCE_PARAMS=
     {
-      'alt_logdir'           => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'watchd'               => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'apply_local_docroot'  => { :cltype => :opt_without_arg},
-      'quiet'                => { :cltype => :opt_without_arg},
+      'alt_logdir'           => { cltype: :opt_with_arg, accepted_types: :string},
+      'watchd'               => { cltype: :opt_with_arg, accepted_types: :string},
+      'apply_local_docroot'  => { cltype: :opt_without_arg},
+      'quiet'                => { cltype: :opt_without_arg}
     }
     SESSION_PARAMS=
     {
-      'name'                 => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'local_dir'            => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'remote_dir'           => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'local_db_dir'         => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'remote_db_dir'        => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'host'                 => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'user'                 => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'private_key_path'     => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'direction'            => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'checksum'             => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'tcp_port'             => { :cltype => :opt_with_arg, :accepted_types=>:int},
-      'rate_policy'          => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'target_rate'          => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'cooloff'              => { :cltype => :opt_with_arg, :accepted_types=>:int},
-      'pending_max'          => { :cltype => :opt_with_arg, :accepted_types=>:int},
-      'scan_intensity'       => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'cipher'               => { :cltype => :opt_with_arg, :accepted_types=>:string},
-      'transfer_threads'     => { :cltype => :opt_with_arg, :accepted_types=>:int},
-      'preserve_time'        => { :cltype => :opt_without_arg},
-      'preserve_access_time' => { :cltype => :opt_without_arg},
-      'preserve_modification_time' => { :cltype => :opt_without_arg},
-      'preserve_uid'         => { :cltype => :opt_without_arg},
-      'preserve_gid'         => { :cltype => :opt_without_arg},
-      'create_dir'           => { :cltype => :opt_without_arg},
-      'reset'                => { :cltype => :opt_without_arg},
+      'name'                 => { cltype: :opt_with_arg, accepted_types: :string},
+      'local_dir'            => { cltype: :opt_with_arg, accepted_types: :string},
+      'remote_dir'           => { cltype: :opt_with_arg, accepted_types: :string},
+      'local_db_dir'         => { cltype: :opt_with_arg, accepted_types: :string},
+      'remote_db_dir'        => { cltype: :opt_with_arg, accepted_types: :string},
+      'host'                 => { cltype: :opt_with_arg, accepted_types: :string},
+      'user'                 => { cltype: :opt_with_arg, accepted_types: :string},
+      'private_key_path'     => { cltype: :opt_with_arg, accepted_types: :string},
+      'direction'            => { cltype: :opt_with_arg, accepted_types: :string},
+      'checksum'             => { cltype: :opt_with_arg, accepted_types: :string},
+      'tcp_port'             => { cltype: :opt_with_arg, accepted_types: :int},
+      'rate_policy'          => { cltype: :opt_with_arg, accepted_types: :string},
+      'target_rate'          => { cltype: :opt_with_arg, accepted_types: :string},
+      'cooloff'              => { cltype: :opt_with_arg, accepted_types: :int},
+      'pending_max'          => { cltype: :opt_with_arg, accepted_types: :int},
+      'scan_intensity'       => { cltype: :opt_with_arg, accepted_types: :string},
+      'cipher'               => { cltype: :opt_with_arg, accepted_types: :string},
+      'transfer_threads'     => { cltype: :opt_with_arg, accepted_types: :int},
+      'preserve_time'        => { cltype: :opt_without_arg},
+      'preserve_access_time' => { cltype: :opt_without_arg},
+      'preserve_modification_time' => { cltype: :opt_without_arg},
+      'preserve_uid'         => { cltype: :opt_without_arg},
+      'preserve_gid'         => { cltype: :opt_without_arg},
+      'create_dir'           => { cltype: :opt_without_arg},
+      'reset'                => { cltype: :opt_without_arg},
       # note: only one env var, but multiple sessions... may be a problem
-      'remote_password'      => { :cltype => :envvar, :clvarname=>'ASPERA_SCP_PASS'},
-      'cookie'               => { :cltype => :envvar, :clvarname=>'ASPERA_SCP_COOKIE'},
-      'token'                => { :cltype => :envvar, :clvarname=>'ASPERA_SCP_TOKEN'},
-      'license'              => { :cltype => :envvar, :clvarname=>'ASPERA_SCP_LICENSE'},
+      'remote_password'      => { cltype: :envvar, clvarname: 'ASPERA_SCP_PASS'},
+      'cookie'               => { cltype: :envvar, clvarname: 'ASPERA_SCP_COOKIE'},
+      'token'                => { cltype: :envvar, clvarname: 'ASPERA_SCP_TOKEN'},
+      'license'              => { cltype: :envvar, clvarname: 'ASPERA_SCP_LICENSE'}
     }
 
