httpx 0.10.2 → 0.12.0

data/lib/httpx/io/udp.rb

@@ -25,7 +25,7 @@ module HTTPX
       true
     end
 
-    if RUBY_VERSION < "2.2"
+    if RUBY_VERSION < "2.3"
       # :nocov:
       def close
         @io.close
@@ -40,14 +40,15 @@ module HTTPX
     end
 
     def write(buffer)
-      siz = @io.send(buffer, 0, @host, @port)
+      siz = @io.send(buffer.to_s, 0, @host, @port)
       log { "WRITE: #{siz} bytes..." }
       buffer.shift!(siz)
       siz
     end
 
     # :nocov:
-    if RUBY_VERSION < "2.3"
+    if (RUBY_ENGINE == "truffleruby" && RUBY_ENGINE_VERSION < "21.1.0") ||
+       RUBY_VERSION < "2.3"
       def read(size, buffer)
         data, _ = @io.recvfrom_nonblock(size)
         buffer.replace(data)

data/lib/httpx/parser/http1.rb

@@ -66,7 +66,6 @@ module HTTPX
         @status_code = code.to_i
         raise(Error, "wrong status code (#{@status_code})") unless (100..599).cover?(@status_code)
 
-        # @buffer.slice!(0, idx + 1)
         @buffer = @buffer.byteslice((idx + 1)..-1)
         nextstate(:headers)
       end
@@ -74,7 +73,8 @@ module HTTPX
       def parse_headers
         headers = @headers
         while (idx = @buffer.index("\n"))
-          line = @buffer.slice!(0, idx + 1).sub(/\s+\z/, "")
+          line = @buffer.byteslice(0..idx).sub(/\s+\z/, "")
+          @buffer = @buffer.byteslice((idx + 1)..-1)
           if line.empty?
             case @state
             when :headers
@@ -96,11 +96,11 @@ module HTTPX
           separator_index = line.index(":")
           raise Error, "wrong header format" unless separator_index
 
-          key = line[0..separator_index - 1]
+          key = line.byteslice(0..(separator_index - 1))
           raise Error, "wrong header format" if key.start_with?("\s", "\t")
 
           key.strip!
-          value = line[separator_index + 1..-1]
+          value = line.byteslice((separator_index + 1)..-1)
           value.strip!
           raise Error, "wrong header format" if value.nil?
 

data/lib/httpx/plugins/aws_sdk_authentication.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+module HTTPX
+  module Plugins
+    #
+    # This plugin applies AWS Sigv4 to requests, using the AWS SDK credentials and configuration.
+    #
+    # It requires the "aws-sdk-core" gem.
+    #
+    module AwsSdkAuthentication
+      #
+      # encapsulates access to an AWS SDK credentials store.
+      #
+      class Credentials
+        def initialize(aws_credentials)
+          @aws_credentials = aws_credentials
+        end
+
+        def username
+          @aws_credentials.access_key_id
+        end
+
+        def password
+          @aws_credentials.secret_access_key
+        end
+
+        def security_token
+          @aws_credentials.session_token
+        end
+      end
+
+      class << self
+        attr_reader :credentials, :region
+
+        def load_dependencies(klass)
+          require "aws-sdk-core"
+          klass.plugin(:aws_sigv4)
+
+          client = Class.new(Seahorse::Client::Base) do
+            @identifier = :httpx
+            set_api(Aws::S3::ClientApi::API)
+            add_plugin(Aws::Plugins::CredentialsConfiguration)
+            add_plugin(Aws::Plugins::RegionalEndpoint)
+            class << self
+              attr_reader :identifier
+            end
+          end.new
+
+          @credentials = Credentials.new(client.config[:credentials])
+          @region = client.config[:region]
+        end
+
+        def extra_options(options)
+          options.merge(max_concurrent_requests: 1)
+        end
+      end
+
+      module InstanceMethods
+        #
+        # aws_authentication
+        # aws_authentication(credentials: Aws::Credentials.new('akid', 'secret'))
+        # aws_authentication()
+        #
+        def aws_sdk_authentication(**options)
+          credentials = AwsSdkAuthentication.credentials
+          region = AwsSdkAuthentication.region
+
+          aws_sigv4_authentication(
+            credentials: credentials,
+            region: region,
+            provider_prefix: "aws",
+            header_provider_field: "amz",
+            **options
+          )
+        end
+        alias_method :aws_auth, :aws_sdk_authentication
+      end
+    end
+    register_plugin :aws_sdk_authentication, AwsSdkAuthentication
+  end
+end

