eventush 0.1.0

data/app/services/barong/management_api_v2/client.rb

@@ -0,0 +1,33 @@
+module Barong
+  module ManagementAPIV2
+    class Client < ::ManagementAPIV2::Client
+      def initialize(*)
+        super ENV.fetch('BARONG_URL'), Rails.configuration.x.barong_management_api_v2_configuration
+      end
+
+      def otp_sign(request_params = {})
+        self.action = :otp_sign
+        params = request_params.slice(:user_uid, :otp_code, :jwt)
+        request(:post, 'otp/sign', params)
+      end
+
+      def get_user_info(request_params={})
+        self.action = :read_users
+        params = request_params.slice(:uid, :extended, :jwt)
+        request(:post, "users/get", params)
+      end
+
+      def update_label(request_params = {})
+        self.action = :write_labels
+        params = request_params.slice(:user_uid, :key, :value, :jwt, :replace)
+        request(:put, 'labels', params)
+      end
+
+      def create_label(request_params = {})
+        self.action = :write_labels
+        params = request_params.slice(:user_uid, :key, :value, :jwt)
+        request(:post, 'labels', params)
+      end
+    end
+  end
+end

data/app/services/event_api_listener.rb

@@ -0,0 +1,120 @@
+# frozen_string_literal: true
+
+require 'bunny'
+
+class EventAPIListener
+  def initialize(application, event_category, event_name)
+    @application    = application
+    @event_category = event_category
+    @event_name     = event_name
+    Kernel.at_exit { unlisten }
+  end
+
+  def call
+    consumer # Eager load consumer to early detect errors.
+    listen
+  end
+
+  private
+
+  def event_api_jwt_env(suffix)
+    ENV["#{@application.upcase}_EVENT_API_JWT_#{suffix}"]
+  end
+
+  def event_api_jwt_env_to_int(suffix)
+    event_api_jwt_env(suffix).to_s.squish.yield_self { |n| n.to_i if n.present? }
+  end
+
+  def listen
+    unlisten
+    @bunny_session = Bunny::Session.new(rabbitmq_credentials).tap(&:start)
+    @bunny_channel = @bunny_session.channel
+    exchange_name = [@application, 'events', @event_category].join('.')
+    exchange      = @bunny_channel.direct(exchange_name)
+    queue         = @bunny_channel.queue('', auto_delete: true, durable: true)
+                                  .bind(exchange, routing_key: @event_name)
+    Rails.logger.info { "Listening for #{exchange_name}.#{@event_name}." }
+    queue.subscribe(block: true, &method(:handle_message))
+  end
+
+  def unlisten
+    Rails.logger.info { 'No longer listening for events.' } if @bunny_session || @bunny_channel
+    @bunny_channel&.work_pool&.kill
+    @bunny_session&.stop
+  ensure
+    @bunny_channel = nil
+    @bunny_session = nil
+  end
+
+  def jwt_public_key
+    pem = Base64.urlsafe_decode64(event_api_jwt_env('PUBLIC_KEY'))
+    OpenSSL::PKey.read(pem)
+  end
+
+  def token_verification_options
+    # We set option only if it is not blank.
+    { verify_jti: true,
+      iss:        event_api_jwt_env('ISSUER').to_s.squish.presence,
+      verify_iss: event_api_jwt_env('ISSUER').present?,
+      aud:        event_api_jwt_env('AUDIENCE').to_s.squish.presence,
+      verify_aud: event_api_jwt_env('AUDIENCE').present?,
+      sub:        event_api_jwt_env('SUBJECT'),
+      verify_sub: event_api_jwt_env('SUBJECT').present? }
+  end
+
+  def algorithm_verification_options
+    { algorithms: [ENV.fetch("#{@application.upcase}_EVENT_API_JWT_ALGORITHM")] }
+  end
+
+  def timing_verification_options
+    { verify_expiration: true, verify_not_before: true, verify_iat: true,
+      leeway:     event_api_jwt_env_to_int('DEFAULT_LEEWAY'),
+      iat_leeway: event_api_jwt_env_to_int('ISSUED_AT_LEEWAY'),
+      exp_leeway: event_api_jwt_env_to_int('EXPIRATION_LEEWAY'),
+      nbf_leeway: event_api_jwt_env_to_int('NOT_BEFORE_LEEWAY') }
+  end
+
+  def rabbitmq_credentials
+    @application.upcase.yield_self do |_app|
+      if ENV['EVENT_API_RABBITMQ_URL'].present?
+        ENV['EVENT_API_RABBITMQ_URL']
+      else
+        { host:     ENV.fetch('EVENT_API_RABBITMQ_HOST'),
+          port:     ENV.fetch('EVENT_API_RABBITMQ_PORT'),
+          username: ENV.fetch('EVENT_API_RABBITMQ_USERNAME'),
+          password: ENV.fetch('EVENT_API_RABBITMQ_PASSWORD') }
+      end
+    end
+  end
+
+  def handle_message(_delivery_info, _metadata, payload)
+    result = verify_jwt(payload)
+
+    raise "Failed to verify signature from #{@application}." \
+      unless result[:verified].include?(@application.to_sym)
+    consumer.call(result[:payload].fetch(:event))
+  rescue StandardError => e
+    Rails.logger.error { e.inspect }
+  end
+
+  def consumer
+    [@application, @event_category, @event_name.tr('.', '_') + '_consumer']
+      .map { |x| x.tr('.', '_') }
+      .join('/')
+      .camelize
+      .constantize
+  end
+
+  def verify_jwt(payload)
+    options = token_verification_options.merge(timing_verification_options)
+                                        .merge(algorithm_verification_options)
+    JWT::Multisig.verify_jwt JSON.parse(payload), { @application.to_sym => jwt_public_key },
+                             options.compact
+  end
+
+  class << self
+    def call(*args)
+      new(*args).call
+    end
+  end
+end

