cloudimage 0.2.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 278e88b372ae0e007da88f05ede4180b1db4203c5b36dca72acf56e1f510d2e6
-  data.tar.gz: e4761b0f0ceb55bc6311e2966472a0b52dbc7694f37833f3dec6a6c8baf80a9c
+  metadata.gz: 06d221bc041ab617d9997d66e6d2c4b9f03dcbdcbbf4c05cb6b54f1c66f7c5f1
+  data.tar.gz: 2ed732e2099d6a3b1a9649da9840b303bef144f43b0cd2801e09f6d080361c28
 SHA512:
-  metadata.gz: 323332b25479d79a894406a05dda4f9e91d119dd1d4b43f8a4880a61aa9bd5a2fa4756ec9b33e803241bef2c616f4eefdfda0e32683234f1255d4815bf582110
-  data.tar.gz: af73227c277fb3b7b63150135e730536a7c40018e90b39c7478a4fb6592981e389e883a5529fb5ce76e217a2e117c353b1a9f6dbddde4d590a2b347dc916ccb1
+  metadata.gz: 5385f01daa66e04d394c8cc2d0257f367ba5f18f3f553ccc71a7341c4149975c94a5b707305cf3e3a6c93a6ff5a2346a459c623d7ca80aff35ca65c886dd0cb9
+  data.tar.gz: f4130b0bf5d7b40325e5a04f69a5e8dcbe117519369a517d4665788c3c78d0e84ba976d1c542bf0a06a38082893dd2342e695b8906e2ef9df54df0f807a389e9

data/CHANGELOG.md

@@ -1,4 +1,17 @@
-## master
+# Changelog
+
+## [Unreleased](https://github.com/scaleflex/cloudimage-rb/tree/HEAD)
+
+[Full Changelog](https://github.com/scaleflex/cloudimage-rb/compare/v0.2.1...HEAD)
+
+**Closed issues:**
+
+- Add automatic changelog generation [\#11](https://github.com/scaleflex/cloudimage-rb/issues/11)
+
+**Merged pull requests:**
+
+- Use changelog generation [\#16](https://github.com/scaleflex/cloudimage-rb/pull/16) ([janklimo](https://github.com/janklimo))
+- Add test coverage with SimpleCov [\#9](https://github.com/scaleflex/cloudimage-rb/pull/9) ([janklimo](https://github.com/janklimo))
 
 ## 0.2.1 (2020-06-29)
 
@@ -23,3 +36,6 @@
 
 - Set up Github actions for CI.
   [#1](https://github.com/scaleflex/cloudimage-rb/pull/1) (@janklimo)
+
+
+\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*

data/README.md

@@ -15,11 +15,13 @@ Supports Ruby `2.4` and above, `JRuby`, and `TruffleRuby`.
     - [Aliases](#aliases)
     - [Custom helpers](#custom-helpers)
     - [Security](#security)
+      - [URL signature](#url-signature)
+      - [URL sealing](#url-sealing)
   - [Development](#development)
-    - [TODOs](#todos)
   - [Contributing](#contributing)
   - [License](#license)
   - [Code of Conduct](#code-of-conduct)
+  - [Showcase](#showcase)
 
 ## Installation
 
@@ -59,6 +61,7 @@ Cloudimage client accepts the following options:
 | `salt`             | No        | See [Security](#security).                          |
 | `signature_length` | No        | Integer value in the range `6..40`. Defaults to 18. |
 | `api_version`      | No        | Defaults to the current stable version.             |
+| `sign_urls`        | No        | Defaults to `true`. See [Security](#security).      |
 
 Calling `path` on the client object returns an instance of `Cloudimage::URI`.
 It accepts path to the image as a string and we we will use it to build
@@ -121,6 +124,8 @@ For a list of custom helpers available to you, please consult
 
 ### Security
 
+#### URL signature
+
 If `salt` is defined, all URLs will be signed.
 
