http.rb 1.0.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c6cf64d373fd047e68f56e4d612f0aa7569c69e183dde7057c7cef706861d7b0
-  data.tar.gz: e817f97f6747c05c492823dfeea938f45db80fc77fb2ef5adb93e69818a12faa
+  metadata.gz: 448e7dce1f8dc9a0b23a659b351d10e241ccf1e3cf853663046ec4d7e6e0c8fe
+  data.tar.gz: 75123ecd90c4f5333b8c9a6d62435ab20b46623a5871eb8464a224a92c900ed1
 SHA512:
-  metadata.gz: 466fadc13d04a2333864c0e2c5337454bb6010293f86346d9a8d8ea06f4e577952a3451eb16997f6723882ca4fe8f598784c1675698b56a3f1594a2a39781f0a
-  data.tar.gz: f52d5e6362127c020091e1d8b2317ad909edf1f3a36e4341f8dba1d8ba92a358ff9fab206eb7e276d7e4e670db7e9af55b885ae9e54224d94d05b6d9563f7d84
+  metadata.gz: 7fadfa5b0e33af922edc397877c6fecdff9fd0e5fdb2c8bbb17b9aaeb33f7cddc61553129e1ae6dafc7ee7367a4e1e0a71fa380119020dafbb50e66873f2333c
+  data.tar.gz: d5b35c43b60b13b3e34b1b56a5d02189266401ccb3a9d63b9d87ead07330f96efb80e2577391eea8ed0ec2a734050d7b22aa0fb21e50cfe334b53ca700ede7a6

data/CHANGELOG

@@ -1,5 +1,30 @@
 # CHANGELOG
 
+## 20260609
+
+1.2.0: Extract request_without_body and request_with_body.
+
+The logic for building request objects — constructing the Net::HTTP request class, encoding bodies, and assembling query strings — lived inside the define_method loops and was unreachable except through the eight named methods. Downstream gems needing a method without a named helper (notably webdav's PROPFIND) had to build raw Net::HTTP request objects and bypass that logic entirely. Those two loop bodies are now module functions, callable directly as HTTP.request_without_body(method, ...) and HTTP.request_with_body(method, ...); the named methods delegate to them and behave identically.
+
+1. ~ HTTP/verbs.rb: + request_without_body() and request_with_body() module functions; the WITHOUT_BODY and WITH_BODY define_method loops now delegate to them.
+2. + test/HTTP/request_without_body_test.rb
+3. + test/HTTP/request_with_body_test.rb
+4. ~ README.md: + Constructing requests for other methods section.
+5. ~ HTTP::VERSION: /1.1.0/1.2.0/
+6. ~ CHANGELOG: + 1.2.0 entry
+
+## 20260609
+
+1.1.0: Basic auth via the options hash.
+
+Until now basic authentication was only available through credentials embedded in the URI, which forced callers needing programmatic credentials (notably the webdav gem) to construct their own Net::HTTP request objects and bypass the verb methods entirely. The options hash now accepts username: and password:, extracted the same way no_redirect is, so they never leak through to Net::HTTP. This is additive: URI credentials still work as a fallback, and explicit options take precedence over them.
+
+1. ~ HTTP/request.rb: Extract :username and :password from the options hash; basic_auth now prefers the explicit credentials and falls back to the URI credentials.
+2. + test/HTTP/basic_auth_test.rb
+3. ~ README.md: + Basic authentication usage section; document the username and password options.
+4. ~ HTTP::VERSION: /1.0.0/1.1.0/
+5. ~ CHANGELOG: + 1.1.0 entry
+
 ## 20260522
 
 1.0.0: API stability declaration.

data/README.md

@@ -77,6 +77,22 @@ HTTP.post('http://example.com', {a: 1, b: 2}, {'User-Agent'=>'Custom'}, {use_ssl
 end
 ```
 
+### Basic authentication
+
+Pass `username:` and `password:` through the options hash:
+
+```ruby
+HTTP.get('http://example.com', {}, {}, {username: 'alice', password: 'secret'})
+```
+
+Credentials embedded in the URI continue to work and serve as a fallback:
+
+```ruby
+HTTP.get('http://alice:secret@example.com')
+```
+
+When both are supplied, the options hash wins.
+
 ### Preventing redirections
 
 ```ruby
@@ -166,13 +182,34 @@ class A
 end
 ```
 
+### Constructing requests for other methods
+
+The named methods cover the HTTP methods with a request class in Ruby's `Net::HTTP` stdlib. For anything else — a method without a named helper, such as `PROPFIND` — the same body encoding, query string, and request handling is available directly:
+
+```ruby
+# No body — args become a query string:
+HTTP.request_without_body(:propfind, 'http://example.com/path', {depth: 1})
+
+# With a body — string passthrough, JSON when the content type says so, form data otherwise:
+HTTP.request_with_body(:propfind, 'http://example.com/path', xml, {'Content-Type' => 'application/xml'})
+```
+
+Both take the same `(method, uri, args_or_data, headers, options, &block)` arguments as the named methods, with the method as the first argument, and the named methods delegate to them. For full control over the request object, drop down to `HTTP.request(uri, request_object, headers, options, &block)`.
+
 ## Allowed values for the options hash
-#### (These pass through to Net::HTTP, except for `no_redirect`.)
+#### (These pass through to Net::HTTP, except for `no_redirect`, `username`, and `password`.)
 