data/app/services/management_api_v2/client.rb

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+require 'securerandom'
+
+module ManagementAPIV2
+  class Client
+
+    attr_reader :action
+
+    def initialize(root_url, security_configuration)
+      @root_api_url = root_url
+      @security_configuration = security_configuration
+    end
+
+    def request(request_method, request_path, request_parameters, options = {})
+      options = { jwt: false }.merge(options)
+      raise ArgumentError, "Request method is not supported: #{request_method.inspect}." unless request_method.in?(%i[post put])
+
+      request_parameters = generate_jwt(payload(request_parameters)) unless options[:jwt]
+
+      begin
+        http_client
+          .public_send(request_method, build_path(request_path), request_parameters)
+          .tap { |response| raise ManagementAPIV2::Exception.new(response) unless response.success? }
+          .body
+          .symbolize_keys
+
+      rescue Faraday::Error => e
+        raise ManagementAPIV2::Exception.new
+      end
+    end
+
+    def build_path(path)
+      "api/v2/management/#{path}"
+    end
+
+    def http_client
+      Faraday.new(url: @root_api_url) do |conn|
+        conn.request :json
+        conn.response :json
+        conn.adapter Faraday.default_adapter
+      end
+    end
+
+    def keychain(field)
+      {}.tap do |h|
+        @security_configuration[:keychain].each do |id, key|
+          next unless action
+          next unless id.in?(action[:required_signatures])
+          h[id] = key[field]
+        end
+      end
+    end
+
+    def payload(data = {})
+      {
+        data: data,
+        iat:  Time.now.to_i,
+        exp:  Time.now.to_i + ENV.fetch('JWT_EXPIRE_DATE', 60).to_i,
+        jti:  SecureRandom.hex(12),
+        iss:  'applogic'
+      }
+    end
+
+    def generate_jwt(payload)
+      JWT::Multisig.generate_jwt(payload, keychain(:value), keychain(:algorithm))
+    end
+
+    def action=(value)
+      @action = @security_configuration[:actions].fetch(value)
+    end
+  end
+end

