bits_service_client 3.4.0 → 4.0.0.pre.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b4242082d6a29fcdb2819d861e9f883a4befc391
-  data.tar.gz: 6943669dc1c3f5478cc9972baead5bc436d058c6
+  metadata.gz: 3fd02832b61746287f81c5d06ef2002cb97fb33b
+  data.tar.gz: 80e5101938d38d36dbcc0e1f1ff54b36019eaf33
 SHA512:
-  metadata.gz: 3a8067ed2c86500ee9c5cb599ad08b7acaecfe457cd5ac26d4a879ec32a850318b3a3789b49a74da3e366e734ee277915677d47d045ee77bac22eecde7e9d465
-  data.tar.gz: 74ba859b0b6f0a704bf8a7a4844858171a7134dfa9405d9966f3ef45e37132d9f1e5cbdb2c1532448d4ee0385ba32b0a59fab53e8aa8492d447df147931abebf
+  metadata.gz: 39246c058170ffbf73192359b7afa6d065cf109258d1bcf5dd65a40e95daca3388cb719d304f6bafd9ca7a1033fd94823e1352a7293034946eac89e18d766d2d
+  data.tar.gz: 033f7d52d78390765856053892bef6a369a56345600f4cbed9b61420e012359b0319bee5730ddeec50ee1e182d8b7be2b333f71a960cdbb226dbae33561d00d7

data/.rubocop.yml

@@ -53,7 +53,7 @@ Performance/Sample:
 Style/Alias:
   EnforcedStyle: prefer_alias_method
 
-Style/AlignParameters:
+Layout/AlignParameters:
   Enabled: false
 
 Style/BlockDelimiters:
@@ -65,13 +65,13 @@ Style/BracesAroundHashParameters:
 Style/ClassAndModuleChildren:
   Enabled: false
 
-Style/ClosingParenthesisIndentation:
+Layout/ClosingParenthesisIndentation:
   Enabled: false
 
 Style/Documentation:
   Enabled: false
 
-Style/DotPosition:
+Layout/DotPosition:
   EnforcedStyle: trailing
 
 Style/DoubleNegation:
@@ -89,10 +89,10 @@ Style/GuardClause:
 Style/IfUnlessModifier:
   Enabled: false
 
-Style/IndentArray:
+Layout/IndentArray:
   EnforcedStyle: consistent
 
-Style/IndentHash:
+Layout/IndentHash:
   Enabled: false
 
 Style/Lambda:
@@ -101,10 +101,10 @@ Style/Lambda:
 Style/MultilineBlockChain:
   Enabled: false
 
-Style/MultilineBlockLayout:
+Layout/MultilineBlockLayout:
   Enabled: false
 
-Style/MultilineOperationIndentation:
+Layout/MultilineOperationIndentation:
   Enabled: false
 
 Style/NegatedIf:
@@ -116,7 +116,7 @@ Style/Next:
 Style/NumericLiterals:
   Enabled: false
 
-Style/PredicateName:
+Naming/PredicateName:
   Enabled: false
 
 Style/RaiseArgs:
@@ -134,7 +134,7 @@ Style/SignalException:
 Style/SingleLineBlockParams:
   Enabled: false
 
-Style/SpaceAroundEqualsInParameterDefault:
+Layout/SpaceAroundEqualsInParameterDefault:
   EnforcedStyle: no_space
 
 Style/StructInheritance:
@@ -143,7 +143,10 @@ Style/StructInheritance:
 Style/TrailingCommaInArguments:
   Enabled: false
 
-Style/TrailingCommaInLiteral:
+Style/TrailingCommaInArrayLiteral:
+  Enabled: false
+
+Style/TrailingCommaInHashLiteral:
   Enabled: false
 
 Style/TrailingUnderscoreVariable:

data/bits_service_client.gemspec

@@ -1,14 +1,14 @@
 # frozen_string_literal: true
 
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'bits_service_client/version'
 
 Gem::Specification.new do |spec|
   spec.name          = 'bits_service_client'
   spec.version       = BitsServiceClient::VERSION
-  spec.authors       = ['Rizwan Reza', 'Steffen Uhlig', 'Peter Goetz', 'Norman Sutorius']
-  spec.email         = ['rizwanreza@gmail.com', 'steffen.uhlig@de.ibm.com', 'peter.gtz@gmail.com', 'norman.sutorius@de.ibm.com']
+  spec.authors       = ['Rizwan Reza', 'Steffen Uhlig', 'Peter Goetz', 'Norman Sutorius','Tobias Zipfel']
+  spec.email         = ['rizwanreza@gmail.com', 'steffen.uhlig@de.ibm.com', 'peter.gtz@gmail.com', 'norman.sutorius@de.ibm.com', 'tobias.zipfel@gmail.com']
 
