cfoundry 0.4.21 → 0.5.0

data/lib/cfoundry/client.rb

@@ -1,4 +1,6 @@
 require "cfoundry/baseclient"
+require "cfoundry/rest_client"
+require "cfoundry/auth_token"
 
 require "cfoundry/v1/app"
 require "cfoundry/v1/framework"

data/lib/cfoundry/concerns/login_helpers.rb

@@ -0,0 +1,13 @@
+require "base64"
+
+module CFoundry
+  module LoginHelpers
+    def login_prompts
+      @base.uaa.prompts
+    end
+
+    def login(username, password)
+      @base.token = AuthToken.from_uaa_token_info(@base.uaa.authorize(username, password))
+    end
+  end
+end

data/lib/cfoundry/errors.rb

@@ -3,9 +3,11 @@ require "multi_json"
 
 module CFoundry
   # Base class for CFoundry errors (not from the server).
-  class Error < RuntimeError; end
+  class Error < RuntimeError;
+  end
 
-  class Deprecated < Error; end
+  class Deprecated < Error;
+  end
 
   class Mismatch < Error
     def initialize(expected, got)
@@ -44,7 +46,7 @@ module CFoundry
     end
 
     def to_s
-      "#{method::METHOD} #{uri} timed out"
+      "#{method} #{uri} timed out"
     end
   end
 
@@ -61,10 +63,10 @@ module CFoundry
     attr_reader :error_code, :description, :request, :response
 
     # Create an APIError with a given request and response.
-    def initialize(request, response, description = nil, error_code = nil)
+    def initialize(description = nil, error_code = nil, request = nil, response = nil)
       @response = response
       @request = request
-      @error_code = error_code || response.code
+      @error_code = error_code || (response ? response[:status] : nil)
       @description = description || parse_description
     end
 
@@ -82,12 +84,13 @@ module CFoundry
     end
 
     private
+
     def parse_description
-      begin
-       parse_json(response.body)[:description]
-      rescue MultiJson::DecodeError
-        response.body
-      end
+      return unless response
+
+      parse_json(response[:body])[:description]
+    rescue MultiJson::DecodeError
+      response[:body]
     end
 
