faraday_middleware-escher 0.2.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e5baa8d8b8657adbefc20cd4ea7f580589d25be4
-  data.tar.gz: 2fc9ae873439e82ff218edd1a6b57c0490cdf1bb
+  metadata.gz: 309400c40fea573a439eb25d11507914f2647b40
+  data.tar.gz: 613bb193f0e441cb8a57a30ad58591fca1fa4497
 SHA512:
-  metadata.gz: 148dfca784d915c177d7f1f6c70c4a16fb967c0c05c4d2584a504390deff9dfa7f4fda15aa2a30fa1440ad91f787103f22075ec3d358e5fecea3b53acaefd6c1
-  data.tar.gz: 6c303e8fb87111d00ba302d2437dbf728ffccfd3d73eeaf0e4f0041e6d8c642d95e3a18744ebedbeb6d155664c79edbfad9b354b31370e0f0f81856d833f4f3a
+  metadata.gz: e0413f1b8ac0506c3565263967b74c32653d9a637bed589deb0f15bac9aa2db53e3738ce751fa4e07267f542cac7f4ddcb6a0aa57da2baa1f99f9281e9e13689
+  data.tar.gz: 62872e747ddb40fc8df37fb2a686c8c44d9495cd9e40dae3a6b527f3e51fcc9ad6ffa1d4a1c357bc3a1956969854a9b8b401c0d7bc3a48c3f24a59bb424a02b8

data/README.md

@@ -1,4 +1,4 @@
-# FaradayMiddleware::Escher
+# FaradayMiddleware for Escher secure authorization 
 
 escher sign and validation for faraday http rest client
 
@@ -23,25 +23,73 @@ Or install it yourself as:
 The FaradayMiddleware::Escher::RequestSigner will help you sign your requests before sending them
 
 ```ruby
-
- 
-    require 'faraday_middleware/escher'
-    conn = Faraday.new do |builder|
-    
-      builder.use Faraday::Middleware::Escher::RequestSigner, credential_scope: 'example/credential/scope'  do
-                    {api_key_id: 'EscherExample', api_secret: 'TheBeginningOfABeautifulFriendship'}
-                  end
     
-      builder.adapter  :net_http
-    
-    end
+require 'faraday_middleware/escher'
+
+conn = Faraday.new do |builder|
+
+  builder.use FaradayMiddleware::Escher::RequestSigner,
+              credential_scope: CredentialScope,
+              options: AuthOptions,
+              active_key: -> { Escher::Keypool.new.get_active_key('EscherExample') }
+
+  builder.adapter :net_http
+
+
+end
 
 ```
 
 
 ### Response Validator 
 
-coming soon! @wip
+The FaradayMiddleware::Escher::ResponseValidator will help you authenticate responses on receiving
+
+```ruby
+    
+require 'faraday_middleware/escher'
+
+conn = Faraday.new do |builder|
+
+  builder.use FaradayMiddleware::Escher::ResponseValidator,
+              credential_scope: CredentialScope,
+              options: AuthOptions,
+              keydb_constructor: -> { Escher::Keypool.new.get_key_db }
+
+  builder.adapter :net_http
+
+
+end
+
+```
+
+### You can mix the two in one case
+
+Who loves Man in the Middle? 
+If you not, this is your setup!
+
+```ruby
+
+require 'faraday_middleware/escher'
+
+conn = Faraday.new do |builder|
+
+  builder.use FaradayMiddleware::Escher::RequestSigner,
+              credential_scope: CredentialScope,
+              options: AuthOptions,
+              active_key: -> { Escher::Keypool.new.get_active_key('EscherExample') }
+
+  builder.use FaradayMiddleware::Escher::ResponseValidator,
+              credential_scope: CredentialScope,
+              options: AuthOptions,
+              keydb_constructor: -> { Escher::Keypool.new.get_key_db }
+
+  builder.adapter :net_http
+
+
+end
+
+```
 
 ## Contributing
 

data/Rakefile

@@ -1,2 +1,5 @@
 require "bundler/gem_tasks"
 
+task :spec do
+  puts `bundle exec rspec`
+end

data/VERSION

@@ -1 +1 @@
-0.2.0
+0.3.1

data/faraday_middleware-escher.gemspec

@@ -20,6 +20,10 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency('rspec')
   spec.add_development_dependency('webmock')
 
+  spec.add_development_dependency('rack')
+  spec.add_development_dependency('escher-keypool')
+  spec.add_development_dependency('escher-rack_middleware')
+
   spec.add_dependency('faraday')
   spec.add_dependency('escher')
 

data/lib/faraday/middleware/escher/base.rb

@@ -1,14 +1,14 @@
 require 'socket'
+require 'faraday/middleware/escher'
 class Faraday::Middleware::Escher::Base < Faraday::Middleware
 
