RubyGems - castle-rb - Versions diffs - 2.3.2 → 3.0.0 - Mend

castle-rb 2.3.2 → 3.0.0

Files changed (62) hide show

checksums.yaml +5 -5
data/README.md +55 -9
data/lib/castle.rb +17 -7
data/lib/castle/api.rb +20 -22
data/lib/castle/client.rb +50 -19
data/lib/castle/command.rb +5 -0
data/lib/castle/commands/authenticate.rb +25 -0
data/lib/castle/commands/identify.rb +30 -0
data/lib/castle/commands/review.rb +13 -0
data/lib/castle/commands/track.rb +25 -0
data/lib/castle/commands/with_context.rb +28 -0
data/lib/castle/configuration.rb +46 -14
data/lib/castle/context_merger.rb +13 -0
data/lib/castle/default_context.rb +28 -0
data/lib/castle/errors.rb +2 -0
data/lib/castle/extractors/client_id.rb +4 -14
data/lib/castle/extractors/headers.rb +6 -18
data/lib/castle/failover_auth_response.rb +21 -0
data/lib/castle/header_formatter.rb +9 -0
data/lib/castle/request.rb +7 -13
data/lib/castle/response.rb +2 -0
data/lib/castle/review.rb +11 -0
data/lib/castle/secure_mode.rb +11 -0
data/lib/castle/support/hanami.rb +19 -0
data/lib/castle/support/padrino.rb +1 -1
data/lib/castle/support/rails.rb +1 -1
data/lib/castle/support/sinatra.rb +4 -2
data/lib/castle/utils.rb +55 -0
data/lib/castle/utils/cloner.rb +11 -0
data/lib/castle/utils/merger.rb +23 -0
data/lib/castle/version.rb +1 -1
data/spec/lib/castle/api_spec.rb +16 -25
data/spec/lib/castle/client_spec.rb +175 -39
data/spec/lib/castle/command_spec.rb +9 -0
data/spec/lib/castle/commands/authenticate_spec.rb +106 -0
data/spec/lib/castle/commands/identify_spec.rb +85 -0
data/spec/lib/castle/commands/review_spec.rb +24 -0
data/spec/lib/castle/commands/track_spec.rb +107 -0
data/spec/lib/castle/configuration_spec.rb +75 -27
data/spec/lib/castle/context_merger_spec.rb +34 -0
data/spec/lib/castle/default_context_spec.rb +35 -0
data/spec/lib/castle/extractors/client_id_spec.rb +13 -5
data/spec/lib/castle/extractors/headers_spec.rb +6 -5
data/spec/lib/castle/extractors/ip_spec.rb +2 -9
data/spec/lib/castle/header_formatter_spec.rb +21 -0
data/spec/lib/castle/request_spec.rb +12 -9
data/spec/lib/castle/response_spec.rb +1 -3
data/spec/lib/castle/review_spec.rb +23 -0
data/spec/lib/castle/secure_mode_spec.rb +9 -0
data/spec/lib/castle/utils/cloner_spec.rb +18 -0
data/spec/lib/castle/utils/merger_spec.rb +13 -0
data/spec/lib/castle/utils_spec.rb +156 -0
data/spec/lib/castle/version_spec.rb +1 -5
data/spec/lib/castle_spec.rb +8 -15
data/spec/spec_helper.rb +3 -9
metadata +46 -12
data/lib/castle/cookie_store.rb +0 -52
data/lib/castle/headers.rb +0 -39
data/lib/castle/support.rb +0 -11
data/lib/castle/system.rb +0 -36
data/spec/lib/castle/headers_spec.rb +0 -82
data/spec/lib/castle/system_spec.rb +0 -70

data/lib/castle/context_merger.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+module Castle
+  class ContextMerger
+    def initialize(context)
+      @main_context = Castle::Utils::Cloner.call(context)
+    end
+    def call(request_context)
+      Castle::Utils::Merger.call(@main_context, request_context)
+    end
+  end
+end

