flipper-cloud 0.19.0 → 0.20.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ebdf8b29d3d86554ff8dbd738fd5db46e2dbcd0ba9d38dd49034e0f8edaf53df
-  data.tar.gz: fe909fb2d4f21488ff0ad6db407a3936bbb7ca7df0c37b039e75fe960e67f846
+  metadata.gz: d17e92045e80beb6c0c83aa2591b75585393d0e6e922b834379fcfa0f5dc9049
+  data.tar.gz: 6943dde37bab5cadf5e8e8a2db847aa6ddb0e310fd1b7bc9c5638835ae81cfe1
 SHA512:
-  metadata.gz: 04c191a3745be5f3155e38607d90d01fbd780581544cb57dc7b0e0a8d7363447e8ef73451f30fc44d68ba1948aff1be46c64dab8dbb7e990545a873d85522d1a
-  data.tar.gz: 8b5072a46b285d9240ee7d3b65f137acd6de37fb1c920cfe6f5f0f9fd794f7da73d36f8e407214a37825f3c60a519931c626d622c9136147ce5bbd6721883573
+  metadata.gz: cf7073018558fa53b8f7ada5d984b42066d0a5ae5cd81e343cd249cc2d1032ecd4c95a094c2f49027f1bf87de7ddc6c7f1a5804c5658d4700c09f0c0c7d74b8c
+  data.tar.gz: faa00d96aae37eff0559f88e8a913ff407526825b55eff2404c794b2a6aa7f1f9882d04022746468fc157c52f8cc4eafa2ffc500c11aaa213876b38d963d6cab

data/examples/cloud/app.ru

@@ -0,0 +1,17 @@
+# Usage (from the repo root):
+#   env FLIPPER_CLOUD_TOKEN=<token> FLIPPER_CLOUD_SYNC_SECRET=<secret> FLIPPER_CLOUD_SYNC_METHOD=webhook bundle exec rackup examples/ui/basic.ru -p 9999
+#   env FLIPPER_CLOUD_TOKEN=<token> FLIPPER_CLOUD_SYNC_SECRET=<secret> FLIPPER_CLOUD_SYNC_METHOD=webhook bundle exec shotgun examples/ui/basic.ru -p 9999
+#   http://localhost:9999/
+#   http://localhost:9999/webhooks
+
+require 'pathname'
+root_path = Pathname(__FILE__).dirname.join('..').expand_path
+lib_path  = root_path.join('lib')
+$:.unshift(lib_path)
+
+require 'flipper/cloud'
+Flipper.configure do |config|
+  config.default { Flipper::Cloud.new }
+end
+
+run Flipper::Cloud.app

data/lib/flipper/cloud.rb

@@ -1,5 +1,9 @@
 require "flipper"
+require "flipper/middleware/setup_env"
+require "flipper/middleware/memoizer"
 require "flipper/cloud/configuration"
+require "flipper/cloud/dsl"
+require "flipper/cloud/middleware"
 
 module Flipper
   module Cloud
@@ -10,10 +14,27 @@ module Flipper
     # options - The Hash of options. See Flipper::Cloud::Configuration.
     # block - The block that configuration will be yielded to allowing you to
     #         customize this cloud instance and its adapter.
-    def self.new(token, options = {})
-      configuration = Configuration.new(options.merge(token: token))
+    def self.new(token = nil, options = {})
+      options = options.merge(token: token) if token
+      configuration = Configuration.new(options)
       yield configuration if block_given?
-      Flipper.new(configuration.adapter, instrumenter: configuration.instrumenter)
+      DSL.new(configuration)
+    end
+
+    def self.app(flipper = nil, options = {})
+      env_key = options.fetch(:env_key, 'flipper')
+      memoizer_options = options.fetch(:memoizer_options, {})
+
+      app = ->(_) { [404, { 'Content-Type'.freeze => 'application/json'.freeze }, ['{}'.freeze]] }
+      builder = Rack::Builder.new
+      yield builder if block_given?
+      builder.use Flipper::Middleware::SetupEnv, flipper, env_key: env_key
+      builder.use Flipper::Middleware::Memoizer, memoizer_options.merge(env_key: env_key)
+      builder.use Flipper::Cloud::Middleware, env_key: env_key
+      builder.run app
+      klass = self
+      builder.define_singleton_method(:inspect) { klass.inspect } # pretty rake routes output
+      builder
     end
   end
 end

data/lib/flipper/cloud/configuration.rb

@@ -1,19 +1,22 @@
 require "flipper/adapters/http"
 require "flipper/adapters/memory"
+require "flipper/adapters/dual_write"
 require "flipper/adapters/sync"
 
 module Flipper
   module Cloud
     class Configuration
-      # The default url should be the one, the only, the website.
-      DEFAULT_URL = "https://www.flippercloud.io/adapter".freeze
+      # The set of valid ways that syncing can happpen.
+      VALID_SYNC_METHODS = Set[
+        :poll,
+        :webhook,
+      ].freeze
 
       # Public: The token corresponding to an environment on flippercloud.io.
       attr_accessor :token
 
-      # Public: The url for http adapter (default: Flipper::Cloud::DEFAULT_URL).
-      #         Really should only be customized for development work. Feel free
-      #         to forget you ever saw this.
+      # Public: The url for http adapter. Really should only be customized for
+       #        development work. Feel free to forget you ever saw this.
       attr_reader :url
 
