aws-sessionstore-dynamodb 2.2.0 → 3.0.1

data/Gemfile

@@ -1,24 +0,0 @@
-source 'https://rubygems.org'
-
-if ENV['RACK2']
-  gem 'rack', '~> 2'
-end
-
-gemspec
-
-gem 'rake', require: false
-
-group :docs do
-  gem 'yard'
-  gem 'yard-sitemap', '~> 1.0'
-end
-
-group :test do
-  gem 'rspec'
-  gem 'rack-test'
-  gem 'simplecov'
-
-  if RUBY_VERSION >= '3.0'
-    gem 'rexml'
-  end
-end

data/README.md

@@ -1,125 +0,0 @@
-# Amazon DynamoDB Session Store
-
-The **Amazon DynamoDB Session Store** handles sessions for Ruby web applications
-using a DynamoDB backend. The session store is compatible with all Rack based
-frameworks. For Rails applications, use the [`aws-sdk-rails`][1] gem.
-
-## Installation
-
-For Rack applications, you can create the Amazon DynamoDB table in a
-Ruby file using the following method:
-
-    require 'aws-sessionstore-dynamodb'
-
-    Aws::SessionStore::DynamoDB::Table.create_table
-
-Run the session store as a Rack middleware in the following way:
-
-    require 'aws-sessionstore-dynamodb'
-    require 'some_rack_app'
-
-    options = { :secret_key => 'SECRET_KEY' }
-
-    use Aws::SessionStore::DynamoDB::RackMiddleware.new(options)
-    run SomeRackApp
-
-Note that `:secret_key` is a mandatory configuration option that must be set.
-
-## Detailed Usage
-
-The session store is a Rack Middleware, meaning that it will implement the Rack
-interface for dealing with HTTP request/responses.
-
-This session store uses a DynamoDB backend in order to provide scaling and
-centralized data benefits for session storage with more ease than other
-containers, like local servers or cookies. Once an application scales beyond
-a single web server, session data will need to be shared across the servers.
-DynamoDB takes care of this burden for you by scaling with your application.
-Cookie storage places all session data on the client side,
-discouraging sensitive data storage. It also forces strict data size
-limitations. DynamoDB takes care of these concerns by allowing for a safe and
-scalable storage container with a much larger data size limit for session data.
-
-For more developer information, see the [Full API documentation][2].
-
-### Configuration Options
-
-A number of options are available to be set in
-`Aws::SessionStore::DynamoDB::Configuration`, which is used by the
-`RackMiddleware` class. These options can be set directly by Ruby code or
-through environment variables.
-
-The full set of options along with defaults can be found in the
-[Configuration class documentation][3].
-
-#### Environment Options
-
-Certain configuration options can be loaded from the environment. These
-options must be specified in the following format:
-
-    DYNAMO_DB_SESSION_NAME-OF-CONFIGURATION-OPTION
-
-The example below would be a valid way to set the session table name:
-
-    export DYNAMO_DB_SESSION_TABLE_NAME='sessions'
-
-### Garbage Collection
-
-You may want to delete old sessions from your session table. You can use the
-DynamoDB [Time to Live (TTL) feature][4] on the `expire_at` attribute to
-automatically delete expired items.
-
-If you want to take other attributes into consideration for deletion, you could
-instead use the `GarbageCollection` class. You can create your own Rake task for
-garbage collection similar to below:
-
-    require "aws-sessionstore-dynamodb"
-
-    desc 'Perform Garbage Collection'
-    task :garbage_collect do |t|
-     options = {:max_age => 3600*24, max_stale => 5*3600 }
-     Aws::SessionStore::DynamoDB::GarbageCollection.collect_garbage(options)
-    end
-
-The above example will clear sessions older than one day or that have been
-stale for longer than an hour.
-
-### Locking Strategy
-
-You may want the Session Store to implement the provided pessimistic locking
-strategy if you are concerned about concurrency issues with session accesses.
-By default, locking is not implemented for the session store. You must trigger
-the locking strategy through the configuration of the session store. Pessimistic
-locking, in this case, means that only one read can be made on a session at
-once. While the session is being read by the process with the lock, other
-processes may try to obtain a lock on the same session but will be blocked.
-
-Locking is expensive and will drive up costs depending on how it is used.
-Without locking, one read and one write are performed per request for session
-data manipulation. If a locking strategy is implemented, as many as the total
-maximum wait time divided by the lock retry delay writes to the database.
-Keep these considerations in mind if you plan to enable locking.
-
-#### Configuration for Locking
-
-The following configuration options will allow you to configure the pessimistic
-locking strategy according to your needs:
-
-    options = {
-      :enable_locking => true,
-      :lock_expiry_time => 500,
-      :lock_retry_delay => 500,
-      :lock_max_wait_time => 1
-    }
-
-### Error Handling
-
-You can pass in your own error handler for raised exceptions or you can allow
-the default error handler to them for you. See the API documentation
-on the {Aws::SessionStore::DynamoDB::Errors::BaseHandler} class for more
-details.
-
-[1]: https://github.com/aws/aws-sdk-rails/
-[2]: https://docs.aws.amazon.com/sdk-for-ruby/aws-sessionstore-dynamodb/api/
-[3]: https://docs.aws.amazon.com/sdk-for-ruby/aws-sessionstore-dynamodb/api/Aws/SessionStore/DynamoDB/Configuration.html
-[4]: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/TTL.html

data/Rakefile

@@ -1,35 +0,0 @@
-require 'rspec/core/rake_task'
-
-$REPO_ROOT = File.dirname(__FILE__)
-$LOAD_PATH.unshift(File.join($REPO_ROOT, 'lib'))
-$VERSION = ENV['VERSION'] || File.read(File.join($REPO_ROOT, 'VERSION')).strip
-
-
-Dir.glob('**/*.rake').each do |task_file|
-  load task_file
-end
-
-task 'test:coverage:clear' do
-  sh("rm -rf #{File.join($REPO_ROOT, 'coverage')}")
-end
-
-desc 'Runs unit tests'
-RSpec::Core::RakeTask.new do |t|
-  t.rspec_opts = "-I #{$REPO_ROOT}/lib -I #{$REPO_ROOT}/spec --tag ~integration"
-  t.pattern = "#{$REPO_ROOT}/spec"
-end
-task :spec => 'test:coverage:clear'
-
-desc 'Runs integration tests'
-RSpec::Core::RakeTask.new('spec:integration') do |t|
-  t.rspec_opts = "-I #{$REPO_ROOT}/lib -I #{$REPO_ROOT}/spec --tag integration"
-  t.pattern = "#{$REPO_ROOT}/spec"
-end
-
-desc 'Runs unit and integration tests'
-task 'test' => [:spec, 'spec:integration']
-
-task :default => :spec
-task 'release:test' => [:spec, 'spec:integration']
-
-

data/aws-sessionstore-dynamodb.gemspec

@@ -1,24 +0,0 @@
-version = File.read(File.expand_path('../VERSION', __FILE__)).strip
-
-Gem::Specification.new do |spec|
-  spec.name          = "aws-sessionstore-dynamodb"
-  spec.version       = version
-  spec.authors       = ["Amazon Web Services"]
-  spec.email         = ["aws-dr-rubygems@amazon.com"]
-
-  spec.summary       = "The Amazon DynamoDB Session Store handles sessions " +
-                       "for Ruby web applications using a DynamoDB backend."
-  spec.homepage      = "http://github.com/aws/aws-sessionstore-dynamodb-ruby"
-  spec.license       = "Apache License 2.0"
-
-  spec.files         = `git ls-files`.split($/)
-  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-  spec.require_paths = ["lib"]
-
-  # Require 1.85.0 for user_agent_frameworks config
-  spec.add_dependency 'aws-sdk-dynamodb', '~> 1', '>= 1.85.0'
-  spec.add_dependency 'rack', '>= 2', '< 4'
-  spec.add_dependency 'rack-session', '>= 1', '< 3'
-
-  spec.required_ruby_version = '>= 2.5'
-end

data/doc-src/templates/default/layout/html/footer.erb

@@ -1,6 +0,0 @@
-<div id="footer">
-  Generated on <%= Time.now.strftime("%c") %> by
-  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  <%= YARD::VERSION %> (ruby-<%= RUBY_VERSION %>).
-  <div id="awsdocs-legal-zone-copyright"></div>
-</div>

data/doc-src/templates/default/layout/html/layout.erb

@@ -1,31 +0,0 @@
-<!DOCTYPE html>
-<html>
-  <head>
-    <%= erb(:headers) %>
-    <!-- Docs Metrics + Cookie Consent Script -->
-    <meta name="guide-name" content="API Reference">
-    <meta name="service-name" content="AWS SDK For Ruby - AWS DynamoDB Session Store">
-    <script type="text/javascript" src="/assets/js/awsdocs-boot.js"></script>
-  </head>
-  <body>
-    <div class="nav_wrap">
-      <iframe id="nav" src="<%= @nav_url %>?1"></iframe>
-      <div id="resizer"></div>
-    </div>
-
-    <div id="main" tabindex="-1">
-      <div id="header">
-        <%= erb(:breadcrumb) %>
-        <%= erb(:search) %>
-        <div class="clear"></div>
-      </div>
-
-      <div id="content">
-        <!-- REGION_DISCLAIMER_DO_NOT_REMOVE -->
-        <%= yieldall %>
-      </div>
-
-      <%= erb(:footer) %>
-    </div>
-  </body>
-</html>

data/lib/aws/session_store/dynamo_db/invalid_id_error.rb

@@ -1,7 +0,0 @@
-module Aws::SessionStore::DynamoDB
-  class InvalidIDError < RuntimeError
-    def initialize(msg = "Corrupt Session ID!")
-      super
-    end
-  end
-end

data/lib/aws/session_store/dynamo_db/lock_wait_timeout_error.rb

@@ -1,7 +0,0 @@
-module Aws::SessionStore::DynamoDB
-  class LockWaitTimeoutError < RuntimeError
-    def initialize(msg = 'Maximum time spent to acquire lock has been exceeded!')
-      super
-    end
-  end
-end

data/lib/aws/session_store/dynamo_db/missing_secret_key_error.rb

@@ -1,7 +0,0 @@
-module Aws::SessionStore::DynamoDB
-  class MissingSecretKeyError < RuntimeError
-    def initialize(msg = "No secret key provided!")
-      super
-    end
-  end
-end

data/lib/aws/session_store/dynamo_db/version.rb

@@ -1,7 +0,0 @@
-module Aws
-  module SessionStore
-    module DynamoDB
-      VERSION = "2.0.0"
-    end
-  end
-end

data/spec/aws/session_store/dynamo_db/app_config.yml

@@ -1,16 +0,0 @@
-# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"). You
-# may not use this file except in compliance with the License. A copy of
-# the License is located at
-#
-#     http://aws.amazon.com/apache2.0/
-#
-# or in the "license" file accompanying this file. This file is
-# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
-# ANY KIND, either express or implied. See the License for the specific
-# language governing permissions and limitations under the License.
-
-table_name: NewTable
-table_key: Somekey
-consistent_read: true