-  def initialize(app,options={},&escher_keydb_constructor)
+  def initialize(app,options={})
 
     super(app)
     @host = options[:host] || Socket.gethostname
 
     @escher_options = options[:options] || {}
     @escher_credential_scope = options[:credential_scope] || raise(ArgumentError,'missing escher credential scope!')
-    @escher_keydb_constructor = escher_keydb_constructor || raise(ArgumentError,'missing escher constructor')
 
   end
 

data/lib/faraday/middleware/escher/request_signer.rb

@@ -1,14 +1,26 @@
+require 'faraday/middleware/escher'
 class Faraday::Middleware::Escher::RequestSigner < Faraday::Middleware::Escher::Base
 
+  def initialize(app,options={},&active_key)
+
+    super(app,options)
+
+    active_key_cons = active_key || options[:active_key] || options[:key]
+    raise('Escher active key constructor must be a lambda/block') unless active_key_cons.is_a?(Proc)
+    @escher_active_key_constructor = active_key_cons
+
+  end
+
   def call(env)
 
     escher = ::Escher::Auth.new(@escher_credential_scope, @escher_options)
 
     uri_path = env[:url].path
     endpoint = uri_path.empty? ? '/' : uri_path
+    endpoint_with_query = [endpoint,env[:url].query].join('?')
 
     request_data = {
-        uri: endpoint,
+        uri: endpoint_with_query,
         method: env[:method].to_s.upcase,
         headers: env[:request_headers].map{|k,v| [k,v] }.push(['host',@host])
     }
@@ -17,7 +29,7 @@ class Faraday::Middleware::Escher::RequestSigner < Faraday::Middleware::Escher::
 
     escher.sign!(
         request_data,
-        @escher_keydb_constructor.call,
+        @escher_active_key_constructor.call,
         request_data[:headers].map{|ary| ary[0] }
     )
 

data/lib/faraday/middleware/escher/response_validator.rb

@@ -1,2 +1,40 @@
-class Faraday::Middleware::Escher::ResponseValidator
+require 'faraday/middleware/escher'
+class Faraday::Middleware::Escher::ResponseValidator < Faraday::Middleware::Escher::Base
+
+  def initialize(app,options={},&keydb_as_block)
+
+    super(app,options)
+
+    keydb_constructor = keydb_as_block || options[:keydb_constructor] || options[:keydb]
+    raise('Key DB constuctor must be a lambda/block') unless keydb_constructor.is_a?(Proc)
+    @escher_active_key_constructor = keydb_constructor
+
+  end
+
+  def call(request_env)
+    @app.call(request_env).on_complete do |env_on_response|
+      authenticate_env!(env_on_response)
+    end
+  end
+
+  protected
+
+  def authenticate_env!(env_on_response)
+
+    escher = ::Escher::Auth.new(@escher_credential_scope, @escher_options)
+
+    url_path = env_on_response[:url].path
+    url_path = '/' if url_path.empty?
+
+    escher_hash_env = {
+        uri: url_path,
+        method: env_on_response[:method].to_s.upcase,
+        headers: env_on_response[:response_headers].map{|k,v| [k,v] }
+    }
+
+    escher_hash_env[:body] = env_on_response[:body] if env_on_response[:body]
+    escher.authenticate(escher_hash_env,@escher_active_key_constructor.call)
+
+  end
+
 end

data/lib/faraday/middleware/escher.rb

@@ -1,6 +1,7 @@
 require 'escher'
 require 'faraday'
 require 'faraday/middleware'
+require 'faraday_middleware/escher'
 module Faraday::Middleware::Escher
   require 'faraday/middleware/escher/base'
   require 'faraday/middleware/escher/request_signer'

data/lib/faraday_middleware/escher.rb

@@ -1,6 +1,4 @@
 #backwardCompatibility
-require 'faraday/middleware/escher'
-
 begin
   require 'faraday_middleware'
 rescue LoadError
@@ -11,4 +9,5 @@ unless defined?(FaradayMiddleware)
   end
 end
 
+require 'faraday/middleware/escher'
 FaradayMiddleware::Escher ||= ::Faraday::Middleware::Escher

data/prototype/client.rb

@@ -0,0 +1,33 @@
+$LOAD_PATH.unshift(File.absolute_path(File.join(__dir__, '..', 'lib')))
+
+require_relative 'credentials'
+
+require 'faraday_middleware/escher'
+
+conn = Faraday.new do |builder|
+
+  builder.use FaradayMiddleware::Escher::RequestSigner,
+              credential_scope: CredentialScope,
+              options: AuthOptions,
+              active_key: -> { Escher::Keypool.new.get_active_key('EscherExample') }
+
+  # builder.use FaradayMiddleware::Escher::ResponseValidator,
+  #             credential_scope: CredentialScope,
+  #             options: AuthOptions,
+  #             keydb_constructor: -> { Escher::Keypool.new.get_key_db }
+
+  builder.adapter :net_http
+
+
+end
+
+require 'json'
+
+puts "\nResponse:",
+     conn.get { |r|
+       r.url('http://localhost:9292')
+       r.body='{ "name": "Unagi" }'
+       r.headers['X-Origin'] = JSON.generate(sender: 'cat', host: 'suite42')
+       r.params['kutya1']= 'cica1'
+       r.params['kutya2']= 'cica2'
+     }.body.inspect