     Aspera::CommandLineBuilder.normalize_description(INSTANCE_PARAMS)
@@ -56,26 +57,26 @@ module Aspera
     MANDATORY_KEYS=['instance','sessions']
 
     def compute_args
-      raise StandardError,"parameter must be Hash" unless @sync_params.is_a?(Hash)
+      raise StandardError,'parameter must be Hash' unless @sync_params.is_a?(Hash)
       raise StandardError,"parameter hash must have at least 'sessions', and optionally 'instance' keys." unless @sync_params.keys.push('instance').uniq.sort.eql?(MANDATORY_KEYS)
-      raise StandardError,"sessions key must be Array" unless @sync_params['sessions'].is_a?(Array)
-      raise StandardError,"sessions key must has at least one element (hash)" unless @sync_params['sessions'].first.is_a?(Hash)
+      raise StandardError,'sessions key must be Array' unless @sync_params['sessions'].is_a?(Array)
+      raise StandardError,'sessions key must has at least one element (hash)' unless @sync_params['sessions'].first.is_a?(Hash)
 
       env_args={
-        :args=>[],
-        :env=>{}
+        args: [],
+        env: {}
       }
 
       if @sync_params.has_key?('instance')
-        raise StandardError,"instance key must be hash" unless @sync_params['instance'].is_a?(Hash)
+        raise StandardError,'instance key must be hash' unless @sync_params['instance'].is_a?(Hash)
         instance_builder=CommandLineBuilder.new(@sync_params['instance'],INSTANCE_PARAMS)
         instance_builder.process_params
         instance_builder.add_env_args(env_args[:env],env_args[:args])
       end
 
       @sync_params['sessions'].each do |session_params|
-        raise StandardError,"sessions must contain hashes" unless session_params.is_a?(Hash)
-        raise StandardError,"session must contain at leat name" unless session_params.has_key?('name')
+        raise StandardError,'sessions must contain hashes' unless session_params.is_a?(Hash)
+        raise StandardError,'session must contain at leat name' unless session_params.has_key?('name')
         session_builder=CommandLineBuilder.new(session_params,SESSION_PARAMS)
         session_builder.process_params
         session_builder.add_env_args(env_args[:env],env_args[:args])

data/lib/aspera/temp_file_manager.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'singleton'
 require 'fileutils'
 require 'etc'
@@ -6,14 +7,14 @@ module Aspera
   # create a temp file name for a given folder
   # files can be deleted on process exit by calling cleanup
   class TempFileManager
-    SEC_IN_DAY=86400
+    SEC_IN_DAY = 86_400
     # assume no transfer last longer than this
     # (garbage collect file list which were not deleted after transfer)
-    FILE_LIST_AGE_MAX_SEC=5*SEC_IN_DAY
-    private_constant :SEC_IN_DAY,:FILE_LIST_AGE_MAX_SEC
+    FILE_LIST_AGE_MAX_SEC = 5 * SEC_IN_DAY
+    private_constant :SEC_IN_DAY, :FILE_LIST_AGE_MAX_SEC
     include Singleton
     def initialize
-      @created_files=[]
+      @created_files = []
     end
 
     # call this on process exit
@@ -21,36 +22,39 @@ module Aspera
       @created_files.each do |filepath|
         File.delete(filepath) if File.file?(filepath)
       end
-      @created_files=[]
+      @created_files = []
     end
 