data/lib/httpx/plugins/aws_sigv4.rb

@@ -0,0 +1,218 @@
+# frozen_string_literal: true
+
+require "set"
+require "aws-sdk-s3"
+
+module HTTPX
+  module Plugins
+    #
+    # This plugin adds AWS Sigv4 authentication.
+    #
+    # https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    #
+    # https://gitlab.com/honeyryderchuck/httpx/wikis/AWS-SigV4
+    #
+    module AWSSigV4
+      Credentials = Struct.new(:username, :password, :security_token)
+
+      class Signer
+        def initialize(
+          service:,
+          region:,
+          credentials: nil,
+          username: nil,
+          password: nil,
+          security_token: nil,
+          provider_prefix: "aws",
+          header_provider_field: "amz",
+          unsigned_headers: [],
+          apply_checksum_header: true,
+          algorithm: "SHA256"
+        )
+          @credentials = credentials || Credentials.new(username, password, security_token)
+          @service = service
+          @region = region
+
+          @unsigned_headers = Set.new(unsigned_headers.map(&:downcase))
+          @unsigned_headers << "authorization"
+          @unsigned_headers << "x-amzn-trace-id"
+          @unsigned_headers << "expect"
+
+          @apply_checksum_header = apply_checksum_header
+          @provider_prefix = provider_prefix
+          @header_provider_field = header_provider_field
+
+          @algorithm = algorithm
+        end
+
+        def sign!(request)
+          lower_provider_prefix = "#{@provider_prefix}4"
+          upper_provider_prefix = lower_provider_prefix.upcase
+
+          downcased_algorithm = @algorithm.downcase
+
+          datetime = (request.headers["x-#{@header_provider_field}-date"] ||= Time.now.utc.strftime("%Y%m%dT%H%M%SZ"))
+          date = datetime[0, 8]
+
+          content_hashed = request.headers["x-#{@header_provider_field}-content-#{downcased_algorithm}"] || hexdigest(request.body)
+
+          request.headers["x-#{@header_provider_field}-content-#{downcased_algorithm}"] ||= content_hashed if @apply_checksum_header
+          request.headers["x-#{@header_provider_field}-security-token"] ||= @credentials.security_token if @credentials.security_token
+
+          signature_headers = request.headers.each.reject do |k, _|
+            @unsigned_headers.include?(k)
+          end
+          # aws sigv4 needs to declare the host, regardless of protocol version
+          signature_headers << ["host", request.authority] unless request.headers.key?("host")
+          signature_headers.sort_by!(&:first)
+
+          signed_headers = signature_headers.map(&:first).join(";")
+
+          canonical_headers = signature_headers.map do |k, v|
+            # eliminate whitespace between value fields, unless it's a quoted value
+            "#{k}:#{v.start_with?("\"") && v.end_with?("\"") ? v : v.gsub(/\s+/, " ").strip}\n"
+          end.join
+
+          # canonical request
+          creq = "#{request.verb.to_s.upcase}" \
+            "\n#{request.canonical_path}" \
+            "\n#{request.canonical_query}" \
+            "\n#{canonical_headers}" \
+            "\n#{signed_headers}" \
+            "\n#{content_hashed}"
+
+          credential_scope = "#{date}" \
+            "/#{@region}" \
+            "/#{@service}" \
+            "/#{lower_provider_prefix}_request"
+
+          algo_line = "#{upper_provider_prefix}-HMAC-#{@algorithm}"
+          # string to sign
+          sts = "#{algo_line}" \
+                "\n#{datetime}" \
+                "\n#{credential_scope}" \
+                "\n#{hexdigest(creq)}"
+
+          # signature
+          k_date = hmac("#{upper_provider_prefix}#{@credentials.password}", date)
+          k_region = hmac(k_date, @region)
+          k_service = hmac(k_region, @service)
+          k_credentials = hmac(k_service, "#{lower_provider_prefix}_request")
+          sig = hexhmac(k_credentials, sts)
+
+          credential = "#{@credentials.username}/#{credential_scope}"
+          # apply signature
+          request.headers["authorization"] =
+            "#{algo_line} " \
+            "Credential=#{credential}, " \
+            "SignedHeaders=#{signed_headers}, " \
+            "Signature=#{sig}"
+        end
+
+        private
+
+        def hexdigest(value)
+          if value.respond_to?(:to_path)
+            # files, pathnames
+            OpenSSL::Digest.new(@algorithm).file(value.to_path).hexdigest
+          elsif value.respond_to?(:each)
+            digest = OpenSSL::Digest.new(@algorithm)
+
+            mb_buffer = value.each.each_with_object("".b) do |chunk, buffer|
+              buffer << chunk
+              break if buffer.bytesize >= 1024 * 1024
+            end
+
+            digest.update(mb_buffer)
+            value.rewind
+            digest.hexdigest
+          else
+            OpenSSL::Digest.new(@algorithm).hexdigest(value)
+          end
+        end
+
+        def hmac(key, value)
+          OpenSSL::HMAC.digest(OpenSSL::Digest.new(@algorithm), key, value)
+        end
+
+        def hexhmac(key, value)
+          OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new(@algorithm), key, value)
+        end
+      end
+
+      class << self
+        def extra_options(options)
+          Class.new(options.class) do
+            def_option(:sigv4_signer) do |signer|
+              signer.is_a?(Signer) ? signer : Signer.new(signer)
+            end
+          end.new.merge(options)
+        end
+
+        def load_dependencies(klass)
+          require "openssl"
+          klass.plugin(:expect)
+          klass.plugin(:compression)
+        end
+      end
+
+      module InstanceMethods
+        def aws_sigv4_authentication(**options)
+          with(sigv4_signer: Signer.new(**options))
+        end
+
+        def build_request(*, _)
+          request = super
+
+          return request if request.headers.key?("authorization")
+
+          signer = request.options.sigv4_signer
+
+          return request unless signer
+
+          signer.sign!(request)
+
+          request
+        end
+      end
+
+      module RequestMethods
+        def canonical_path
+          path = uri.path.dup
+          path << "/" if path.empty?
+          path.gsub(%r{[^/]+}) { |part| CGI.escape(part.encode("UTF-8")).gsub("+", "%20").gsub("%7E", "~") }
+        end
+
+        def canonical_query
+          params = query.split("&")
+          # params = params.map { |p| p.match(/=/) ? p : p + '=' }
+          # From: https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html
+          # Sort the parameter names by character code point in ascending order.
+          # Parameters with duplicate names should be sorted by value.
+          #
+          # Default sort <=> in JRuby will swap members
+          # occasionally when <=> is 0 (considered still sorted), but this
+          # causes our normalized query string to not match the sent querystring.
+          # When names match, we then sort by their values.  When values also
+          # match then we sort by their original order
+          params.each.with_index.sort do |a, b|
+            a, a_offset = a
+            b, b_offset = b
+            a_name, a_value = a.split("=")
+            b_name, b_value = b.split("=")
+            if a_name == b_name
+              if a_value == b_value
+                a_offset <=> b_offset
+              else
+                a_value <=> b_value
+              end
+            else
+              a_name <=> b_name
+            end
+          end.map(&:first).join("&")
+        end
+      end
+    end
+    register_plugin :aws_sigv4, AWSSigV4
+  end
+end