data/lib/castle/default_context.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+module Castle
+  class DefaultContext
+    def initialize(request, cookies = nil)
+      @client_id = Extractors::ClientId.new(request, cookies || request.cookies).call('__cid')
+      @headers = Extractors::Headers.new(request).call
+      @ip = Extractors::IP.new(request).call
+    end
+    def call
+      context = {
+        client_id: @client_id,
+        active: true,
+        origin: 'web',
+        headers: @headers || {},
+        ip: @ip,
+        library: {
+          name: 'castle-rb',
+          version: Castle::VERSION
+        }
+      }
+      context[:locale] = @headers['Accept-Language'] if @headers['Accept-Language']
+      context[:user_agent] = @headers['User-Agent'] if @headers['User-Agent']
+      context
+    end
+  end
+end

data/lib/castle/errors.rb CHANGED Viewed

@@ -24,4 +24,6 @@ module Castle
   class InvalidParametersError < Castle::ApiError; end
   # api error unauthorized 401
   class UnauthorizedError < Castle::ApiError; end
+  # all internal server errors
+  class InternalServerError < Castle::ApiError; end
 end

data/lib/castle/extractors/client_id.rb CHANGED Viewed

@@ -4,25 +4,15 @@ module Castle
   module Extractors
     # used for extraction of cookies and headers from the request
     class ClientId
-      def initialize(request)
+      def initialize(request, cookies)
         @request = request
+        @cookies = cookies || {}
       end
-      def call(response, name)
-        extract_cookie(response)[name] ||
+      def call(name)
+        @cookies[name] ||
           @request.env.fetch('HTTP_X_CASTLE_CLIENT_ID', '')
       end
-      private
-      # Extract the cookie set by the Castle JavaScript
-      def extract_cookie(response)
-        if response.class.name == 'ActionDispatch::Cookies::CookieJar'
-          Castle::CookieStore::Rack.new(response)
-        else
-          Castle::CookieStore::Base.new(@request, response)
-        end
-      end
     end
   end
 end

data/lib/castle/extractors/headers.rb CHANGED Viewed

@@ -7,29 +7,17 @@ module Castle
       def initialize(request)
         @request = request
         @request_env = @request.env
-        @disabled_headers = ['Cookie']
+        @formatter = HeaderFormatter.new
       end
       # Serialize HTTP headers
       def call
-        headers = http_headers.each_with_object({}) do |header, acc|
-          name = format_header_name(header)
-          unless @disabled_headers.include?(name)
-            acc[name] = @request_env[header]
-          end
+        @request_env.keys.each_with_object({}) do |header, acc|
+          name = @formatter.call(header)
+          next unless Castle.config.whitelisted.include?(name)
+          next if Castle.config.blacklisted.include?(name)
+          acc[name] = @request_env[header]
         end
-        JSON.generate(headers)
-      end
-      private
-      def format_header_name(header)
-        header.gsub(/^HTTP_/, '').split('_').map(&:capitalize).join('-')
-      end
-      def http_headers
-        @request_env.keys.grep(/^HTTP_/)
       end
     end
   end

data/lib/castle/failover_auth_response.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+module Castle
+  # generate failover authentication response
+  class FailoverAuthResponse
+    def initialize(user_id, strategy: Castle.config.failover_strategy, reason:)
+      @strategy = strategy
+      @reason = reason
+      @user_id = user_id
+    end
+    def generate
+      {
+        'action' => @strategy.to_s,
+        'user_id' => @user_id,
+        'failover' => true,
+        'failover_reason' => @reason
+      }
+    end
+  end
+end

data/lib/castle/header_formatter.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+module Castle
+  class HeaderFormatter
+    def call(header)
+      header.gsub(/^HTTP(?:_|-)/i, '').split(/_|-/).map(&:capitalize).join('-')
+    end
+  end
+end