       # Public: net/http read timeout for all http requests (default: 5).
@@ -53,18 +56,32 @@ module Flipper
       # the local in sync with cloud (default: 10).
       attr_accessor :sync_interval
 
+      # Public: The method to be used for synchronizing your local flipper
+      # adapter with cloud. (default: :poll, can also be :webhook).
+      attr_reader :sync_method
+
+      # Public: The secret used to verify if syncs in the middleware should
+      # occur or not.
+      attr_accessor :sync_secret
+
       def initialize(options = {})
-        @token = options.fetch(:token)
+        @token = options.fetch(:token) { ENV["FLIPPER_CLOUD_TOKEN"] }
+
+        if @token.nil?
+          raise ArgumentError, "Flipper::Cloud token is missing. Please set FLIPPER_CLOUD_TOKEN or provide the token (e.g. Flipper::Cloud.new('token'))."
+        end
+
         @instrumenter = options.fetch(:instrumenter, Instrumenters::Noop)
-        @read_timeout = options.fetch(:read_timeout, 5)
-        @open_timeout = options.fetch(:open_timeout, 5)
-        @write_timeout = options.fetch(:write_timeout, 5)
-        @sync_interval = options.fetch(:sync_interval, 10)
+        @read_timeout = options.fetch(:read_timeout) { ENV.fetch("FLIPPER_CLOUD_READ_TIMEOUT", 5).to_f }
+        @open_timeout = options.fetch(:open_timeout) { ENV.fetch("FLIPPER_CLOUD_OPEN_TIMEOUT", 5).to_f }
+        @write_timeout = options.fetch(:write_timeout) { ENV.fetch("FLIPPER_CLOUD_WRITE_TIMEOUT", 5).to_f }
+        @sync_interval = options.fetch(:sync_interval) { ENV.fetch("FLIPPER_CLOUD_SYNC_INTERVAL", 10).to_f }
+        @sync_secret = options.fetch(:sync_secret) { ENV["FLIPPER_CLOUD_SYNC_SECRET"] }
         @local_adapter = options.fetch(:local_adapter) { Adapters::Memory.new }
         @debug_output = options[:debug_output]
         @adapter_block = ->(adapter) { adapter }
-
-        self.url = options.fetch(:url, DEFAULT_URL)
+        self.sync_method = options.fetch(:sync_method) { ENV.fetch("FLIPPER_CLOUD_SYNC_METHOD", :poll).to_sym }
+        self.url = options.fetch(:url) { ENV.fetch("FLIPPER_CLOUD_URL", "https://www.flippercloud.io/adapter".freeze) }
       end
 
       # Public: Read or customize the http adapter. Calling without a block will
@@ -82,34 +99,62 @@ module Flipper
         if block_given?
           @adapter_block = block
         else
-          @adapter_block.call sync_adapter
+          @adapter_block.call app_adapter
         end
       end
 
       # Public: Set url for the http adapter.
       attr_writer :url
 
+      def sync
+        Flipper::Adapters::Sync::Synchronizer.new(local_adapter, http_adapter, {
+          instrumenter: instrumenter,
+          interval: sync_interval,
+        }).call
+      end
+
+      def sync_method=(new_sync_method)
+        new_sync_method = new_sync_method.to_sym
+
+        unless VALID_SYNC_METHODS.include?(new_sync_method)
+          raise ArgumentError, "Unsupported sync_method. Valid options are (#{VALID_SYNC_METHODS.to_a.join(', ')})"
+        end
+
+        if new_sync_method == :webhook && sync_secret.nil?
+          raise ArgumentError, "Flipper::Cloud sync_secret is missing. Please set FLIPPER_CLOUD_SYNC_SECRET or provide the sync_secret used to validate webhooks."
+        end
+
+        @sync_method = new_sync_method
+      end
+
       private
 
+      def app_adapter
+        sync_method == :webhook ? dual_write_adapter : sync_adapter
+      end
+
+      def dual_write_adapter
+        Flipper::Adapters::DualWrite.new(local_adapter, http_adapter)
+      end
+
       def sync_adapter
-        sync_options = {
+        Flipper::Adapters::Sync.new(local_adapter, http_adapter, {
           instrumenter: instrumenter,
           interval: sync_interval,
-        }
-        Flipper::Adapters::Sync.new(local_adapter, http_adapter, sync_options)
+        })
       end
 
       def http_adapter
-        http_options = {
+        Flipper::Adapters::Http.new({
           url: @url,
           read_timeout: @read_timeout,
           open_timeout: @open_timeout,
           debug_output: @debug_output,
           headers: {
+            "Flipper-Cloud-Token" => @token,
             "Feature-Flipper-Token" => @token,
           },
-        }
-        Flipper::Adapters::Http.new(http_options)
+        })
       end
     end
   end