data/prototype/config.ru

@@ -0,0 +1,78 @@
+require_relative 'credentials'
+
+require 'rack'
+require 'escher/rack_middleware'
+Escher::RackMiddleware.config do |c|
+  c.add_escher_authenticator { Escher::Auth.new(CredentialScope, AuthOptions) }
+  c.add_credential_updater { Escher::Keypool.new.get_key_db }
+end
+
+require 'socket'
+class YourAwesomeApp
+
+  def call(env)
+
+    response = Rack::Response.new
+    response_payload = 'OK'
+
+    escher = ::Escher::Auth.new(CredentialScope, AuthOptions)
+
+    request_data = {
+
+        uri: '/',
+        method: 'GET',
+        headers: [['host',Socket.gethostname]],
+        body: response_payload
+
+    }
+
+    escher.sign!(
+        request_data,
+        Escher::Keypool.new.get_active_key( env['escher.request.api_key_id'] ),
+        response.headers.map { |k, _| k }
+    )
+
+    request_data[:headers].each do |key,value|
+      response.headers[key]=value
+    end
+
+    response.headers['kutya']='cica'
+
+    response.write response_payload
+    response.status = 200
+    response.finish
+
+  end
+
+end
+
+require 'yaml'
+class EscherResponseSigner
+
+  def initialize(app,options={})
+    @app = app
+
+
+  end
+
+  def call(env)
+    rstatus,rheaders,rbody = @app.call(env)
+    response = Rack::Response.new(rbody,rstatus,rheaders)
+
+    <<-YAML
+
+    YAML
+
+    puts YAML.dump response
+    # puts YAML.dump response
+
+
+    response
+  end
+
+end
+
+use EscherResponseSigner
+use Escher::RackMiddleware
+
+run YourAwesomeApp.new

data/prototype/credentials.rb

@@ -0,0 +1,8 @@
+require 'escher-keypool'
+
+ENV['KEY_POOL'] = '[{"keyId":"EscherExample","secret":"TheBeginningOfABeautifulFriendship","acceptOnly":0}]'
+ENV['ESCHEREXAMPLE_KEYID'] = 'EscherExample'
+
+CredentialScope = 'example/credential/scope'
+AuthOptions = {}
+ESCHER_KEY = {api_key_id: 'EscherExample', api_secret: 'TheBeginningOfABeautifulFriendship'}

data/spec/escher/base_spec.rb

@@ -14,10 +14,7 @@ describe FaradayMiddleware::Escher::Base do
     }
   }
 
-  let(:key_db){{api_key_id: 'EscherExample', api_secret: 'TheBeginningOfABeautifulFriendship'}}
-
-
-  subject{ self.described_class.new(app,options) {key_db} }
+  subject{ self.described_class.new(app,options) }
 
   before do
     allow(Socket).to receive(:gethostname).and_return(host)

data/spec/escher/request_signer_spec.rb

@@ -2,6 +2,8 @@ require_relative '../spec_helper'
 describe Faraday::Middleware::Escher::RequestSigner do
   describe 'this is a faraday middleware witch instance will response to call method' do
 
+    let(:key_db){{api_key_id: 'EscherExample', api_secret: 'TheBeginningOfABeautifulFriendship'}}
+
     let(:api_key) { 'superKey' }
     let(:api_secret) { 'superSecret' }
     let(:host) { 'localhost' }
@@ -9,8 +11,13 @@ describe Faraday::Middleware::Escher::RequestSigner do
     let(:target_url) { "http://api-with-escher.example.com" }
     let(:stubs) { Faraday::Adapter::Test::Stubs.new }
 
-    let(:request_expectations){ -> env {} }
-    let(:response_expectations){ -> env {} }
+    let(:request_expectations){ -> env { @request_env = env } }
+    let(:response_expectations){ -> env { @response_env = env } }
+
+    before do
+      @request_env = nil
+      @response_env = nil
+    end
 
     subject do
 
@@ -35,16 +42,6 @@ describe Faraday::Middleware::Escher::RequestSigner do
 
     describe '#call' do
 
-      before do
-        @env = nil
-      end
-
-      let(:request_expectations) do
-        -> env do
-          @request_env = env
-        end
-      end
-
       it 'should insert escher request headers for the call' do
 
         expect( subject.get(target_url).status ).to eq 200

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: faraday_middleware-escher
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Adam Luzsi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-01 00:00:00.000000000 Z
+date: 2015-07-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -66,6 +66,48 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: escher-keypool
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: escher-rack_middleware
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
@@ -114,6 +156,9 @@ files:
 - lib/faraday/middleware/escher/request_signer.rb
 - lib/faraday/middleware/escher/response_validator.rb
 - lib/faraday_middleware/escher.rb
+- prototype/client.rb
+- prototype/config.ru
+- prototype/credentials.rb
 - spec/escher/base_spec.rb
 - spec/escher/request_signer_spec.rb
 - spec/spec_helper.rb
@@ -145,3 +190,4 @@ test_files:
 - spec/escher/base_spec.rb
 - spec/escher/request_signer_spec.rb
 - spec/spec_helper.rb
+has_rdoc: