etna 0.1.11

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 6b95bd70a5a778deaaeb05408e95dd043dfd41914993986d770cf8c29f6ba54b
+  data.tar.gz: 9e2d68c4fcb362108ce3ebf203cf7e88fba5045e6b87164c13f7feb4a9811e17
+SHA512:
+  metadata.gz: dfae596fc44742b0fd087cabd93ca8a2132f8501662cab18a2c46e86d33db9a84852ff061299bf5e694f70da1a62ed1b0057e6523799cec19b031fec3cd171ae
+  data.tar.gz: 2146b65d50ea6c9b610a762c3043748113a79c3f603fe0366f3519c81314f36983d0ea59d542e4a512ea01f8e0862a3e1f403884b755d077e75de53c5dae72a9

data/lib/etna/application.rb

@@ -0,0 +1,90 @@
+# a module to use for base application classes
+# it is an included module rather than a class to spare
+# us the burden of writing class Blah < Etna::Application
+# whenever we want to use it as a container
+
+require_relative './sign_service'
+require 'singleton'
+
+module Etna::Application
+  def self.included(other)
+    other.include Singleton
+  end
+
+  def self.find(klass)
+    Kernel.const_get(
+      klass.name.split('::').first
+    ).instance
+  end
+
+  def self.register(app)
+    @instance = app
+  end
+
+  def self.instance
+    @instance
+  end
+
+  def initialize
+    Etna::Application.register(self)
+  end
+
+  def configure(opts)
+    @config = opts
+  end
+
+  def setup_logger
+    @logger = Etna::Logger.new(
+      # The name of the log_file, required.
+      config(:log_file),
+      # Number of old copies of the log to keep.
+      config(:log_copies) || 5,
+      # How large the log can get before overturning.
+      config(:log_size) || 1048576
+    )
+    log_level = (config(:log_level) || 'warn').upcase.to_sym
+
+    @logger.level = Logger.const_defined?(log_level) ? Logger.const_get(log_level) : Logger::WARN
+  end
+
+  # the application logger is available globally
+  attr_reader :logger
+
+  def config(type)
+    @config[environment][type]
+  end
+
+  def sign
+    @sign ||= Etna::SignService.new(self)
+  end
+
+  def environment
+    (ENV["#{self.class.name.upcase}_ENV"] || :development).to_sym
+  end
+
+  def find_descendents(klass)
+    ObjectSpace.each_object(Class).select do |k|
+      k < klass
+    end
+  end
+
+  def run_command(config, cmd = :help, *args)
+    cmd = cmd.to_sym
+    if commands.key?(cmd)
+      commands[cmd].setup(config)
+      commands[cmd].execute(*args)
+    else
+      commands[:help].execute
+    end
+  end
+
+  def commands
+    @commands ||= Hash[
+      find_descendents(Etna::Command).map do |c|
+        cmd = c.new
+        [ cmd.name, cmd ]
+      end
+    ]
+  end
+end
+

