configuration_service 4.0.1 → 4.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3d499d3ed34dc61754cba18d38999edc665154e7
-  data.tar.gz: dcba5f9be3aeede67f66fc14b404a9b2c4278be5
+  metadata.gz: 0f54605e38bbf4f4ae31e0261649f41afd4f2da2
+  data.tar.gz: 73a3f5fe6583fee49d3303d66cdc3d0850d99bc9
 SHA512:
-  metadata.gz: 6c389d39ee89f21675296c6aff819a46650116f71ed64144cfa5c36cd79a707daa1bfa57ca6f8e4a64b1f6e20c71214185e72ddc036e1b1562225c4a7ee8a428
-  data.tar.gz: e8969036d9967cb4e85cd933c15f2b54b0881fa4715541d583bacedfd53974da1be6e0bc0c756b0f399d00e193fc4fcaf43c88ee6d4b8261144c50de10d24b28
+  metadata.gz: 79f30829184142b8209c860a13d7929ac251e0b053e3e79be0b11ccef1bb5c48843a14f7d905c1711b5cd9bb5ae704f98a662a7b829ab74b7386a8b5ca10d245
+  data.tar.gz: 8d7525a0e583c09c9812f4023cb6952f8e0722a685fa78116bf7420c1cc84865b2109e65fb44fcb36dc2cdd3bc37f7ba6e1e98abc8e57609a86f366578608ab2

data/README.rdoc

@@ -61,17 +61,18 @@ We could swap and/or reconfigure the provider by manipulating only the +Gemfile+
 The factory in the example above uses the process environment and (on JRuby) system properties as its context
 because {ConfigurationService::Factory.create_client} defaults to {ConfigurationService::Factory::EnvironmentContext}.
 To better understand the factory context, consider the example of a simple configuration service frontend
-that needs an {ConfigurationService::AdminClient AdminClient} for administrative access to the service:
+that needs a multi-identifier (admin) client for administrative access to the service:
 
   # Bad example (see below for discussion)
   context = ConfigurationService::Factory::Context.new(
     "token" => "c3935418-f621-40de-ada3-cc8169f1348a",
+    # Note: no identifier provided
     "provider_id" => "vault",
     "provider_config" => {
       "address" => "http://127.0.0.1:8200"
     }
   )
-  admin_client = ConfigurationService::Factory.create_admin_client(context)
+  admin_client = ConfigurationService::Factory.create_client(context)
 
   app = Rack::Builder.new do
     map "/configurations" do
@@ -88,12 +89,12 @@ In practice, the administrative context would most likely come from the configur
 In the following example, the {ConfigurationService::Factory} defaults to using the
 {ConfigurationService::Factory::EnvironmentContext EnvironmentContext} to acquire application configuration
 from a non-administrative {ConfigurationService::Client} client.
-Part of the application configuration is then used as the context for an administrative {ConfigurationService::AdminClient},
+Part of the application configuration is then used as the context for a multi-identifier admin client,
 which is used as a model in the application.
 
   configuration = ConfigurationService::Factory.create_client.request_configuration
   app_name = configuration.data["app_name"]
-  admin_client = ConfigurationService::Factory.create_admin_client(configuration.data["cs_config"])
+  admin_client = ConfigurationService::Factory.create_client(configuration.data["cs_config"])
 
   app = Rack::Builder.new do
     map "/" do
@@ -111,7 +112,7 @@ The above code would rely on configuration data that looked something like this:
   app_name: ACME config service UI
   cs_config:
     token: c3935418-f621-40de-ada3-cc8169f1348a
-    interface: admin
+    # Note: no identifier provided
     provider_id: vault
     provider_config:
       address: http://127.0.0.1:8200
@@ -127,7 +128,32 @@ If this configuration data was stored under the configuration identifier "acme",
 