data/lib/flipper/cloud/dsl.rb

@@ -0,0 +1,27 @@
+require 'forwardable'
+
+module Flipper
+  module Cloud
+    class DSL < SimpleDelegator
+      attr_reader :cloud_configuration
+
+      def initialize(cloud_configuration)
+        @cloud_configuration = cloud_configuration
+        super Flipper.new(@cloud_configuration.adapter, instrumenter: @cloud_configuration.instrumenter)
+      end
+
+      def sync
+        @cloud_configuration.sync
+      end
+
+      def sync_secret
+        @cloud_configuration.sync_secret
+      end
+
+      def inspect
+        inspect_id = ::Kernel::format "%x", (object_id * 2)
+        %(#<#{self.class}:0x#{inspect_id} @cloud_configuration=#{cloud_configuration.inspect}, flipper=#{__getobj__.inspect}>)
+      end
+    end
+  end
+end

data/lib/flipper/cloud/message_verifier.rb

@@ -0,0 +1,95 @@
+require "openssl"
+require "digest/sha2"
+
+module Flipper
+  module Cloud
+    class MessageVerifier
+      class InvalidSignature < StandardError; end
+
+      DEFAULT_VERSION = "v1"
+
+      def self.header(signature, timestamp, version = DEFAULT_VERSION)
+        raise ArgumentError, "timestamp should be an instance of Time" unless timestamp.is_a?(Time)
+        raise ArgumentError, "signature should be a string" unless signature.is_a?(String)
+        "t=#{timestamp.to_i},#{version}=#{signature}"
+      end
+
+      def initialize(secret:, version: DEFAULT_VERSION)
+        @secret = secret
+        @version = version || DEFAULT_VERSION
+
+        raise ArgumentError, "secret should be a string" unless @secret.is_a?(String)
+        raise ArgumentError, "version should be a string" unless @version.is_a?(String)
+      end
+
+      def generate(payload, timestamp)
+        raise ArgumentError, "timestamp should be an instance of Time" unless timestamp.is_a?(Time)
+        raise ArgumentError, "payload should be a string" unless payload.is_a?(String)
+
+        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), @secret, "#{timestamp.to_i}.#{payload}")
+      end
+
+      def header(signature, timestamp)
+        self.class.header(signature, timestamp, @version)
+      end
+
+      # Public: Verifies the signature header for a given payload.
+      #
+      # Raises a InvalidSignature in the following cases:
+      # - the header does not match the expected format
+      # - no signatures found with the expected scheme
+      # - no signatures matching the expected signature
+      # - a tolerance is provided and the timestamp is not within the
+      #   tolerance
+      #
+      # Returns true otherwise.
+      def verify(payload, header, tolerance: nil)
+        begin
+          timestamp, signatures = get_timestamp_and_signatures(header)
+        rescue StandardError
+          raise InvalidSignature, "Unable to extract timestamp and signatures from header"
+        end
+
+        if signatures.empty?
+          raise InvalidSignature, "No signatures found with expected version #{@version}"
+        end
+
+        expected_sig = generate(payload, timestamp)
+        unless signatures.any? { |s| secure_compare(expected_sig, s) }
+          raise InvalidSignature, "No signatures found matching the expected signature for payload"
+        end
+
+        if tolerance && timestamp < Time.now - tolerance
+          raise InvalidSignature, "Timestamp outside the tolerance zone (#{Time.at(timestamp)})"
+        end
+
+        true
+      end
+
+      private
+
+      # Extracts the timestamp and the signature(s) with the desired version
+      # from the header
+      def get_timestamp_and_signatures(header)
+        list_items = header.split(/,\s*/).map { |i| i.split("=", 2) }
+        timestamp = Integer(list_items.select { |i| i[0] == "t" }[0][1])
+        signatures = list_items.select { |i| i[0] == @version }.map { |i| i[1] }
+        [Time.at(timestamp), signatures]
+      end
+
+      # Private
+      def fixed_length_secure_compare(a, b)
+        raise ArgumentError, "string length mismatch." unless a.bytesize == b.bytesize
+        l = a.unpack "C#{a.bytesize}"
+        res = 0
+        b.each_byte { |byte| res |= byte ^ l.shift }
+        res == 0
+      end
+
+      # Private
+      def secure_compare(a, b)
+        fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b
+      end
+    end
+  end
+end

data/lib/flipper/cloud/middleware.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require "flipper/cloud/message_verifier"
+
+module Flipper
+  module Cloud
+    class Middleware
+      # Internal: The path to match for webhook requests.
+      WEBHOOK_PATH = %r{\A/webhooks\/?\Z}
+
+      def initialize(app, options = {})
+        @app = app
+        @env_key = options.fetch(:env_key, 'flipper')
+      end
+
+      def call(env)
+        dup.call!(env)
+      end
+
+      def call!(env)
+        request = Rack::Request.new(env)
+        if request.post? && request.path_info.match(WEBHOOK_PATH)
+          status = 200
+          headers = {
+            "Content-Type" => "application/json",
+          }
+          body = "{}"
+          payload = request.body.read
+          signature = request.env["HTTP_FLIPPER_CLOUD_SIGNATURE"]
+          flipper = env.fetch(@env_key)
+
+          begin
+            message_verifier = MessageVerifier.new(secret: flipper.sync_secret)
+            if message_verifier.verify(payload, signature)
+              flipper.sync
+              body = JSON.generate({
+                groups: Flipper.group_names.map { |name| {name: name}}
+              })
+            end
+          rescue MessageVerifier::InvalidSignature
+            status = 400
+          end
+
+          [status, headers, [body]]
+        else
+          @app.call(env)
+        end
+      end
+    end
+  end
+end

data/lib/flipper/version.rb

@@ -1,3 +1,3 @@
 module Flipper
-  VERSION = '0.19.0'.freeze
+  VERSION = '0.20.0'.freeze
 end

data/spec/flipper/cloud/configuration_spec.rb

@@ -12,6 +12,13 @@ RSpec.describe Flipper::Cloud::Configuration do
     expect(instance.token).to eq(required_options[:token])
   end
 
