httpi 0.5.0 → 0.6.0

data/Gemfile.lock

@@ -14,16 +14,16 @@ GEM
     mocha (0.9.8)
       rake
     rake (0.8.7)
-    rspec (2.0.0.beta.22)
-      rspec-core (= 2.0.0.beta.22)
-      rspec-expectations (= 2.0.0.beta.22)
-      rspec-mocks (= 2.0.0.beta.22)
-    rspec-core (2.0.0.beta.22)
-    rspec-expectations (2.0.0.beta.22)
+    rspec (2.0.0)
+      rspec-core (= 2.0.0)
+      rspec-expectations (= 2.0.0)
+      rspec-mocks (= 2.0.0)
+    rspec-core (2.0.0)
+    rspec-expectations (2.0.0)
       diff-lcs (>= 1.1.2)
-    rspec-mocks (2.0.0.beta.22)
-      rspec-core (= 2.0.0.beta.22)
-      rspec-expectations (= 2.0.0.beta.22)
+    rspec-mocks (2.0.0)
+      rspec-core (= 2.0.0)
+      rspec-expectations (= 2.0.0)
     webmock (1.3.5)
       addressable (>= 2.1.1)
       crack (>= 0.1.7)
@@ -36,5 +36,5 @@ DEPENDENCIES
   httpclient (~> 2.1.5)
   httpi!
   mocha (~> 0.9.8)
-  rspec (= 2.0.0.beta.22)
+  rspec (~> 2.0.0)
   webmock (~> 1.3.5)

data/README.md

@@ -17,7 +17,7 @@ Some examples
 
 Executing a POST request with the most basic request object:
 
-    request = HTTPI::Request.new :url => "http://example.com"
+    request = HTTPI::Request.new "http://example.com"
     HTTPI.get request
 
 Here's a POST request with a request object:
@@ -32,11 +32,11 @@ And a GET request using HTTP basic auth and the Curb adapter:
 
     request = HTTPI::Request.new
     request.url = "http://auth.example.com"
-    request.basic_auth "username", "password"
+    request.auth.basic "username", "password"
   
     HTTPI.get request, :curb
 
-HTTPI also comes with some shortcuts. This executes a PUT request:
+HTTPI also comes shortcuts. This executes a PUT request:
 
     HTTPI.put "http://example.com", "<some>xml</some>"
 
@@ -92,23 +92,54 @@ HTTPI::Request
 --------------
 
 The `HTTPI::Request` serves as a common denominator of options that HTTPI adapters need to support.  
-It represents an HTTP request and lets you customize various settings through these accessors:
+It represents an HTTP request and lets you customize various settings through the following methods:
 
     #url           # the URL to access
     #proxy         # the proxy server to use
+    #ssl           # whether to use SSL
     #headers       # a Hash of HTTP headers
     #body          # the HTTP request body
     #open_timeout  # the open timeout (sec)
     #read_timeout  # the read timeout (sec)
 
-It also contains methods for setting up authentication:
+### Usage example
 
-    #basic_auth(username, password)   # HTTP basic auth credentials
-    #digest_auth(username, password)  # HTTP digest auth credentials
+    request = HTTPI::Request.new
+    request.url = "http://example.com"
+    request.read_timeout = 30
+
+HTTPI::Auth
+-----------
+
+`HTTPI::Auth` supports HTTP basic and digest authentication.
+
+    #basic(username, password)   # HTTP basic auth credentials
+    #digest(username, password)  # HTTP digest auth credentials
+
+### Usage example
+
+    request = HTTPI::Request.new
+    request.auth.basic "username", "password"
+
+HTTPI::Auth::SSL
+----------------
+
+`HTTPI::Auth::SSL` manages SSL client authentication.
+
+    #cert_key_file  # the private key file to use
+    #cert_file      # the certificate file to use
+    #ca_cert_file   # the ca certificate file to use
+    #verify_mode    # one of [:none, :peer, :fail_if_no_peer_cert, :client_once]
+
+### Usage example
+
+    request = HTTPI::Request.new
+    request.auth.ssl.cert_key_file = "client_key.pem"
+    request.auth.ssl.cert_file = "client_cert.pem"
+    request.auth.ssl.verify_mode = :none
 