 So this application would use the token "0b2...4af" to access its configuration data
 under the identifier "acme"
-with a non-administrative {ConfigurationService::Client} client.
+with a non-administrative {ConfigurationService::Client}.
 Part of its configuration data, in this case under the key "cs_config",
-provides {ConfigurationService::Factory::Context} for creating an administrative {ConfigurationService::AdminClient},
+provides {ConfigurationService::Factory::Context} for creating a multi-identifier admin client,
 which it would then use the token "c39...48a" to operate over multiple configuration identifiers on behalf of users.
+
+=== Decorators
+
+The service supports decoration of the provider to extend functionality. A {ConfigurationService::Decorator} is
+a class that take a service provider (or another decorator) as its only constructor argument, and provides the
+same methods as a service provider.
+
+This allows the service provider to be composed into a chain of multiple decorators to extend the functionality
+of the service.
+
+Decorator authors should be sure to register their decorators into the
+{ConfigurationService::DecoratorRegistry}.
+The gem comes with a sample decorator, {ConfigurationService::Decorator::ReferenceResolver},
+although this is likely to be moved into a separate gem in a later release.
+
+The easiest way to compose decorators into the service is with the {ConfigurationService::Factory}.
+
+Here is sample environment that indicates to the factory that it should compose the reference resolver into the
+service it creates:
+
+  CFGSRV_IDENTIFIER="acme"
+  CFGSRV_TOKEN="0b2a80f4-54ce-45f4-8267-f6558fee64af"
+  CFGSRV_DECORATORS="reference_resolver"
+  CFGSRV_PROVIDER="vault"
+  CFGSRV_PROVIDER_ADDRESS="http://127.0.0.1:8200"

data/features/authorization.feature

@@ -29,7 +29,14 @@ Feature: Authorization
     Given the specified configuration exists
     And I am allowed to authorize consumption of configuration 
     When I authorize consumption of the configuration
-    Then I receive credentials that only allow consumption of the configuration
+    Then I receive credentials that allow consumption of the configuration
+
+  Scenario: Allowed to create credentials for consuming referenced configurations
+    Given existing configuration data containing references 
+    And the referenced configuration exists
+    And I am allowed to authorize consumption of configuration 
+    When I authorize consumption of the configuration
+    Then I receive credentials that allow consumption of the referenced configurations
 
   Scenario: Token-less request
     Given I do not have a token

data/features/bootstrapping.feature

@@ -11,4 +11,3 @@ Feature: Bootstrapping
     When I bootstrap the configuration service from the environment
     Then I receive a functioning configuration service
     And the environmental service configuration has been scrubbed
-

data/features/consuming.feature

@@ -5,11 +5,19 @@ Feature: Consuming configuration data
   I want to request access to configuration data
 
   Scenario: Metadata-free hit
-    Given I am allowed to request configuration
-    And the specified configuration exists
+    Given the specified configuration exists
+    And I am allowed to request configuration
     When I request configuration data
     Then the specified configuration should be returned
 
+  Scenario: Resolved configuration
+    Given existing configuration data containing references 
+    And the referenced configuration exists
+    And I am allowed to request configuration
+    When I request configuration data
+    Then the specified configuration should be returned
+    And the references should be replaced with the referenced configuration data
+
   Scenario: Metadata-free miss
     Given I am allowed to request configuration
     And the specified configuration does not exist
@@ -35,7 +43,8 @@ Feature: Consuming configuration data
     Then I should receive a 'no match' indication
 
   Scenario: CS request failure
-    Given I am allowed to request configuration
+    Given the specified configuration exists
+    And I am allowed to request configuration
     And a CS request failure
     When I request configuration data
     Then I should receive a 'request failure' notification

data/features/step_definitions/authorization_steps.rb

@@ -2,6 +2,15 @@ Given(/^I do not have a token$/) do
   @test.deauthorize
 end
 
+Given(/^existing configuration data containing references$/) do
+  @test.given_existing_configuration_containing_references
+end
+
+Given(/^the referenced configuration exists$/) do
+  @test.given_referenced_configuration_exists
+end
+
+
 Given(/^I am allowed to request configuration$/) do
   @test.authorize(:requesting_configurations)
 end
@@ -46,7 +55,13 @@ When(/^I authorize consumption of the configuration$/) do
   @test.authorize_consumption
 end
 