+  it "can set token from ENV var" do
+    with_modified_env "FLIPPER_CLOUD_TOKEN" => "from_env" do
+      instance = described_class.new(required_options.reject { |k, v| k == :token })
+      expect(instance.token).to eq("from_env")
+    end
+  end
+
   it "can set instrumenter" do
     instrumenter = Object.new
     instance = described_class.new(required_options.merge(instrumenter: instrumenter))
@@ -23,21 +30,49 @@ RSpec.describe Flipper::Cloud::Configuration do
     expect(instance.read_timeout).to eq(5)
   end
 
+  it "can set read_timeout from ENV var" do
+    with_modified_env "FLIPPER_CLOUD_READ_TIMEOUT" => "9" do
+      instance = described_class.new(required_options.reject { |k, v| k == :read_timeout })
+      expect(instance.read_timeout).to eq(9)
+    end
+  end
+
   it "can set open_timeout" do
     instance = described_class.new(required_options.merge(open_timeout: 5))
     expect(instance.open_timeout).to eq(5)
   end
 
+  it "can set open_timeout from ENV var" do
+    with_modified_env "FLIPPER_CLOUD_OPEN_TIMEOUT" => "9" do
+      instance = described_class.new(required_options.reject { |k, v| k == :open_timeout })
+      expect(instance.open_timeout).to eq(9)
+    end
+  end
+
   it "can set write_timeout" do
     instance = described_class.new(required_options.merge(write_timeout: 5))
     expect(instance.write_timeout).to eq(5)
   end
 
+  it "can set write_timeout from ENV var" do
+    with_modified_env "FLIPPER_CLOUD_WRITE_TIMEOUT" => "9" do
+      instance = described_class.new(required_options.reject { |k, v| k == :write_timeout })
+      expect(instance.write_timeout).to eq(9)
+    end
+  end
+
   it "can set sync_interval" do
     instance = described_class.new(required_options.merge(sync_interval: 1))
     expect(instance.sync_interval).to eq(1)
   end
 
+  it "can set sync_interval from ENV var" do
+    with_modified_env "FLIPPER_CLOUD_SYNC_INTERVAL" => "5" do
+      instance = described_class.new(required_options.reject { |k, v| k == :sync_interval })
+      expect(instance.sync_interval).to eq(5)
+    end
+  end
+
   it "passes sync_interval into sync adapter" do
     # The initial sync of http to local invokes this web request.
     stub_request(:get, /flippercloud\.io/).to_return(status: 200, body: "{}")
@@ -70,7 +105,12 @@ RSpec.describe Flipper::Cloud::Configuration do
     expect(instance.adapter).to be_instance_of(Flipper::Adapters::Instrumented)
   end
 