data/spec/aws/session_store/dynamo_db/configuration_spec.rb

@@ -1,81 +0,0 @@
-# frozen_string_literal: true
-
-# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"). You
-# may not use this file except in compliance with the License. A copy of
-# the License is located at
-#
-#     http://aws.amazon.com/apache2.0/
-#
-# or in the "license" file accompanying this file. This file is
-# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
-# ANY KIND, either express or implied. See the License for the specific
-# language governing permissions and limitations under the License.
-
-require 'spec_helper'
-
-describe Aws::SessionStore::DynamoDB::Configuration do
-  let(:defaults) do
-    {
-      table_name: 'sessions',
-      table_key: 'session_id',
-      consistent_read: true,
-      read_capacity: 10,
-      write_capacity: 5,
-      raise_errors: false
-    }
-  end
-
-  let(:expected_file_opts) do
-    {
-      consistent_read: true,
-      table_name: 'NewTable',
-      table_key: 'Somekey',
-    }
-  end
-
-  let(:client) { Aws::DynamoDB::Client.new(stub_responses: true) }
-
-  let(:runtime_options) do
-    {
-      table_name: 'SessionTable',
-      table_key: 'session_id_stuff'
-    }
-  end
-
-  def expected_options(opts)
-    cfg = Aws::SessionStore::DynamoDB::Configuration.new(opts)
-    expected_opts = defaults.merge(expected_file_opts).merge(opts)
-    expect(cfg.to_hash).to include(expected_opts)
-  end
-
-  before do
-    allow(Aws::DynamoDB::Client).to receive(:new).and_return(client)
-  end
-
-  context 'Configuration Tests' do
-    it 'configures option with out runtime,YAML or ENV options' do
-      cfg = Aws::SessionStore::DynamoDB::Configuration.new
-      expect(cfg.to_hash).to include(defaults)
-    end
-
-    it 'configures accurate option hash with runtime options, no YAML or ENV' do
-      cfg = Aws::SessionStore::DynamoDB::Configuration.new(runtime_options)
-      expected_opts = defaults.merge(runtime_options)
-      expect(cfg.to_hash).to include(expected_opts)
-    end
-
-    it 'merge YAML and runtime options giving runtime precendence' do
-      config_path = File.dirname(__FILE__) + '/app_config.yml'
-      runtime_opts = { config_file: config_path }.merge(runtime_options)
-      expected_options(runtime_opts)
-    end
-
-    it 'throws an exception when wrong path for file' do
-      config_path = 'Wrong path!'
-      runtime_opts = { config_file: config_path }.merge(runtime_options)
-      expect { cfg = Aws::SessionStore::DynamoDB::Configuration.new(runtime_opts) }.to raise_error(Errno::ENOENT)
-    end
-  end
-end

data/spec/aws/session_store/dynamo_db/error/default_error_handler_spec.rb

@@ -1,64 +0,0 @@
-# frozen_string_literal: true
-
-# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"). You
-# may not use this file except in compliance with the License. A copy of
-# the License is located at
-#
-#     http://aws.amazon.com/apache2.0/
-#
-# or in the "license" file accompanying this file. This file is
-# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
-# ANY KIND, either express or implied. See the License for the specific
-# language governing permissions and limitations under the License.
-
-require 'spec_helper'
-
-describe Aws::SessionStore::DynamoDB do
-  include Rack::Test::Methods
-
-  instance_exec(&ConstantHelpers)
-
-  before do
-    @options = { dynamo_db_client: client, secret_key: 'meltingbutter' }
-  end
-
-  let(:base_app) { MultiplierApplication.new }
-  let(:app) { Aws::SessionStore::DynamoDB::RackMiddleware.new(base_app, @options) }
-  let(:client) { double('Aws::DynamoDB::Client', config: double(user_agent_frameworks: [])) }
-
-  context 'Error handling for Rack Middleware with default error handler' do
-    it 'raises error for missing secret key' do
-      allow(client).to receive(:update_item).and_raise(missing_key_error)
-      expect { get '/' }.to raise_error(missing_key_error)
-    end
-
-    it 'catches exception for inaccurate table name and raises error ' do
-      allow(client).to receive(:update_item).and_raise(resource_error)
-      expect { get '/' }.to raise_error(resource_error)
-    end
-
-    it 'catches exception for inaccurate table key' do
-      allow(client).to receive(:update_item).and_raise(key_error)
-      allow(client).to receive(:get_item).and_raise(key_error)
-
-      get '/'
-      expect(last_request.env['rack.errors'].string).to include(key_error_msg)
-    end
-  end
-
-  context 'Test ExceptionHandler with true as return value for handle_error' do
-    it 'raises all errors' do
-      @options[:raise_errors] = true
-      allow(client).to receive(:update_item).and_raise(client_error)
-      expect { get '/' }.to raise_error(client_error)
-    end
-
-    it 'catches exception for inaccurate table key and raises error' do
-      @options[:raise_errors] = true
-      allow(client).to receive(:update_item).and_raise(key_error)
-      expect { get '/' }.to raise_error(key_error)
-    end
-  end
-end

