gds-api-adapters 19.0.0 → 19.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 74bb42454aa30f1970f30520a8c77f578bd4e336
4
- data.tar.gz: a10fcf027a156dd02d7e80ef31c0a75abbbfc41d
3
+ metadata.gz: 685025d180b46ecc7468390d5a17adfced252e6f
4
+ data.tar.gz: a7d382fa6bb62a52a2211cd746d334a292ca3633
5
5
  SHA512:
6
- metadata.gz: 7031ecf415602f3e70c9b37963aa04114f7482d5ba3f5b65ed7fe883acdc70da40631daa985bea7a923cc096d369cb603e24d5915d7a25ef4d6a8cb0b7753d51
7
- data.tar.gz: 5d9f6a306e719235254b72eba5c3ce24fd0979a70211d270cfb1ef0d766aa762b4ac6af588f75b35cd2e3186acf450f8694665d957c20fb753bdabf8cc6318c3
6
+ metadata.gz: e421a41cb2f5a2082a984faf196e910b2ad3232097507e420abcf7f95618dfc194ec8e0508def31ec4406f6a5f65cf07d671e915573ba5f6209726691f131d35
7
+ data.tar.gz: 8490c07db3fe156ecda84e21541a1ef94450310ebca5890798ee37839c839a56ce25f4a90831ada11a0930387c0a0aa45f7c9f9268ba315d56d342d1d05c8f0a
data/README.md CHANGED
@@ -29,32 +29,39 @@ something that actually logs:
29
29
 
30
30
  GdsApi::Base.logger = Logger.new("/path/to/file.log")
31
31
 
32
- ## Authorization
33
-
34
- The API Adapters currently support either HTTP Basic authentication or OAuth2
35
- (bearer token) authorization. This is only used for Panopticon registration at
36
- present. The GdsApi::Panopticon::Registerer adapter expects a constant called
37
- PANOPTICON_API_CREDENTIALS to be defined and will use that to pass the relevant
38
- options to the HTTP client.
39
-
40
- To use bearer token authorization the format that constant should be a hash of
41
- the form:
42
-
43
- PANOPTICON_API_CREDENTIALS = { bearer_token: 'MY_BEARER_TOKEN' }
44
-
45
-
46
32
  ## Middleware for request tracing
47
33
 
48
- We set a unique header at the cache level called `GOVUK-Request-Id`. In order
34
+ We set a unique header at the cache level called `Govuk-Request-Id`. In order
49
35
  to serve a user's request, if apps make API requests they should pass on this
50
36
  header, so that we can trace a request across the entire GOV.UK stack.
51
37
 
52
- `GdsApi::GovukRequestIdSniffer` middleware takes care of this. This gem contains
38
+ `GdsApi::GovukHeaderSniffer` middleware takes care of this. This gem contains
53
39
  a railtie that configures this middleware for Rails apps without extra effort.
54
40
  Other Rack-based apps should opt-in by adding this line to your `config.ru`:
55
41
 