-  it "can override url" do
+  it "defaults url" do
+    instance = described_class.new(required_options.reject { |k, v| k == :url })
+    expect(instance.url).to eq("https://www.flippercloud.io/adapter")
+  end
+
+  it "can override url using options" do
     options = required_options.merge(url: "http://localhost:5000/adapter")
     instance = described_class.new(options)
     expect(instance.url).to eq("http://localhost:5000/adapter")
@@ -79,4 +119,157 @@ RSpec.describe Flipper::Cloud::Configuration do
     instance.url = "http://localhost:5000/adapter"
     expect(instance.url).to eq("http://localhost:5000/adapter")
   end
+
+  it "can override URL using ENV var" do
+    with_modified_env "FLIPPER_CLOUD_URL" => "https://example.com" do
+      instance = described_class.new(required_options.reject { |k, v| k == :url })
+      expect(instance.url).to eq("https://example.com")
+    end
+  end
+
+  it "defaults to sync_method to poll" do
+    memory_adapter = Flipper::Adapters::Memory.new
+    instance = described_class.new(required_options)
+
+    expect(instance.sync_method).to eq(:poll)
+  end
+
+  it "can use webhook for sync_method" do
+    memory_adapter = Flipper::Adapters::Memory.new
+    instance = described_class.new(required_options.merge({
+      sync_secret: "secret",
+      sync_method: :webhook,
+      local_adapter: memory_adapter,
+    }))
+
+    expect(instance.sync_method).to eq(:webhook)
+    expect(instance.adapter).to be_instance_of(Flipper::Adapters::DualWrite)
+  end
+
+  it "raises ArgumentError for invalid sync_method" do
+    expect {
+      described_class.new(required_options.merge(sync_method: :foo))
+    }.to raise_error(ArgumentError, "Unsupported sync_method. Valid options are (poll, webhook)")
+  end
+
+  it "can use ENV var for sync_method" do
+    with_modified_env "FLIPPER_CLOUD_SYNC_METHOD" => "webhook" do
+      instance = described_class.new(required_options.merge({
+        sync_secret: "secret",
+      }))
+
+      expect(instance.sync_method).to eq(:webhook)
+    end
+  end
+
+  it "can use string sync_method instead of symbol" do
+    memory_adapter = Flipper::Adapters::Memory.new
+    instance = described_class.new(required_options.merge({
+      sync_secret: "secret",
+      sync_method: "webhook",
+      local_adapter: memory_adapter,
+    }))
+
+    expect(instance.sync_method).to eq(:webhook)
+    expect(instance.adapter).to be_instance_of(Flipper::Adapters::DualWrite)
+  end
+
+  it "can set sync_secret" do
+    instance = described_class.new(required_options.merge(sync_secret: "from_config"))
+      expect(instance.sync_secret).to eq("from_config")
+  end
+
+  it "can override sync_secret using ENV var" do
+    with_modified_env "FLIPPER_CLOUD_SYNC_SECRET" => "from_env" do
+      instance = described_class.new(required_options.reject { |k, v| k == :sync_secret })
+      expect(instance.sync_secret).to eq("from_env")
+    end
+  end
+
+  it "can sync with cloud" do
+    body = JSON.generate({
+      "features": [
+        {
+          "key": "search",
+          "state": "on",
+          "gates": [
+            {
+              "key": "boolean",
+              "name": "boolean",
+              "value": true
+            },
+            {
+              "key": "groups",
+              "name": "group",
+              "value": []
+            },
+            {
+              "key": "actors",
+              "name": "actor",
+              "value": []
+            },
+            {
+              "key": "percentage_of_actors",
+              "name": "percentage_of_actors",
+              "value": 0
+            },
+            {
+              "key": "percentage_of_time",
+              "name": "percentage_of_time",
+              "value": 0
+            }
+          ]
+        },
+        {
+          "key": "history",
+          "state": "off",
+          "gates": [
+            {
+              "key": "boolean",
+              "name": "boolean",
+              "value": false
+            },
+            {
+              "key": "groups",
+              "name": "group",
+              "value": []
+            },
+            {
+              "key": "actors",
+              "name": "actor",
+              "value": []
+            },
+            {
+              "key": "percentage_of_actors",
+              "name": "percentage_of_actors",
+              "value": 0
+            },
+            {
+              "key": "percentage_of_time",
+              "name": "percentage_of_time",
+              "value": 0
+            }
+          ]
+        }
+      ]
+    })
+    stub = stub_request(:get, "https://www.flippercloud.io/adapter/features").
+      with({
+        headers: {
+          'Flipper-Cloud-Token'=>'asdf',
+        },
+      }).to_return(status: 200, body: body, headers: {})
+    instance = described_class.new(required_options)
+    instance.sync
+
+    # Check that remote was fetched.
+    expect(stub).to have_been_requested
+
+    # Check that local adapter really did sync.
+    local_adapter = instance.adapter.instance_variable_get("@local")
+    all = local_adapter.get_all
+    expect(all.keys).to eq(["search", "history"])
+    expect(all["search"][:boolean]).to eq("true")
+    expect(all["history"][:boolean]).to eq(nil)
+  end
 end

data/spec/flipper/cloud/dsl_spec.rb

@@ -0,0 +1,87 @@
+require 'helper'
+require 'flipper/cloud/configuration'
+require 'flipper/cloud/dsl'
+require 'flipper/adapters/operation_logger'
+require 'flipper/adapters/instrumented'
+
+RSpec.describe Flipper::Cloud::DSL do
+  it 'delegates everything to flipper instance' do
+    cloud_configuration = Flipper::Cloud::Configuration.new({
+      token: "asdf",
+      sync_secret: "tasty",
+      sync_method: :webhook,
+    })
+    dsl = described_class.new(cloud_configuration)
+    expect(dsl.features).to eq(Set.new)
+    expect(dsl.enabled?(:foo)).to be(false)
+  end
+
+  it 'delegates sync to cloud configuration' do
+    stub = stub_request(:get, "https://www.flippercloud.io/adapter/features").
+      with({
+        headers: {
+          'Flipper-Cloud-Token'=>'asdf',
+        },
+      }).to_return(status: 200, body: '{"features": {}}', headers: {})
+    cloud_configuration = Flipper::Cloud::Configuration.new({
+      token: "asdf",
+      sync_secret: "tasty",
+      sync_method: :webhook,
+    })
+    dsl = described_class.new(cloud_configuration)
+    dsl.sync
+    expect(stub).to have_been_requested
+  end
+
+  it 'delegates sync_secret to cloud configuration' do
+    cloud_configuration = Flipper::Cloud::Configuration.new({
+      token: "asdf",
+      sync_secret: "tasty",
+      sync_method: :webhook,
+    })
+    dsl = described_class.new(cloud_configuration)
+    expect(dsl.sync_secret).to eq("tasty")
+  end
+
+  context "when sync_method is webhook" do
+    let(:local_adapter) do
+      Flipper::Adapters::OperationLogger.new Flipper::Adapters::Memory.new
+    end
+
+    let(:cloud_configuration) do
+      cloud_configuration = Flipper::Cloud::Configuration.new({
+        token: "asdf",
+        sync_secret: "tasty",
+        sync_method: :webhook,
+        local_adapter: local_adapter
+      })
+    end
+
+    subject do
+      described_class.new(cloud_configuration)
+    end
+
+    it "sends reads to local adapter" do
+      subject.features
+      subject.enabled?(:foo)
+      expect(local_adapter.count(:features)).to be(1)
+      expect(local_adapter.count(:get)).to be(1)
+    end
+
+    it "sends writes to cloud and local" do
+      add_stub = stub_request(:post, "https://www.flippercloud.io/adapter/features").
+        with({headers: {'Flipper-Cloud-Token'=>'asdf'}}).
+        to_return(status: 200, body: '{}', headers: {})
+      enable_stub = stub_request(:post, "https://www.flippercloud.io/adapter/features/foo/boolean").
+        with(headers: {'Flipper-Cloud-Token'=>'asdf'}).
+        to_return(status: 200, body: '{}', headers: {})
+
+      subject.enable(:foo)
+
+      expect(local_adapter.count(:add)).to be(1)
+      expect(local_adapter.count(:enable)).to be(1)
+      expect(add_stub).to have_been_requested
+      expect(enable_stub).to have_been_requested
+    end
+  end
+end