 ```Ruby
 no_redirect
     # Prevents redirection if a 3xx response is encountered.
 
+username
+    # Username for HTTP basic authentication. Takes precedence over any
+    # credentials embedded in the URI.
+
+password
+    # Password for HTTP basic authentication, paired with username.
+
 ca_file
     # Sets path of a CA certification file in PEM format.
     #

data/lib/HTTP/VERSION.rb

@@ -2,5 +2,5 @@
 # HTTP::VERSION
 
 module HTTP
-  VERSION = '1.0.0'
+  VERSION = '1.2.0'
 end

data/lib/HTTP/request.rb

@@ -16,13 +16,19 @@ module HTTP
     uri = uri.is_a?(URI) ? uri : URI.parse(uri)
     http = Net::HTTP.new(uri.host, uri.port)
     no_redirect = options.delete(:no_redirect)
+    username = options.delete(:username)
+    password = options.delete(:password)
     config = retry_config(options)
     http.options = options.merge(
       use_ssl: (options[:use_ssl] || uri.use_ssl?),
       verify_mode: (options[:verify_mode] || OpenSSL::SSL::VERIFY_PEER)
     )
     request_object.headers = headers
-    request_object.basic_auth(uri.user, uri.password) if uri.user
+    if username
+      request_object.basic_auth(username, password)
+    elsif uri.user
+      request_object.basic_auth(uri.user, uri.password)
+    end
     verb = request_object.method.downcase.to_sym
     response = (
       if config[:retries] > 0 && config[:verbs].include?(verb)

data/lib/HTTP/verbs.rb

@@ -13,35 +13,43 @@ module HTTP
     WITH_BODY = %i{post put patch}
   end
 
+  def request_without_body(method, uri, args = {}, headers = {}, options = {}, &block)
+    uri = uri.is_a?(URI) ? uri : URI.parse(uri)
+    request_uri = uri.request_uri
+    unless args.empty?
+      request_uri += '?' + args.x_www_form_urlencode
+    end
+    request_object = Net::HTTP.const_get(method.to_s.capitalize).new(request_uri)
+    request(uri, request_object, headers, options, &block)
+  end
+  module_function :request_without_body
+
+  def request_with_body(method, uri, data = {}, headers = {}, options = {}, &block)
+    uri = uri.is_a?(URI) ? uri : URI.parse(uri)
+    request_object = Net::HTTP.const_get(method.to_s.capitalize).new(uri.request_uri)
+    content_type = headers.find{|k, v| k.downcase == 'content-type'}&.last.to_s
+    if data.is_a?(String)
+      request_object.body = data
+    elsif content_type.start_with?('application/json')
+      request_object.body = JSON.dump(data)
+    else
+      request_object.form_data = data
+    end
+    request(uri, request_object, headers, options, &block)
+  end
+  module_function :request_with_body
+
   VERBS::WITHOUT_BODY.each do |verb|
     define_method(verb) do |uri, args = {}, headers = {}, options = {}, &block|
-      uri = uri.is_a?(URI) ? uri : URI.parse(uri)
-      request_uri = uri.request_uri
-      unless args.empty?
-        request_uri += '?' + args.x_www_form_urlencode
-      end
-      request_object = Net::HTTP.const_get(verb.to_s.capitalize).new(request_uri)
-      request(uri, request_object, headers, options, &block)
+      request_without_body(verb, uri, args, headers, options, &block)
     end
-
     module_function verb
   end
 