-Then(/^I receive credentials that only allow consumption of the configuration$/) do
+Then(/^I receive credentials that allow consumption of the configuration$/) do
   expect(@test.credentials_allow_consumption?).to eq true
   expect(@test.credentials_allow_publication?).to eq false
 end
+
+Then(/^I receive credentials that allow consumption of the referenced configurations$/) do
+  expect(@test.credentials_allow_reference_consumption?).to eq true
+  expect(@test.credentials_allow_reference_publication?).to eq false
+end
+

data/features/step_definitions/consuming_steps.rb

@@ -10,6 +10,10 @@ Then(/^the specified configuration should be returned$/) do
   expect(@test.configuration_found_for_identifier?).to eq true
 end
 
+Then(/^the references should be replaced with the referenced configuration data$/) do
+  expect(@test.references_replaced_with_configuration_data?).to eq true
+end
+
 Given(/^no meta data filter$/) do
 end
 

data/lib/configuration_service.rb

@@ -1,6 +1,7 @@
 require "configuration_service/admin_client"
 require "configuration_service/base"
 require "configuration_service/configuration"
+require "configuration_service/decorator/reference_resolver"
 require "configuration_service/errors"
 require "configuration_service/factory"
 require "configuration_service/provider_registry"

data/lib/configuration_service/admin_client.rb

@@ -1,6 +1,14 @@
 require "configuration_service/client"
 
 module ConfigurationService
+
+  ##
+  # The multi-identifier administrative configuration service API
+  #
+  # See {file:README.rdoc} for a summary of the service, including links to user stories.
+  #
+  # It is recommended that consumers use a {ConfigurationService::Factory} to create and configure the service.
+  #
   class AdminClient
 
     ##

data/lib/configuration_service/client.rb

@@ -1,6 +1,14 @@
 require "configuration_service/utils"
 
 module ConfigurationService
+
+  ##
+  # The configuration service API
+  #
+  # See {file:README.rdoc} for a summary of the service, including links to user stories.
+  #
+  # It is recommended that consumers use a {ConfigurationService::Factory} to create and configure the service.
+  #
   class Client
 
