drillbit 1.0.1 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/drillbit/accept_header.rb +3 -1
- data/lib/drillbit/configuration.rb +7 -2
- data/lib/drillbit/errors/invalid_subdomain.rb +1 -2
- data/lib/drillbit/requests/base.rb +2 -1
- data/lib/drillbit/requests/rack.rb +2 -1
- data/lib/drillbit/requests/rails.rb +2 -1
- data/lib/drillbit/version.rb +1 -1
- data/spec/drillbit/accept_header_spec.rb +8 -1
- data/spec/drillbit/errors/invalid_subdomain_spec.rb +1 -2
- data/spec/drillbit/invalid_subdomain_spec.rb +2 -3
- data/spec/drillbit/middleware/api_request_spec.rb +2 -2
- metadata +2 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 477a99cfe9c988e804d76c42b67dd503d71716ca
|
|
4
|
+
data.tar.gz: 2cbc77f50321b0d52b0209df5228c564a68f7993
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0a2cf2c6301d8d29a8936e3c73334f074ab0c27087a326ee8228c627dad73c55d8eb39b84bf741ddb3b458d595ff287cc8fe4fd95d6d570decf357c0fe04a140
|
|
7
|
+
data.tar.gz: cd9c47f410eeda20b0ff09b0ede87c8febb5cc9a971853cb59b71e2f567fc370887022eda8519a87688ed40a5f78b2055e061f6f4700deacac6f976421ce8ea7
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data.tar.gz.sig
CHANGED
|
Binary file
|
|
@@ -35,9 +35,11 @@ class AcceptHeader
|
|
|
35
35
|
raw_accept_header.match(accept_header_format)
|
|
36
36
|
end
|
|
37
37
|
|
|
38
|
+
# rubocop:disable Metrics/LineLength
|
|
38
39
|
def accept_header_format
|
|
39
|
-
%r{
|
|
40
|
+
%r{(?:(?<=\A)|(?<=,))application/#{application_vendor}(?:\+(\w+))?(?:;version=(#{version_format}))?(?:(?=\z)|(?=,))}
|
|
40
41
|
end
|
|
42
|
+
# rubocop:enable Metrics/LineLength
|
|
41
43
|
|
|
42
44
|
def application_vendor
|
|
43
45
|
"vnd\\.#{application}"
|
|
@@ -8,11 +8,12 @@ module Drillbit
|
|
|
8
8
|
:available_token_roles,
|
|
9
9
|
:default_api_version,
|
|
10
10
|
:default_token_audience,
|
|
11
|
-
:default_token_roles,
|
|
12
11
|
:default_token_expiration_in_minutes,
|
|
13
12
|
:default_token_issuer,
|
|
13
|
+
:default_token_roles,
|
|
14
14
|
:default_token_subject,
|
|
15
|
-
:token_private_key
|
|
15
|
+
:token_private_key,
|
|
16
|
+
:token_type
|
|
16
17
|
|
|
17
18
|
attr_accessor \
|
|
18
19
|
:application_name
|
|
@@ -71,6 +72,10 @@ module Drillbit
|
|
|
71
72
|
|
|
72
73
|
OpenSSL::PKey::RSA.new(@token_private_key)
|
|
73
74
|
end
|
|
75
|
+
|
|
76
|
+
def token_type
|
|
77
|
+
@token_type || 'JWE'
|
|
78
|
+
end
|
|
74
79
|
end
|
|
75
80
|
|
|
76
81
|
def self.configure
|
|
@@ -17,8 +17,7 @@ class InvalidSubdomain < RuntimeError
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def detail
|
|
20
|
-
'The
|
|
21
|
-
'authenticated user or does not exist.'
|
|
20
|
+
'The subdomain you attempted to access is not valid. Please try again.'
|
|
22
21
|
end
|
|
23
22
|
|
|
24
23
|
def source
|
|
@@ -93,7 +93,8 @@ class Base
|
|
|
93
93
|
def authorization_token_from_header
|
|
94
94
|
case raw_authorization_header
|
|
95
95
|
when JSON_WEB_TOKEN_HEADER_PATTERN
|
|
96
|
-
Tokens::JsonWebToken.
|
|
96
|
+
Tokens::JsonWebToken.__send__(
|
|
97
|
+
"from_#{Drillbit.configuration.token_type.downcase}",
|
|
97
98
|
raw_authorization_header[JSON_WEB_TOKEN_HEADER_PATTERN, 1],
|
|
98
99
|
private_key: token_private_key,
|
|
99
100
|
)
|
|
@@ -15,7 +15,8 @@ class Rack < Base
|
|
|
15
15
|
def authorization_token_from_params
|
|
16
16
|
case request['QUERY_STRING']
|
|
17
17
|
when JSON_WEB_TOKEN_PARAM_PATTERN
|
|
18
|
-
Tokens::JsonWebToken.
