diode 1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b084a1183fbd2e06a1c0f4dec2907c3f815548747c84e92a96a7dfcf55b9b226
+  data.tar.gz: 67f3cb1edc3f30fb787bf1f4821c4927d6af9f2a69f49f24cf789e8124bf6b21
+SHA512:
+  metadata.gz: c26da0160afddfbf021741d2897a935a2ce72e852ad64193325d33c5c7c136f6dc04881738dbe26c84d2808a8b4e9794638dfa24cf5b0c98a8a68372bacec5db
+  data.tar.gz: a80bebc9303af4eca74a1c19a2668bb7d4ff2e70db3098c332f536302ce2881b838d29e64d2578e3edfa43774f3f50f6db69507a14f484a9a7db84b06a6e8353

data/lib/diode/request.rb

@@ -0,0 +1,226 @@
+require 'uri'
+
+module Diode
+
+class RequestError < StandardError
+	attr_accessor(:code)
+	def initialize(code, message="")
+		@code = code
+		super(message)
+	end
+	def ==(e)	# define equality for convenient testing
+		message == e.message
+	end
+end
+
+class SecurityError < StandardError
+end
+
+class Request
+
+	def self.mock(url)
+		u = URI(url)
+		msg = "GET #{u.path}#{u.query.nil? ? "" : "?"+u.query} HTTP/1.1\r\nHost: #{u.host}\r\nUser-Agent: MockDiode/1.0\r\n\r\n"
+		new(msg)
+	end
+
+	attr_accessor(:method, :version, :url, :path, :params, :headers, :cookies, :body, :fields, :env, :filters, :remote, :pattern)
+
+	def initialize(msg)
+		reqline, sep, msg = msg.partition("\r\n")
+		raise(Diode::RequestError.new(400)) if reqline.to_s.empty?
+		raise(Diode::RequestError.new(405)) unless reqline.start_with?("GET ") or reqline.start_with?("POST ")
+		raise(Diode::RequestError.new(400)) unless reqline.end_with?(" HTTP/1.0") or reqline.end_with?(" HTTP/1.1")
+		@method = reqline.start_with?("GET ") ? "GET" : "POST"
+		@version = reqline[-3..-1]
+		@url = reqline[(@method.size+1)..-10]
+		@path, _sep, @query = @url.partition("?")
+		@params = {}
+		@fields = {}
+		unless @query.nil?
+			@query.split("&").each{|pair|
+				name, value = pair.split("=")
+				next if name.to_s.empty?
+				@params[name] = url_decode(value)
+			}
+		end
+		return if msg.nil?
+		@headers = {}
+		begin
+			headerline, sep, msg = msg.partition("\r\n")
+			while not headerline.strip.empty?
+				key, value = headerline.strip.split(': ')
+				@headers[key] = value
+				headerline, sep, msg = msg.partition("\r\n")
+			end
+		rescue EOFError
+			# tolerate missing \r\n at end of request
+		end
+		@cookies = {}
+		if @headers.key?("Cookie")
+			@headers["Cookie"].split('; ').each { |c|
+				k, eq, v = c.partition("=")
+				@cookies[k] = v
+			}
+		end
+		@body = msg
+		@fields = {}  # to store fields from JSON or XML body
+		@env = {}     # application settings, added by Diode::Server
+		@filters = [] # list of filters, set by Diode::Server
+		@remote = nil # AddrInfo set by Diode::Server - useful for logging the source IP
+		@pattern = %r{^/} # set by Diode::Server - used by Diode::Static
+	end
+
+	# convenience method for extra info
+	def [](k)
+		@env[k]
+	end
+
+	# convenience method to store extra info on a request
+	def []=(k,v)
+		@env[k] = v
+	end
+
+	def url_decode(s)
+		s.to_s.b.tr('+', ' ').gsub(/\%([A-Za-z0-9]{2})/) {[$1].pack("H2")}.force_encoding(Encoding::UTF_8)
