dzl 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
@@ -4,7 +4,8 @@ class Dzl::DSLProxies::Protection < Dzl::DSLProxy
|
|
4
4
|
@subject.opts[:http_basic] = opts
|
5
5
|
end
|
6
6
|
def api_key(opts)
|
7
|
-
raise ArgumentError unless [:header
|
7
|
+
raise ArgumentError unless opts[:header].present?
|
8
|
+
raise ArgumentError unless [:validate_with, :valid_keys].one? {|k| opts[k].present?}
|
8
9
|
@subject.opts[:api_key] = opts
|
9
10
|
end
|
10
11
|
end
|
@@ -29,13 +29,18 @@ class Dzl::DSLSubjects::Protection < Dzl::DSLSubject
|
|
29
29
|
|
30
30
|
if @opts[:api_key].present?
|
31
31
|
api_key_header = @opts[:api_key][:header]
|
32
|
-
allowed_keys = @opts[:api_key][:valid_keys]
|
33
32
|
request_key = request.headers[api_key_header]
|
34
33
|
|
35
34
|
if request_key
|
36
35
|
# Invalid API key provided
|
37
|
-
|
38
|
-
|
36
|
+
if (valid_keys = @opts[:api_key][:valid_keys]).present?
|
37
|
+
unless valid_keys.include? request_key
|
38
|
+
return Dzl::ValueOrError.new(e: :invalid_api_key)
|
39
|
+
end
|
40
|
+
elsif (key_proc = @opts[:api_key][:validate_with]).present?
|
41
|
+
unless key_proc.call(request_key)
|
42
|
+
return Dzl::ValueOrError.new(e: :invalid_api_key)
|
43
|
+
end
|
39
44
|
end
|
40
45
|
# No API key provided
|
41
46
|
else
|
@@ -54,6 +54,12 @@ class Dzl::Examples::FunWithParams < Dzl::Examples::Base
|
|
54
54
|
end
|
55
55
|
end
|
56
56
|
|
57
|
+
endpoint '/api_proc' do
|
58
|
+
protect do
|
59
|
+
api_key header: 'x_api_key', validate_with: lambda {|key| key.match(/valid/)}
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
57
63
|
endpoint '/arithmetic' do
|
58
64
|
optional :int do
|
59
65
|
type Fixnum
|
data/lib/dzl/version.rb
CHANGED
@@ -189,6 +189,23 @@ describe Dzl::Examples::FunWithParams do
|
|
189
189
|
end
|
190
190
|
end
|
191
191
|
|
192
|
+
describe '/api_proc' do
|
193
|
+
it 'should 401 if no api key provided' do
|
194
|
+
get '/api_proc'
|
195
|
+
last_response.status.should == 401
|
196
|
+
end
|
197
|
+
|
198
|
+
it 'should 401 if invalid api key provided' do
|
199
|
+
get '/api_proc', {}, {"HTTP_X_API_KEY" => 'bad-key'}
|
200
|
+
last_response.status.should == 401
|
201
|
+
end
|
202
|
+
|
203
|
+
it 'should accept valid api key' do
|
204
|
+
get '/api_proc', {}, {"HTTP_X_API_KEY" => 'valid-key'}
|
205
|
+
last_response.status.should == 200
|
206
|
+
end
|
207
|
+
end
|
208
|
+
|
192
209
|
describe '/arithmetic' do
|
193
210
|
it 'should not allow :int < 5' do
|
194
211
|
get('/arithmetic', {int: 4}) do |response|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dzl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,11 +10,11 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-05-
|
13
|
+
date: 2012-05-04 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: rack
|
17
|
-
requirement: &
|
17
|
+
requirement: &70301799221440 !ruby/object:Gem::Requirement
|
18
18
|
none: false
|
19
19
|
requirements:
|
20
20
|
- - ~>
|
@@ -22,10 +22,10 @@ dependencies:
|
|
22
22
|
version: 1.4.1
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
|
-
version_requirements: *
|
25
|
+
version_requirements: *70301799221440
|
26
26
|
- !ruby/object:Gem::Dependency
|
27
27
|
name: activesupport
|
28
|
-
requirement: &
|
28
|
+
requirement: &70301799219580 !ruby/object:Gem::Requirement
|
29
29
|
none: false
|
30
30
|
requirements:
|
31
31
|
- - ~>
|
@@ -33,7 +33,7 @@ dependencies:
|
|
33
33
|
version: 3.2.2
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
|
-
version_requirements: *
|
36
|
+
version_requirements: *70301799219580
|
37
37
|
description: Small, fast racktivesupport web framework with handy DSL and explicit
|
38
38
|
parameter validation.
|
39
39
|
email:
|