 ### TODO
 
-* Add support for SSL client authentication
 * Add support for NTLM authentication
 
 HTTPI::Adapter
@@ -145,4 +176,4 @@ It contains the response code, headers and body.
 Participate
 -----------
 
-We appreciate any help and feedback, so please get in touch!
+Any help and feedback appreciated. So please get in touch!

data/lib/httpi.rb

@@ -69,6 +69,9 @@ require "httpi/adapter"
 #     http.follow_redirect_count = 3  # HTTPClient example
 #   end
 module HTTPI
+
+  REQUEST_METHODS = [:get, :post, :head, :put, :delete]
+
   class << self
 
     # Executes an HTTP GET request.
@@ -121,6 +124,12 @@ module HTTPI
       end
     end
 
+    # Executes an HTTP request for the given +method+.
+    def request(method, request, adapter = nil)
+      raise ArgumentError, "Invalid request method: #{method}" unless REQUEST_METHODS.include? method
+      send method, request, adapter
+    end
+
   private
 
     # Checks whether +args+ contains of an <tt>HTTPI::Request</tt> or a URL

data/lib/httpi/adapter/curb.rb

@@ -59,20 +59,29 @@ module HTTPI
 
       def setup_client(request)
         basic_setup request
-        setup_auth request if request.auth?
+        setup_http_auth request if request.auth.http?
+        setup_ssl_auth request.auth.ssl if request.auth.ssl?
       end
 
       def basic_setup(request)
         client.url = request.url.to_s
-        client.timeout = request.read_timeout
-        client.connect_timeout = request.open_timeout
+        client.proxy_url = request.proxy.to_s if request.proxy
+        client.timeout = request.read_timeout if request.read_timeout
+        client.connect_timeout = request.open_timeout if request.open_timeout
         client.headers = request.headers
         client.verbose = false
       end
 
-      def setup_auth(request)
-        client.http_auth_types = request.auth_type
-        client.username, client.password = *request.credentials
+      def setup_http_auth(request)
+        client.http_auth_types = request.auth.type
+        client.username, client.password = *request.auth.credentials
+      end
+
+      def setup_ssl_auth(ssl)
+        client.cert_key = ssl.cert_key_file
+        client.cert = ssl.cert_file
+        client.cacert = ssl.ca_cert_file if ssl.ca_cert_file
+        client.ssl_verify_peer = ssl.verify_mode == :peer
       end
 
       def respond_with(client)

data/lib/httpi/adapter/httpclient.rb

@@ -22,7 +22,7 @@ module HTTPI
       # Executes an HTTP GET request.
       # @see HTTPI.get
       def get(request)
-        do_request request do |client, url, headers|
+        do_request request do |url, headers|
           client.get url, nil, headers
         end
       end
@@ -30,7 +30,7 @@ module HTTPI
       # Executes an HTTP POST request.
       # @see HTTPI.post
       def post(request)
-        do_request request do |client, url, headers, body|
+        do_request request do |url, headers, body|
           client.post url, body, headers
         end
       end
@@ -38,7 +38,7 @@ module HTTPI
       # Executes an HTTP HEAD request.
       # @see HTTPI.head
       def head(request)
-        do_request request do |client, url, headers|
+        do_request request do |url, headers|
           client.head url, nil, headers
         end
       end
@@ -46,7 +46,7 @@ module HTTPI
       # Executes an HTTP PUT request.
       # @see HTTPI.put
       def put(request)
-        do_request request do |client, url, headers, body|
+        do_request request do |url, headers, body|
           client.put url, body, headers
         end
       end
@@ -54,30 +54,39 @@ module HTTPI
       # Executes an HTTP DELETE request.
       # @see HTTPI.delete
       def delete(request)
-        do_request request do |client, url, headers|
+        do_request request do |url, headers|
           client.delete url, headers
         end
       end
+
     private
 
