httpx 0.11.1 → 0.13.1

data/lib/httpx/options.rb

@@ -6,11 +6,6 @@ module HTTPX
     MAX_BODY_THRESHOLD_SIZE = (1 << 10) * 112 # 112K
 
     class << self
-      def inherited(klass)
-        super
-        klass.instance_variable_set(:@defined_options, @defined_options.dup)
-      end
-
       def new(options = {})
         # let enhanced options go through
         return options if self == Options && options.class > self
@@ -19,13 +14,7 @@ module HTTPX
         super
       end
 
-      def defined_options
-        @defined_options ||= []
-      end
-
       def def_option(name, &interpreter)
-        defined_options << name.to_sym
-
         attr_reader name
 
         if interpreter
@@ -34,16 +23,8 @@ module HTTPX
 
             instance_variable_set(:"@#{name}", instance_exec(value, &interpreter))
           end
-
-          define_method(:"with_#{name}") do |value|
-            merge(name => instance_exec(value, &interpreter))
-          end
         else
           attr_writer name
-
-          define_method(:"with_#{name}") do |value|
-            merge(name => value)
-          end
         end
 
         protected :"#{name}="
@@ -69,6 +50,7 @@ module HTTPX
         :connection_class => Class.new(Connection),
         :transport => nil,
         :transport_options => nil,
+        :addresses => nil,
         :persistent => false,
         :resolver_class => (ENV["HTTPX_RESOLVER"] || :native).to_sym,
         :resolver_options => { cache: true },
@@ -121,6 +103,10 @@ module HTTPX
       transport
     end
 
+    def_option(:addresses) do |addrs|
+      Array(addrs)
+    end
+
     %w[
       params form json body ssl http2_settings
       request_class response_class headers_class request_body_class response_body_class connection_class
@@ -153,6 +139,8 @@ module HTTPX
 
       h1 = to_hash
 
+      return self if h1 == h2
+
       merged = h1.merge(h2) do |k, v1, v2|
         case k
         when :headers, :ssl, :http2_settings, :timeout
@@ -166,10 +154,10 @@ module HTTPX
     end
 
     def to_hash
-      hash_pairs = self.class
-                       .defined_options
-                       .flat_map { |opt_name| [opt_name, send(opt_name)] }
-      Hash[*hash_pairs]
+      hash_pairs = instance_variables.map do |ivar|
+        [ivar[1..-1].to_sym, instance_variable_get(ivar)]
+      end
+      Hash[hash_pairs]
     end
 
     def initialize_dup(other)

data/lib/httpx/parser/http1.rb

@@ -66,7 +66,6 @@ module HTTPX
         @status_code = code.to_i
         raise(Error, "wrong status code (#{@status_code})") unless (100..599).cover?(@status_code)
 
-        # @buffer.slice!(0, idx + 1)
         @buffer = @buffer.byteslice((idx + 1)..-1)
         nextstate(:headers)
       end
@@ -74,7 +73,8 @@ module HTTPX
       def parse_headers
         headers = @headers
         while (idx = @buffer.index("\n"))
-          line = @buffer.slice!(0, idx + 1).sub(/\s+\z/, "")
+          line = @buffer.byteslice(0..idx).sub(/\s+\z/, "")
+          @buffer = @buffer.byteslice((idx + 1)..-1)
           if line.empty?
             case @state
             when :headers
@@ -96,11 +96,11 @@ module HTTPX
           separator_index = line.index(":")
           raise Error, "wrong header format" unless separator_index
 
-          key = line[0..separator_index - 1]
+          key = line.byteslice(0..(separator_index - 1))
           raise Error, "wrong header format" if key.start_with?("\s", "\t")
 
           key.strip!
-          value = line[separator_index + 1..-1]
+          value = line.byteslice((separator_index + 1)..-1)
           value.strip!
           raise Error, "wrong header format" if value.nil?
 

data/lib/httpx/plugins/aws_sdk_authentication.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+module HTTPX
+  module Plugins
+    #
+    # This plugin applies AWS Sigv4 to requests, using the AWS SDK credentials and configuration.
+    #
+    # It requires the "aws-sdk-core" gem.
+    #
+    module AwsSdkAuthentication
+      #
+      # encapsulates access to an AWS SDK credentials store.
+      #
+      class Credentials
+        def initialize(aws_credentials)
+          @aws_credentials = aws_credentials
+        end
+
+        def username
+          @aws_credentials.access_key_id
+        end
+
+        def password
+          @aws_credentials.secret_access_key
+        end
+
+        def security_token
+          @aws_credentials.session_token
+        end
+      end
+
+      class << self
+        attr_reader :credentials, :region
+
+        def load_dependencies(klass)
+          require "aws-sdk-core"
+          klass.plugin(:aws_sigv4)
+
+          client = Class.new(Seahorse::Client::Base) do
+            @identifier = :httpx
+            set_api(Aws::S3::ClientApi::API)
+            add_plugin(Aws::Plugins::CredentialsConfiguration)
+            add_plugin(Aws::Plugins::RegionalEndpoint)
+            class << self
+              attr_reader :identifier
+            end
+          end.new
+
+          @credentials = Credentials.new(client.config[:credentials])
+          @region = client.config[:region]
+        end
+
+        def extra_options(options)
+          options.merge(max_concurrent_requests: 1)
+        end
+      end
+
+      module InstanceMethods
+        #
+        # aws_authentication
+        # aws_authentication(credentials: Aws::Credentials.new('akid', 'secret'))
+        # aws_authentication()
+        #
+        def aws_sdk_authentication(**options)
+          credentials = AwsSdkAuthentication.credentials
+          region = AwsSdkAuthentication.region
+
+          aws_sigv4_authentication(
+            credentials: credentials,
+            region: region,
+            provider_prefix: "aws",
+            header_provider_field: "amz",
+            **options
+          )
+        end
+        alias_method :aws_auth, :aws_sdk_authentication
+      end
+    end
+    register_plugin :aws_sdk_authentication, AwsSdkAuthentication
+  end
+end