     # ensure that provided folder exists, or create it, generate a unique filename
     # @return path to that unique file
-    def new_file_path_in_folder(temp_folder,add_base='')
+    def new_file_path_in_folder(temp_folder, add_base = '')
       FileUtils.mkdir_p(temp_folder) unless Dir.exist?(temp_folder)
-      new_file=File.join(temp_folder,add_base+SecureRandom.uuid)
+      new_file = File.join(temp_folder, add_base + SecureRandom.uuid)
       @created_files.push(new_file)
-      return new_file
+      new_file
     end
 
     # same as above but in global temp folder
     def new_file_path_global(base_name)
-      username = Etc.getlogin || Etc.getpwuid(Process.uid).name || 'unknown_user' rescue 'unknown_user'
-      return new_file_path_in_folder(Etc.systmpdir,base_name+'_'+username+'_')
+      username = begin
+        Etc.getlogin || Etc.getpwuid(Process.uid).name || 'unknown_user'
+      rescue StandardError
+        'unknown_user'
+      end
+      new_file_path_in_folder(Etc.systmpdir, base_name + '_' + username + '_')
     end
 
     def cleanup_expired(temp_folder)
       # garbage collect undeleted files
       Dir.entries(temp_folder).each do |name|
-        file_path=File.join(temp_folder,name)
-        age_sec=(Time.now - File.stat(file_path).mtime).to_i
+        file_path = File.join(temp_folder, name)
+        age_sec = (Time.now - File.stat(file_path).mtime).to_i
         # check age of file, delete too old
-        if File.file?(file_path) and age_sec > FILE_LIST_AGE_MAX_SEC
+        if File.file?(file_path) && (age_sec > FILE_LIST_AGE_MAX_SEC)
           Log.log.debug("garbage collecting #{name}")
           File.delete(file_path)
         end
       end
-
     end
   end
 end

data/lib/aspera/timer_limiter.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module Aspera
   # used to throttle logs
   class TimerLimiter
@@ -12,7 +13,7 @@ module Aspera
       old_time=@last_time
       @last_time=Time.now.to_f
       @count+=1
-      if old_time.nil? or (@last_time-old_time)>@delay
+      if old_time.nil? || ((@last_time-old_time)>@delay)
         @count=0
         return true
       end

data/lib/aspera/uri_reader.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'uri'
 require 'net/http'
 require 'net/https'
@@ -7,16 +8,17 @@ module Aspera
     # read some content from some URI, support file: , http: and https: schemes
     def self.read(proxy_pac_uri)
       proxy_uri=URI.parse(proxy_pac_uri)
-      if proxy_uri.scheme.eql?('http')
+      case proxy_uri.scheme
+      when 'http'
         return Net::HTTP.start(proxy_uri.host, proxy_uri.port){|http|http.get(proxy_uri.path)}.body
-      elsif proxy_uri.scheme.eql?('https')
+      when 'https'
         return Net::HTTPS.start(proxy_uri.host, proxy_uri.port){|http|http.get(proxy_uri.path)}.body
-      elsif proxy_uri.scheme.eql?('file')
+      when 'file'
         local_file_path=proxy_uri.path
-        raise "URL shall have a path, check syntax" if local_file_path.nil?
+        raise 'URL shall have a path, check syntax' if local_file_path.nil?
         local_file_path=File.expand_path(local_file_path.gsub(/^\//,'')) if local_file_path.match(/^\/(~|.|..)\//)
         return File.read(local_file_path)
-      elsif proxy_uri.scheme.eql?('')
+      when ''
         return File.read(proxy_uri)
       end
       raise "no scheme: [#{proxy_uri.scheme}] for [#{proxy_pac_uri}]"

data/lib/aspera/web_auth.rb

@@ -1,105 +1,108 @@
+# frozen_string_literal: true
 require 'webrick'
 require 'webrick/https'
-require 'thread'
 
 module Aspera
-  class WebAuth
-    # server for auth page
-    class FxGwServlet < WEBrick::HTTPServlet::AbstractServlet
-      def initialize(server,info) # additional args get here
-        @shared=info
-      end
+  # servlet called on callback: it records the callback request
+  class WebAuthServlet < WEBrick::HTTPServlet::AbstractServlet
+    def initialize(server,application) # additional args get here
+      Log.log.debug('WebAuthServlet initialize')
+      super(server)
+      @app=application
+    end
 