     def parse_json(x)
@@ -99,12 +102,17 @@ module CFoundry
     end
   end
 
-  class NotFound < APIError; end
+  class NotFound < APIError
+  end
 
-  class Denied < APIError; end
+  class Denied < APIError
+  end
 
-  class BadResponse < APIError; end
+  class BadResponse < APIError
+  end
 
+  class UAAError < APIError
+  end
 
   def self.define_error(class_name, *codes)
     base =

data/lib/cfoundry/rest_client.rb

@@ -0,0 +1,290 @@
+require "cfoundry/trace_helpers"
+require "net/https"
+require "net/http/post/multipart"
+require "multi_json"
+require "fileutils"
+
+module CFoundry
+  class RestClient
+    include CFoundry::TraceHelpers
+
+    LOG_LENGTH = 10
+
+    HTTP_METHODS = {
+      "GET" => Net::HTTP::Get,
+      "PUT" => Net::HTTP::Put,
+      "POST" => Net::HTTP::Post,
+      "DELETE" => Net::HTTP::Delete,
+      "HEAD" => Net::HTTP::Head,
+    }
+
+    DEFAULT_OPTIONS = {
+      :follow_redirects => true
+    }
+
+    attr_reader :target
+
+    attr_accessor :trace, :backtrace, :log, :request_id, :token, :target, :proxy
+
+    def initialize(target, token = nil)
+      @target = target
+      @token = token
+      @trace = false
+      @backtrace = false
+      @log = false
+    end
+
+    def request(method, path, options = {})
+      request_uri(method, construct_url(path), DEFAULT_OPTIONS.merge(options))
+    end
+
+    def generate_headers(payload, options)
+      headers = {}
+
+      if payload.is_a?(String)
+        headers["Content-Length"] = payload.size
+      elsif !payload
+        headers["Content-Length"] = 0
+      end
+
+      headers["X-Request-Id"] = @request_id if @request_id
+      headers["Authorization"] = @token.auth_header if @token
+      headers["Proxy-User"] = @proxy if @proxy
+
+      if accept_type = mimetype(options[:accept])
+        headers["Accept"] = accept_type
+      end
+
+      if content_type = mimetype(options[:content])
+        headers["Content-Type"] = content_type
+      end
+
+      headers.merge!(options[:headers]) if options[:headers]
+      headers
+    end
+
+    private
+
+    def request_uri(method, uri, options = {})
+      uri = URI.parse(uri)
+
+      # keep original options in case there's a redirect to follow
+      original_options = options.dup
+      payload = options[:payload]
+
+      if params = options[:params]
+        if uri.query
+          uri.query += "&" + encode_params(params)
+        else
+          uri.query = encode_params(params)
+        end
+      end
+
+      unless payload.is_a?(String)
+        case options[:content]
+          when :json
+            payload = MultiJson.dump(payload)
+          when :form
+            payload = encode_params(payload)
+        end
+      end
+
+      method_class = get_method_class(method)
+      if payload.is_a?(Hash)
+        multipart = method_class.const_get(:Multipart)
+        request = multipart.new(uri.request_uri, payload)
+      else
+        request = method_class.new(uri.request_uri)
+        request.body = payload if payload
+      end
+
+      headers = generate_headers(payload, options)
+
+      request_hash = {
+        :url => uri.to_s,
+        :method => method,
+        :headers => headers,
+        :body => payload
+      }
+
+      print_request(request_hash) if @trace
+
+      add_headers(request, headers)
+
+      # TODO: test http proxies
+      http = Net::HTTP.new(uri.host, uri.port)
+
+      # TODO remove this when staging returns streaming responses
+      http.read_timeout = 300
+
+      if uri.is_a?(URI::HTTPS)
+        http.use_ssl = true
+        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
+
+      before = Time.now
+      http.start do
+        response = http.request(request)
+        time = Time.now - before
+
+        response_hash = {
+          :headers => sane_headers(response),
+          :status => response.code,
+          :body => response.body
+        }
+
+        print_response(response_hash) if @trace
+        print_backtrace(caller) if @trace
+
+        log_request(time, request, response)
+
+        if response.is_a?(Net::HTTPRedirection) && options[:follow_redirects]
+          request_uri("GET", response["location"], original_options)
+        else
+          return request_hash, response_hash
+        end
+      end
+    rescue ::Timeout::Error => e
+      raise Timeout.new(method, uri, e)
+    rescue SocketError, Errno::ECONNREFUSED => e
+      raise TargetRefused, e.message
+    end
+
+    def construct_url(path)
+      path = "/#{path}" unless path[0] == ?\/
+      target + path
+    end
+
+    def get_method_class(method_string)
+      HTTP_METHODS[method_string.upcase]
+    end
+
+    def add_headers(request, headers)
+      headers.each { |key, value| request[key] = value }
+    end
+
+    def mimetype(content)
+      case content
+      when String
+        content
+      when :json
+        "application/json"
+      when :form
+        "application/x-www-form-urlencoded"
+      when nil
+        nil
+      # return request headers (not really Accept)
+      else
+        raise CFoundry::Error, "Unknown mimetype '#{content.inspect}'"
+      end
+    end
+
+    def encode_params(hash, escape = true)
+      hash.keys.map do |k|
+        v = hash[k]
+        v = MultiJson.dump(v) if v.is_a?(Hash)
+        v = URI.escape(v.to_s, /[^#{URI::PATTERN::UNRESERVED}]/) if escape
+        "#{k}=#{v}"
+      end.join("&")
+    end
+
+    def log_data(time, request, response)
+      { :time => time,
+        :request => {
+          :method => request.method,
+          :url => request.path,
+          :headers => sane_headers(request)
+        },
+        :response => {
+          :code => response.code,
+          :headers => sane_headers(response)
+        }
+      }
+    end
+
+    def log_line(io, data)
+      io.printf(
+        "[%s]  %0.3fs  %6s -> %d  %s\n",
+        Time.now.strftime("%F %T"),
+        data[:time],
+        data[:request][:method].to_s.upcase,
+        data[:response][:code],
+        data[:request][:url])
+    end
+
+    def log_request(time, request, response)
+      return unless @log
+
+      data = log_data(time, request, response)
+
+      case @log
+      when IO
+        log_line(@log, data)
+        return
+      when String
+        if File.exists?(@log)
+          log = File.readlines(@log).last(LOG_LENGTH - 1)
+        elsif !File.exists?(File.dirname(@log))
+          FileUtils.mkdir_p(File.dirname(@log))
+        end
+
+        File.open(@log, "w") do |io|
+          log.each { |l| io.print l } if log
+          log_line(io, data)
+        end
+
+        return
+      end
+
+      if @log.respond_to?(:call)
+        @log.call(data)
+        return
+      end
+
+      if @log.respond_to?(:<<)
+        @log << data
+        return
+      end
+    end
+
+    def print_request(request)
+      $stderr.puts ">>>"
+      $stderr.puts request_trace(request)
+    end
+
+    def print_response(response)
+      $stderr.puts response_trace(response)
+      $stderr.puts "<<<"
+    end
+
+    def print_backtrace(locs)
+      return unless @backtrace
+
+      interesting_locs = locs.drop_while { |loc|
+        loc =~ /\/(cfoundry\/|restclient\/|net\/http)/
+      }
+
+      $stderr.puts "--- backtrace:"
+
+      $stderr.puts "... (boring)" unless locs == interesting_locs
+
+      trimmed_locs = interesting_locs[0..5]
+
+      trimmed_locs.each do |loc|
+        $stderr.puts "=== #{loc}"
+      end
+
+      $stderr.puts "... (trimmed)" unless trimmed_locs == interesting_locs
+    end
+
+    def sane_headers(obj)
+      hds = {}
+
+      obj.each_header do |k, v|
+        hds[k] = v
+      end
+
+      hds
+    end
+  end
+end

data/lib/cfoundry/test_support.rb

@@ -0,0 +1,3 @@
+Dir[File.expand_path('../../../spec/{support,fakes}/**/*.rb', __FILE__)].each do |file|
+  require file
+end

data/lib/cfoundry/trace_helpers.rb

@@ -6,25 +6,25 @@ module CFoundry
 
     def request_trace(request)
       return nil unless request
-      info = ["REQUEST: #{request.method} #{request.path}"]
+      info = ["REQUEST: #{request[:method]} #{request[:url]}"]
       info << "REQUEST_HEADERS:"
-      info << header_trace(request)
-      info << "REQUEST_BODY: #{request.body}" if request.body
+      info << header_trace(request[:headers])
+      info << "REQUEST_BODY: #{request[:body]}" if request[:body]
       info.join("\n")
     end
 
 
     def response_trace(response)
       return nil unless response
-      info = ["RESPONSE: [#{response.code}]"]
+      info = ["RESPONSE: [#{response[:status]}]"]
       info << "RESPONSE_HEADERS:"
-      info << header_trace(response)
+      info << header_trace(response[:headers])
       info << "RESPONSE_BODY:"
       begin
-        parsed_body = MultiJson.load(response.body)
+        parsed_body = MultiJson.load(response[:body])
         info << MultiJson.dump(parsed_body, :pretty => true)
       rescue
-        info << "#{response.body}"
+        info << "#{response[:body]}"
       end
       info.join("\n")
     end
@@ -32,8 +32,8 @@ module CFoundry
     private
 
     def header_trace(headers)
-      headers.to_hash.sort.map do |key, value|
-        "  #{key} : #{value.join(", ")}"
+      headers.sort.map do |key, value|
+        "  #{key} : #{value}"
       end
     end
   end

data/lib/cfoundry/uaaclient.rb

@@ -1,108 +1,100 @@
 require "cfoundry/baseclient"
+require 'uaa'
 
 module CFoundry
   class UAAClient < BaseClient
-    attr_accessor :target, :client_id, :redirect_uri, :token, :trace
+    attr_accessor :target, :client_id, :token, :trace
 
-    def initialize(
-        target = "https://uaa.cloudfoundry.com",
-        client_id = "vmc")
+    def initialize(target = "https://uaa.cloudfoundry.com", client_id = "vmc")
       @target = target
       @client_id = client_id
-      @redirect_uri = "https://uaa.cloudfoundry.com/redirect/vmc"
+      CF::UAA::Misc.symbolize_keys = true
     end
 
     def prompts
-      get("login", :accept => :json)[:prompts]
+      wrap_uaa_errors do
+        CF::UAA::Misc.server(target)[:prompts]
+      end
     end
 
-    def authorize(credentials)
-      query = {
-        :client_id => @client_id,
-        :response_type => "token",
-        :redirect_uri => @redirect_uri
-      }
-
-      auth =
-        post(
-          { :credentials => credentials },
-          "oauth", "authorize",
-          :return_response => true,
-          :content => :form,
-          :accept => :json,
-          :params => query)
-
-      if auth.is_a? Net::HTTPRedirection
-        extract_token(auth["location"])
-      else
-        json = parse_json(auth.body)
-        raise CFoundry::Denied.new(nil, nil, json[:error_description], auth.code)
+    def authorize(username, password)
+      wrap_uaa_errors do
+        begin
+          creds = { :username => username, :password => password }
+          token_issuer.implicit_grant_with_creds(creds)
+        rescue CF::UAA::BadResponse => e
+          status_code = e.message[/\d+/] || 400
+          raise CFoundry::Denied.new("Authorization failed", status_code)
+        end
       end
-
     end
 
     def users
-      get("Users", :accept => :json)
+      wrap_uaa_errors do
+        scim.query(:user)
+      end
     end
 
     def change_password(guid, new, old)
-      put(
-        { :password => new, :oldPassword => old },
-        "Users", guid, "password",
-        :accept => :json,
-        :content => :json)
+      wrap_uaa_errors do
+        scim.change_password(guid, new, old)
+      end
     end
 
     def password_score(password)
-      response = post(
-        { :password => password },
-        "password", "score",
-        :content => :form,
-        :accept => :json
-      )
-      required_score = response[:requiredScore] || 0
-      case (response[:score] || 0)
-        when 10 then :strong
-        when required_score..9 then :good
-        else :weak
+      wrap_uaa_errors do
+        response = CF::UAA::Misc.password_strength(target, password)
+
+        required_score = response[:requiredScore] || 0
+        case (response[:score] || 0)
+          when 10 then
+            :strong
+          when required_score..9 then
+            :good
+          else
+            :weak
+        end
       end
     end
 
-    private
-
-    def handle_response(response, accept, request)
-      case response
-      when Net::HTTPSuccess, Net::HTTPRedirection
-        accept == :json ? parse_json(response.body) : response.body
-      when Net::HTTPBadRequest, Net::HTTPUnauthorized, Net::HTTPForbidden
-        info = parse_json(response.body)
-        raise Denied.new(request, response, info[:error_description])
-
-      when Net::HTTPNotFound
-        raise CFoundry::NotFound.new(request, response)
-
-      when Net::HTTPConflict
-        info = parse_json(response.body)
-        raise CFoundry::Denied.new(request, response, info[:message])
-
-      else
-        raise BadResponse.new(request, response)
+    def add_user(email, password)
+      wrap_uaa_errors do
+        scim.add(
+          :user,
+          {:userName => email,
+            :emails => [{:value => email}],
+            :password => password,
+            :name => {:givenName => email, :familyName => email}
+          }
+        )
       end
     end
 
-    def extract_token(url)
-      _, params = url.split('#')
-      return unless params
+    private
 
-      values = {}
-      params.split("&").each do |pair|
-        key, val = pair.split("=")
-        values[key] = val
-      end
+    def token_issuer
+      @token_issuer ||= CF::UAA::TokenIssuer.new(target, client_id, nil, :symbolize_keys => true)
+      @token_issuer.logger.level = @trace ? 0 : 1
+      @token_issuer
+    end
 
-      return unless values["access_token"] && values["token_type"]
+    def scim
+      auth_header = token && token.auth_header
+      scim = CF::UAA::Scim.new(target, auth_header)
+      scim.logger.level = @trace ? 0 : 1
+      scim
+    end
 
-      "#{values["token_type"]} #{values["access_token"]}"
+    def wrap_uaa_errors
+      yield
+    rescue CF::UAA::BadResponse
+      raise CFoundry::BadResponse
+    rescue CF::UAA::NotFound
+      raise CFoundry::NotFound
+    rescue CF::UAA::InvalidToken
+      raise CFoundry::Denied
+    rescue CF::UAA::TargetError => e
+      raise CFoundry::UAAError.new(e.info["error_description"], e.info["error"])
     end
   end
 end