   spec.summary       = 'Bits Services client for Cloud Foundry'
   spec.homepage      = 'https://github.com/cloudfoundry-incubator/bits-service-client'
@@ -17,18 +17,18 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_dependency 'activesupport'
-  spec.add_dependency 'steno'
   spec.add_dependency 'statsd-ruby', '~> 1.4.0'
+  spec.add_dependency 'steno'
 
   spec.add_development_dependency 'bundler', '~> 1.11'
   spec.add_development_dependency 'multipart-post'
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'pry-nav'
   spec.add_development_dependency 'rack-test'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rb-readline'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rubocop'
-  spec.add_development_dependency 'webmock', '= 2.3.1'
   spec.add_development_dependency 'sinatra'
-  spec.add_development_dependency 'pry'
-  spec.add_development_dependency 'pry-nav'
+  spec.add_development_dependency 'webmock', '= 2.3.1'
 end

data/lib/bits_service_client.rb

@@ -4,6 +4,7 @@ require 'json'
 require 'net/http/post/multipart'
 require 'openssl'
 
+require 'util/signature_util'
 require 'bits_service_client/version'
 require 'bits_service_client/blob'
 require 'bits_service_client/errors'

data/lib/bits_service_client/blob.rb

@@ -1,17 +1,22 @@
 # frozen_string_literal: true
+require 'util/signature_util'
 
 module BitsService
   class Blob
+
+    include BitsService::SignatureUtil
+
     attr_reader :key
 
-    def initialize(key:, private_endpoint:, private_http_client:, vcap_request_id:, username:, password:, resource_type:)
+    def initialize(key:, private_endpoint:, private_http_client:, vcap_request_id:, resource_type:, public_endpoint:, signing_key_secret:, signing_key_id:)
       @key = key
       @private_http_client = private_http_client
       @vcap_request_id = vcap_request_id
-      @username = username
-      @password = password
       @resource_type = resource_type
       @private_endpoint = private_endpoint
+      @public_endpoint = public_endpoint
+      @signing_key_secret = signing_key_secret
+      @signing_key_id = signing_key_id
     end
 
     def attributes(*_)
@@ -38,19 +43,14 @@ module BitsService
 
     def signed_url(key, verb: nil)
       query = if verb.nil?
-                ''
-              else
-                "?verb=#{verb}"
-              end
-
-      response = @private_http_client.get("/sign#{resource_path(key)}#{query}", @vcap_request_id, { username: @username, password: @password })
-      validate_response_code!([200, 302], response)
-
-      response.tap do |result|
-        result.body = result['location'] if result.code.to_i == 302
+        ''
+      else
+        "&verb=#{verb}"
       end
 
-      response.body
+      signed_url = "#{@public_endpoint}#{self.sign_signature(resource_path(key), @signing_key_secret, @signing_key_id)}#{query}"
+      logger.debug( "Created signed URL: #{signed_url}")
+      return signed_url
     end
 
     def generate_private_url(key)
@@ -63,22 +63,6 @@ module BitsService
       File.join(@private_endpoint.to_s, path)
     end
 
-    # TODO: Refactor the following code to avoid duplicate methods with BitsService::Client
-
-    def validate_response_code!(expected_codes, response)
-      return if Array(expected_codes).include?(response.code.to_i)
-
-      error = {
-        response_code: response.code,
-        response_body: response.body,
-        response: response
-      }.to_json
-
-      logger.error("UnexpectedResponseCode: expected '#{expected_codes}' got #{response.code}")
-
-      fail BlobstoreError.new(error)
-    end
-
     def resource_path(key)
       prefix = @resource_type == :buildpack_cache ? 'buildpack_cache/entries/' : @resource_type
       File.join('/', prefix.to_s, key.to_s)

data/lib/bits_service_client/client.rb

@@ -15,6 +15,8 @@ module BitsService
       @password = validated(bits_service_options, :password)
       @private_endpoint = validated_http_url(bits_service_options, :private_endpoint)
       @public_endpoint = validated_http_url(bits_service_options, :public_endpoint)
+      @signing_key_secret = validated(bits_service_options, :signing_key_secret)
+      @signing_key_id = validated(bits_service_options, :signing_key_id)
 
       raise ResourceTypeNotPresent.new('Must specify resource type') unless resource_type
       @resource_type = resource_type
@@ -107,9 +109,10 @@ module BitsService
         private_http_client: @private_http_client,
         private_endpoint: @private_endpoint,
         vcap_request_id: @vcap_request_id,
-        username: @username,
-        password: @password,
-        resource_type: @resource_type
+        resource_type: @resource_type,
+        public_endpoint: @public_endpoint,
+        signing_key_secret: @signing_key_secret,
+        signing_key_id: @signing_key_id,
       )
     end
 