       def do_request(request)
         setup_client request
-        respond_with yield(client, request.url, request.headers, request.body)
+        respond_with yield(request.url, request.headers, request.body)
       end
 
       def setup_client(request)
         basic_setup request
-        auth_setup request if request.auth?
+        setup_http_auth request if request.auth.http?
+        setup_ssl_auth request.auth.ssl if request.auth.ssl?
       end
 
       def basic_setup(request)
         client.proxy = request.proxy if request.proxy
-        client.connect_timeout = request.open_timeout
-        client.receive_timeout = request.read_timeout
+        client.connect_timeout = request.open_timeout if request.open_timeout
+        client.receive_timeout = request.read_timeout if request.read_timeout
+      end
+
+      def setup_http_auth(request)
+        client.set_auth request.url, *request.auth.credentials
       end
 
-      def auth_setup(request)
-        client.set_auth request.url.to_s, *request.credentials
+      def setup_ssl_auth(ssl)
+        client.ssl_config.client_cert = ssl.cert
+        client.ssl_config.client_key = ssl.cert_key
+        client.ssl_config.client_ca = ssl.ca_cert if ssl.ca_cert_file
+        client.ssl_config.verify_mode = ssl.openssl_verify_mode
       end
 
       def respond_with(response)

data/lib/httpi/adapter/net_http.rb

@@ -1,3 +1,4 @@
+require "uri"
 require "httpi/response"
 
 module HTTPI
@@ -9,7 +10,7 @@ module HTTPI
     # http://ruby-doc.org/stdlib/libdoc/net/http/rdoc/
     class NetHTTP
 
-      # Requires the "net/https" library.
+      # Requires the "net/https" library and sets up a new client.
       def initialize(request)
         require "net/https"
         self.client = new_client request
@@ -70,6 +71,7 @@ module HTTPI
 
       def do_request(type, request)
         setup_client request
+        setup_ssl_auth request.auth.ssl if request.auth.ssl?
         
         respond_with(client.start do |http|
           yield http, request_client(type, request)
@@ -77,9 +79,16 @@ module HTTPI
       end
 
       def setup_client(request)
-        client.use_ssl = !!(request.url.to_s =~ /^https/)
-        client.open_timeout = request.open_timeout
-        client.read_timeout = request.read_timeout
+        client.use_ssl = request.ssl?
+        client.open_timeout = request.open_timeout if request.open_timeout
+        client.read_timeout = request.read_timeout if request.read_timeout
+      end
+
+      def setup_ssl_auth(ssl)
+        client.key = ssl.cert_key
+        client.cert = ssl.cert
+        client.ca_file = ssl.ca_cert_file if ssl.ca_cert_file
+        client.verify_mode = ssl.openssl_verify_mode
       end
 
       def request_client(type, request)
@@ -92,12 +101,7 @@ module HTTPI
         end
         
         request_client = request_class.new request.url.request_uri, request.headers
-        request_client = auth_setup request_client, request if request.auth?
-        request_client
-      end
-
-      def auth_setup(request_client, request)
-        request_client.basic_auth *request.credentials if request.auth_type == :basic
+        request_client.basic_auth *request.auth.credentials if request.auth.basic?
         request_client
       end
 