     ##

data/lib/configuration_service/decorator/reference_resolver.rb

@@ -0,0 +1,155 @@
+require 'configuration_service/configuration'
+require 'configuration_service/decorator_registry'
+require 'delegate'
+
+module ConfigurationService
+
+  ##
+  # The configuration service supports decoration of the provider to extend functionality.
+  #
+  # Decorators are classes that take a service provider (or another decorator) as their only constructor argument,
+  # and provide the same methods as a provider.
+  #
+  # This allows the service provider to be composed into a chain of multiple decorators to extend the functionality
+  # of the service.
+  #
+  module Decorator
+
+    ##
+    # Resolves configuration identifier references in configuration data
+    #
+    # This configuration service provider decorator affects the #request_configuration and #authorize_consumption provider methods
+    # to support configuration identifier references in configuration data.
+    #
+    # Configuration identifier references are strings of the form
+    #
+    #   %{ configuration_idenfier }
+    #
+    # The referenced configuration identifier must exist when #request_configuration or #authorize_consumption encounter it.
+    #
+    # @example reference resolution
+    #
+    #   # Published configuration identifiers:
+    #   #
+    #   #   acme:
+    #   #   ---
+    #   #   credentials:
+    #   #     username: acme_user
+    #   #     password: secret123
+    #   #   auditing: %{ shared_auditing }
+    #   #
+    #   #   shared_auditing:
+    #   #   ---
+    #   #   log_level: info
+    #   #   log_destination: syslog4http
+    #   #   log_format: unstructured
+    #   #   log_username: acme_user
+    #   #   log_password: acme123
+    #
+    #   context = ConfigurationService::FactoryContext.new(
+    #     identifier: "acme",
+    #     token: ENV["CFGSRV_TOKEN"],
+    #     decorators: "reference_resolver",
+    #     #...
+    #   )
+    #   client = ConfigurationService::Factory.create_client(context)
+    #   config = client.request_configuration
+    #   config["auditing"]
+    #
+    #   # =>
+    #   # {
+    #   #   "credentials" => {
+    #   #     "username" => "acme_user",
+    #   #     "password" => "secret123"
+    #   #   },
+    #   #   "auditing" => {
+    #   #     "log_level" => "info",
+    #   #     "log_destination" => "syslog4http",
+    #   #     # ...
+    #   #   }
+    #   # }
+    #
+    class ReferenceResolver < SimpleDelegator
+
+      ##
+      # The regular expression used to match configuration identifier references
+      #
+      PATTERN = /%{\s*([^\s]+)\s*}/
+
+      ##
+      # Creates a new reference resolver decorator
+      #
+      # @param [Object] provider
+      #   a configuration service provider or configuration service decorator
+      #
+      def initialize(provider)
+        @provider = provider
+        super
+      end
+
+      ##
+      # Resolve configuration identifier references in configuration data
+      #
+      # The String values of configuration data returned by the provider are searched for configuration identifier references.
+      #
+      # Each reference is replaced with the configuration data identified by the referenced identifier. References are
+      # detected at any depth of a nested configuration dictionary, but reference resolving is not recursive.
+      #
+      # @see ConfigurationService::Client#request_configuration
+      #
+      def request_configuration(identifier, credentials)
+        configuration = @provider.request_configuration(identifier, credentials)
+        resolved_configuration_data = resolve_configuration_data(configuration.data, credentials)
+        ConfigurationService::Configuration.new(configuration.identifier, resolved_configuration_data, configuration.metadata)
+      end
+
+      ##
+      # Authorize consumption of consumption of configuration including referenced identifiers
+      #
+      # The String values of the configuration data identified by +identifier+ are searched for configuration identifier references.
+      #
+      # The returned credentials provide access not only to the given +identifier+ but also to all identifiers for which references
+      # were found in the search of the data.
+      #
+      # @see ConfigurationService::Client#authorize_configuration
+      #
+      def authorize_consumption(identifier, credentials)
+        configuration = @provider.request_configuration(identifier, credentials)
+        identifiers = ReferenceResolver.find_configuration_identifiers(configuration.data)
+        identifiers.unshift(identifier)
+        @provider.authorize_consumption(identifiers, credentials) 
+      end
+
+      private
+
+      ##
+      # @param [Hash] configuration_data
+      #   the data dictionary whose String values to search for configuration identifier references
+      # @return [Array] list of referenced configuration identifiers found
+      ##
+      def self.find_configuration_identifiers(configuration_data)
+        configuration_data.values.select { |value|
+          value.is_a? String
+        }.map { |value| 
+          match = value.match(PATTERN)
+          match[1] if not match.nil?
+        }.compact
+      end	
+
+      def resolve_configuration_data(configuration_data, credentials)
+        configuration_data.each { |key, value|
+          next if not value.is_a? String
+          match = value.match(PATTERN)
+          if not match.nil?
+            configuration_data[key] = @provider.request_configuration(match[1], credentials).data
+          end
+        }
+      end
+
+    end
+
+  end
+
+end
+
+ConfigurationService::DecoratorRegistry.instance.register("reference_resolver", ConfigurationService::Decorator::ReferenceResolver)

