drillbit 1.1.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/lib/drillbit.rb +3 -1
  5. data/lib/drillbit/authorizable_resource.rb +6 -0
  6. data/lib/drillbit/authorizers/parameters/filtering.rb +1 -0
  7. data/lib/drillbit/authorizers/parameters/resource.rb +59 -0
  8. data/lib/drillbit/errors/invalid_request_body.rb +29 -0
  9. data/lib/drillbit/middleware/api_request_validator.rb +40 -0
  10. data/lib/drillbit/middleware/parameter_parser.rb +61 -0
  11. data/lib/drillbit/middleware/token_processor.rb +26 -0
  12. data/lib/drillbit/requests/base.rb +8 -5
  13. data/lib/drillbit/responses/invalid_request_body.rb +18 -0
  14. data/lib/drillbit/tokens/json_web_token.rb +9 -1
  15. data/lib/drillbit/version.rb +1 -1
  16. data/spec/drillbit/accept_header_spec.rb +2 -2
  17. data/spec/drillbit/authorizers/parameters/filtering_spec.rb +4 -4
  18. data/spec/drillbit/authorizers/parameters/resource_spec.rb +4 -4
  19. data/spec/drillbit/authorizers/parameters_spec.rb +3 -3
  20. data/spec/drillbit/authorizers/query_spec.rb +3 -3
  21. data/spec/drillbit/authorizers/scope_spec.rb +3 -3
  22. data/spec/drillbit/errors/invalid_api_request_spec.rb +3 -3
  23. data/spec/drillbit/errors/invalid_request_body_spec.rb +25 -0
  24. data/spec/drillbit/errors/invalid_subdomain_spec.rb +3 -3
  25. data/spec/drillbit/errors/invalid_token_spec.rb +3 -3
  26. data/spec/drillbit/invalid_subdomain_spec.rb +3 -3
  27. data/spec/drillbit/invalid_token_spec.rb +3 -3
  28. data/spec/drillbit/matchers/accept_header_spec.rb +3 -3
  29. data/spec/drillbit/matchers/subdomain_spec.rb +3 -3
  30. data/spec/drillbit/matchers/version_spec.rb +3 -3
  31. data/spec/drillbit/middleware/{api_request_spec.rb → api_request_validator_spec.rb} +11 -46
  32. data/spec/drillbit/middleware/parameter_parser_spec.rb +184 -0
  33. data/spec/drillbit/middleware/token_processor_spec.rb +27 -0
  34. data/spec/drillbit/requests/base_spec.rb +3 -3
  35. data/spec/drillbit/requests/rack_spec.rb +3 -3
  36. data/spec/drillbit/requests/rails_spec.rb +3 -3
  37. data/spec/drillbit/resource/model_spec.rb +3 -3
  38. data/spec/drillbit/resource/processors/filtering_spec.rb +4 -4
  39. data/spec/drillbit/resource/processors/indexing_spec.rb +4 -4
  40. data/spec/drillbit/resource/processors/paging_spec.rb +4 -4
  41. data/spec/drillbit/resource/processors/sorting_spec.rb +4 -4
  42. data/spec/drillbit/tokens/base64_spec.rb +3 -3
  43. data/spec/drillbit/tokens/json_web_token_spec.rb +11 -3
  44. data/spec/drillbit/tokens/json_web_tokens/password_reset_spec.rb +4 -4
  45. metadata +15 -8
  46. metadata.gz.sig +0 -0
  47. data/lib/drillbit/middleware/api_request.rb +0 -49
  48. data/lib/drillbit/parameters.rb +0 -22
  49. data/spec/drillbit/parameters_spec.rb +0 -49
@@ -3,9 +3,9 @@ require 'spec_helper'
3
3
  require 'drillbit/requests/rack'
4
4
 
5
5
  # rubocop:disable Metrics/LineLength
6
- module Drillbit
7
- module Requests
8
- RSpec.describe Rack do
6
+ module Drillbit
7
+ module Requests
8
+ describe Rack do
9
9
  it 'finds the accept header from the headers if it is valid' do
10
10
  raw_request = {
11
11
  'HTTP_ACCEPT' => 'application/vnd.westeros+redkeep;version=10.0',
@@ -4,9 +4,9 @@ require 'spec_helper'
4
4
  require 'drillbit/requests/rails'
5
5
 
6
6
  # rubocop:disable Metrics/LineLength
7
- module Drillbit
8
- module Requests
9
- RSpec.describe Rails do
7
+ module Drillbit
8
+ module Requests
9
+ describe Rails do
10
10
  it 'finds the accept header from the headers if it is valid' do
11
11
  raw_request = OpenStruct.new(
12
12
  headers: {
@@ -2,9 +2,9 @@
2
2
  require 'spec_helper'
3
3
  require 'drillbit/resource/model'
4
4
 
