finapps 2.0.24 → 2.0.25
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/core_extensions/string/json_to_hash.rb +10 -0
- data/lib/finapps/middleware/middleware.rb +3 -0
- data/lib/finapps/middleware/response/custom_logger.rb +54 -0
- data/lib/finapps/middleware/response/raise_error.rb +1 -7
- data/lib/finapps/rest/connection.rb +1 -1
- data/lib/finapps/rest/resources.rb +2 -1
- data/lib/finapps/utils/parameter_filter.rb +31 -0
- data/lib/finapps/version.rb +1 -1
- data/lib/finapps.rb +3 -0
- data/spec/utils/parameter_filter_spec.rb +23 -0
- metadata +7 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dc5c86dcbace8459aab80bd8bdeb80944243b4f3
|
4
|
+
data.tar.gz: 3522a70ae623fa2956b06d5c9324dd1bca9dd9ac
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fa70bf1edce8053dbe6f51a1616852b984179ff058a2bfb59fa5fbf6ec3339a082860968072fcd5b834b6ef7fda572359aabaca94b9a7daa83686e669d4833c2
|
7
|
+
data.tar.gz: 4406b0fd8ef1fa2e9ef0ef08b2216ecd4206f3a1ce710e0e5a9af3afb042773978f48f752d68c073299a9caf4e83e90092adb1d66c9fff4507b1d7b807efccae
|
@@ -6,12 +6,15 @@ module FinApps
|
|
6
6
|
autoload :AcceptJson, 'finapps/middleware/request/accept_json'
|
7
7
|
autoload :UserAgent, 'finapps/middleware/request/user_agent'
|
8
8
|
autoload :TenantAuthentication, 'finapps/middleware/request/tenant_authentication'
|
9
|
+
autoload :CustomLogger, 'finapps/middleware/response/custom_logger'
|
9
10
|
|
10
11
|
if Faraday::Middleware.respond_to? :register_middleware
|
11
12
|
Faraday::Request.register_middleware \
|
12
13
|
accept_json: -> { AcceptJson },
|
13
14
|
user_agent: -> { UserAgent },
|
14
15
|
tenant_authentication: -> { TenantAuthentication }
|
16
|
+
Faraday::Response.register_middleware \
|
17
|
+
custom_logger: -> { CustomLogger }
|
15
18
|
end
|
16
19
|
end
|
17
20
|
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
module FinApps
|
3
|
+
module Middleware
|
4
|
+
class CustomLogger < Faraday::Response::Middleware
|
5
|
+
extend Forwardable
|
6
|
+
include FinApps::Utils::ParameterFilter
|
7
|
+
|
8
|
+
DEFAULT_OPTIONS = {bodies: false}.freeze
|
9
|
+
|
10
|
+
def initialize(app, logger=nil, options={})
|
11
|
+
super(app)
|
12
|
+
@logger = logger || begin
|
13
|
+
require 'logger'
|
14
|
+
::Logger.new(STDOUT)
|
15
|
+
end
|
16
|
+
@options = DEFAULT_OPTIONS.merge(options)
|
17
|
+
end
|
18
|
+
|
19
|
+
def_delegators :@logger, :debug, :info, :warn, :error, :fatal
|
20
|
+
|
21
|
+
def call(env)
|
22
|
+
info "##{__method__} => ##{env.method} #{env.url}"
|
23
|
+
debug "##{__method__} => Request Headers: #{dump_headers env.request_headers}"
|
24
|
+
|
25
|
+
super
|
26
|
+
end
|
27
|
+
|
28
|
+
def on_complete(env)
|
29
|
+
info "##{__method__} => ##{env.method} #{env.url}"
|
30
|
+
debug "##{__method__} => Response Headers: #{dump_headers env.response_headers}"
|
31
|
+
info "##{__method__} => Response Body: #{dump_body env.body}" if env.body
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
def dump_headers(headers)
|
37
|
+
headers.map {|k, v| " #{k}: #{filter_sensitive_header_values(k, v)}" }.to_s
|
38
|
+
end
|
39
|
+
|
40
|
+
def filter_sensitive_header_values(key, value)
|
41
|
+
case key
|
42
|
+
when 'X-FinApps-Token', 'Authorization'
|
43
|
+
'[REDACTED]'
|
44
|
+
else
|
45
|
+
value.inspect
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def dump_body(body)
|
50
|
+
skip_sensitive_data(body)
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
@@ -31,19 +31,13 @@ module FinApps
|
|
31
31
|
|
32
32
|
def error_messages(body)
|
33
33
|
return nil if body.blank?
|
34
|
-
body =
|
34
|
+
body = body.json_to_hash if body.is_a?(String)
|
35
35
|
has_message_key?(body) ? body['messages'] : nil
|
36
36
|
end
|
37
37
|
|
38
38
|
def has_message_key?(body)
|
39
39
|
body.respond_to?(:key?) && body.key?('messages')
|
40
40
|
end
|
41
|
-
|
42
|
-
def parse_string(body)
|
43
|
-
::JSON.parse(body)
|
44
|
-
rescue ::JSON::ParserError
|
45
|
-
# logger.error "##{__method__} => Unable to parse JSON response."
|
46
|
-
end
|
47
41
|
end
|
48
42
|
end
|
49
43
|
end
|
@@ -23,7 +23,7 @@ module FinApps
|
|
23
23
|
conn.use FinApps::Middleware::RaiseError
|
24
24
|
conn.response :rashify
|
25
25
|
conn.response :json, content_type: /\bjson$/
|
26
|
-
conn.response :
|
26
|
+
conn.response :custom_logger, logger, bodies: (ENV['SILENT_LOG_BODIES'] != 'true')
|
27
27
|
|
28
28
|
# Adapter (ensure that the adapter is always last.)
|
29
29
|
conn.adapter :typhoeus
|
@@ -2,6 +2,7 @@
|
|
2
2
|
module FinApps
|
3
3
|
module REST
|
4
4
|
class Resources # :nodoc:
|
5
|
+
include FinApps::Utils::ParameterFilter
|
5
6
|
require 'erb'
|
6
7
|
|
7
8
|
attr_reader :client
|
@@ -44,7 +45,7 @@ module FinApps
|
|
44
45
|
|
45
46
|
def request_with_body(path, method, params)
|
46
47
|
path = end_point if path.nil?
|
47
|
-
logger.debug "#{self.class.name}##{__method__} => path: #{path} params: #{params}"
|
48
|
+
logger.debug "#{self.class.name}##{__method__} => path: #{path} params: #{skip_sensitive_data(params)}"
|
48
49
|
|
49
50
|
client.send_request path, method, params
|
50
51
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
module FinApps
|
3
|
+
module Utils
|
4
|
+
module ParameterFilter
|
5
|
+
using StringExtensions
|
6
|
+
PROTECTED_KEYS = %w(login login1 username password password1 password_confirm token).freeze
|
7
|
+
|
8
|
+
def skip_sensitive_data(hash)
|
9
|
+
if hash.is_a? String
|
10
|
+
hash = hash.json_to_hash
|
11
|
+
end
|
12
|
+
if hash.is_a? Hash
|
13
|
+
filtered_hash = hash.clone
|
14
|
+
filtered_hash.each do |key, value|
|
15
|
+
if PROTECTED_KEYS.include? key.to_s.downcase
|
16
|
+
filtered_hash[key] = '[REDACTED]'
|
17
|
+
elsif value.is_a?(Hash)
|
18
|
+
filtered_hash[key] = skip_sensitive_data(value)
|
19
|
+
elsif value.is_a?(Array)
|
20
|
+
filtered_hash[key] = value.map {|v| v.is_a?(Hash) ? skip_sensitive_data(v) : v }
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
filtered_hash
|
25
|
+
else
|
26
|
+
hash
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
data/lib/finapps/version.rb
CHANGED
data/lib/finapps.rb
CHANGED
@@ -9,7 +9,10 @@ require 'typhoeus/adapters/faraday'
|
|
9
9
|
require 'core_extensions/hash/compact'
|
10
10
|
require 'core_extensions/object/blank'
|
11
11
|
require 'core_extensions/object/is_integer'
|
12
|
+
require 'core_extensions/string/json_to_hash'
|
13
|
+
|
12
14
|
require 'finapps/utils/loggeable'
|
15
|
+
require 'finapps/utils/parameter_filter'
|
13
16
|
require 'finapps/error'
|
14
17
|
|
15
18
|
require 'finapps/middleware/request/tenant_authentication'