data/lib/configuration_service/decorator_registry.rb

@@ -0,0 +1,55 @@
+require 'singleton'
+
+module ConfigurationService
+
+  unless defined?(DecoratorRegistry)
+
+    ##
+    # A singleton registry of configuration service decorators
+    #
+    # @!method self.instance
+    #   The singleton registry instance
+    #
+    #   @return [ConfigurationService::DecoratorRegistry] singleton instance
+    #
+    class DecoratorRegistry
+
+      include Singleton
+
+      ##
+      # Register a configuration service decorator
+      #
+      # @param [String] identifier
+      #   unique identifier for the configuration service decorator
+      # @param [Class] decorator 
+      #   the configuration service decorator class
+      #
+      def register(identifier, decorator)
+        @decorators[identifier] = decorator 
+      end
+
+      ##
+      # Look up a configuration service decorator 
+      #
+      # @param [String] identifier
+      #   the unique identifier for the configuration service decorator.
+      #   The decorator must already have been registered with {#register}.
+      #
+      # @return [Class] the configuration service decorator class
+      # @return [nil] if no decorator has been registered with the given +identifier+
+      #
+      def lookup(identifier)
+        raise ConfigurationService::DecoratorNotFoundError, "Decorator not found in registry" if not @decorators.key?(identifier)
+        @decorators[identifier]
+      end
+
+      # @private
+      def initialize
+        @decorators = {}
+      end
+
+    end
+
+  end
+
+end

data/lib/configuration_service/errors.rb

@@ -25,4 +25,10 @@ module ConfigurationService
   class ConfigurationNotFoundError < Error
   end
 
+  ##
+  # Bootstrapped with decorator, but decorator not found
+  ##
+  class DecoratorNotFoundError < Error
+  end
+
 end

data/lib/configuration_service/factory.rb

@@ -1,6 +1,8 @@
 require "configuration_service/factory/context"
 require "configuration_service/factory/environment_context"
 require "configuration_service/factory/yaml_file_context"
+require "configuration_service/decorator_registry"
+require "configuration_service/errors"
 
 module ConfigurationService
 
@@ -65,7 +67,8 @@ module ConfigurationService
     #
     def self.create_client(context = EnvironmentContext.new)
       context = Context.new(context) if context.is_a?(Hash)
-      provider = create_provider(context)
+      decorators = get_decorators(context.decorators)
+      provider = decorators.any? ? decorate(decorators << create_provider(context)) : create_provider(context)
       identifier = context.identifier? ? context.identifier : nil
       ConfigurationService::Client.new(credentials: context.token, provider: provider, identifier: identifier)
     ensure
@@ -82,6 +85,18 @@ module ConfigurationService
 
     private
 
+    def self.get_decorators(decorators)
+      [decorators].flatten.map { |decorator|
+        ConfigurationService::DecoratorRegistry.instance.lookup(decorator)
+      }
+    end
+
+    def self.decorate(chain)
+      chain.reverse.inject do |acc, decorator|
+        decorator.new(acc)
+      end
+    end
+
     def self.create_provider(context)
       provider_id = context.provider_id
       provider_config = context.provider_config

data/lib/configuration_service/factory/context.rb

@@ -30,6 +30,8 @@ module ConfigurationService
       #                   (see {ConfigurationService::ProviderRegistry})
       # [provider_config] configuration options for the service provider
       #                   (see service provider documentation)
+      # [decorators]      list of decorators to compose into the service
+      #                   (see {ConfigurationService::Decorator} and #{ConfigurationService::DecoratorRegistry})
       #
       def initialize(source)
         @env = SymbolicAccessWrapper.new(source)
@@ -75,6 +77,16 @@ module ConfigurationService
         @env[:provider_config]
       end
 
+      ##
+      # List of unique identities of decorators to compose into the service
+      #
+      # @see ConfigurationService::Decorator
+      # @see ConfigurationService::DecoratorRegistry
+      #
+      def decorators
+        @env.include?(:decorators) ? @env[:decorators] : []
+      end
+
       ##
       # Deletes the internal copy of the +source+
       #

data/lib/configuration_service/factory/context/symbolic_access_wrapper.rb

@@ -8,10 +8,11 @@ module ConfigurationService
 
         def initialize(hash)
           hash.each do |k, v|
-            if v.is_a?(Hash)
-              self.store(k.intern, self.class.new(v))
-            else
-              self.store(k.intern, v)
+            case v
+              when Hash
+                self.store(k.intern, self.class.new(v))
+              else
+                self.store(k.intern, v)
             end
           end
           self.default_proc = indifferent_access_default_proc
@@ -19,21 +20,22 @@ module ConfigurationService
 
         private
 
-          def indifferent_access_default_proc
-            proc do |_, key|
-              try_string(key) or raise_key_error(key)
-            end
+        def indifferent_access_default_proc
+          proc do |_, key|
+            try_string(key) or raise_key_error(key)
           end
+        end
 