data/lib/bits_service_client/resource_pool.rb

@@ -1,15 +1,20 @@
 # frozen_string_literal: true
+require 'util/signature_util'
 
 module BitsService
   class ResourcePool
-    def initialize(endpoint:, request_timeout_in_seconds:, vcap_request_id: '', ca_cert_path: nil, username:, password:)
-      @endpoint = URI.parse(endpoint)
+
+    include BitsService::SignatureUtil
+
+    def initialize(bits_service_options:, request_timeout_in_seconds:, vcap_request_id: '')
+      @endpoint = URI.parse(bits_service_options[:private_endpoint])
+      @public_endpoint = bits_service_options[:public_endpoint]
       @request_timeout_in_seconds = request_timeout_in_seconds
+      @signed_key_secret = bits_service_options[:signing_key_secret]
+      @signed_key_id = bits_service_options[:signing_key_id]
       @vcap_request_id = vcap_request_id
       @logger = Steno.logger('cc.bits_service_client')
-      @ca_cert_path = ca_cert_path
-      @username = username
-      @password = password
+      @ca_cert_path = bits_service_options[:ca_cert_path]
     end
 
     def matches(resources_json)
@@ -19,11 +24,10 @@ module BitsService
     end
 
     def signed_matches_url
-      req = Net::HTTP::Get.new('/sign/app_stash/matches?verb=post')
-      req.basic_auth(@username, @password)
-      response = do_request(http_client, req, @vcap_request_id)
-      validate_response_code!(200, response)
-      response.body
+      # "verb=post"
+      signed_url = "#{@public_endpoint}#{self.sign_signature("/app_stash/matches", @signed_key_secret, @signed_key_id)}"
+      @logger.debug("Created signed URL: #{signed_url}")
+      return signed_url
     end
 
     def bundles(resources_json, entries_path)
@@ -113,5 +117,6 @@ module BitsService
       http_client.verify_mode = OpenSSL::SSL::VERIFY_PEER
       http_client.cert_store = cert_store
     end
+
   end
 end

data/lib/bits_service_client/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module BitsServiceClient
-  VERSION = '3.4.0'
+  VERSION = '4.0.0.pre.1'
 end

data/lib/util/signature_util.rb

@@ -0,0 +1,18 @@
+module BitsService
+  module SignatureUtil
+    def sign_signature(resource_path, key_secret, key_id)
+      expires = seconds_since_the_unix_epoch_with_offset(3600)
+      signature_parts = "#{expires}#{resource_path}#{' '}#{key_secret}"
+      digest = OpenSSL::Digest::SHA256.new
+      hmac = OpenSSL::HMAC.new(key_secret, digest)
+      signature=OpenSSL::HMAC.hexdigest(digest, key_secret, signature_parts)
+      signed_path = "#{resource_path}?signature=#{signature}&expires=#{expires}&AccessKeyId=#{key_id}"
+      return signed_path
+    end
+
+    def seconds_since_the_unix_epoch_with_offset(offset)
+      t = Time.now.utc + offset
+      t.strftime('%s')
+    end
+  end
+end

metadata

@@ -1,17 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: bits_service_client
 version: !ruby/object:Gem::Version
-  version: 3.4.0
+  version: 4.0.0.pre.1
 platform: ruby
 authors:
 - Rizwan Reza
 - Steffen Uhlig
 - Peter Goetz
 - Norman Sutorius
+- Tobias Zipfel
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-10 00:00:00.000000000 Z
+date: 2019-01-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -28,33 +29,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: steno
+  name: statsd-ruby
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.4.0
 - !ruby/object:Gem::Dependency
-  name: statsd-ruby
+  name: steno
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.4.0
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.4.0
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -84,7 +85,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rack-test
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -98,21 +99,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: pry-nav
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rb-readline
+  name: rack-test
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -126,21 +127,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: rb-readline
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -154,21 +155,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: webmock
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.1
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.1
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: sinatra
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -182,7 +183,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: sinatra
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -196,25 +197,26 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry-nav
+  name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.3.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.3.1
 description: 
 email:
 - rizwanreza@gmail.com
 - steffen.uhlig@de.ibm.com
 - peter.gtz@gmail.com
 - norman.sutorius@de.ibm.com
+- tobias.zipfel@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -237,6 +239,7 @@ files:
 - lib/bits_service_client/logging_http_client.rb
 - lib/bits_service_client/resource_pool.rb
 - lib/bits_service_client/version.rb
+- lib/util/signature_util.rb
 homepage: https://github.com/cloudfoundry-incubator/bits-service-client
 licenses: []
 metadata: {}
@@ -251,9 +254,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.6.14.3