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
class FakeClass
|
3
|
+
include ::FinApps::Utils::ParameterFilter
|
4
|
+
end
|
5
|
+
|
6
|
+
RSpec.describe FinApps::Utils::ParameterFilter do
|
7
|
+
describe '#skip_sensitive_data' do
|
8
|
+
context 'when provided with sensitive data' do
|
9
|
+
let(:unfiltered_params) do
|
10
|
+
{password: 'FinApps@123', password_confirm: 'FinApps@123', token: '123456',
|
11
|
+
login: 'sammysosa', username: 'johnny', name: 'george'}
|
12
|
+
end
|
13
|
+
let(:filtered_params) do
|
14
|
+
{password: '[REDACTED]', password_confirm: '[REDACTED]', token: '[REDACTED]',
|
15
|
+
login: '[REDACTED]', username: '[REDACTED]', name: 'george'}
|
16
|
+
end
|
17
|
+
|
18
|
+
it 'filters out sensitive values' do
|
19
|
+
expect(FakeClass.new.skip_sensitive_data(unfiltered_params)).to eq(filtered_params)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: finapps
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.25
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Erich Quintero
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-09-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: faraday
|
@@ -249,12 +249,14 @@ files:
|
|
249
249
|
- lib/core_extensions/hash/compact.rb
|
250
250
|
- lib/core_extensions/object/blank.rb
|
251
251
|
- lib/core_extensions/object/is_integer.rb
|
252
|
+
- lib/core_extensions/string/json_to_hash.rb
|
252
253
|
- lib/finapps.rb
|
253
254
|
- lib/finapps/error.rb
|
254
255
|
- lib/finapps/middleware/middleware.rb
|
255
256
|
- lib/finapps/middleware/request/accept_json.rb
|
256
257
|
- lib/finapps/middleware/request/tenant_authentication.rb
|
257
258
|
- lib/finapps/middleware/request/user_agent.rb
|
259
|
+
- lib/finapps/middleware/response/custom_logger.rb
|
258
260
|
- lib/finapps/middleware/response/raise_error.rb
|
259
261
|
- lib/finapps/rest/base_client.rb
|
260
262
|
- lib/finapps/rest/client.rb
|
@@ -273,6 +275,7 @@ files:
|
|
273
275
|
- lib/finapps/rest/user_institutions_statuses.rb
|
274
276
|
- lib/finapps/rest/users.rb
|
275
277
|
- lib/finapps/utils/loggeable.rb
|
278
|
+
- lib/finapps/utils/parameter_filter.rb
|
276
279
|
- lib/finapps/version.rb
|
277
280
|
- lib/tasks/releaser.rake
|
278
281
|
- spec/core_extensions/hash/compact_spec.rb
|
@@ -318,6 +321,7 @@ files:
|
|
318
321
|
- spec/support/fixtures/user_institution_status.json
|
319
322
|
- spec/support/fixtures/user_institutions_list.json
|
320
323
|
- spec/support/fixtures/user_institutions_show.json
|
324
|
+
- spec/utils/parameter_filter_spec.rb
|
321
325
|
homepage: https://github.com/finapps/ruby-client
|
322
326
|
licenses:
|
323
327
|
- MIT
|
@@ -356,6 +360,7 @@ test_files:
|
|
356
360
|
- spec/middleware/response/raise_error_spec.rb
|
357
361
|
- spec/core_extensions/hash/compact_spec.rb
|
358
362
|
- spec/core_extensions/object/is_integer_spec.rb
|
363
|
+
- spec/utils/parameter_filter_spec.rb
|
359
364
|
- spec/spec_helpers/client.rb
|
360
365
|
- spec/spec_helper.rb
|
361
366
|
- spec/rest/credentials_spec.rb
|