drillbit 0.0.1

data/lib/drillbit/errors/invalid_api_request.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+require 'erratum'
+
+module  Drillbit
+module  Errors
+class   InvalidApiRequest < RuntimeError
+  include Erratum::Error
+
+  attr_accessor :accept_header
+
+  def http_status
+    400
+  end
+
+  def title
+    'Invalid API Request'
+  end
+
+  def detail
+    'The accept header that you passed in the request cannot be parsed, ' \
+    'please refer to the documentation to verify.'
+  end
+
+  def source
+    { accept_header: accept_header }
+  end
+end
+end
+end

data/lib/drillbit/errors/invalid_subdomain.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+require 'erratum'
+
+module  Drillbit
+module  Errors
+class   InvalidSubdomain < RuntimeError
+  include Erratum::Error
+
+  attr_accessor :http_host
+
+  def http_status
+    404
+  end
+
+  def title
+    'Invalid Subdomain'
+  end
+
+  def detail
+    'The resource you attempted to access is either not authorized for the ' \
+    'authenticated user or does not exist.'
+  end
+
+  def source
+    { http_host: http_host }
+  end
+end
+end
+end

data/lib/drillbit/errors/invalid_token.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+require 'erratum'
+
+module  Drillbit
+module  Errors
+class   InvalidToken < RuntimeError
+  include Erratum::Error
+
+  def http_status
+    401
+  end
+
+  def title
+    'Invalid or Unauthorized Token'
+  end
+
+  def detail
+    'Either the token you passed is invalid or is not allowed to perform this action.'
+  end
+end
+end
+end

data/lib/drillbit/matchers/accept_header.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+require 'drillbit/matchers/generic'
+
+module  Drillbit
+module  Matchers
+class   AcceptHeader
+  include Generic
+
+  def matches?(request)
+    super
+
+    accept_header.valid?
+  end
+end
+end
+end

data/lib/drillbit/matchers/generic.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+require 'drillbit/requests/base'
+
+module  Drillbit
+module  Matchers
+module  Generic
+  attr_accessor :application,
+                :accept_header,
+                :request
+
+  def initialize(**args)
+    args.each do |variable, value|
+      __send__("#{variable}=", value)
+    end
+  end
+
+  def matches?(request)
+    self.request = Requests::Base.resolve(request)
+  end
+
+  def application
+    request.application_name
+  end
+
+  def accept_header
+    request.accept_header
+  end
+end
+end
+end

data/lib/drillbit/matchers/subdomain.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+module  Drillbit
+module  Matchers
+class   Subdomain
+  def initialize(allowed_subdomains:     Drillbit.configuration.allowed_subdomains,
+                 allowed_api_subdomains: Drillbit.configuration.allowed_api_subdomains)
+
+    self.allowed_subdomains     = Array(allowed_subdomains)
+    self.allowed_api_subdomains = Array(allowed_api_subdomains)
+  end
+
+  def matches?(request)
+    self.request = Requests::Base.resolve(request)
+
+    allowed_subdomains.include? request.subdomain
+  end
+
+  def matches_api_subdomain?(request)
+    self.request = Requests::Base.resolve(request)
+
+    allowed_api_subdomains.include? request.subdomain
+  end
+
+  protected
+
+  attr_accessor :allowed_subdomains,
+                :allowed_api_subdomains,
+                :request
+end
+end
+end

data/lib/drillbit/matchers/version.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+require 'drillbit/configuration'
+require 'drillbit/matchers/generic'
+
+module  Drillbit
+module  Matchers
+class   Version
+  include Generic
+
+  attr_accessor :version_constraint,
+                :default_version
+
+  def matches?(request)
+    super
+
+    requested_version == version_constraint
+  end
+
+  private
+
+  def requested_version
+    accept_header.version || default_version
+  end
+
+  def default_version
+    @default_version || Drillbit.configuration.default_api_version
+  end
+end
+end
+end