-          def try_string(k)
-            if (skey = k.intern rescue false) and self.include?(skey)
-              self.fetch(skey)
-            end
+        def try_string(k)
+          if (skey = k.intern rescue false) and self.include?(skey)
+            self.fetch(skey)
           end
+        end
 
-          def raise_key_error(k)
-            raise KeyError, "missing key #{k}"
-          end
+        def raise_key_error(k)
+          raise ConfigurationService::AuthorizationError, "missing key #{k}" if k === :token
+          raise KeyError, "missing key #{k}"
+        end
 
       end
 

data/lib/configuration_service/factory/environment_context.rb

@@ -46,6 +46,8 @@ module ConfigurationService
       #              (see {ConfigurationService::ProviderRegistry})
       # [PROVIDER_*] configuration options for the service provider
       #              (see service provider documentation)
+      # [DECORATORS] list of decorators to compose into the service
+      #              (see {ConfigurationService::Decorator} and #{ConfigurationService::DecoratorRegistry})
       #
       # If sources are not specified, the process +ENV+ and (on JRuby) system properties are used.
       # Where a system property and environment variable of the same name exist,
@@ -61,11 +63,15 @@ module ConfigurationService
         {
           to_envvar("IDENTIFIER") => :identifier,
           to_envvar("TOKEN") => :token,
-          to_envvar("PROVIDER") => :provider_id
-        }.each do |envvar, key|
+          to_envvar("PROVIDER") => :provider_id,
+          to_envvar("DECORATORS") => :decorators
+        }.select { |envvar, key|
+          merged_sources.include?(envvar)
+        }.each { |envvar, key|
           env[key] = merged_sources[envvar]
           @scrub_keys << envvar
-        end
+        }
+        env[:decorators] = env[:decorators].split(/[,\s]+/) if env.include?(:decorators)
         config_prefix = to_envvar("PROVIDER_")
         env[:provider_config] = merged_sources
           .select { |envvar| envvar.start_with?(config_prefix) && @scrub_keys << envvar }

data/lib/configuration_service/provider/broken.rb

@@ -1,3 +1,5 @@
+require 'configuration_service'
+
 module ConfigurationService
 
   module Provider
@@ -9,6 +11,9 @@ module ConfigurationService
     #
     class Broken
 
+      def initialize(options = {})
+      end
+
       ##
       # @raise [ConfigurationService::Error] always
       #
@@ -28,3 +33,5 @@ module ConfigurationService
   end
 
 end
+
+ConfigurationService::ProviderRegistry.instance.register("broken", ConfigurationService::Provider::Broken)

data/lib/configuration_service/provider/stub.rb

@@ -75,7 +75,7 @@ module ConfigurationService
       #
       def publish_configuration(configuration, credentials)
         authorize_request(:publisher, credentials) 
-        @configurations.store(configuration.identifier, configuration.data, configuration.metadata)
+        @configurations.store(configuration.identifier, configuration.data.dup, configuration.metadata)
         configuration
       end
 

data/lib/configuration_service/test/orchestration_provider.rb

@@ -1,5 +1,6 @@
 require 'cucumber/errors'
 require 'configuration_service'
+require 'configuration_service/decorator/reference_resolver'
 
 module ConfigurationService
 
@@ -38,7 +39,8 @@ module ConfigurationService
       # The provider is always initialized with the same configuration +identifier+
       #
       def initialize
-        @identifier = "acme"
+        @identifier = 'acme'
+        @configuration = { "verbose" => true }
       end
 