 You can control the length of the generated signature by specifying `signature_length`
@@ -133,6 +138,46 @@ uri.w(200).h(400).to_url
 # => "https://mysecrettoken.cloudimg.io/v7/assets/image.png?h=400&w=200&ci_sign=79cfbc458b"
 ```
 
+#### URL sealing
+
+Whereas URL signatures let you protect your URL from any kind of
+tampering, URL sealing protects the params you specify while making
+it possible to append additional params on the fly.
+
+This is useful when working with Cloudimage's
+[responsive frontend libraries](https://docs.cloudimage.io/go/cloudimage-documentation-v7/en/responsive-images).
+A common use case would be sealing your watermark but letting the
+React client request the best possible width.
+
+To seal your URLs, initialize client with `salt` and set
+`sign_urls` to `false`. `signature_length` setting is applied
+to control the length of the generated `ci_seal` value.
+
+Use the `seal_params` helper to specify which params to seal
+as a list of arguments. These could be symbols or strings.
+
+```ruby
+client = Cloudimage::Client.new(token: 'demoseal', salt: 'test', sign_urls: false)
+
+client
+  .path('/sample.li/birds.jpg')
+  .f('bright:10,contrast:20')
+  .w(300)
+  .h(400)
+  .seal_params(:w, :f)
+  .to_url
+# => "https://demoseal.cloudimg.io/v7/sample.li/birds.jpg?ci_eqs=Zj1icmlnaHQlM0ExMCUyQ2NvbnRyYXN0JTNBMjAmdz0zMDA&ci_seal=67dd8cc44f6ba44ee5&h=400"
+
+# Alternative approach:
+client
+  .path('/sample.li/birds.jpg')
+  .to_url(f: 'bright:10,contrast:20', w: 300, h: 400, seal_params: [:w, :f])
+# => "https://demoseal.cloudimg.io/v7/sample.li/birds.jpg?ci_eqs=Zj1icmlnaHQlM0ExMCUyQ2NvbnRyYXN0JTNBMjAmdz0zMDA&ci_seal=67dd8cc44f6ba44ee5&h=400"
+```
+
+This approach protects `w` and `f` values from being edited but
+makes it possible to freely modify the value of `h`.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies.
@@ -140,13 +185,6 @@ Then, run `bundle exec rake` to run the tests. You can also run
 `bin/console` for an interactive prompt that will allow you to
 experiment.
 
-### TODOs
-
-- URL sealing
-- Add support for custom CNAMEs
-- `srcset` generation
-- Purge cache API
-
 ## Contributing
 
 Bug reports and pull requests are welcome. This project is intended
@@ -164,3 +202,12 @@ The gem is available as open source under the terms of the
 Everyone interacting with the project's codebase, issues, and pull
 requests is expected to follow the
 [code of conduct](https://github.com/scaleflex/cloudimage-rb/blob/master/CODE_OF_CONDUCT.md).
+
+## Showcase
+
+Among others, `cloudimage` is used to power the following apps:
+
+- [Robin PRO](https://apps.shopify.com/robin-pro-image-gallery) - Fast, beautiful, mobile-friendly image galleries for Shopify stores.
+
+Using this gem in your app? Let us know in [this issue](https://github.com/scaleflex/cloudimage-rb/issues/8)
+so that we can feature it.

data/lib/cloudimage/client.rb

@@ -18,6 +18,7 @@ module Cloudimage
       @config[:signature_length] =
         options[:signature_length] || DEFAULT_SIGNATURE_LENGTH
       @config[:api_version] = API_VERSION
+      @config[:sign_urls] = options[:sign_urls].nil? ? true : false
 
       ensure_valid_config
     end

data/lib/cloudimage/custom_helpers.rb

@@ -5,5 +5,11 @@ module Cloudimage
     def positionable_crop(origin_x:, origin_y:, width:, height:)
       tl_px(origin_x, origin_y).br_px(origin_x + width, origin_y + height)
     end
+
+    def seal_params(*query_params)
+      # URI#query_values returns hash where keys are strings.
+      sealed_params.merge(query_params.map(&:to_s))
+      self
+    end
   end
 end

data/lib/cloudimage/refinements.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Cloudimage
+  module Refinements
+    unless {}.respond_to?(:slice)
+      refine Hash do
+        def slice(*keys)
+          keys.each_with_object({}) do |k, acc|
+            acc[k] = self[k] if key?(k)
+          end
+        end
+      end
+    end
+
+    unless ''.respond_to?(:delete_prefix)
+      refine String do
+        def delete_prefix(prefix)
+          sub(/\A#{prefix}/, '')
+        end
+      end
+    end
+  end
+end

data/lib/cloudimage/security.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+require 'digest'
+require 'base64'
+
+require_relative 'refinements'
+
+module Cloudimage
+  class Security
+    using Refinements
+
+    attr_reader :uri, :config
+
+    def initialize(uri, **config)
+      @uri = uri
+      @config = config
+    end
+
+    def sign_url(request_uri)
+      query = uri.query_values || {}
+      uri.query_values = query.merge(ci_sign: signature(request_uri))
+    end
+
+    def seal_url(path, sealed_params)
+      query = uri.query_values || {}
+      sealed_query = query.slice(*sealed_params)