5
- module Drillbit
6
- module Resource
7
- RSpec.describe Model do
5
+ module Drillbit
6
+ module Resource
7
+ describe Model do
8
8
  it 'can chain multiple processors together' do
9
9
  resource = double
10
10
  processed_resource = double
@@ -2,10 +2,10 @@
2
2
  require 'spec_helper'
3
3
  require 'drillbit/resource/processors/filtering'
4
4
 
5
- module Drillbit
6
- module Resource
7
- module Processors
8
- RSpec.describe Filtering do
5
+ module Drillbit
6
+ module Resource
7
+ module Processors
8
+ describe Filtering do
9
9
  let(:filtering_resource) { double }
10
10
 
11
11
  it 'can return the resource if not filtered parameters are passed in' do
@@ -9,10 +9,10 @@ class TestIndexClass
9
9
  end
10
10
  end
11
11
 
12
- module Drillbit
13
- module Resource
14
- module Processors
15
- RSpec.describe Indexing do
12
+ module Drillbit
13
+ module Resource
14
+ module Processors
15
+ describe Indexing do
16
16
  let(:indexing_resource) { double }
17
17
 
18
18
  it 'does not do anything if indexing params are not passed in' do
@@ -2,10 +2,10 @@
2
2
  require 'spec_helper'
3
3
  require 'drillbit/resource/processors/paging'
4
4
 
5
- module Drillbit
6
- module Resource
7
- module Processors
8
- RSpec.describe Paging do
5
+ module Drillbit
6
+ module Resource
7
+ module Processors
8
+ describe Paging do
9
9
  let(:paging_resource) { double }
10
10
  let(:processed_resource) { double }
11
11
 
@@ -2,10 +2,10 @@
2
2
  require 'spec_helper'
3
3
  require 'drillbit/resource/processors/sorting'
4
4
 
5
- module Drillbit
6
- module Resource
7
- module Processors
8
- RSpec.describe Sorting do
5
+ module Drillbit
6
+ module Resource
7
+ module Processors
8
+ describe Sorting do
9
9
  let(:sorting_resource) { double }
10
10
 
11
11
  it 'can return an ascending sort' do
@@ -2,9 +2,9 @@
2
2
  require 'spec_helper'
3
3
  require 'drillbit/tokens/base64'
4
4
 
5
- module Drillbit
6
- module Tokens
7
- RSpec.describe Base64 do
5
+ module Drillbit
6
+ module Tokens
7
+ describe Base64 do
8
8
  it 'is valid' do
9
9
  expect(Base64.new(token: 'foo')).to be_valid
10
10
  end
@@ -2,9 +2,9 @@
2
2
  require 'spec_helper'
3
3
  require 'drillbit/tokens/json_web_token'
4
4
 
5
- module Drillbit
6
- module Tokens
7
- RSpec.describe JsonWebToken do
5
+ module Drillbit
6
+ module Tokens
7
+ describe JsonWebToken do
8
8
  it 'can convert an empty encrypted token' do
9
9
  token = JsonWebToken.from_jwe(nil,
10
10
  private_key: test_private_key)
@@ -61,6 +61,14 @@ RSpec.describe JsonWebToken do
61
61
  expect(token).to be_a JsonWebTokens::Null
62
62
  end
63
63
 
64
+ it 'can convert a token with no data' do
65
+ token = JsonWebToken.build_from_request([{}, {}])
66
+
67
+ expect(token).to be_empty
68
+ expect(token).not_to be_present
69
+ expect(token).to be_blank
70
+ end
71
+
64
72
  it 'can verify an expired signed token' do
65
73
  expired_jws = valid_jws_token('exp' => 1.day.ago.to_i,
66
74
  'baz' => 'bar')
@@ -2,10 +2,10 @@
2
2
  require 'spec_helper'
3
3
  require 'drillbit/tokens/json_web_tokens/password_reset'
4
4
 