data/lib/etna/auth.rb

@@ -0,0 +1,128 @@
+require_relative 'user'
+require_relative 'hmac'
+
+module Etna
+  class Auth
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      request = Rack::Request.new(env)
+
+      # There are three ways to authenticate.
+      # Either the route does not require auth,
+      # you have an hmac or you have a valid token.
+      # Both of these will not validate individual
+      # permissions; this is up to the controller
+      if [ approve_noauth(request), approve_hmac(request), approve_user(request) ].all?{|approved| !approved}
+        return fail_or_redirect(request)
+      end
+
+      @app.call(request.env)
+    end
+
+    private
+
+    def application
+      @application ||= Etna::Application.instance
+    end
+
+    def server
+      @server ||= application.class.const_get(:Server)
+    end
+
+    def params(request)
+      request.env['rack.request.params']
+    end
+
+    def auth(request, type)
+      (etna_param(request, :authorization, nil) || '')[/\A#{type.capitalize} (.*)\z/,1]
+    end
+
+    def self.etna_url_param(item)
+      :"X-Etna-#{item.to_s.split(/_/).map(&:capitalize).join('-')}"
+    end
+
+    def etna_param(request, item, fill='X_ETNA_')
+      # This comes either from header variable
+      # HTTP_X_SOME_NAME or parameter X-Etna-Some-Name
+      #
+      # We prefer the param so we can use the header elsewhere
+
+      params(request)[Etna::Auth.etna_url_param(item)] || request.env["HTTP_#{fill}#{item.upcase}"]
+    end
+
+    # If the application asks for a redirect for unauthorized users
+    def fail_or_redirect(request, msg = 'You are unauthorized')
+      return [ 401, { 'Content-Type' => 'text/html' }, [msg] ] unless application.config(:auth_redirect)
+
+      uri = URI(
+        application.config(:auth_redirect).chomp('/') + '/login'
+      )
+      uri.query = URI.encode_www_form(refer: request.url)
+      return [ 302, { 'Location' => uri.to_s }, [] ]
+    end
+
+    def approve_noauth(request)
+      route = server.find_route(request)
+
+      return route && route.noauth?
+    end
+
+    def approve_user(request)
+      token = request.cookies[application.config(:token_name)] || auth(request, :etna)
+
+      return false unless token
+
+      begin
+        payload, header = application.sign.jwt_decode(token)
+        return request.env['etna.user'] = Etna::User.new(payload.map{|k,v| [k.to_sym, v]}.to_h, token)
+      rescue
+        # bail out if anything goes wrong
+        return false
+      end
+    end
+
+    # Names and order of the fields to be signed.
+    def approve_hmac(request)
+      hmac_signature = etna_param(request, :signature)
+
+      return false unless hmac_signature
+
+      return false unless headers = etna_param(request, :headers)
+
+      headers = headers.split(/,/).map do |header|
+        [ header.to_sym, etna_param(request, header) ]
+      end.to_h
+
+      # Now expect the standard headers
+      hmac_params = {
+        method: request.request_method,
+        host: request.host,
+        path: request.path,
+
+        expiration: etna_param(request, :expiration),
+        id: etna_param(request, :id),
+        nonce: etna_param(request, :nonce),
+        headers: headers,
+        test_signature: hmac_signature
+      }
+
+      begin
+        hmac = Etna::Hmac.new(application, hmac_params)
+      rescue Exception => e
+        return false
+      end
+
+      request.env['etna.hmac'] = hmac
+
+      return nil unless hmac.valid?
+
+      # success! set the hmac header params as regular params
+      params(request).update(headers)
+
+      return true
+    end
+  end
+end

data/lib/etna/client.rb

@@ -0,0 +1,144 @@
+require 'net/http/persistent'
+require 'net/http/post/multipart'
+require 'singleton'
+
+module Etna
+  class Client
+    def initialize(host, token)
+      @host = host.sub(%r!/$!,'')
+      @token = token
+
+      set_routes
+
+      define_route_helpers
+    end
+
+    attr_reader :routes
+
+    def route_path(route, params)
+      Etna::Route.path(route[:route], params)
+    end
+
+    private
+
+    def set_routes
+      response = options('/')
+      status_check!(response)
+      @routes = JSON.parse(response.body, symbolize_names: true)
+    end
+
+    def define_route_helpers
+      @routes.each do |route|
+        next unless route[:name]
+        self.define_singleton_method(route[:name]) do |params={}|
+
+          missing_params = (route[:params] - params.keys.map(&:to_s))
+          unless missing_params.empty?
+            raise ArgumentError, "Missing required #{missing_params.size > 1 ?
+              'params' : 'param'} #{missing_params.join(', ')}"
+          end
+
+          response = send(route[:method].downcase, route_path(route, params), params)
+          if block_given?
+            yield response
+          else
+            if response.content_type == 'application/json'
+              return JSON.parse(response.body, symbolize_names: true)
+            else
+              return response.body
+            end
+          end
+        end
+      end
+    end
+
+    def persistent_connection
+      @http ||= begin
+                  http = Net::HTTP::Persistent.new
+                  http.read_timeout = 3600
+                  http
+                end
+    end
+
+    def multipart_post(endpoint, content, &block)
+      uri = request_uri(endpoint)
+      multipart = Net::HTTP::Post::Multipart.new uri.path, content
+      multipart.add_field('Authorization', "Etna #{@token}")
+      request(uri, multipart, &block)
+    end
+
+    def post(endpoint, params={}, &block)
+      body_request(Net::HTTP::Post, endpoint, params, &block)
+    end
+
+    def get(endpoint, params={}, &block)
+      query_request(Net::HTTP::Get, endpoint, params, &block)
+    end
+
+    def options(endpoint, params={}, &block)
+      query_request(Net::HTTP::Options, endpoint, params, &block)
+    end
+
+    def delete(endpoint, params={}, &block)
+      body_request(Net::HTTP::Delete, endpoint, params, &block)
+    end
+
+    def body_request(type, endpoint, params={}, &block)
+      uri = request_uri(endpoint)
+      req = type.new(uri.path,request_params)
+      req.body = params.to_json
+      request(uri, req, &block)
+    end
+
+    def query_request(type, endpoint, params={}, &block)
+      uri = request_uri(endpoint)
+      uri.query = URI.encode_www_form(params)
+      req = type.new(uri.request_uri, request_params)
+      request(uri, req, &block)
+    end
+
+    def request_uri(endpoint)
+      URI("#{@host}#{endpoint}")
+    end
+
+    def request_params
+      {
+        'Content-Type' => 'application/json',
+        'Accept'=> 'application/json, text/*',
+        'Authorization'=>"Etna #{@token}"
+      }
+    end
+
+    def status_check!(response)
+      status = response.code.to_i
+      if status >= 400
+        msg = response.content_type == 'application/json' ?
+          json_error(response.body) :
+          response.body
+        raise Etna::Error.new(msg, status)
+      end
+    end
+
+    def json_error(body)
+      msg = JSON.parse(body, symbolize_names: true)
+      if (msg.has_key?(:errors) && msg[:errors].is_a?(Array))
+        return msg[:errors].join(', ')
+      elsif msg.has_key?(:error)
+        return msg[:error]
+      end
+    end
+
+    def request(uri, data)
+      if block_given?
+        persistent_connection.request(uri, data) do |response|
+          status_check!(response)
+          yield response
+        end
+      else
+        response = persistent_connection.request(uri, data)
+        status_check!(response)
+        return response
+      end
+    end
+  end
+end