56
- ```use GdsApi::GovukRequestIdSniffer```
42
+ use GdsApi::GovukHeaderSniffer, 'HTTP_GOVUK_REQUEST_ID'
57
43
 
44
+ ## Middleware for identifying authenticated users
45
+
46
+ Applications can make use of user-based identification for additional
47
+ authorisation when making API requests. Any application that is using gds-sso
48
+ for authentication can set an additional header called
49
+ 'X-Govuk-Authenticated-User' to identify the currently authenticated user ID.
50
+ This will automatically be picked up by the `GdsApi::GovukHeaderSniffer`
51
+ middleware in Rails applications and sent with API requests so that the
52
+ downstream service can optionally use the identifier to perform authorisation
53
+ on the request. This will be used by content-store as a mechanism to only
54
+ return access-limited content to authenticated and authorised users.
55
+
56
+ ## App-level Authentication
57
+
58
+ The API Adapters currently support either HTTP Basic or OAuth2 (bearer token)
59
+ authentication. This allows an application to identify itself to another where
60
+ required. This is currently used by the `GdsApi::Panopticon::Registerer`
61
+ adapter, which expects a constant called `PANOPTICON_API_CREDENTIALS` to be
62
+ defined that identifies the calling application to Panopticon:
63
+
64
+ PANOPTICON_API_CREDENTIALS = { bearer_token: 'MY_BEARER_TOKEN' }
58
65
 
59
66
  ## Test Helpers
60
67
 
@@ -0,0 +1,21 @@
1
+ module GdsApi
2
+ class GovukHeaders
3
+ class << self
4
+ def set_header(header_name, value)
5
+ header_data[header_name] = value
6
+ end
7
+
8
+ def headers
9
+ header_data.select {|k, v| !(v.nil? || v.empty?) }
10
+ end
11
+
12
+ private
13
+
14
+ def header_data
15
+ Thread.current[:headers] ||= {}
16
+ end
17
+
18
+ end
19
+ end
20
+ end
21
+
@@ -2,7 +2,7 @@ require_relative 'response'
2
2
  require_relative 'exceptions'
3
3
  require_relative 'version'
4
4
  require_relative 'null_cache'
5
- require_relative 'govuk_request_id'
5
+ require_relative 'govuk_headers'
6
6
  require 'lrucache'
7
7
  require 'rest-client'
8
8
 
@@ -172,7 +172,7 @@ module GdsApi
172
172
  end
173
173
 
174
174
  def with_headers(method_params, headers)
175
- headers = headers.merge(govuk_request_id: GdsApi::GovukRequestId.value) if GdsApi::GovukRequestId.set?
175
+ headers = headers.merge(GdsApi::GovukHeaders.headers)
176
176
  method_params.merge(
177
177
  headers: method_params[:headers].merge(headers)
178
178
  )
@@ -0,0 +1,21 @@
1
+ require_relative '../govuk_headers'
2
+
3
+ module GdsApi
4
+ class GovukHeaderSniffer
5
+ def initialize(app, header_name)
6
+ @app = app
7
+ @header_name = header_name
8
+ end
9
+
10
+ def call(env)
11
+ GdsApi::GovukHeaders.set_header(readable_name, env[@header_name])
12
+ @app.call(env)
13
+ end
14
+
15
+ private
16
+
17
+ def readable_name
18
+ @header_name.sub(/^HTTP_/, "").downcase.to_sym
19
+ end
20
+ end
21
+ end
@@ -1,10 +1,15 @@
1
- require_relative 'middleware/govuk_request_id_sniffer'
1
+ require_relative 'middleware/govuk_header_sniffer'
2
2
 
3
3
  module GdsApi
4
4
  class Railtie < Rails::Railtie
5
5
  initializer "gds_api.initialize_govuk_request_id_sniffer" do |app|
6
- Rails.logger.info "Using middleware GdsApi::GovukRequestIdSniffer to sniff for GOVUK-Request-Id header"
7
- app.middleware.use GdsApi::GovukRequestIdSniffer
6
+ Rails.logger.info "Using middleware GdsApi::GovukHeaderSniffer to sniff for GOVUK-Request-Id header"
7
+ app.middleware.use GdsApi::GovukHeaderSniffer, 'HTTP_GOVUK_REQUEST_ID'
8
+ end
9
+
10
+ initializer "gds_api.initialize_govuk_authenticated_user_sniffer" do |app|
11
+ Rails.logger.info "Using middleware GdsApi::GovukHeaderSniffer to sniff for X-GOVUK-Authenticated-User header"
12
+ app.middleware.use GdsApi::GovukHeaderSniffer, 'HTTP_X_GOVUK_AUTHENTICATED_USER'
8
13
  end
9
14
  end
10
15
  end
@@ -1,3 +1,3 @@
1
1
  module GdsApi
2
- VERSION = '19.0.0'
2
+ VERSION = '19.1.0'
3
3
  end
@@ -638,8 +638,8 @@ class JsonClientTest < MiniTest::Spec
638
638
  end
639
639
  end
640
640
 
641
- def test_govuk_request_id_gets_set_if_present
642
- GdsApi::GovukRequestId.value = "12345" # set by middleware GovukRequestIdSniffer
641
+ def test_govuk_headers_are_included_in_requests_if_present
642
+ GdsApi::GovukHeaders.set_header(:govuk_request_id, "12345") # set by middleware GovukHeaderSniffer
643
643
  stub_request(:get, "http://some.other.endpoint/some.json").to_return(:status => 200)