   VERBS::WITH_BODY.each do |verb|
     define_method(verb) do |uri, data = {}, headers = {}, options = {}, &block|
-      uri = uri.is_a?(URI) ? uri : URI.parse(uri)
-      request_object = Net::HTTP.const_get(verb.to_s.capitalize).new(uri.request_uri)
-      content_type = headers.find{|k, v| k.downcase == 'content-type'}&.last.to_s
-      if data.is_a?(String)
-        request_object.body = data
-      elsif content_type.start_with?('application/json')
-        request_object.body = JSON.dump(data)
-      else
-        request_object.form_data = data
-      end
-      request(uri, request_object, headers, options, &block)
+      request_with_body(verb, uri, data, headers, options, &block)
     end
-
     module_function verb
   end
 end

data/test/HTTP/basic_auth_test.rb

@@ -0,0 +1,106 @@
+# test/HTTP/basic_auth_test.rb
+
+require_relative '../helper'
+
+describe "basic auth" do
+  describe "via the options hash" do
+    let(:uri){'http://example.com/path'}
+    let(:parsed_uri){URI.parse(uri)}
+
+    before do
+      stub_request(:get, uri).
+        to_return(status: 200, body: '', headers: {})
+    end
+
+    it "sets the Authorization header from the username and password options" do
+      request_object = Net::HTTP::Get.new(parsed_uri.request_uri)
+      Net::HTTP::Get.stub(:new, request_object) do
+        response = HTTP.get(uri, {}, {}, {username: 'alice', password: 'secret'})
+        _(request_object['Authorization']).must_equal("Basic #{['alice:secret'].pack('m0')}")
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "via the URI" do
+    let(:uri){'http://alice:secret@example.com/path'}
+    let(:parsed_uri){URI.parse(uri)}
+
+    before do
+      stub_request(:get, 'http://example.com/path').
+        to_return(status: 200, body: '', headers: {})
+    end
+
+    it "sets the Authorization header from the embedded credentials" do
+      request_object = Net::HTTP::Get.new(parsed_uri.request_uri)
+      Net::HTTP::Get.stub(:new, request_object) do
+        response = HTTP.get(uri)
+        _(request_object['Authorization']).must_equal("Basic #{['alice:secret'].pack('m0')}")
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "with a username but no password" do
+    let(:uri){'http://example.com/path'}
+    let(:parsed_uri){URI.parse(uri)}
+
+    before do
+      stub_request(:get, uri).
+        to_return(status: 200, body: '', headers: {})
+    end
+
+    it "sends an empty password" do
+      request_object = Net::HTTP::Get.new(parsed_uri.request_uri)
+      Net::HTTP::Get.stub(:new, request_object) do
+        response = HTTP.get(uri, {}, {}, {username: 'alice'})
+        _(request_object['Authorization']).must_equal("Basic #{['alice:'].pack('m0')}")
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "with credentials in both the options hash and the URI" do
+    let(:uri){'http://alice:secret@example.com/path'}
+    let(:parsed_uri){URI.parse(uri)}
+
+    before do
+      stub_request(:get, 'http://example.com/path').
+        to_return(status: 200, body: '', headers: {})
+    end
+
+    it "prefers the options credentials over the URI credentials" do
+      request_object = Net::HTTP::Get.new(parsed_uri.request_uri)
+      Net::HTTP::Get.stub(:new, request_object) do
+        response = HTTP.get(uri, {}, {}, {username: 'bob', password: 'hunter2'})
+        _(request_object['Authorization']).must_equal("Basic #{['bob:hunter2'].pack('m0')}")
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "leakage into Net::HTTP options" do
+    let(:uri){'http://example.com/path'}
+    let(:parsed_uri){URI.parse(uri)}
+
+    before do
+      stub_request(:get, uri).
+        to_return(status: 200, body: '', headers: {})
+    end
+
+    it "does not pass the auth options through to Net::HTTP" do
+      passed_options = nil
+      net_http_object = Net::HTTP.new(parsed_uri.host, parsed_uri.port)
+      original_options_setter = net_http_object.method(:options=)
+      net_http_object.define_singleton_method(:options=) do |options|
+        passed_options = options
+        original_options_setter.call(options)
+      end
+      Net::HTTP.stub(:new, net_http_object) do
+        HTTP.get(uri, {}, {}, {username: 'alice', password: 'secret'})
+      end
+      _(passed_options.key?(:username)).must_equal(false)
+      _(passed_options.key?(:password)).must_equal(false)
+    end
+  end
+end