+	end
+
+	# Extract fields by reading xml body in a strict format: any single root element, zero or more direct children only,
+	# attributes are ignored. A hash is assembled using tagname of child as key and text of child as value.
+	# the root may have an "id" attribute which will be treated like a field (named "id")
+	# Anything else is ignored.
+	# For example:
+	#    <anything id="13"><firstname>john</firstname><age>25</age></anything>
+	# becomes:
+	#   Hash { "id" => 13, "firstname" => "john", "age" => 25 }
+	def hash_xml(xml=nil)
+		xml ||= @body.dup()
+		pos = xml.index("<")  # find root open tag
+		raise(Diode::RequestError.new(400, "invalid xml has no open tag")) if pos.nil?
+		xml.slice!(0,pos+1) # discard anything before opening tag name
+		pos = xml.index(">")
+		rootelement = xml.slice!(0, pos) # we might have "root" or 'root recordid="12345"'
+		xml.slice!(0,1) # remove the closing bracket of root element
+		pos = rootelement.index(" ")
+		if pos.nil?
+			roottag = rootelement
+		else
+			roottag = rootelement.slice(0,pos)
+			rest = /id="([^"]+)"/.match(rootelement[pos..-1])
+			@fields["id"] = rest[1] unless rest.nil? or rest.size < 2
+		end
+		raise(Diode::RequestError.new(400, "invalid root open tag")) if roottag.nil? or /\A[a-z][a-z0-9]+\z/.match(roottag).nil?
+		ending = xml.slice!(/\<\/#{roottag}\>.*$/m)
+		raise(Diode::RequestError.new(400, "invalid root close tag")) if ending.nil? # discard everything after close
+		# now we have a list of items like: \t<tagname>value</tagname>\n or maybe <tagname />
+		until xml.empty?
+			# find a field tagname
+			pos = xml.index("<")
+			break if pos.nil?
+			xml.slice!(0,pos+1) # discard anything before opening tag name
+			pos = xml.index(">")
+			raise(Diode::RequestError.new(400, "invalid field open tag")) if pos.nil?
+			if pos >= 2 and xml[pos-1] == "/"  # we have a self-closed tag eg. <first updated="true"/>
+				tagelement = xml.slice!(0, pos+1)[0..-3] # tagname plus maybe attributes
+				pos = tagelement.index(" ")
+				tagname = (pos.nil?) ? tagelement : tagelement.slice(0,pos) # ignore attributes on fields
+				raise(Diode::RequestError.new(400, "invalid field open tag")) if tagname.nil? or /\A[a-z][a-z0-9]+\z/.match(tagname).nil?
+				@fields[tagname] = ""
+			else # eg. <first updated="true" >some value </first>\n
+				tagelement = xml.slice!(0, pos)
+				pos = tagelement.index(" ")
+				tagname = (pos.nil?) ? tagelement : tagelement.slice(0,pos) # ignore attributes on fields
+				raise(Diode::RequestError.new(400, "invalid field open tag")) if tagname.nil? or /\A[a-z][a-z0-9]+\z/.match(tagname).nil?
+				raise(Diode::RequestError.new(400, "duplicate field is not permitted")) if @fields.key?(tagname)
+				xml.slice!(0,1) # remove closing bracket
+				pos = xml.index("</#{tagname}>") # demand strict syntax for closing tag
+				raise(Diode::RequestError.new(400, "no closing tag")) if pos.nil?
+				raise(Diode::RequestError.new(400, "field value too long")) unless pos < 2048 # no field values 2048 bytes or larger