data/spec/flipper/cloud/message_verifier_spec.rb

@@ -0,0 +1,105 @@
+require 'helper'
+require 'flipper/cloud/message_verifier'
+
+RSpec.describe Flipper::Cloud::MessageVerifier do
+  let(:payload) { "some payload" }
+  let(:secret) { "secret" }
+  let(:timestamp) { Time.now }
+
+  describe "#generate" do
+    it "generates signature that can be verified" do
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret)
+      signature = message_verifier.generate(payload, timestamp)
+      header = generate_header(timestamp: timestamp, signature: signature)
+      expect(message_verifier.verify(payload, header)).to be(true)
+    end
+  end
+
+  describe "#header" do
+    it "generates a header in valid format" do
+      version = "v1"
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret, version: version)
+      signature = message_verifier.generate(payload, timestamp)
+      header = message_verifier.header(signature, timestamp)
+      expect(header).to eq("t=#{timestamp.to_i},#{version}=#{signature}")
+    end
+  end
+
+  describe ".header" do
+    it "generates a header in valid format" do
+      version = "v1"
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret, version: version)
+      signature = message_verifier.generate(payload, timestamp)
+
+      header = Flipper::Cloud::MessageVerifier.header(signature, timestamp, version)
+      expect(header).to eq("t=#{timestamp.to_i},#{version}=#{signature}")
+    end
+  end
+
+  describe "#verify" do
+    it "raises a InvalidSignature when the header does not have the expected format" do
+      header = "i'm not even a real signature header"
+      expect {
+        message_verifier = Flipper::Cloud::MessageVerifier.new(secret: "secret")
+        message_verifier.verify(payload, header)
+      }.to raise_error(Flipper::Cloud::MessageVerifier::InvalidSignature, "Unable to extract timestamp and signatures from header")
+    end
+
+    it "raises a InvalidSignature when there are no signatures with the expected version" do
+      header = generate_header(version: "v0")
+      expect {
+        message_verifier = Flipper::Cloud::MessageVerifier.new(secret: "secret")
+        message_verifier.verify(payload, header)
+      }.to raise_error(Flipper::Cloud::MessageVerifier::InvalidSignature, /No signatures found with expected version/)
+    end
+
+    it "raises a InvalidSignature when there are no valid signatures for the payload" do
+      header = generate_header(signature: "bad_signature")
+      expect {
+        message_verifier = Flipper::Cloud::MessageVerifier.new(secret: "secret")
+        message_verifier.verify(payload, header)
+      }.to raise_error(Flipper::Cloud::MessageVerifier::InvalidSignature, "No signatures found matching the expected signature for payload")
+    end
+
+    it "raises a InvalidSignature when the timestamp is not within the tolerance" do
+      header = generate_header(timestamp: Time.now - 15)
+      expect {
+        message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret)
+        message_verifier.verify(payload, header, tolerance: 10)
+      }.to raise_error(Flipper::Cloud::MessageVerifier::InvalidSignature, /Timestamp outside the tolerance zone/)
+    end
+
+    it "returns true when the header contains a valid signature and the timestamp is within the tolerance" do
+      header = generate_header
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: "secret")
+      expect(message_verifier.verify(payload, header, tolerance: 10)).to be(true)
+    end
+
+    it "returns true when the header contains at least one valid signature" do
+      header = generate_header + ",v1=bad_signature"
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret)
+      expect(message_verifier.verify(payload, header, tolerance: 10)).to be(true)
+    end
+
+    it "returns true when the header contains a valid signature and the timestamp is off but no tolerance is provided" do
+      header = generate_header(timestamp: Time.at(12_345))
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret)
+      expect(message_verifier.verify(payload, header)).to be(true)
+    end
+  end
+
+  private
+
+  def generate_header(options = {})
+    options[:secret] ||= secret
+    options[:version] ||= "v1"
+
+    message_verifier = Flipper::Cloud::MessageVerifier.new(secret: options[:secret], version: options[:version])
+
+    options[:timestamp] ||= timestamp
+    options[:payload] ||= payload
+    options[:signature] ||= message_verifier.generate(options[:payload], options[:timestamp])
+
+    Flipper::Cloud::MessageVerifier.header(options[:signature], options[:timestamp], options[:version])
+  end
+end

data/spec/flipper/cloud/middleware_spec.rb

@@ -0,0 +1,188 @@
+require 'securerandom'
+require 'helper'
+require 'flipper/cloud'
+require 'flipper/cloud/middleware'
+require 'flipper/adapters/operation_logger'
+
+RSpec.describe Flipper::Cloud::Middleware do
+  let(:flipper) {
+    Flipper::Cloud.new("regular") do |config|
+      config.local_adapter = Flipper::Adapters::OperationLogger.new(Flipper::Adapters::Memory.new)
+      config.sync_secret = "regular_tasty"
+      config.sync_method = :webhook
+    end
+  }
+
+  let(:env_flipper) {
+    Flipper::Cloud.new("env") do |config|
+      config.local_adapter = Flipper::Adapters::OperationLogger.new(Flipper::Adapters::Memory.new)
+      config.sync_secret = "env_tasty"
+      config.sync_method = :webhook
+    end
+  }
+
+  let(:app) { Flipper::Cloud.app(flipper) }
+  let(:response_body) { JSON.generate({features: {}}) }
+  let(:request_body) {
+    JSON.generate({
+      "environment_id" => 1,
+      "webhook_id" => 1,
+      "delivery_id" => SecureRandom.uuid,
+      "action" => "sync",
+    })
+  }
+  let(:timestamp) { Time.now }
+  let(:signature) {
+    Flipper::Cloud::MessageVerifier.new(secret: flipper.sync_secret).generate(request_body, timestamp)
+  }
+  let(:signature_header_value) {
+    Flipper::Cloud::MessageVerifier.new(secret: "").header(signature, timestamp)
+  }
+
+  context 'when initializing middleware with flipper instance' do
+    let(:app) { Flipper::Cloud.app(flipper) }
+
+    it 'uses instance to sync' do
+      Flipper.register(:admins) { |*args| false }
+      Flipper.register(:staff) { |*args| false }
+      Flipper.register(:basic) { |*args| false }
+      Flipper.register(:plus) { |*args| false }
+      Flipper.register(:premium) { |*args| false }
+
+      stub = stub_request_for_token('regular')
+      env = {
+        "HTTP_FLIPPER_CLOUD_SIGNATURE" => signature_header_value,
+      }
+      post '/webhooks', request_body, env
+
+      expect(last_response.status).to eq(200)
+      expect(JSON.parse(last_response.body)).to eq({
+        "groups" => [
+          {"name" => "admins"},
+          {"name" => "staff"},
+          {"name" => "basic"},
+          {"name" => "plus"},
+          {"name" => "premium"},
+        ],
+      })
+      expect(stub).to have_been_requested
+    end
+  end
+
+  context 'when signature is invalid' do
+    let(:app) { Flipper::Cloud.app(flipper) }
+    let(:signature) {
+      Flipper::Cloud::MessageVerifier.new(secret: "nope").generate(request_body, timestamp)
+    }
+
+    it 'uses instance to sync' do
+      stub = stub_request_for_token('regular')
+      env = {
+        "HTTP_FLIPPER_CLOUD_SIGNATURE" => signature_header_value,
+      }
+      post '/webhooks', request_body, env
+
+      expect(last_response.status).to eq(400)
+      expect(stub).not_to have_been_requested
+    end
+  end
+
+  context 'when initialized with flipper instance and flipper instance in env' do
+    let(:app) { Flipper::Cloud.app(flipper) }
+    let(:signature) {
+      Flipper::Cloud::MessageVerifier.new(secret: env_flipper.sync_secret).generate(request_body, timestamp)
+    }
+
+    it 'uses env instance to sync' do
+      stub = stub_request_for_token('env')
+      env = {
+        "HTTP_FLIPPER_CLOUD_SIGNATURE" => signature_header_value,
+        'flipper' => env_flipper,
+      }
+      post '/webhooks', request_body, env
+
+      expect(last_response.status).to eq(200)
+      expect(stub).to have_been_requested
+    end
+  end
+
+  context 'when initialized without flipper instance but flipper instance in env' do
+    let(:app) { Flipper::Cloud.app }
+    let(:signature) {
+      Flipper::Cloud::MessageVerifier.new(secret: env_flipper.sync_secret).generate(request_body, timestamp)
+    }
+
+    it 'uses env instance to sync' do
+      stub = stub_request_for_token('env')
+      env = {
+        "HTTP_FLIPPER_CLOUD_SIGNATURE" => signature_header_value,
+        'flipper' => env_flipper,
+      }
+      post '/webhooks', request_body, env
+
+      expect(last_response.status).to eq(200)
+      expect(stub).to have_been_requested
+    end
+  end
+
+  context 'when initialized with env_key' do
+    let(:app) { Flipper::Cloud.app(flipper, env_key: 'flipper_cloud') }
+    let(:signature) {
+      Flipper::Cloud::MessageVerifier.new(secret: env_flipper.sync_secret).generate(request_body, timestamp)
+    }
+
+    it 'uses provided env key instead of default' do
+      stub = stub_request_for_token('env')
+      env = {
+        "HTTP_FLIPPER_CLOUD_SIGNATURE" => signature_header_value,
+        'flipper' => flipper,
+        'flipper_cloud' => env_flipper,
+      }
+      post '/webhooks', request_body, env
+
+      expect(last_response.status).to eq(200)
+      expect(stub).to have_been_requested
+    end
+  end
+
+  context 'when initializing lazily with a block' do
+    let(:app) { Flipper::Cloud.app(-> { flipper }) }
+
+    it 'works' do
+      stub = stub_request_for_token('regular')
+      env = {
+        "HTTP_FLIPPER_CLOUD_SIGNATURE" => signature_header_value,
+      }
+      post '/webhooks', request_body, env
+
+      expect(last_response.status).to eq(200)
+      expect(stub).to have_been_requested
+    end
+  end
+
+  describe 'Request method unsupported' do
+    it 'skips middleware' do
+      get '/webhooks'
+      expect(last_response.status).to eq(404)
+      expect(last_response.content_type).to eq("application/json")
+      expect(last_response.body).to eq("{}")
+    end
+  end
+
+  describe 'Inspecting the built Rack app' do
+    it 'returns a String' do
+      expect(Flipper::Cloud.app(flipper).inspect).to be_a(String)
+    end
+  end
+
+  private
+
+  def stub_request_for_token(token)
+    stub_request(:get, "https://www.flippercloud.io/adapter/features").
+      with({
+        headers: {
+          'Flipper-Cloud-Token' => token,
+        },
+      }).to_return(status: 200, body: response_body, headers: {})
+  end
+end