data/lib/etna/command.rb

@@ -0,0 +1,26 @@
+module Etna
+  class Command
+    class << self
+      def usage(desc)
+        define_method :usage do
+          "  #{"%-30s" % name}#{desc}"
+        end
+      end
+    end
+
+    def name
+      self.class.name.snake_case.split(/::/).last.to_sym
+    end
+
+    # To be overridden during inheritance.
+    def execute
+      raise 'Command is not implemented'
+    end
+
+    # To be overridden during inheritance, to e.g. connect to a database.
+    # Should be called with super by inheriting method.
+    def setup(config)
+      Etna::Application.find(self.class).configure(config)
+    end
+  end
+end

data/lib/etna/controller.rb

@@ -0,0 +1,111 @@
+require 'erb'
+
+module Etna
+  class Controller
+    def initialize(request, action = nil)
+      @request = request
+      @action = action
+      @response = Rack::Response.new
+      @params = @request.env['rack.request.params']
+      @errors = []
+      @server = @request.env['etna.server']
+      @logger = @request.env['etna.logger']
+      @user = @request.env['etna.user']
+      @request_id = @request.env['etna.request_id']
+    end
+
+    def log(line)
+      @logger.warn(request_msg(line))
+    end
+
+    def response(&block)
+      return instance_eval(&block) if block_given?
+
+      return send(@action) if @action
+
+      [501, {}, ['This controller is not implemented.']]
+    rescue Etna::Error => e
+      @logger.error(request_msg("Exiting with #{e.status}, #{e.message}"))
+      return failure(e.status, error: e.message)
+    rescue Exception => e
+      @logger.error(request_msg('Caught unspecified error'))
+      @logger.error(request_msg(e.message))
+      e.backtrace.each do |trace|
+        @logger.error(request_msg(trace))
+      end
+      return failure(500, error: 'Server error.')
+    end
+
+    def require_params(*params)
+      missing_params = params.reject{|p| @params.key?(p) }
+      raise Etna::BadRequest, "Missing param #{missing_params.join(', ')}" unless missing_params.empty?
+    end
+    alias_method :require_param, :require_params
+
+    def route_path(name, params={})
+      @server.class.route_path(@request, name, params)
+    end
+
+    def route_url(name, params={})
+      path = route_path(name,params)
+      return nil unless path
+      @request.scheme + '://' + @request.host + path
+    end
+
+    # methods for returning a view
+    VIEW_PATH = :VIEW_PATH
+
+    def view(name)
+      txt = File.read("#{self.class::VIEW_PATH}/#{name}.html")
+      @response['Content-Type'] = 'text/html'
+      @response.write(txt)
+      @response.finish
+    end
+
+    def erb_partial(name)
+      txt = File.read("#{self.class::VIEW_PATH}/#{name}.html.erb")
+      ERB.new(txt).result(binding)
+    end
+
+    def erb_view(name)
+      @response['Content-Type'] = 'text/html'
+      @response.write(erb_partial(name))
+      @response.finish
+    end
+
+    private
+
+    def success(msg, content_type='text/plain')
+      @response['Content-Type'] = content_type
+      @response.write(msg)
+      @response.finish
+    end
+
+    def success_json(params)
+      success(params.to_json, 'application/json')
+    end
+
+    def failure(status, msg)
+      @response['Content-Type'] = 'application/json'
+      @response.status = status
+      @response.write(msg.to_json)
+      @response.finish
+    end
+
+    def success?
+      @errors.empty?
+    end
+
+    def error(msg)
+      if msg.is_a?(Array)
+        @errors.concat(msg)
+      else
+        @errors.push(msg)
+      end
+    end
+
+    def request_msg(msg)
+      "#{@request_id} #{msg}"
+    end
+  end
+end