5
- module Drillbit
6
- module Tokens
7
- module JsonWebTokens
8
- RSpec.describe PasswordReset do
5
+ module Drillbit
6
+ module Tokens
7
+ module JsonWebTokens
8
+ describe PasswordReset do
9
9
  it 'can build a token that expires during the password reset timeframe', :time_mock do
10
10
  token = JsonWebToken.build(id: 'test_id',
11
11
  subject_id: 'subject_id',
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: drillbit
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - thegranddesign
@@ -31,7 +31,7 @@ cert_chain:
31
31
  zRIv8lqQM8QFT76rzP5SBCERwN+ltKAFbQ5/FwmZNGWYnmCP3RZMQiRnbh+9H9lh
32
32
  mlbwaYZTjgsXq6cy8N38EecewgBbZYS1IYJraE/M
33
33
  -----END CERTIFICATE-----
34
- date: 2016-05-21 00:00:00.000000000 Z
34
+ date: 2016-05-26 00:00:00.000000000 Z
35
35
  dependencies:
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: erratum
@@ -136,14 +136,16 @@ files:
136
136
  - lib/drillbit/authorizers/scope.rb
137
137
  - lib/drillbit/configuration.rb
138
138
  - lib/drillbit/errors/invalid_api_request.rb
139
+ - lib/drillbit/errors/invalid_request_body.rb
139
140
  - lib/drillbit/errors/invalid_subdomain.rb
140
141
  - lib/drillbit/errors/invalid_token.rb
141
142
  - lib/drillbit/matchers/accept_header.rb
142
143
  - lib/drillbit/matchers/generic.rb
143
144
  - lib/drillbit/matchers/subdomain.rb
144
145
  - lib/drillbit/matchers/version.rb
145
- - lib/drillbit/middleware/api_request.rb
146
- - lib/drillbit/parameters.rb
146
+ - lib/drillbit/middleware/api_request_validator.rb
147
+ - lib/drillbit/middleware/parameter_parser.rb
148
+ - lib/drillbit/middleware/token_processor.rb
147
149
  - lib/drillbit/parameters/filter.rb
148
150
  - lib/drillbit/parameters/index.rb
149
151
  - lib/drillbit/parameters/page.rb
@@ -159,6 +161,7 @@ files:
159
161
  - lib/drillbit/resource/processors/paging.rb
160
162
  - lib/drillbit/resource/processors/sorting.rb
161
163
  - lib/drillbit/responses/invalid_api_request.rb
164
+ - lib/drillbit/responses/invalid_request_body.rb
162
165
  - lib/drillbit/responses/invalid_subdomain.rb
163
166
  - lib/drillbit/responses/invalid_token.rb
164
167
  - lib/drillbit/serializers/json_api.rb
@@ -179,6 +182,7 @@ files:
179
182
  - spec/drillbit/authorizers/query_spec.rb
180
183
  - spec/drillbit/authorizers/scope_spec.rb
181
184
  - spec/drillbit/errors/invalid_api_request_spec.rb
185
+ - spec/drillbit/errors/invalid_request_body_spec.rb
182
186
  - spec/drillbit/errors/invalid_subdomain_spec.rb
183
187
  - spec/drillbit/errors/invalid_token_spec.rb
184
188
  - spec/drillbit/invalid_subdomain_spec.rb
@@ -186,8 +190,9 @@ files:
186
190
  - spec/drillbit/matchers/accept_header_spec.rb
187
191
  - spec/drillbit/matchers/subdomain_spec.rb
188
192
  - spec/drillbit/matchers/version_spec.rb
189
- - spec/drillbit/middleware/api_request_spec.rb
190
- - spec/drillbit/parameters_spec.rb
193
+ - spec/drillbit/middleware/api_request_validator_spec.rb
194
+ - spec/drillbit/middleware/parameter_parser_spec.rb
195
+ - spec/drillbit/middleware/token_processor_spec.rb
191
196
  - spec/drillbit/requests/base_spec.rb
192
197
  - spec/drillbit/requests/rack_spec.rb
193
198
  - spec/drillbit/requests/rails_spec.rb
@@ -235,6 +240,7 @@ test_files:
235
240
  - spec/drillbit/authorizers/query_spec.rb
236
241
  - spec/drillbit/authorizers/scope_spec.rb
237
242
  - spec/drillbit/errors/invalid_api_request_spec.rb
243
+ - spec/drillbit/errors/invalid_request_body_spec.rb
238
244
  - spec/drillbit/errors/invalid_subdomain_spec.rb
239
245
  - spec/drillbit/errors/invalid_token_spec.rb
240
246
  - spec/drillbit/invalid_subdomain_spec.rb
@@ -242,8 +248,9 @@ test_files:
242
248
  - spec/drillbit/matchers/accept_header_spec.rb
243
249
  - spec/drillbit/matchers/subdomain_spec.rb
244
250
  - spec/drillbit/matchers/version_spec.rb
245
- - spec/drillbit/middleware/api_request_spec.rb
246
- - spec/drillbit/parameters_spec.rb
251
+ - spec/drillbit/middleware/api_request_validator_spec.rb
252
+ - spec/drillbit/middleware/parameter_parser_spec.rb
253