-      def do_GET (request, response)
-        if ! request.path.eql?(@shared[:expected_path])
-          response.status=400
-          return
-        end
-        @shared[:mutex].synchronize do
-          @shared[:query]=request.query
-          @shared[:cond].signal
-        end
-        response.status=200
-        response.content_type = 'text/html'
-        response.body='<html><head><title>Ok</title></head><body><h1>Thank you !</h1><p>You can close this window.</p></body></html>'
+    def service(request, response)
+      Log.log.debug("received request from browser #{request.request_method} #{request.path}")
+      raise WEBrick::HTTPStatus::MethodNotAllowed,"unexpected method: #{request.request_method}" unless request.request_method.eql?('GET')
+      raise WEBrick::HTTPStatus::NotFound,"unexpected path: #{request.path}" unless request.path.eql?(@app.expected_path)
+      # acquire lock and signal change
+      @app.mutex.synchronize do
+        @app.query=request.query
+        @app.cond.signal
       end
-    end # FxGwServlet
-
-    # generates and adds self signed cert to provided webrick options
-    def fill_self_signed_cert(options)
-      key = OpenSSL::PKey::RSA.new(4096)
-      cert = OpenSSL::X509::Certificate.new
-      cert.subject = cert.issuer = OpenSSL::X509::Name.parse('/C=FR/O=Test/OU=Test/CN=Test')
-      cert.not_before = Time.now
-      cert.not_after = Time.now + 365 * 24 * 60 * 60
-      cert.public_key = key.public_key
-      cert.serial = 0x0
-      cert.version = 2
-      ef = OpenSSL::X509::ExtensionFactory.new
-      ef.issuer_certificate = cert
-      ef.subject_certificate = cert
-      cert.extensions = [
-        ef.create_extension('basicConstraints','CA:TRUE', true),
-        ef.create_extension('subjectKeyIdentifier', 'hash'),
-        # ef.create_extension('keyUsage', 'cRLSign,keyCertSign', true),
-      ]
-      cert.add_extension(ef.create_extension('authorityKeyIdentifier','keyid:always,issuer:always'))
-      cert.sign(key, OpenSSL::Digest::SHA256.new)
-      options[:SSLPrivateKey]  = key
-      options[:SSLCertificate] = cert
+      response.status=200
+      response.content_type = 'text/html'
+      response.body='<html><head><title>Ok</title></head><body><h1>Thank you !</h1><p>You can close this window.</p></body></html>'
+      return nil
     end
+  end # WebAuthServlet
+
+  # generates and adds self signed cert to provided webrick options
+  #def fill_self_signed_cert(cert,key)
+  #  cert.subject = cert.issuer = OpenSSL::X509::Name.parse('/C=FR/O=Test/OU=Test/CN=Test')
+  #  cert.not_before = Time.now
+  #  cert.not_after = Time.now + 365 * 24 * 60 * 60
+  #  cert.public_key = key.public_key
+  #  cert.serial = 0x0
+  #  cert.version = 2
+  #  ef = OpenSSL::X509::ExtensionFactory.new
+  #  ef.issuer_certificate = cert
+  #  ef.subject_certificate = cert
+  #  cert.extensions = [
+  #    ef.create_extension('basicConstraints','CA:TRUE', true),
+  #    ef.create_extension('subjectKeyIdentifier', 'hash'),
+  #    # ef.create_extension('keyUsage', 'cRLSign,keyCertSign', true),
+  #  ]
+  #  cert.add_extension(ef.create_extension('authorityKeyIdentifier','keyid:always,issuer:always'))
+  #  cert.sign(key, OpenSSL::Digest::SHA256.new)
+  #end
 
+  # start a local web server, then start a browser that will callback the local server upon authentication
+  class WebAuth
+    attr_reader :expected_path,:mutex,:cond
+    attr_writer :query
+    # @param endpoint_url [String] e.g. 'https://127.0.0.1:12345'
     def initialize(endpoint_url)
       uri=URI.parse(endpoint_url)
+      # parameters for servlet
+      @query=nil
+      @mutex=Mutex.new
+      @cond=ConditionVariable.new
+      @expected_path=uri.path.empty? ? '/' : uri.path
+      # see https://www.rubydoc.info/stdlib/webrick/WEBrick/Config
       webrick_options = {
-        :app                => WebAuth,
-        :Port               => uri.port,
-        :Logger             => Log.log
+        BindAddress: uri.host,
+        Port:        uri.port,
+        Logger:      Log.log,
+        AccessLog:   [[self, WEBrick::AccessLog::COMMON_LOG_FORMAT]] # see "<<" below
       }
-      uri_path=uri.path.empty? ? '/' : uri.path
       case uri.scheme
       when 'http'
         Log.log.debug('HTTP mode')
       when 'https'
         webrick_options[:SSLEnable]=true
-        webrick_options[:SSLVerifyClient]=OpenSSL::SSL::VERIFY_NONE
-        case 0
-        when 0
-          # generate self signed cert
-          fill_self_signed_cert(webrick_options)
-        when 1
-          # short
-          webrick_options[:SSLCertName]    = [ [ 'CN',WEBrick::Utils::getservername ] ]
-          Log.log.error(">>>#{webrick_options[:SSLCertName]}")
-        when 2
-          # good cert
-          webrick_options[:SSLPrivateKey] =OpenSSL::PKey::RSA.new(File.read('/Users/laurent/workspace/Tools/certificate/myserver.key'))
-          webrick_options[:SSLCertificate] = OpenSSL::X509::Certificate.new(File.read('/Users/laurent/workspace/Tools/certificate/myserver.crt'))
-        end
+        webrick_options[:SSLVerifyClient] = OpenSSL::SSL::VERIFY_NONE
+        # a- automatic certificate generation
+        webrick_options[:SSLCertName] = [['CN',WEBrick::Utils.getservername]]
+        # b- generate self signed cert
+        #webrick_options[:SSLPrivateKey]   = OpenSSL::PKey::RSA.new(4096)
+        #webrick_options[:SSLCertificate]  = OpenSSL::X509::Certificate.new
+        #self.class.fill_self_signed_cert(webrick_options[:SSLCertificate],webrick_options[:SSLPrivateKey])
+        ## c- good cert
+        #webrick_options[:SSLPrivateKey]  = OpenSSL::PKey::RSA.new(File.read('.../myserver.key'))
+        #webrick_options[:SSLCertificate] = OpenSSL::X509::Certificate.new(File.read('.../myserver.crt'))
       end
-      # parameters for servlet
-      @shared_info={
-        expected_path: uri_path,
-        mutex: Mutex.new,
-        cond: ConditionVariable.new
-      }
       @server = WEBrick::HTTPServer.new(webrick_options)
-      @server.mount(uri_path, FxGwServlet, @shared_info) # additional args provided to constructor
+      @server.mount(@expected_path, WebAuthServlet, self) # additional args provided to constructor
       Thread.new { @server.start }
     end
 
+    # log web server access
+    def <<(access_log)
+      Log.log.debug{"webrick log #{access_log.chomp}"}
+    end
+
     # wait for request on web server
     # @return Hash the query
-    def get_request
-      Log.log.debug('get_request')
-      # called only once
-      raise "error, called twice ?" if @server.nil?
-      @shared_info[:mutex].synchronize do
-        @shared_info[:cond].wait(@shared_info[:mutex])
-      end
+    def received_request
+      # shall be called only once
+      raise 'error, received_request called twice ?' if @server.nil?
+      # wait for signal from thread
+      @mutex.synchronize{@cond.wait(@mutex)}
+      # tell server thread to stop
       @server.shutdown
       @server=nil
-      return @shared_info[:query]
+      return @query
     end
   end
 end