data/app/services/management_api_v2/exception.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module ManagementAPIV2
+  class Exception < StandardError
+    attr_accessor :status
+
+    def initialize(response_or_ex="External services error")
+      @status = 503
+      if response_or_ex.respond_to?(:body)
+        @status = 422
+        body = response_or_ex.body || {}
+
+        if body.fetch("error", false)
+          super body.fetch("error")
+        elsif body.fetch("errors", false)
+          super Array(body.fetch("errors")).first
+        else
+          super response_or_ex.body
+        end
+      else
+        super response_or_ex
+      end
+    end
+  end
+end

data/app/services/peatio/management_api_v2/client.rb

@@ -0,0 +1,27 @@
+module Peatio
+  module ManagementAPIV2
+    class Client < ::ManagementAPIV2::Client
+      def initialize(*)
+        super ENV.fetch('PEATIO_URL'), Rails.configuration.x.peatio_management_api_v2_configuration
+      end
+
+      def create_transfer(request_params={})
+        self.action = :write_transfers
+        params = request_params.slice(:key, :category, :description, :operations)
+        request(:post, "transfers/new", params, {})
+      end
+
+      def balance(request_params={})
+        self.action = :read_accounts
+        params = request_params.slice(:uid, :currency)
+        request(:post, "/accounts/balance", params, {})
+      end
+
+      def currency(request_params={})
+        self.action = :read_currencies
+        params = request_params.slice(:code)
+        request(:post, "/currencies/#{params[:code]}", {})
+      end
+    end
+  end
+end

data/config/initializers/active_model.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+Module.new do
+  def api_messages
+    map do |attr, err|
+      if err.start_with?("_")
+        [attr, err]
+      else
+        [err, attr]
+      end.join
+    end
+  end
+end.tap { |m| ActiveSupport.on_load(:active_record) { ActiveModel::Errors.include(m) } }

data/config/initializers/api_pagination.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require "api-pagination"
+require "pagy/countless"
+require "pagy/extras/overflow"
+
+ApiPagination.configure do |config|
+  # If you have more than one gem included, you can choose a paginator.
+  config.paginator = :pagy # or :will_ApiPagination.paginate
+
+  # By default, this is set to 'Total'
+  # config.total_header = 'X-Total'
+
+  # By default, this is set to 'Per-Page'
+  # config.per_page_header = 'X-Per-Page'
+
+  # Optional: set this to add a header with the current page number.
+  config.page_header = "Page"
+
+  # Optional: set this to add other response format. Useful with tools that define :jsonapi format
+  # config.response_formats = [:json, :xml, :jsonapi]
+
+  # Optional: what parameter should be used to set the page option
+  config.page_param = :page
+
+  # Optional: what parameter should be used to set the per page option
+  config.per_page_param = :limit
+
+  # Optional: Include the total and last_page link header
+  # By default, this is set to true
+  # Note: When using kaminari, this prevents the count call to the database
+  # config.include_total = false
+end

data/config/initializers/inflections.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+ActiveSupport::Inflector.inflections(:en) do |inflect|
+  inflect.acronym "API"
+  inflect.acronym "JWT"
+end

data/config/routes.rb

@@ -0,0 +1,12 @@
+Rails.application.routes.draw do
+  scope module: 'event' do
+    namespace :api do
+      namespace :v2 do
+        namespace :admin do
+          get '/events/history', to: 'events#history'
+          resources :events, only: %i[index show create update]
+        end
+      end
+    end
+  end
+end