data/lib/castle/request.rb CHANGED Viewed

@@ -3,30 +3,24 @@
 module Castle
   # generate api request
   class Request
-    def initialize(headers)
+    def initialize(headers = {})
       @config = Castle.config
       @headers = headers
     end
-    def build_query(endpoint)
-      request = Net::HTTP::Get.new(
-        "#{@config.api_endpoint.path}/#{endpoint}", @headers
-      )
-      add_basic_auth(request)
-      request
-    end
     def build(endpoint, args, method)
-      request = Net::HTTP.const_get(method.to_s.capitalize).new(
-        "#{@config.api_endpoint.path}/#{endpoint}", @headers
-      )
-      request.body = args.to_json
+      request = Net::HTTP.const_get(method.to_s.capitalize).new(build_url(endpoint), @headers)
+      request.body = ::Castle::Utils.replace_invalid_characters(args).to_json unless method == :get
       add_basic_auth(request)
       request
     end
     private
+    def build_url(endpoint)
+      "/#{@config.url_prefix}/#{endpoint}"
+    end
     def add_basic_auth(request)
       request.basic_auth('', @config.api_secret)
     end

data/lib/castle/response.rb CHANGED Viewed

@@ -36,6 +36,8 @@ module Castle
       return if response_code.between?(200, 299)
+      raise Castle::InternalServerError if response_code.between?(500, 599)
       error = RESPONSE_ERRORS.fetch(response_code, Castle::ApiError)
       raise error, @response[:message]
     end

data/lib/castle/review.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+module Castle
+  class Review
+    def self.retrieve(review_id)
+      command = Castle::Commands::Review.new.build(review_id)
+      API.new.request(command)
+    end
+  end
+end

data/lib/castle/secure_mode.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+require 'openssl'
+module Castle
+  module SecureMode
+    def self.signature(user_id)
+      OpenSSL::HMAC.hexdigest('sha256', Castle.config.api_secret, user_id.to_s)
+    end
+  end
+end

data/lib/castle/support/hanami.rb ADDED Viewed

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+module Castle
+  module Hanami
+    module Action
+      def castle
+        @castle ||= ::Castle::Client.new(request, cookies: (cookies if defined? cookies))
+      end
+    end
+    def self.included(base)
+      base.configure do
+        controller.prepare do
+          include Castle::Hanami::Action
+        end
+      end
+    end
+  end
+end

data/lib/castle/support/padrino.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Padrino
     module Castle
       module Helpers
         def castle
-          @castle ||= ::Castle::Client.new(request, response)
+          @castle ||= ::Castle::Client.new(request)
         end
       end

data/lib/castle/support/rails.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 module Castle
   module CastleClient
     def castle
-      @castle ||= request.env['castle'] || Castle::Client.new(request, response)
+      @castle ||= request.env['castle'] || Castle::Client.new(request)
     end
   end

data/lib/castle/support/sinatra.rb CHANGED Viewed

@@ -1,15 +1,17 @@
 # frozen_string_literal: true
+require 'sinatra/base'
 module Sinatra
   module Castle
     module Helpers
       def castle
-        @castle ||= ::Castle::Client.new(request, response)
+        @castle ||= ::Castle::Client.new(request)
       end
     end
     def self.registered(app)
-      app.helpers Helpers
+      app.helpers Castle::Helpers
     end
   end

data/lib/castle/utils.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+module Castle
+  module Utils
+    class << self
+      # Returns a new hash with all keys converted to symbols, as long as
+      # they respond to +to_sym+. This includes the keys from the root hash
+      # and from all nested hashes and arrays.
+      #
+      #   hash = { 'person' => { 'name' => 'Rob', 'age' => '28' } }
+      #
+      #   Castle::Hash.deep_symbolize_keys(hash)
+      #   # => {:person=>{:name=>"Rob", :age=>"28"}}
+      def deep_symbolize_keys(object, &block)
+        case object
+        when Hash
+          object.each_with_object({}) do |(key, value), result|
+            result[key.to_sym] = deep_symbolize_keys(value, &block)
+          end
+        when Array
+          object.map { |e| deep_symbolize_keys(e, &block) }
+        else
+          object
+        end
+      end
+      def deep_symbolize_keys!(object, &block)
+        case object
+        when Hash
+          object.keys.each do |key|
+            value = object.delete(key)
+            object[key.to_sym] = deep_symbolize_keys!(value, &block)
+          end
+          object
+        when Array
+          object.map! { |e| deep_symbolize_keys!(e, &block) }
+        else
+          object
+        end
+      end
+      def replace_invalid_characters(arg)
+        if arg.is_a?(::String)
+          arg.encode('UTF-8', invalid: :replace, undef: :replace)
+        elsif arg.is_a?(::Hash)
+          arg.each_with_object({}) { |(k, v), h| h[k] = replace_invalid_characters(v) }
+        elsif arg.is_a?(::Array)
+          arg.map(&method(:replace_invalid_characters))
+        else
+          arg
+        end
+      end
+    end
+  end
+end