644
644
 
645
645
  GdsApi::JsonClient.new.get_json("http://some.other.endpoint/some.json")
@@ -649,6 +649,17 @@ class JsonClientTest < MiniTest::Spec
649
649
  end
650
650
  end
651
651
 
652
+ def test_govuk_headers_ignored_in_requests_if_not_present
653
+ GdsApi::GovukHeaders.set_header(:x_govuk_authenticated_user, "")
654
+ stub_request(:get, "http://some.other.endpoint/some.json").to_return(:status => 200)
655
+
656
+ GdsApi::JsonClient.new.get_json("http://some.other.endpoint/some.json")
657
+
658
+ assert_requested(:get, %r{/some.json}) do |request|
659
+ !request.headers.has_key?('X-Govuk-Authenticated-User')
660
+ end
661
+ end
662
+
652
663
  def test_additional_headers_passed_in_do_not_get_modified
653
664
  stub_request(:get, "http://some.other.endpoint/some.json").to_return(:status => 200)
654
665
 
@@ -0,0 +1,18 @@
1
+ require 'test_helper'
2
+ require 'gds_api/middleware/govuk_header_sniffer'
3
+
4
+ describe GdsApi::GovukHeaderSniffer do
5
+ include Rack::Test::Methods
6
+
7
+ let(:inner_app) do
8
+ lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['All good!']] }
9
+ end
10
+
11
+ let(:app) { GdsApi::GovukHeaderSniffer.new(inner_app, 'HTTP_GOVUK_REQUEST_ID') }
12
+
13
+ it "sniffs custom request headers and stores them for later use" do
14
+ header "Govuk-Request-Id", "12345"
15
+ get "/"
16
+ assert_equal '12345', GdsApi::GovukHeaders.headers[:govuk_request_id]
17
+ end
18
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gds-api-adapters
3
3
  version: !ruby/object:Gem::Version
4
- version: 19.0.0
4
+ version: 19.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - James Stewart
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-23 00:00:00.000000000 Z
11
+ date: 2015-06-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: plek
@@ -287,7 +287,7 @@ files:
287
287
  - lib/gds_api/finder_api.rb
288
288
  - lib/gds_api/finder_schema.rb
289
289
  - lib/gds_api/gov_uk_delivery.rb
290
- - lib/gds_api/govuk_request_id.rb
290
+ - lib/gds_api/govuk_headers.rb
291
291
  - lib/gds_api/helpers.rb
292
292
  - lib/gds_api/imminence.rb
293
293
  - lib/gds_api/json_client.rb
@@ -295,7 +295,7 @@ files:
295
295
  - lib/gds_api/list_response.rb
296
296
  - lib/gds_api/mapit.rb
297
297
  - lib/gds_api/maslow.rb
298
- - lib/gds_api/middleware/govuk_request_id_sniffer.rb
298
+ - lib/gds_api/middleware/govuk_header_sniffer.rb
299
299
  - lib/gds_api/need_api.rb
300
300
  - lib/gds_api/needotron.rb
301
301
  - lib/gds_api/null_cache.rb
@@ -373,7 +373,7 @@ files:
373
373
  - test/list_response_test.rb
374
374
  - test/mapit_test.rb
375
375
  - test/maslow_test.rb
376
- - test/middleware/govuk_request_id_sniffer_test.rb
376
+ - test/middleware/govuk_header_sniffer_test.rb
377
377
  - test/need_api_test.rb
378
378
  - test/organisations_api_test.rb
379
379
  - test/panopticon_registerer_test.rb
@@ -434,7 +434,7 @@ test_files:
434
434
  - test/maslow_test.rb
435
435
  - test/panopticon_registerer_test.rb
436
436
  - test/panopticon_test.rb
437
- - test/middleware/govuk_request_id_sniffer_test.rb
437
+ - test/middleware/govuk_header_sniffer_test.rb
438
438
  - test/rummager_test.rb
439
439
  - test/json_client_test.rb
440
440
  - test/email_alert_api_test.rb
@@ -1,17 +0,0 @@
1
- module GdsApi
2
- class GovukRequestId
3
- class << self
4
- def set?
5
- !(value.nil? || value.empty?)
6
- end
7
-
8
- def value
9
- Thread.current[:govuk_request_id]
10
- end
11
-
12
- def value=(new_id)
13
- Thread.current[:govuk_request_id] = new_id
14
- end
15
- end
16
- end
17
- end
@@ -1,14 +0,0 @@
1
- require_relative '../govuk_request_id'
2
-
3
- module GdsApi
4
- class GovukRequestIdSniffer
5
- def initialize(app)
6
- @app = app
7
- end
8
-
9
- def call(env)
10
- GdsApi::GovukRequestId.value = env['HTTP_GOVUK_REQUEST_ID']
11
- @app.call(env)
12
- end
13
- end
14
- end
@@ -1,18 +0,0 @@
1
- require 'test_helper'
2
- require 'gds_api/middleware/govuk_request_id_sniffer'
3
-
4
- describe GdsApi::GovukRequestIdSniffer do
5
- include Rack::Test::Methods
6
-
7
- let(:inner_app) do
8
- lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['All good!']] }
9
- end
10
-
11
- let(:app) { GdsApi::GovukRequestIdSniffer.new(inner_app) }
12
-
13
- it "sniffs the govuk request id from request headers" do
14
- header "Govuk-Request-Id", "12345"
15
- get "/"
16
- assert_equal '12345', GdsApi::GovukRequestId.value
17
- end
18
- end