+				value = xml.slice!(0,pos)
+				@fields[tagname] = value
+				xml.slice!(0, "</#{tagname}>".size)
+			end
+		end
+	end
+
+	# Break up a dataset into an array of records (chunks of xml that can be passed to hash_xml).
+	# We insist on dataset/record names for tags.
+	def dataset_records()
+		xml=@body.dup()
+		pos = xml.index("<dataset")  # find root open tag
+		raise(Diode::RequestError.new(400, "invalid xml has no root tag")) if pos.nil?
+		xml.slice!(0,pos+8) # discard anything before opening tag name
+		return([]) if xml.strip.start_with?("/>")
+		pos = xml.index("total=")
+		xml.slice!(0,pos+7)  # remove up to number of records
+		count = xml[/\d+/].to_i()
+		return([]) if count.zero?
+		xml.slice!(0, xml.index(">")+1) # remove rest of dataset open tag
+		records = xml.split("</record>")
+		records.pop() # remove the dataset close tag
+		raise(Diode::RequestError.new(400, "records do not match total")) unless records.size == count
+		records.collect!{ |r| r+"</record>" }
+		records
+	end
+
+	# throws a SecurityError if there are any additional parameters found not in the list
+	def no_extra_parameters(*list)
+		kill = @params.keys()
+		list.each { |param| kill.delete(param) }
+		raise(Diode::SecurityError, "extra parameters #{kill}") unless kill.empty?
+	end
+
+	# throws a SecurityError if there are any additional fields found not in the list
+	def no_extra_fields(*list)
+		kill = @fields.keys()
+		list.each { |k| kill.delete(k) }
+		raise(Diode::SecurityError, "extra fields #{kill}") unless kill.empty?
+	end
+
+	def multipart_boundary()
+		spec = "multipart/form-data; boundary="
+		contentType = @headers["Content-Type"]
+		if contentType.start_with?(spec)
+			return(contentType.chomp.sub(spec, "").force_encoding("utf-8"))
+		else
+			return ""
+		end
+	end
+
+	# parses a multipart/form-data POST body, using the given boundary separator
+	def hash_multipartform(body, boundary)
+		# cannot use split on possibly invalid UTF-8, but we can use partition()
+		preamble, _, rest = body.partition("--"+boundary)
+		raise("preamble before boundary preamble="+preamble.inspect()) unless preamble.empty?
+		raise("no multipart ending found, expected --\\r\\n at end") unless rest.end_with?(boundary+"--\r\n")
+		until rest == "--\r\n"
+			part, _, rest = rest.partition("--"+boundary)
+			spec, _, value = part.chomp.partition("\r\n\r\n")
+			spec =~ /; name="([^"]+)"/m
+			name = $1
+			spec =~ /; filename="([^"]+)"/m
+			filename = $1
+			spec =~ /Content-Type: ([^"]+)/m
+			mimetype = $1
+			if mimetype.nil?
+				@fields[name] = value.force_encoding("UTF-8")
+			else
+				@fields[name] = {"filename" => filename, "mimetype" => mimetype, "contents" => value}
+			end
+		end
+		@fields
+	end
+
+	# return the request as a raw HTTP string
+	def to_s()
+		@headers["Content-Length"] = @body.bytes.size() unless @body.empty?
+		msg = ["#{@method} #{@url} HTTP/1.1"]
+		@headers.keys.each { |k|
+			msg << "#{k}: #{@headers[k]}"
+		}
+		msg.join("\r\n") + "\r\n\r\n" + @body
+	end
+
+end
+end
+

data/lib/diode/response.rb

@@ -0,0 +1,52 @@
+require 'time'
+
+module Diode
+
+class Response
+
+	STATUS = {
+		200 => "OK",
+		400 => "Bad Request",
+		403 => "Forbidden",
+		404 => "Not Found",
+		405 => "Method Not Allowed"
+	}
+
+	DEFAULT_HEADERS = {
+		"Content-Type" => "application/json",
+		"Date" => Time.now.rfc2822(),
+		"Cache-Control" => "no-store",
+		"Server" => "Diode/1.0",
+		"Connection" => "Keep-Alive"
+	}
+
+	# returns the html for a few status codes
+	def self.standard(code)
+		raise("code #{code} is not supported") unless STATUS.key?(code)
+		message = STATUS[code]
+		body = "<html><head><title>#{message}</title></head><body><h1>#{code} - #{message}</h1></body></html>\n"
+		h = DEFAULT_HEADERS.merge({"Content-Type" => "text/html"})
+		new(code, body, h)
+	end
+
+	attr_accessor(:code, :body, :headers)
+
+	def initialize(code, body="", headers={})
+		@code = code.to_i()
+		@body = body
+		@headers = DEFAULT_HEADERS.merge(headers)
+	end
+
+	# return the response as a raw HTTP string
+	def to_s()
+		@headers["Content-Length"] = @body.bytes.size() unless @body.empty?
+		msg = ["HTTP/1.1 #{@code} #{STATUS[@code]}"]
+		@headers.keys.each { |k|
+			msg << "#{k}: #{@headers[k]}"
+		}
+		msg.join("\r\n") + "\r\n\r\n" + @body
+	end
+
+end
+end
+

data/lib/diode/server.rb

@@ -0,0 +1,112 @@
+require 'async/io'
+require 'time'
+require 'json'
+require 'diode/request'
+require 'diode/response'
+
+module Diode
+
+class Server
+
+	attr_accessor(:env, :filters)
+
+	def initialize(port, routing=[], env={})
+		@port = port.to_i()
+		@routing = routing
+		@env = env
+		@endpoint = Async::IO::Endpoint.tcp("127.0.0.1", @port)
+		@filters = [self] # list of filters that requests pass through before dispatch to a servlet
+	end
+
+	def start()
+		validate_routing()
+		Async do |server|
+			Signal.trap("INT") {
+				server.stop()
+			}
+			@endpoint.accept do |client|
+				rawRequest = read_request(client)
+				begin
+					request = Diode::Request.new(rawRequest)
+					request.remote = client.io.remote_address # decorate with request source address
+					request.env = @env.dup() # copy environment into request
+					request.filters = @filters.dup
+					response = (request.filters.shift).serve(request)
+				rescue Diode::SecurityError, Diode::RequestError => e
+					response = Diode::Response.standard(e.code)
+				end
+				complete(client, response)
+				client.close_write()
+			end
+		end
+	rescue
+	  # ignore errors such as bad file decriptor on shutdown
+	end
+
+	# check routing table is sane
+	def validate_routing()
+		newRouting = []
+		@routing.each { |pattern, klass, *args|
+			raise("invalid pattern='#{pattern}' in routing table") unless pattern.is_a?(Regexp)
+			begin
+				servletKlass = klass.split("::").inject(Object) { |o,c| o.const_get(c) }
+				newRouting << [pattern, servletKlass, args]
+			rescue NameError
+				raise("unrecognised class #{klass} found in routing table")
+			end
+		}
+		@routing = newRouting # optimised so we can instantiate the servlet quickly
+	end
+
+	def read_request(client)
+		message = client.recv(2048000)
+		unless message.empty?
+			unless message.index("Content-Length: ").nil?  # handle large messages such as file uploads
+				start = message.index("Content-Length: ")
+				stop = message.index("\r\n", start)
+				len = message[start..stop].chomp.sub("Content-Length: ","").to_i
+				bodyStart = message.index("\r\n\r\n") + 3 # up to end of 4 bytes
+				byteStart = message[0..bodyStart].bytes.size
+				remaining = len - (message.bytes.size - byteStart)  # we have already read some of the content
+				while remaining > 0
+					chunk = client.recv(2048000)
+					message = message + chunk
+					remaining = remaining - chunk.bytes.size
+				end
+			end
+		end
+		message
+	end
+
+	# handle a new request connection
+	def serve(request) # keep signature consistent with filters and servlets
+		pattern, klass, args = @routing.find{ |pattern, klass, args|
+			not pattern.match(request.path).nil?
+		}
+		raise(Diode::RequestError.new(404)) if klass.nil?
+		servlet = klass.new(*args)
+		request.pattern = pattern  # provide the mount pattern to the request, useful for Diode::Static
+		response = servlet.serve(request)
+	end
+
+	def complete(conn, response)	# send the response, make sure its all sent
+		begin
+			http = response.to_s
+			total = http.bytes.size()
+			sent = 0
+			while sent < total
+				msgsize = conn.send(http.byteslice(sent..-1), 0)
+				sent = sent + msgsize
+			end
+		rescue Errno::EPIPE # ignore, we're finished anyway
+		end
+	end
+
+	def url_encode(s)
+		s.b.gsub(/([^ a-zA-Z0-9_.-]+)/) { |m|
+			'%' + m.unpack('H2' * m.bytesize).join('%').upcase
+		}.tr(' ', '+').force_encoding(Encoding::UTF_8) # url-encoded message
+	end
+
+end
+end