       ##
@@ -107,15 +109,15 @@ module ConfigurationService
       #
       # @return [String] a credentials
       #
-      def credentials_for(role)
+      def credentials_for(role, identifier = @identifier)
         raise NotImplementedError, "#{self.class} must implement credentials_for(role)"
       end
 
       ##
       # @see ConfigurationService::Test::Orchestrator#authorize
       #
-      def authorize(role)
-        @credentials = credentials_for(role)
+      def authorize(role, identifier = @identifier)
+        @credentials = credentials_for(role, identifier)
       end
 
       ##
@@ -136,11 +138,33 @@ module ConfigurationService
       # @see ConfigurationService::Test::Orchestrator#given_existing_configuration
       #
       def given_existing_configuration
-        authorized_as(:publisher) do
-          @existing_configuration = publish_configuration
+        authorized_as(:publisher, @identifier) do
+          @existing_configuration = publish_configuration(@identifier, @configuration)
         end
       end
 
+      def given_existing_configuration_containing_references
+        @references = ["ref1", "ref2", "ref3"]
+        @unresolved_configuration_data = @references.each_with_object({}) do |reference, configuration_data| 
+          configuration_data[reference] = "%{#{reference}}"
+        end
+        authorized_as(:publisher, @identifier) do
+          @existing_configuration = publish_configuration(@identifier, @unresolved_configuration_data)
+        end
+      end
+
+      def given_referenced_configuration_exists
+          @references.each { |ref|
+            identifier = ref
+            configuration = { 
+              "#{ref}key" => "#{ref}value"
+            }
+            authorized_as(:publisher, identifier) do
+              publish_configuration(identifier, configuration)
+            end
+          }
+      end
+
       ##
       # @see ConfigurationService::Test::Orchestrator#given_invalid_configuration
       #
@@ -152,7 +176,7 @@ module ConfigurationService
       # @see ConfigurationService::Test::Orchestrator#given_missing_configuration
       #
       def given_missing_configuration
-        authorized_as(:publisher) do
+        authorized_as(:publisher, @identifier) do
           delete_configuration
           @existing_configuration = nil
         end
@@ -177,9 +201,9 @@ module ConfigurationService
       #
       # @see ConfigurationService::Client#request_configuration
       #
-      def request_configuration
+      def request_configuration(identifier = @identifier)
         wrap_response do
-          @requested_configuration = service.request_configuration(identifier: @identifier)
+          @requested_configuration = service.request_configuration(identifier: identifier)
         end
       end
 
@@ -200,6 +224,24 @@ module ConfigurationService
         publish_configuration
       end
 
+      ##
+      # @return [Array] of responses
+      ##
+      def credentials_allow_reference_consumption?
+        @references.map { |ref| 
+          request_configuration(ref)
+        }
+      end
+      
+      ##
+      # @return [Array] of responses
+      ##
+      def credentials_allow_reference_publication?
+        @references.map { |ref| 
+          publish_configuration(ref)
+        }
+      end
+
       ##
       # Publish configuration
       #
@@ -212,12 +254,12 @@ module ConfigurationService
       #
       # @see ConfigurationService::Client#publish_configuration
       #
-      def publish_configuration
+      def publish_configuration(identifier = @identifier, configuration = @configuration)
         wrap_response do
           if @metadata
-            service.publish_configuration(identifier: @identifier, data: configuration, metadata: @metadata)
+            service.publish_configuration(identifier: identifier, data: configuration, metadata: @metadata)
           else
-            service.publish_configuration(identifier: @identifier, data: configuration)
+            service.publish_configuration(identifier: identifier, data: configuration)
           end
         end
       end
@@ -233,6 +275,20 @@ module ConfigurationService
         @requested_configuration.identifier == @identifier
       end
 