data/lib/httpi/auth/config.rb

@@ -0,0 +1,68 @@
+require "httpi/auth/ssl"
+
+module HTTPI
+  module Auth
+
+    # = HTTPI::Auth::Config
+    #
+    # Manages HTTP and SSL auth configuration. Currently supports HTTP basic/digest
+    # and SSL client authentication.
+    class Config
+
+      # Supported authentication types.
+      TYPES = [:basic, :digest, :ssl]
+
+      # Accessor for the HTTP basic auth credentials.
+      def basic(*args)
+        return @basic if args.empty?
+
+        self.type = :basic
+        @basic = args.flatten.compact
+      end
+
+      # Returns whether to use HTTP basic auth.
+      def basic?
+        type == :basic
+      end
+
+      # Accessor for the HTTP digest auth credentials.
+      def digest(*args)
+        return @digest if args.empty?
+
+        self.type = :digest
+        @digest = args.flatten.compact
+      end
+
+      # Returns whether to use HTTP digest auth.
+      def digest?
+        type == :digest
+      end
+
+      # Returns whether to use HTTP basic or dihest auth.
+      def http?
+        type == :basic || type == :digest
+      end
+
+      # Returns the <tt>HTTPI::Auth::SSL</tt> object.
+      def ssl
+        @ssl ||= SSL.new
+      end
+
+      # Returns whether to use SSL client auth.
+      def ssl?
+        ssl.present?
+      end
+
+      # Shortcut method for returning the credentials for the authentication specified.
+      # Returns +nil+ unless any authentication credentials were specified.
+      def credentials
+        return unless type
+        send type
+      end
+
+      # Accessor for the authentication type in use.
+      attr_accessor :type
+
+    end
+  end
+end

data/lib/httpi/auth/ssl.rb

@@ -0,0 +1,76 @@
+require "openssl"
+
+module HTTPI
+  module Auth
+
+    # = HTTPI::Auth::SSL
+    #
+    # Provides SSL client authentication.
+    class SSL
+
+      VERIFY_MODES = [:none, :peer, :fail_if_no_peer_cert, :client_once]
+
+      # Returns whether SSL configuration is present.
+      def present?
+        cert && cert_key
+      rescue TypeError, Errno::ENOENT
+        false
+      end
+
+      # Accessor for the cert key file to validate SSL certificates.
+      attr_accessor :cert_key_file
+
+      # Accessor for the cert file to validate SSL connections.
+      attr_accessor :cert_file
+
+      # Accessor for the cacert file to validate SSL certificates.
+      attr_accessor :ca_cert_file
+
+      # Returns the SSL verify mode. Defaults to <tt>:peer</tt>.
+      def verify_mode
+        @verify_mode ||= :peer
+      end
+
+      # Sets the SSL verify mode. Expects one of <tt>HTTPI::Auth::SSL::VERIFY_MODES</tt>.
+      def verify_mode=(mode)
+        raise ArgumentError, "Invalid SSL verify mode: #{mode}" unless VERIFY_MODES.include? mode
+        @verify_mode = mode
+      end
+
+      # Returns an <tt>OpenSSL::X509::Certificate</tt> for the +cert_file+.
+      def cert
+        @cert ||= OpenSSL::X509::Certificate.new File.read(cert_file)
+      end
+
+      # Sets the +OpenSSL+ certificate.
+      attr_writer :cert
+
+      # Returns an <tt>OpenSSL::X509::Certificate</tt> for the +ca_cert_file+.
+      def ca_cert
+        @ca_cert ||= OpenSSL::X509::Certificate.new File.read(ca_cert_file)
+      end
+
+      # Sets the +OpenSSL+ ca certificate.
+      attr_writer :ca_cert
+
+      # Returns an <tt>OpenSSL::PKey::RSA</tt> for the +cert_key_file+.
+      def cert_key
+        @cert_key ||= OpenSSL::PKey::RSA.new File.read(cert_key_file)
+      end
+
+      # Sets the +OpenSSL+ certificate key.
+      attr_writer :cert_key
+
+      # Returns the SSL verify mode as a <tt>OpenSSL::SSL::VERIFY_*</tt> constant.
+      def openssl_verify_mode
+        case verify_mode
+          when :none                 then OpenSSL::SSL::VERIFY_NONE
+          when :peer                 then OpenSSL::SSL::VERIFY_PEER
+          when :fail_if_no_peer_cert then OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
+          when :client_once          then OpenSSL::SSL::VERIFY_CLIENT_ONCE
+        end
+      end
+
+    end
+  end
+end