data/lib/diode/static.rb

@@ -0,0 +1,59 @@
+require 'pathname'
+
+class Static
+
+  def initialize(docRoot=".")
+    @root = Pathname.new(Pathname.new(docRoot).cleanpath()).realpath()
+    raise("Cannot serve static files from path #{@root}") unless @root.directory? and @root.readable?
+  end
+
+  def serve(request)
+		return Diode::Response.new(405, "Method not allowed", {"Content-type" => "text/plain"}) unless request.method == "GET"
+		path = Pathname.new(request.path).cleanpath.sub(request.pattern, "")  # remove the leading portion matching the mount pattern
+		filepath = Pathname.new(File.expand_path(path, @root))
+		return Diode::Response.new(404, "<html><body>File not found</body></html>", {"Content-type" => "text/html"}) unless filepath.exist?
+		mimetype = @@mimetypes[filepath.extname[1..-1]] || "application/octet-stream"
+		return Diode::Response.new(200, IO.read(filepath.to_s).b, {"Content-Type"=>mimetype, "Cache-Control" => "no-cache"})
+  end
+
+	@@mimetypes = {
+		"avi"   => "video/x-msvideo",
+		"avif"  => "image/avif",
+		"css"   => "text/css",
+		"gif"   => "image/gif",
+		"htm"   => "text/html",
+		"html"  => "text/html",
+		"ico"   => "image/x-icon",
+		"jpeg"  => "image/jpeg",
+		"jpg"   => "image/jpeg",
+		"js"    => "application/javascript",
+		"json"  => "application/json",
+		"mov"   => "video/quicktime",
+		"mp4"   => "video/mp4",
+		"mpe"   => "video/mpeg",
+		"mpeg"  => "video/mpeg",
+		"mpg"   => "video/mpeg",
+		"otf"   => "font/otf",
+		"pdf"   => "application/pdf",
+		"png"   => "image/png",
+		"qt"    => "video/quicktime",
+		"rb"    => "text/plain",
+		"svg"   => "image/svg+xml",
+		"tif"   => "image/tiff",
+		"tiff"  => "image/tiff",
+		"ttc"   => "font/collection",
+		"ttf"   => "font/ttf",
+		"txt"   => "text/plain",
+		"webm"  => "video/webm",
+		"webp"  => "image/webp",
+		"woff"  => "font/woff",
+		"woff2" => "font/woff2",
+		"xhtml" => "text/html",
+		"xml"   => "text/xml",
+	}
+
+	def self.mimetypes
+		@@mimetypes
+	end
+
+end

metadata

@@ -0,0 +1,60 @@
+--- !ruby/object:Gem::Specification
+name: diode
+version: !ruby/object:Gem::Version
+  version: '1.0'
+platform: ruby
+authors:
+- Kjell Koda
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-07-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: async-io
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A simple hello world gem
+email: kjell@null4.net
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/diode/request.rb
+- lib/diode/response.rb
+- lib/diode/server.rb
+- lib/diode/static.rb
+homepage: https://github.com/kjellhex/diode
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.10
+signing_key:
+specification_version: 4
+summary: A fast, simple, pure-ruby application server.
+test_files: []