|
|
18
|
+
Tokens::JsonWebToken.__send__(
|
|
19
|
+
"from_#{Drillbit.configuration.token_type.downcase}",
|
|
19
20
|
request['QUERY_STRING'][JSON_WEB_TOKEN_PARAM_PATTERN, 1] || '',
|
|
20
21
|
private_key: token_private_key,
|
|
21
22
|
)
|
|
@@ -11,7 +11,8 @@ class Rails < Base
|
|
|
11
11
|
def authorization_token_from_params
|
|
12
12
|
case
|
|
13
13
|
when request.params.key?(JSON_WEB_TOKEN_PARAM_NAME)
|
|
14
|
-
Tokens::JsonWebToken.
|
|
14
|
+
Tokens::JsonWebToken.__send__(
|
|
15
|
+
"from_#{Drillbit.configuration.token_type.downcase}",
|
|
15
16
|
request.params[JSON_WEB_TOKEN_PARAM_NAME] || '',
|
|
16
17
|
private_key: token_private_key,
|
|
17
18
|
)
|
data/lib/drillbit/version.rb
CHANGED
|
@@ -12,6 +12,13 @@ RSpec.describe AcceptHeader do
|
|
|
12
12
|
expect(header).to be_valid
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
+
it 'can validate an accept header with multiple accept options' do
|
|
16
|
+
header = AcceptHeader.new(application: 'westeros',
|
|
17
|
+
header: 'application/json,application/vnd.westeros+redkeep;version=1.0.0,application/json')
|
|
18
|
+
|
|
19
|
+
expect(header).to be_valid
|
|
20
|
+
end
|
|
21
|
+
|
|
15
22
|
it 'does not validate an accept header without passing an application' do
|
|
16
23
|
header = AcceptHeader.new(application: '',
|
|
17
24
|
header: 'application/vnd.westeros+redkeep;version=1.0.0')
|
|
@@ -94,7 +101,7 @@ RSpec.describe AcceptHeader do
|
|
|
94
101
|
it 'can extract version information from an accept header' do
|
|
95
102
|
header = AcceptHeader.new(
|
|
96
103
|
application: 'westeros',
|
|
97
|
-
header: 'application/vnd.westeros+redkeep;version=10.0.0beta1',
|
|
104
|
+
header: 'application/json,application/vnd.westeros+redkeep;version=10.0.0beta1,application/json',
|
|
98
105
|
)
|
|
99
106
|
|
|
100
107
|
expect(header.version).to eql '10.0.0beta1'
|
|
@@ -17,8 +17,7 @@ RSpec.describe InvalidSubdomain do
|
|
|
17
17
|
|
|
18
18
|
it 'can output the detail' do
|
|
19
19
|
expect(error.detail).to eql \
|
|
20
|
-
'The
|
|
21
|
-
'authenticated user or does not exist.'
|
|
20
|
+
'The subdomain you attempted to access is not valid. Please try again.'
|
|
22
21
|
end
|
|
23
22
|
|
|
24
23
|
it 'can output the source' do
|
|
@@ -2,7 +2,6 @@
|
|
|
2
2
|
require 'spec_helper'
|
|
3
3
|
require 'drillbit/responses/invalid_subdomain'
|
|
4
4
|
|
|
5
|
-
# rubocop:disable Metrics/LineLength
|
|
6
5
|
module Drillbit
|
|
7
6
|
module Responses
|
|
8
7
|
RSpec.describe InvalidSubdomain, singletons: Erratum::Configuration do
|
|
@@ -32,8 +31,8 @@ RSpec.describe InvalidSubdomain, singletons: Erratum::Configuration do
|
|
|
32
31
|
'status' => 404,
|
|
33
32
|
'code' => 'errors.invalid_subdomain',
|
|
34
33
|
'title' => 'Invalid Subdomain',
|
|
35
|
-
'detail' => 'The
|
|
36
|
-
'
|
|
34
|
+
'detail' => 'The subdomain you attempted to access is not valid.' \
|
|
35
|
+
' Please try again.',
|
|
37
36
|
'source' => {
|
|
38
37
|
'http_host' => 'api.example.com',
|
|
39
38
|
},
|
|
@@ -65,8 +65,8 @@ RSpec.describe ApiRequest, singletons: Erratum::Configuration do
|
|
|
65
65
|
'status' => 404,
|
|
66
66
|
'code' => 'errors.invalid_subdomain',
|
|
67
67
|
'title' => 'Invalid Subdomain',
|
|
68
|
-
'detail' => 'The
|
|
69
|
-
'
|
|
68
|
+
'detail' => 'The subdomain you attempted to access is not valid.' \
|
|
69
|
+
' Please try again.',
|
|
70
70
|
'source' => {
|
|
71
71
|
'http_host' => 'notvalid.example.com',
|
|
72
72
|
},
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: drillbit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- thegranddesign
|
|
@@ -31,7 +31,7 @@ cert_chain:
|
|
|
31
31
|
zRIv8lqQM8QFT76rzP5SBCERwN+ltKAFbQ5/FwmZNGWYnmCP3RZMQiRnbh+9H9lh
|
|
32
32
|
mlbwaYZTjgsXq6cy8N38EecewgBbZYS1IYJraE/M
|
|
33
33
|
-----END CERTIFICATE-----
|
|
34
|
-
date: 2016-05-
|
|
34
|
+
date: 2016-05-21 00:00:00.000000000 Z
|
|
35
35
|
dependencies:
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: erratum
|
metadata.gz.sig
CHANGED
|
Binary file
|