data/spec/aws/session_store/dynamo_db/garbage_collection_spec.rb

@@ -1,158 +0,0 @@
-# frozen_string_literal: true
-
-# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"). You
-# may not use this file except in compliance with the License. A copy of
-# the License is located at
-#
-#     http://aws.amazon.com/apache2.0/
-#
-# or in the "license" file accompanying this file. This file is
-# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
-# ANY KIND, either express or implied. See the License for the specific
-# language governing permissions and limitations under the License.
-
-require 'spec_helper'
-
-describe Aws::SessionStore::DynamoDB::GarbageCollection do
-  def items(min, max)
-    items = []
-    (min..max).each do |i|
-      items << { 'session_id' => { s: i.to_s } }
-    end
-    items
-  end
-
-  def format_scan_result
-    items = []
-    (31..49).each do |i|
-      items << { 'session_id' => { s: i.to_s } }
-    end
-
-    items.each_with_object([]) do |item, rqst_array|
-      rqst_array << { delete_request: { key: item } }
-    end
-  end
-
-  def collect_garbage
-    options = { dynamo_db_client: dynamo_db_client, max_age: 100, max_stale: 100 }
-    Aws::SessionStore::DynamoDB::GarbageCollection.collect_garbage(options)
-  end
-
-  let(:scan_resp1) do
-    resp = {
-      items: items(0, 49),
-      count: 50,
-      scanned_count: 1000,
-      last_evaluated_key: {}
-    }
-  end
-
-  let(:scan_resp2) do
-    {
-      items: items(0, 31),
-      last_evaluated_key: { 'session_id' => { s: '31' } }
-    }
-  end
-
-  let(:scan_resp3) do
-    {
-      items: items(31, 49),
-      last_evaluated_key: {}
-    }
-  end
-
-  let(:write_resp1) do
-    {
-      unprocessed_items: {}
-    }
-  end
-
-  let(:write_resp2) do
-    {
-      unprocessed_items: {
-        'sessions' => [
-          {
-            delete_request: {
-              key: {
-                'session_id' =>
-                {
-                  s: '1'
-                }
-              }
-            }
-          },
-          {
-            delete_request: {
-              key: {
-                'session_id' =>
-                {
-                  s: '17'
-                }
-              }
-            }
-          }
-        ]
-      }
-    }
-  end
-
-  let(:dynamo_db_client) {Aws::DynamoDB::Client.new(stub_responses: true)}
-
-  context 'Mock DynamoDB client with garbage collection' do
-    it 'processes scan result greater than 25 and deletes in batches of 25' do
-      expect(dynamo_db_client).to receive(:scan)
-        .exactly(1).times.and_return(scan_resp1)
-      expect(dynamo_db_client).to receive(:batch_write_item).
-        exactly(2).times.and_return(write_resp1)
-      collect_garbage
-    end
-
-    it 'gets scan results then returns last evaluated key and resumes scanning' do
-      expect(dynamo_db_client).to receive(:scan).
-        exactly(1).times.and_return(scan_resp2)
-      expect(dynamo_db_client).to receive(:scan).
-        exactly(1).times.with(hash_including(exclusive_start_key: scan_resp2[:last_evaluated_key])).
-        and_return(scan_resp3)
-      expect(dynamo_db_client).to receive(:batch_write_item).
-        exactly(3).times.and_return(write_resp1)
-      collect_garbage
-    end
-
-    it 'it formats unprocessed_items and then batch deletes them' do
-      expect(dynamo_db_client).to receive(:scan).
-        exactly(1).times.and_return(scan_resp3)
-      expect(dynamo_db_client).to receive(:batch_write_item).ordered.
-        with({request_items: { 'sessions' => format_scan_result }}).
-        and_return(write_resp2)
-      expect(dynamo_db_client).to receive(:batch_write_item).ordered.with({
-        request_items: {
-          'sessions' => [
-            {
-              delete_request: {
-                key: {
-                  'session_id' =>
-                  {
-                    s: '1'
-                  }
-                }
-              }
-            },
-            {
-              delete_request: {
-                key: {
-                  'session_id' =>
-                  {
-                    s: '17'
-                  }
-                }
-              }
-            }
-          ]
-        }
-      }).and_return(write_resp1)
-      collect_garbage
-    end
-  end
-end