data/db/migrate/20200825103859_create_events.rb

@@ -0,0 +1,24 @@
+class CreateEvents < ActiveRecord::Migration[6.0]
+  def change
+    create_table "events", options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+      t.string  :name,          null: false
+      t.string  :trigger_key,   null: false
+      t.string  :trigger_value, null: false
+      t.decimal :amount,        null: false
+      t.string  :currency_id,   null: false
+      t.integer :state,         null: false
+      t.string  :creator_uid,   null: false
+      t.string  :description
+
+      t.timestamps
+    end
+
+    create_table "event_participants", options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+      t.references  :event,         null: false
+      t.string      :uid,           null: false
+      t.string      :transfer_keys, limit: 1000
+
+      t.timestamps
+    end
+  end
+end

data/lib/event.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "event/engine"
+
+require "peatio"
+require "ransack"
+require "rails/pagination"
+require "jwt-multisig"
+
+module Event end

data/lib/event/engine.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Event
+  class Engine < ::Rails::Engine
+    isolate_namespace Event
+
+    config.generators do |generators|
+      generators.test_framework :rspec
+      generators.fixture_replacement :factory_bot
+      generators.factory_bot dir: "spec/factories"
+    end
+
+    initializer "metadata.factories", after: "factory_bot.set_factory_paths" do
+      FactoryBot.definition_file_paths << File.expand_path("../../spec/factories", __dir__) if defined?(FactoryBot)
+    end
+  end
+end

data/lib/event/version.rb

@@ -0,0 +1,3 @@
+module Event
+  VERSION = '0.1.0'
+end

data/lib/tasks/auto_annotate_models.rake

@@ -0,0 +1,59 @@
+# NOTE: only doing this in development as some production environments (Heroku)
+# NOTE: are sensitive to local FS writes, and besides -- it's just not proper
+# NOTE: to have a dev-mode tool do its thing in production.
+if Rails.env.development?
+  require 'annotate'
+  task :set_annotation_options do
+    # You can override any of these by setting an environment variable of the
+    # same name.
+    Annotate.set_defaults(
+      'active_admin'                => 'false',
+      'additional_file_patterns'    => [],
+      'routes'                      => 'false',
+      'models'                      => 'true',
+      'position_in_routes'          => 'after',
+      'position_in_class'           => 'after',
+      'position_in_test'            => 'after',
+      'position_in_fixture'         => 'after',
+      'position_in_factory'         => 'after',
+      'position_in_serializer'      => 'after',
+      'show_foreign_keys'           => 'true',
+      'show_complete_foreign_keys'  => 'false',
+      'show_indexes'                => 'true',
+      'simple_indexes'              => 'false',
+      'model_dir'                   => 'app/models',
+      'root_dir'                    => '',
+      'include_version'             => 'false',
+      'require'                     => '',
+      'exclude_tests'               => 'false',
+      'exclude_fixtures'            => 'false',
+      'exclude_factories'           => 'false',
+      'exclude_serializers'         => 'false',
+      'exclude_scaffolds'           => 'true',
+      'exclude_controllers'         => 'true',
+      'exclude_helpers'             => 'true',
+      'exclude_sti_subclasses'      => 'false',
+      'ignore_model_sub_dir'        => 'false',
+      'ignore_columns'              => nil,
+      'ignore_routes'               => nil,
+      'ignore_unknown_models'       => 'false',
+      'hide_limit_column_types'     => 'integer,bigint,boolean',
+      'hide_default_column_types'   => 'json,jsonb,hstore',
+      'skip_on_db_migrate'          => 'false',
+      'format_bare'                 => 'true',
+      'format_rdoc'                 => 'false',
+      'format_yard'                 => 'false',
+      'format_markdown'             => 'false',
+      'sort'                        => 'false',
+      'force'                       => 'false',
+      'frozen'                      => 'false',
+      'classified_sort'             => 'true',
+      'trace'                       => 'false',
+      'wrapper_open'                => nil,
+      'wrapper_close'               => nil,
+      'with_comment'                => 'true'
+    )
+  end
+
+  Annotate.load_tasks
+end