data/lib/etna/cross_origin.rb

@@ -0,0 +1,71 @@
+module Etna
+  class CrossOrigin
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      request = Rack::Request.new(env)
+
+      # Don't filter unless this is a CORS request
+      return actual_response(request) unless has_header?(request, :origin)
+
+      # OPTIONS requests are a 'preflight' request
+      if request.request_method == 'OPTIONS'
+        return preflight_response(request)
+      end
+
+      # The actual request following a preflight should
+      # set some extra headers
+      return postflight_response(request)
+    end
+
+    private
+
+    def subdomain(host)
+      host.split(/\./)[-2..-1]
+    end
+
+    def origin_allowed?(request)
+      subdomain(URI.parse(header(request, :origin)).host) == subdomain(request.host)
+    end
+
+    def actual_response(request)
+      @app.call(request.env)
+    end
+
+    def postflight_response(request)
+      status, headers, body = actual_response(request)
+
+      if origin_allowed?(request)
+        headers.update(
+          'Access-Control-Allow-Origin' => header(request, :origin),
+          'Access-Control-Allow-Credentials' => 'true'
+        )
+      end
+
+      return [ status, headers, body ]
+    end
+
+    def preflight_response(request)
+      [
+        200,
+        origin_allowed?(request)  ?  {
+          'Access-Control-Allow-Methods' => 'GET, POST, PUT, DELETE, OPTIONS',
+          'Access-Control-Allow-Headers' => header(request, :access_control_request_headers),
+          'Access-Control-Allow-Origin' => header(request, :origin),
+          'Access-Control-Allow-Credentials' => 'true'
+        } : {},
+        ['']
+      ]
+    end
+
+    def header(request, name)
+      request.get_header("HTTP_#{name.to_s.upcase}")
+    end
+
+    def has_header?(request, name)
+      request.has_header?("HTTP_#{name.to_s.upcase}")
+    end
+  end
+end

data/lib/etna/describe_routes.rb

@@ -0,0 +1,31 @@
+module Etna
+  class DescribeRoutes
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      request = Rack::Request.new(env)
+
+      return @app.call(env) unless request.request_method == 'OPTIONS' && request.path == '/'
+
+      return [ 200, { 'Content-Type' => 'application/json' }, [ route_json ] ]
+    end
+
+    private
+
+    def route_json
+      server.routes.map do |route|
+        route.to_hash
+      end.to_json
+    end
+
+    def application
+      @application ||= Etna::Application.instance
+    end
+
+    def server
+      @server ||= application.class.const_get(:Server)
+    end
+  end
+end

data/lib/etna/errors.rb

@@ -0,0 +1,37 @@
+require 'logger'
+
+module Etna
+  class Error < StandardError
+    attr_reader :level, :status
+    def initialize(msg = 'The application had an error', status=500)
+      super(msg)
+      @level = Logger::WARN
+      @status = status
+    end
+  end
+
+  class Forbidden < Etna::Error
+    def initialize(msg = 'Action not permitted', status = 403)
+      super
+    end
+  end
+
+  class Unauthorized < Etna::Error
+    def initialize(msg = 'Unauthorized request', status = 401)
+      super
+    end
+  end
+
+  class BadRequest < Etna::Error
+    def initialize(msg = 'Client error', status = 422)
+      super
+    end
+  end
+
+  class ServerError < Etna::Error
+    def initialize(msg = 'Server error', status = 500)
+      super
+      @level = Logger::ERROR
+    end
+  end
+end

data/lib/etna/ext.rb

@@ -0,0 +1,13 @@
+class String
+  def snake_case
+    return downcase if match(/\A[A-Z]+\z/)
+    gsub(/([A-Z]+)([A-Z][a-z])/, '\1_\2').
+    gsub(/([a-z])([A-Z])/, '\1_\2').
+    downcase
+  end
+
+  def camel_case
+    return self if self !~ /_/ && self =~ /[A-Z]+.*/
+    split('_').map{|e| e.capitalize}.join
+  end
+end