+      query.keep_if { |k, _| !sealed_query.key?(k) }
+      eqs = eqs(sealed_query)
+      query[:ci_eqs] = eqs unless eqs.empty?
+      query[:ci_seal] = seal(path, eqs)
+      uri.query_values = query
+    end
+
+    private
+
+    def signature(request_uri)
+      digest = Digest::SHA1.hexdigest(config[:salt] + request_uri)
+      trim(digest, config[:signature_length])
+    end
+
+    def eqs(query_params)
+      uri = Addressable::URI.new
+      uri.query_values = query_params
+      Base64.urlsafe_encode64(uri.query, padding: false)
+    end
+
+    def seal(path, eqs)
+      digest = Digest::SHA1.hexdigest(path + eqs + config[:salt])
+      trim(digest, config[:signature_length])
+    end
+
+    def trim(signature, length)
+      signature[0, length]
+    end
+  end
+end

data/lib/cloudimage/uri.rb

@@ -1,31 +1,31 @@
 # frozen_string_literal: true
 
-require 'digest'
-
 require_relative 'params'
 require_relative 'custom_helpers'
+require_relative 'security'
+require_relative 'refinements'
 
 module Cloudimage
   class URI
+    using Refinements
+
     include Params
     include CustomHelpers
 
-    attr_reader :uri, :params, :config
+    attr_reader :path, :uri, :params, :config, :sealed_params
 
     def initialize(path, **config)
       @config = config
       @params = {}
-      @uri = build_uri_from(path)
+      @sealed_params = Set.new
+      @path = ensure_path_format(path)
+      @uri = build_uri
     end
 
     PARAMS.each do |param|
       define_method param do |*args|
-        @params[param] = if args.any?
-                           args.join(',')
-                         else
-                           # Flag params don't need to pass in arguments.
-                           @params[param] = 1
-                         end
+        # Flag params don't need to pass in arguments.
+        params[param] = args.any? ? args.join(',') : 1
         self
       end
     end
@@ -36,43 +36,50 @@ module Cloudimage
 
     def to_url(**extra_params)
       set_uri_params(**extra_params)
-      sign_url
+      secure_url
+      uri.to_s
     end
 
     private
 
-    def base_url
+    def site
       "https://#{config[:token]}.cloudimg.io"
     end
 
-    def base_url_with_api_version
-      "#{base_url}/#{config[:api_version]}"
+    def api_version
+      "/#{config[:api_version]}"
     end
 
-    def build_uri_from(path)
-      formatted_path = path.start_with?('/') ? path : "/#{path}"
-      Addressable::URI.parse(base_url_with_api_version + formatted_path)
+    def ensure_path_format(path)
+      path.start_with?('/') ? path : "/#{path}"
+    end
+
+    def request_uri
+      uri.request_uri.delete_prefix(api_version)
+    end
+
+    def build_uri
+      Addressable::URI.parse(site + api_version + path)
     end
 
     def set_uri_params(**extra_params)
+      seal_params(*extra_params.delete(:seal_params))
       url_params = params.merge(**extra_params)
       return unless url_params.any?
 
       uri.query_values = url_params
     end
 
-    def sign_url
-      url = uri.to_s
-
-      return url if config[:salt].nil?
+    def secure_url
+      return uri.to_s if config[:salt].nil?
 
-      url + "#{uri.query_values ? '&' : '?'}ci_sign=#{signature}"
-    end
+      security = Security.new(uri, **config)
 
-    def signature
-      path = uri.to_s.sub(base_url_with_api_version, '')
-      digest = Digest::SHA1.hexdigest(config[:salt] + path)
-      digest[0..(config[:signature_length] - 1)]
+      if config[:sign_urls]
+        security.sign_url(request_uri)
+      else
+        security.seal_url(path, sealed_params)
+      end
     end
   end
 end

data/lib/cloudimage/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Cloudimage
-  VERSION = '0.2.1'
+  VERSION = '0.3.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cloudimage
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.0
 platform: ruby
 authors:
 - Jan Klimo
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-29 00:00:00.000000000 Z
+date: 2020-07-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -24,6 +24,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.7'
+- !ruby/object:Gem::Dependency
+  name: github_changelog_generator
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.15.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.15.2
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.13'
 description: Fast and easy image resizing, transformation, and acceleration in the
   Cloud.
 email:
@@ -41,6 +69,8 @@ files:
 - lib/cloudimage/client.rb
 - lib/cloudimage/custom_helpers.rb
 - lib/cloudimage/params.rb
+- lib/cloudimage/refinements.rb
+- lib/cloudimage/security.rb
 - lib/cloudimage/uri.rb
 - lib/cloudimage/version.rb
 homepage: https://github.com/scaleflex/cloudimage-rb