+ - spec/drillbit/middleware/token_processor_spec.rb
247
254
  - spec/drillbit/requests/base_spec.rb
248
255
  - spec/drillbit/requests/rack_spec.rb
249
256
  - spec/drillbit/requests/rails_spec.rb
metadata.gz.sig CHANGED
Binary file
@@ -1,49 +0,0 @@
1
- # frozen_string_literal: true
2
- require 'drillbit/configuration'
3
- require 'drillbit/parameters'
4
- require 'drillbit/matchers/subdomain'
5
- require 'drillbit/matchers/accept_header'
6
- require 'drillbit/requests/base'
7
- require 'drillbit/responses/invalid_api_request'
8
- require 'drillbit/responses/invalid_subdomain'
9
- require 'drillbit/responses/invalid_token'
10
-
11
- module Drillbit
12
- module Middleware
13
- class ApiRequest
14
- JSON_API_MIME_TYPE_PATTERN = %r{application/vnd\.api\+json(?=\z|;)}
15
-
16
- def initialize(app)
17
- @app = app
18
- end
19
-
20
- # rubocop:disable Metrics/LineLength
21
- # :reek:FeatureEnvy
22
- def call(env)
23
- env['HTTP_X_APPLICATION_NAME'] = Drillbit.configuration.application_name
24
-
25
- request = Requests::Base.resolve(env)
26
- subdomain_matcher = Matchers::Subdomain.new
27
- accept_header_matcher = Matchers::AcceptHeader.new
28
- token = request.authorization_token
29
-
30
- return Responses::InvalidSubdomain.call(env) unless subdomain_matcher.matches?(request)
31
- return Responses::InvalidApiRequest.call(env) unless !subdomain_matcher.matches_api_subdomain?(request) ||
32
- accept_header_matcher.matches?(request)
33
- return Responses::InvalidToken.call(env,
34
- application_name: request.application_name) \
35
- unless token.valid?
36
-
37
- env['X_DECRYPTED_JSON_WEB_TOKEN'] = token.to_h
38
- env['QUERY_STRING'] = Parameters.process(env['QUERY_STRING'])
39
- env['CONTENT_TYPE'] = env['CONTENT_TYPE'].
40
- to_s.
41
- gsub JSON_API_MIME_TYPE_PATTERN,
42
- 'application/json'
43
-
44
- @app.call(env)
45
- end
46
- # rubocop:enable Metrics/LineLength
47
- end
48
- end
49
- end
@@ -1,22 +0,0 @@
1
- # frozen_string_literal: true
2
- module Drillbit
3
- class Parameters
4
- attr_accessor :query_string
5
-
6
- def initialize(query_string)
7
- self.query_string = query_string
8
- end
9
-
10
- def self.process(query_string)
11
- new(query_string).process
12
- end
13
-
14
- def process
15
- return query_string unless query_string.respond_to? :gsub
16
-
17
- query_string.gsub(/(?<=\A|&|\?)[^=&]+/) do |match|
18
- match.tr('-', '_')
19
- end
20
- end
21
- end
22
- end
@@ -1,49 +0,0 @@
1
- # frozen_string_literal: true
2
- require 'spec_helper'
3
- require 'drillbit/parameters'
4
-
5
- module Drillbit
6
- RSpec.describe Parameters do
7
- it 'can underscore the first parameter' do
8
- query_params = 'hello-there=bob-jones'
9
-
10
- expect(Parameters.process(query_params)).to eql 'hello_there=bob-jones'
11
- end
12
-
13
- it 'does not touch params with no dashes' do
14
- query_params = 'hello_there=bob-jones'
15
-
16
- expect(Parameters.process(query_params)).to eql 'hello_there=bob-jones'
17
- end
18
-
19
- it 'can underscore a middle parameter and a parameter at the end' do
20
- query_params = 'hello-there=bob-jones&nice-to-meet=you-bob&hows-the-weather=today-bob'
21
-
22
- expect(Parameters.process(query_params)).to eql 'hello_there=bob-jones&' \
23
- 'nice_to_meet=you-bob&' \
24
- 'hows_the_weather=today-bob'
25
- end
26
-
27
- it 'can handle weirdly formatted parameters' do
28
- query_params = 'hello-there=bob-jones&nice-to-meet=you-bob&='
29
-
30
- expect(Parameters.process(query_params)).to eql 'hello_there=bob-jones&' \
31
- 'nice_to_meet=you-bob&='
32
- end
33
-
34
- it 'can handle parameters with no values' do
35
- query_params = 'hello-there&nice-to-meet=you-bob&='
36
-
37
- expect(Parameters.process(query_params)).to eql 'hello_there&' \
38
- 'nice_to_meet=you-bob&='
39
- end
40
-
41
- it 'can handle values with no parameter name' do
42
- query_params = 'hello-there=bob-jones&=you-bob&nice-to-meet=you-bob&='
43
-
44
- expect(Parameters.process(query_params)).to eql 'hello_there=bob-jones&' \
45
- '=you-bob&' \
46
- 'nice_to_meet=you-bob&='
47
- end
48
- end
49
- end