data/spec/flipper/cloud_spec.rb

@@ -20,7 +20,11 @@ RSpec.describe Flipper::Cloud do
     end
 
     it 'returns Flipper::DSL instance' do
-      expect(@instance).to be_instance_of(Flipper::DSL)
+      expect(@instance).to be_instance_of(Flipper::Cloud::DSL)
+    end
+
+    it 'can read the cloud configuration' do
+      expect(@instance.cloud_configuration).to be_instance_of(Flipper::Cloud::Configuration)
     end
 
     it 'configures instance to use http adapter' do
@@ -36,7 +40,7 @@ RSpec.describe Flipper::Cloud do
 
     it 'sets correct token header' do
       headers = @http_client.instance_variable_get('@headers')
-      expect(headers['Feature-Flipper-Token']).to eq(token)
+      expect(headers['Flipper-Cloud-Token']).to eq(token)
     end
 
     it 'uses noop instrumenter' do
@@ -63,6 +67,12 @@ RSpec.describe Flipper::Cloud do
     end
   end
 
+  it 'can initialize with no token explicitly provided' do
+    with_modified_env "FLIPPER_CLOUD_TOKEN" => "asdf" do
+      expect(described_class.new).to be_instance_of(Flipper::Cloud::DSL)
+    end
+  end
+
   it 'can set instrumenter' do
     instrumenter = Flipper::Instrumenters::Memory.new
     instance = described_class.new('asdf', instrumenter: instrumenter)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: flipper-cloud
 version: !ruby/object:Gem::Version
-  version: 0.19.0
+  version: 0.20.0
 platform: ruby
 authors:
 - John Nunemaker
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-09-25 00:00:00.000000000 Z
+date: 2020-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: flipper
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.19.0
+        version: 0.20.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.19.0
+        version: 0.20.0
 description: 
 email:
 - nunemaker@gmail.com
@@ -31,6 +31,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- examples/cloud/app.ru
 - examples/cloud/basic.rb
 - examples/cloud/cached_in_memory.rb
 - examples/cloud/import.rb
@@ -39,8 +40,14 @@ files:
 - lib/flipper-cloud.rb
 - lib/flipper/cloud.rb
 - lib/flipper/cloud/configuration.rb
+- lib/flipper/cloud/dsl.rb
+- lib/flipper/cloud/message_verifier.rb
+- lib/flipper/cloud/middleware.rb
 - lib/flipper/version.rb
 - spec/flipper/cloud/configuration_spec.rb
+- spec/flipper/cloud/dsl_spec.rb
+- spec/flipper/cloud/message_verifier_spec.rb
+- spec/flipper/cloud/middleware_spec.rb
 - spec/flipper/cloud_spec.rb
 homepage: https://github.com/jnunemaker/flipper
 licenses:
@@ -68,4 +75,7 @@ specification_version: 4
 summary: FeatureFlipper.com adapter for Flipper
 test_files:
 - spec/flipper/cloud/configuration_spec.rb
+- spec/flipper/cloud/dsl_spec.rb
+- spec/flipper/cloud/message_verifier_spec.rb
+- spec/flipper/cloud/middleware_spec.rb
 - spec/flipper/cloud_spec.rb