+      def references_replaced_with_configuration_data?
+        requested_configuration = @requested_configuration.data
+        resolved_configuration = {}
+        @unresolved_configuration_data.each { |key, value|
+          next if not value.is_a? String
+          match = value.match(ConfigurationService::Decorator::ReferenceResolver::PATTERN)
+          if not match.nil?
+            identifier = match[1]
+            resolved_configuration[key] = service.request_configuration(identifier: identifier).data
+          end
+        }
+        return requested_configuration === resolved_configuration
+      end
+
       ##
       # Arrange for the next publish or request operation to fail
       #
@@ -259,25 +315,25 @@ module ConfigurationService
 
       private
 
-      def configuration
-        @configuration ||= {"verbose" => true}
-      end
-
       def service
-
-        provider = service_provider
+        context = {
+          "token" => @credentials,
+          "provider_id" => service_provider_id,
+          "provider_config" => service_provider_configuration,
+        }
 
         if @fail_next
           @fail_next = false
-          provider = broken_service_provider
+          context["provider_id"] = 'broken'
         end
-    
-        ConfigurationService::Client.new(credentials: @credentials, provider: provider)
+
+        context["decorators"] = ['reference_resolver'] if @references
+        ConfigurationService::Factory.create_client(context)
       end
 
-      def authorized_as(role)
+      def authorized_as(role, identifier)
         restore_credentials = @credentials
-        authorize(role)
+        authorize(role, identifier)
         yield.tap do
           @credentials = restore_credentials
         end

data/lib/configuration_service/test/orchestrator.rb

@@ -51,6 +51,14 @@ module ConfigurationService
         @provider.given_existing_configuration
       end
 
+      def given_existing_configuration_containing_references
+        @provider.given_existing_configuration_containing_references
+      end
+
+      def given_referenced_configuration_exists
+        @provider.given_referenced_configuration_exists
+      end
+
       ##
       # Use invalid configuration data in the next publishing operation
       #
@@ -141,6 +149,16 @@ module ConfigurationService
         request_allowed?
       end
 
+      def credentials_allow_reference_consumption?
+        @responses = @provider.credentials_allow_reference_consumption?
+        requests_allowed?
+      end
+
+      def credentials_allow_reference_publication?
+        @responses = @provider.credentials_allow_reference_publication?
+        requests_allowed?
+      end
+
       ##
       # Configuration for the requested identifier was found
       #
@@ -150,6 +168,10 @@ module ConfigurationService
         @provider.configuration_found_for_identifier?
       end
 
+      def references_replaced_with_configuration_data?
+        @provider.references_replaced_with_configuration_data?
+      end
+
       ##
       # Whether the last publish or request was allowed
       #
@@ -160,6 +182,12 @@ module ConfigurationService
         @response.allowed?
       end
 
+      def requests_allowed?
+        @responses.all? { |response| 
+          response.allowed?
+        }
+      end
+
       ##
       # Whether the last publish or request was allowed but failed
       #

data/lib/configuration_service/test/stub_orchestration_provider.rb

@@ -57,7 +57,7 @@ module ConfigurationService
       #
       # @see ConfigurationService::Test::OrchestrationProvider#credentials_for
       #
-      def credentials_for(role)
+      def credentials_for(role, identifier)
         ConfigurationService::Provider::Stub::BUILTIN_TOKENS[role]
       end
 

data/lib/configuration_service/version.rb

@@ -1,5 +1,5 @@
 module ConfigurationService
 
-  VERSION = "4.0.1"
+  VERSION = "4.1.0"
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: configuration_service
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.1.0
 platform: ruby
 authors:
 - Sheldon Hearn
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-09-08 00:00:00.000000000 Z
+date: 2016-09-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -113,6 +113,8 @@ files:
 - lib/configuration_service/base.rb
 - lib/configuration_service/client.rb
 - lib/configuration_service/configuration.rb
+- lib/configuration_service/decorator/reference_resolver.rb
+- lib/configuration_service/decorator_registry.rb
 - lib/configuration_service/errors.rb
 - lib/configuration_service/factory.rb
 - lib/configuration_service/factory/context.rb