data/lib/drillbit/middleware/api_request.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+require 'drillbit/configuration'
+require 'drillbit/parameters'
+require 'drillbit/matchers/subdomain'
+require 'drillbit/matchers/accept_header'
+require 'drillbit/requests/base'
+require 'drillbit/responses/invalid_api_request'
+require 'drillbit/responses/invalid_subdomain'
+require 'drillbit/responses/invalid_token'
+
+module  Drillbit
+module  Middleware
+class   ApiRequest
+  JSON_API_MIME_TYPE_PATTERN = %r{application/vnd\.api\+json(?=\z|;)}
+
+  def initialize(app)
+    @app = app
+  end
+
+  # rubocop:disable Metrics/LineLength
+  # :reek:FeatureEnvy
+  def call(env)
+    env['HTTP_X_APPLICATION_NAME'] = Drillbit.configuration.application_name
+
+    request               = Requests::Base.resolve(env)
+    subdomain_matcher     = Matchers::Subdomain.new
+    accept_header_matcher = Matchers::AcceptHeader.new
+    token                 = request.authorization_token
+
+    return Responses::InvalidSubdomain.call(env)      unless subdomain_matcher.matches?(request)
+    return Responses::InvalidApiRequest.call(env)     unless !subdomain_matcher.matches_api_subdomain?(request) ||
+                                                             accept_header_matcher.matches?(request)
+    return Responses::InvalidToken.call(env,
+                                        application_name: request.application_name) \
+           unless token.valid?
+
+    env['X_DECRYPTED_JSON_WEB_TOKEN'] = token.to_h
+    env['QUERY_STRING']               = Parameters.process(env['QUERY_STRING'])
+    env['CONTENT_TYPE']               = env['CONTENT_TYPE'].
+                                        to_s.
+                                        gsub JSON_API_MIME_TYPE_PATTERN,
+                                             'application/json'
+
+    @app.call(env)
+  end
+  # rubocop:enable Metrics/LineLength
+end
+end
+end

data/lib/drillbit/parameters.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+module  Drillbit
+class   Parameters
+  attr_accessor :query_string
+
+  def initialize(query_string)
+    self.query_string = query_string
+  end
+
+  def self.process(query_string)
+    new(query_string).process
+  end
+
+  def process
+    return query_string unless query_string.respond_to? :gsub
+
+    query_string.gsub(/(?<=\A|&|\?)[^=&]+/) do |match|
+      match.tr('-', '_')
+    end
+  end
+end
+end

data/lib/drillbit/parameters/filter.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+module  Drillbit
+class   Parameters
+class   Filter
+  NUMERICAL       = /[\d_\.]+?/
+  NUMERICAL_RANGE = /\A(#{NUMERICAL})\.\.\.?(#{NUMERICAL}|Infinity)\z/
+
+  attr_accessor :raw_parameters
+
+  def initialize(raw_parameters)
+    self.raw_parameters = raw_parameters || {}
+  end
+
+  def present?
+    compacted_parameters.any?
+  end
+
+  def each_with_object(memoized)
+    compacted_parameters.each do |name, value|
+      memoized = yield name, format_value(value), memoized
+    end
+
+    memoized
+  end
+
+  private
+
+  def compacted_parameters
+    @compacted_parameters ||= raw_parameters.reject do |name, value|
+                                name == 'query' ||
+                                value == '' ||
+                                value.nil?
+    end
+  end
+
+  # rubocop:disable Lint/AssignmentInCondition
+  def format_value(value)
+    return value unless value.is_a?(String)
+
+    if range_points = value.match(NUMERICAL_RANGE)
+      exclusive      = value.include? '...'
+      starting_point = range_points[1].to_f
+      ending_point   = if range_points[2] == 'Infinity'
+                         9_999_999
+                       else
+                         range_points[2].to_f
+                       end
+
+      Range.new(starting_point, ending_point, exclusive)
+    else
+      value
+    end
+  end
+  # rubocop:enable Lint/AssignmentInCondition
+end
+end
+end

data/lib/drillbit/parameters/index.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+module  Drillbit
+class   Parameters
+class   Index
+  DEFAULT_QUERY = '*'
+
+  attr_accessor :raw_parameters
+
+  def initialize(raw_parameters)
+    self.raw_parameters = raw_parameters || {}
+  end
+
+  def present?
+    query
+  end
+
+  def query
+    compacted_parameters['query'] || compacted_parameters['q']
+  end
+
+  private
+
+  def compacted_parameters
+    @compacted_parameters ||= raw_parameters.reject do |_name, value|
+                                value == '' ||
+                                value.nil?
+    end
+  end
+end
+end
+end

data/lib/drillbit/parameters/page.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+module  Drillbit
+class   Parameters
+class   Page
+  PAGING_PARAMETERS     = %w{number size limit offset cursor}.freeze
+  DEFAULT_STARTING_PAGE = 1
+  DEFAULT_PAGE_SIZE     = 25
+
+  attr_accessor :raw_parameters
+
+  def initialize(raw_parameters)
+    self.raw_parameters = raw_parameters || {}
+  end
+
+  def present?
+    (raw_parameters.keys & PAGING_PARAMETERS).any?
+  end
+
+  def page_number
+    raw_parameters['number'] || DEFAULT_STARTING_PAGE
+  end
+
+  def per_page
+    raw_parameters['size'] || DEFAULT_PAGE_SIZE
+  end
+end
+end
+end

data/lib/drillbit/parameters/sort.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+module  Drillbit
+class   Parameters
+class   Sort
+  DESCENDING_PREFIX = '-'
+
+  attr_accessor :raw_parameters
+
+  def initialize(raw_parameters)
+    self.raw_parameters = raw_parameters ? raw_parameters.split(',') : []
+  end
+
+  def present?
+    raw_parameters.any?
+  end
+
+  def to_h
+    @to_h ||= Hash[to_a]
+  end
+
+  def to_a
+    @to_a ||= raw_parameters.map do |raw_parameter|
+      if raw_parameter.start_with?(DESCENDING_PREFIX)
+        [raw_parameter[1..-1], 'desc']
+      else
+        [raw_parameter, 'asc']
+      end
+    end
+  end
+end
+end
+end

data/lib/drillbit/requests/base.rb

@@ -0,0 +1,114 @@
+# frozen_string_literal: true
+require 'drillbit/tokens/json_web_tokens/invalid'
+require 'drillbit/tokens/json_web_token'
+
+module  Drillbit
+module  Requests
+class   Base
+  BASE64_PATTERN                = %r{[A-Za-z0-9_/\+\=\-\.]}
+  BASE64_TOKEN_PARAM_NAME       = 'token_b64'
+  JSON_WEB_TOKEN_PARAM_NAME     = 'token_jwt'
+  JSON_WEB_TOKEN_PATTERN        = /(#{BASE64_PATTERN}+?\.){4}#{BASE64_PATTERN}+?/
+  BASE64_TOKEN_HEADER_PATTERN   = /\A(?:Basic|Bearer)\s+(.*)\z/
+  JSON_WEB_TOKEN_HEADER_PATTERN = /\AToken\s+(.*)\z/
+
+  attr_accessor :token_private_key,
+                :request
+
+  def initialize(token_private_key: Drillbit.configuration.token_private_key,
+                 request:)
+
+    self.token_private_key = token_private_key
+    self.request           = request
+  end
+
+  def accept_header
+    if accept_header_from_header.valid? ||
+       accept_header_from_params.invalid?
+
+      accept_header_from_header
+    else
+      accept_header_from_params
+    end
+  end
+
+  def authorization_token
+    if (
+         !authorization_token_from_header.blank? &&
+         authorization_token_from_header.valid?
+    ) ||
+    (
+      authorization_token_from_params.blank? ||
+      !authorization_token_from_params.valid?
+    )
+
+      authorization_token_from_header
+    else
+      authorization_token_from_params
+    end
+  end
+
+  def application_name
+    raw_request_application_name || Drillbit.configuration.application_name
+  end
+
+  def subdomain
+    @subdomain ||= raw_host[/\A([a-z\-]+)/i, 1]
+  end
+
+  def self.resolve(original_request)
+    if original_request.is_a? self
+      original_request
+    elsif original_request.respond_to? :headers
+      rails_request_class.new(request: original_request)
+    else
+      rack_request_class.new(request: original_request)
+    end
+  end
+
+  def self.rails_request_class
+    require 'drillbit/requests/rails'
+
+    Object.const_get('Drillbit::Requests::Rails')
+  end
+
+  def self.rack_request_class
+    require 'drillbit/requests/rack'
+
+    Object.const_get('Drillbit::Requests::Rack')
+  end
+
+  private
+
+  def accept_header_from_header
+    AcceptHeader.new(application: application_name,
+                     header:      raw_accept_header_from_header || '')
+  end
+
+  def accept_header_from_params
+    AcceptHeader.new(application: application_name,
+                     header:      raw_accept_header_from_params || '')
+  end
+
+  def authorization_token_from_header
+    case raw_authorization_header
+    when JSON_WEB_TOKEN_HEADER_PATTERN
+      Tokens::JsonWebToken.from_jwe(
+        raw_authorization_header[JSON_WEB_TOKEN_HEADER_PATTERN, 1],
+        private_key: token_private_key,
+      )
+    when BASE64_TOKEN_HEADER_PATTERN
+      Tokens::Base64.convert(
+        raw_token: raw_authorization_header[BASE64_TOKEN_HEADER_PATTERN, 1],
+      )
+    else
+      Tokens::Null.instance
+    end
+  end
+
+  def raw_host
+    request.fetch('HTTP_HOST', '')
+  end
+end
+end
+end