data/lib/httpx/plugins/compression.rb

@@ -94,7 +94,7 @@ module HTTPX
         end
 
         def write(chunk)
-          return super unless defined?(@_inflaters)
+          return super unless defined?(@_inflaters) && !chunk.empty?
 
           chunk = decompress(chunk)
           super(chunk)

data/lib/httpx/plugins/compression/deflate.rb

@@ -18,10 +18,7 @@ module HTTPX
           module_function
 
           def deflate(raw, buffer, chunk_size:)
-            deflater = Zlib::Deflate.new(Zlib::BEST_COMPRESSION,
-                                         Zlib::MAX_WBITS,
-                                         Zlib::MAX_MEM_LEVEL,
-                                         Zlib::HUFFMAN_ONLY)
+            deflater = Zlib::Deflate.new
             while (chunk = raw.read(chunk_size))
               compressed = deflater.deflate(chunk)
               buffer << compressed
@@ -31,7 +28,7 @@ module HTTPX
             buffer << last
             yield last if block_given?
           ensure
-            deflater.close
+            deflater.close if deflater
           end
         end
 

data/lib/httpx/plugins/cookies/set_cookie_parser.rb

@@ -107,7 +107,7 @@ module HTTPX
               case aname
               when "expires"
                 # RFC 6265 5.2.1
-                (avalue &&= Time.httpdate(avalue)) || next
+                (avalue &&= Time.parse(avalue)) || next
               when "max-age"
                 # RFC 6265 5.2.2
                 next unless /\A-?\d+\z/.match?(avalue)

data/lib/httpx/plugins/expect.rb

@@ -10,6 +10,10 @@ module HTTPX
     module Expect
       EXPECT_TIMEOUT = 2
 
+      def self.no_expect_store
+        @no_expect_store ||= []
+      end
+
       def self.extra_options(options)
         Class.new(options.class) do
           def_option(:expect_timeout) do |seconds|
@@ -28,25 +32,46 @@ module HTTPX
         end.new(options).merge(expect_timeout: EXPECT_TIMEOUT)
       end
 
-      module RequestBodyMethods
-        def initialize(*, options)
+      module RequestMethods
+        def initialize(*)
           super
-          return if @body.nil?
+          return if @body.empty?
 
-          threshold = options.expect_threshold_size
-          return if threshold && !unbounded_body? && @body.bytesize < threshold
+          threshold = @options.expect_threshold_size
+          return if threshold && !@body.unbounded_body? && @body.bytesize < threshold
+
+          return if Expect.no_expect_store.include?(origin)
 
           @headers["expect"] = "100-continue"
         end
+
+        def response=(response)
+          if response && response.status == 100 &&
+             !@headers.key?("expect") &&
+             (@state == :body || @state == :done)
+
+            # if we're past this point, this means that we just received a 100-Continue response,
+            # but the request doesn't have the expect flag, and is already flushing (or flushed) the body.
+            #
+            # this means that expect was deactivated for this request too soon, i.e. response took longer.
+            #
+            # so we have to reactivate it again.
+            @headers["expect"] = "100-continue"
+            @informational_status = 100
+            Expect.no_expect_store.delete(origin)
+          end
+          super
+        end
       end
 
       module ConnectionMethods
         def send(request)
-          request.once(:expects) do
+          request.once(:expect) do
             @timers.after(@options.expect_timeout) do
-              if request.state == :expects && !request.expects?
+              if request.state == :expect && !request.expects?
+                Expect.no_expect_store << request.origin
                 request.headers.delete("expect")
-                handle(request)
+                consume
               end
             end
           end