data/lib/castle/utils/cloner.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+module Castle
+  module Utils
+    class Cloner
+      def self.call(object)
+        Marshal.load(Marshal.dump(object))
+      end
+    end
+  end
+end

data/lib/castle/utils/merger.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+module Castle
+  module Utils
+    class Merger
+      def self.call(first, second)
+        Castle::Utils.deep_symbolize_keys!(first)
+        Castle::Utils.deep_symbolize_keys!(second)
+        second.each do |name, value|
+          if value.nil?
+            first.delete(name)
+          elsif value.is_a?(Hash) && first[name].is_a?(Hash)
+            call(first[name], value)
+          else
+            first[name] = value
+          end
+        end
+        first
+      end
+    end
+  end
+end

data/lib/castle/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Castle
-  VERSION = '2.3.2'
+  VERSION = '3.0.0'
 end

data/spec/lib/castle/api_spec.rb CHANGED Viewed

@@ -1,10 +1,14 @@
 # frozen_string_literal: true
-require 'spec_helper'
 describe Castle::API do
-  let(:api) { described_class.new('abcd', '1.2.3.4', '{}') }
-  let(:api_endpoint) { 'http://new.herokuapp.com:3000/v2' }
+  let(:api) { described_class.new('X-Castle-Client-Id' => 'abcd', 'X-Castle-Ip' => '1.2.3.4') }
+  let(:command) { Castle::Command.new('authenticate', '1234', :post) }
+  let(:result_headers) do
+    { 'Accept' => '*/*',
+      'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
+      'User-Agent' => 'Ruby', 'X-Castle-Client-Id' => 'abcd',
+      'X-Castle-Ip' => '1.2.3.4' }
+  end
   describe 'handles timeout' do
     before do
@@ -12,7 +16,7 @@ describe Castle::API do
     end
     it do
       expect do
-        api.request('authenticate', user_id: '1234')
+        api.request(command)
       end.to raise_error(Castle::RequestError)
     end
   end
@@ -21,34 +25,21 @@ describe Castle::API do
     before do
       stub_request(:any, /api.castle.io/).to_return(status: 400)
     end
-    it 'handles non-OK response code' do
+    it do
       expect do
-        api.request('authenticate', user_id: '1234')
+        api.request(command)
       end.to raise_error(Castle::BadRequestError)
     end
   end
-  describe 'handles custom API endpoint' do
-    before do
-      stub_request(:any, /new.herokuapp.com/)
-      Castle.config.api_endpoint = api_endpoint
-    end
-    it do
-      api.request('authenticate', user_id: '1234')
-      path = "#{api_endpoint.gsub(/new/, ':secret@new')}/authenticate"
-      assert_requested :post, path, times: 1
-    end
-  end
-  describe 'handles query request' do
+  describe 'handles missing configuration' do
     before do
-      stub_request(:any, /new.herokuapp.com/)
-      Castle.config.api_endpoint = api_endpoint
+      allow(Castle.config).to receive(:api_secret).and_return('')
     end
     it do
-      api.request_query('review/1')
-      path = "#{api_endpoint.gsub(/new/, ':secret@new')}/review/1"
-      assert_requested :get, path, times: 1
+      expect do
+        api.request(command)
+      end.to raise_error(Castle::ConfigurationError)
     end
   end
 end