data/test/HTTP/request_with_body_test.rb

@@ -0,0 +1,76 @@
+# test/HTTP/request_with_body_test.rb
+
+require_relative '../helper'
+
+describe ".request_with_body" do
+  let(:uri){'http://example.com/path'}
+  let(:parsed_uri){URI.parse(uri)}
+
+  describe "with a string body" do
+    let(:body){'raw body'}
+
+    before do
+      stub_request(:post, 'http://example.com/path').
+        with(body: body).
+          to_return(status: 200, body: '', headers: {})
+    end
+
+    it "passes the string through unchanged" do
+      request_object = Net::HTTP::Post.new(parsed_uri.request_uri)
+      Net::HTTP::Post.stub(:new, request_object) do
+        response = HTTP.request_with_body(:post, uri, body)
+        _(request_object.body).must_equal(body)
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "with a JSON content type" do
+    let(:data){{a: 1, b: 2}}
+    let(:headers){{'Content-Type' => 'application/json'}}
+
+    before do
+      stub_request(:post, 'http://example.com/path').
+        with(body: JSON.dump(data)).
+          to_return(status: 200, body: '', headers: {})
+    end
+
+    it "JSON-encodes the data" do
+      request_object = Net::HTTP::Post.new(parsed_uri.request_uri)
+      Net::HTTP::Post.stub(:new, request_object) do
+        response = HTTP.request_with_body(:post, uri, data, headers)
+        _(request_object.body).must_equal(JSON.dump(data))
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "with no content type" do
+    let(:data){{a: 1, b: 2}}
+
+    before do
+      stub_request(:post, 'http://example.com/path').
+        with(body: data.x_www_form_urlencode).
+          to_return(status: 200, body: '', headers: {})
+    end
+
+    it "form-encodes the data" do
+      request_object = Net::HTTP::Post.new(parsed_uri.request_uri)
+      Net::HTTP::Post.stub(:new, request_object) do
+        response = HTTP.request_with_body(:post, uri, data)
+        _(request_object.body).must_equal(data.x_www_form_urlencode)
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "delegation from the named method" do
+    it "is reached by HTTP.post with the verb prepended" do
+      received_args = nil
+      HTTP.stub(:request_with_body, ->(*args, &block){received_args = args; nil}) do
+        HTTP.post(uri, {a: 1}, {'User-Agent' => 'Minitest'}, {use_ssl: false})
+      end
+      _(received_args).must_equal([:post, uri, {a: 1}, {'User-Agent' => 'Minitest'}, {use_ssl: false}])
+    end
+  end
+end

data/test/HTTP/request_without_body_test.rb

@@ -0,0 +1,53 @@
+# test/HTTP/request_without_body_test.rb
+
+require_relative '../helper'
+
+describe ".request_without_body" do
+  let(:uri){'http://example.com/path'}
+  let(:parsed_uri){URI.parse(uri)}
+
+  describe "without args" do
+    before do
+      stub_request(:get, 'http://example.com/path').
+        to_return(status: 200, body: '', headers: {})
+    end
+
+    it "builds the request object for the given method" do
+      received_arg = nil
+      request_object = Net::HTTP::Get.new(parsed_uri.request_uri)
+      Net::HTTP::Get.stub(:new, ->(arg){received_arg = arg; request_object}) do
+        response = HTTP.request_without_body(:get, uri)
+        _(received_arg).must_equal(parsed_uri.request_uri)
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "with args" do
+    before do
+      stub_request(:get, 'http://example.com/path?a=1&b=2').
+        to_return(status: 200, body: '', headers: {})
+    end
+
+    it "appends the encoded query string to the request uri" do
+      received_arg = nil
+      request_uri = parsed_uri.request_uri + '?a=1&b=2'
+      request_object = Net::HTTP::Get.new(request_uri)
+      Net::HTTP::Get.stub(:new, ->(arg){received_arg = arg; request_object}) do
+        response = HTTP.request_without_body(:get, uri, {a: 1, b: 2})
+        _(received_arg).must_equal(request_uri)
+        _(response.success?).must_equal(true)
+      end
+    end
+  end
+
+  describe "delegation from the named method" do
+    it "is reached by HTTP.get with the verb prepended" do
+      received_args = nil
+      HTTP.stub(:request_without_body, ->(*args, &block){received_args = args; nil}) do
+        HTTP.get(uri, {a: 1}, {'User-Agent' => 'Minitest'}, {use_ssl: false})
+      end
+      _(received_args).must_equal([:get, uri, {a: 1}, {'User-Agent' => 'Minitest'}, {use_ssl: false}])
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: http.rb
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.2.0
 platform: ruby
 authors:
 - thoran
@@ -105,6 +105,7 @@ files:
 - lib/String/url_encode.rb
 - lib/URI/Generic/use_sslQ.rb
 - test/HTTP/RETRY_test.rb
+- test/HTTP/basic_auth_test.rb
 - test/HTTP/delete_test.rb
 - test/HTTP/get_test.rb
 - test/HTTP/head_test.rb
@@ -112,6 +113,8 @@ files:
 - test/HTTP/patch_test.rb
 - test/HTTP/post_test.rb
 - test/HTTP/put_test.rb
+- test/HTTP/request_with_body_test.rb
+- test/HTTP/request_without_body_test.rb
 - test/HTTP/trace_test.rb
 - test/Net/HTTPResponse/StatusPredicates_test.rb
 - test/helper.rb
@@ -133,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 4.0.12
+rubygems_version: 4.0.13
 specification_version: 4
 summary: HTTP made easy.
 test_files: []