data/lib/httpx/plugins/aws_sigv4.rb

@@ -0,0 +1,218 @@
+# frozen_string_literal: true
+
+require "set"
+require "aws-sdk-s3"
+
+module HTTPX
+  module Plugins
+    #
+    # This plugin adds AWS Sigv4 authentication.
+    #
+    # https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    #
+    # https://gitlab.com/honeyryderchuck/httpx/wikis/AWS-SigV4
+    #
+    module AWSSigV4
+      Credentials = Struct.new(:username, :password, :security_token)
+
+      class Signer
+        def initialize(
+          service:,
+          region:,
+          credentials: nil,
+          username: nil,
+          password: nil,
+          security_token: nil,
+          provider_prefix: "aws",
+          header_provider_field: "amz",
+          unsigned_headers: [],
+          apply_checksum_header: true,
+          algorithm: "SHA256"
+        )
+          @credentials = credentials || Credentials.new(username, password, security_token)
+          @service = service
+          @region = region
+
+          @unsigned_headers = Set.new(unsigned_headers.map(&:downcase))
+          @unsigned_headers << "authorization"
+          @unsigned_headers << "x-amzn-trace-id"
+          @unsigned_headers << "expect"
+
+          @apply_checksum_header = apply_checksum_header
+          @provider_prefix = provider_prefix
+          @header_provider_field = header_provider_field
+
+          @algorithm = algorithm
+        end
+
+        def sign!(request)
+          lower_provider_prefix = "#{@provider_prefix}4"
+          upper_provider_prefix = lower_provider_prefix.upcase
+
+          downcased_algorithm = @algorithm.downcase
+
+          datetime = (request.headers["x-#{@header_provider_field}-date"] ||= Time.now.utc.strftime("%Y%m%dT%H%M%SZ"))
+          date = datetime[0, 8]
+
+          content_hashed = request.headers["x-#{@header_provider_field}-content-#{downcased_algorithm}"] || hexdigest(request.body)
+
+          request.headers["x-#{@header_provider_field}-content-#{downcased_algorithm}"] ||= content_hashed if @apply_checksum_header
+          request.headers["x-#{@header_provider_field}-security-token"] ||= @credentials.security_token if @credentials.security_token
+
+          signature_headers = request.headers.each.reject do |k, _|
+            @unsigned_headers.include?(k)
+          end
+          # aws sigv4 needs to declare the host, regardless of protocol version
+          signature_headers << ["host", request.authority] unless request.headers.key?("host")
+          signature_headers.sort_by!(&:first)
+
+          signed_headers = signature_headers.map(&:first).join(";")
+
+          canonical_headers = signature_headers.map do |k, v|
+            # eliminate whitespace between value fields, unless it's a quoted value
+            "#{k}:#{v.start_with?("\"") && v.end_with?("\"") ? v : v.gsub(/\s+/, " ").strip}\n"
+          end.join
+
+          # canonical request
+          creq = "#{request.verb.to_s.upcase}" \
+            "\n#{request.canonical_path}" \
+            "\n#{request.canonical_query}" \
+            "\n#{canonical_headers}" \
+            "\n#{signed_headers}" \
+            "\n#{content_hashed}"
+
+          credential_scope = "#{date}" \
+            "/#{@region}" \
+            "/#{@service}" \
+            "/#{lower_provider_prefix}_request"
+
+          algo_line = "#{upper_provider_prefix}-HMAC-#{@algorithm}"
+          # string to sign
+          sts = "#{algo_line}" \
+                "\n#{datetime}" \
+                "\n#{credential_scope}" \
+                "\n#{hexdigest(creq)}"
+
+          # signature
+          k_date = hmac("#{upper_provider_prefix}#{@credentials.password}", date)
+          k_region = hmac(k_date, @region)
+          k_service = hmac(k_region, @service)
+          k_credentials = hmac(k_service, "#{lower_provider_prefix}_request")
+          sig = hexhmac(k_credentials, sts)
+
+          credential = "#{@credentials.username}/#{credential_scope}"
+          # apply signature
+          request.headers["authorization"] =
+            "#{algo_line} " \
+            "Credential=#{credential}, " \
+            "SignedHeaders=#{signed_headers}, " \
+            "Signature=#{sig}"
+        end
+
+        private
+
+        def hexdigest(value)
+          if value.respond_to?(:to_path)
+            # files, pathnames
+            OpenSSL::Digest.new(@algorithm).file(value.to_path).hexdigest
+          elsif value.respond_to?(:each)
+            digest = OpenSSL::Digest.new(@algorithm)
+
+            mb_buffer = value.each.each_with_object("".b) do |chunk, buffer|
+              buffer << chunk
+              break if buffer.bytesize >= 1024 * 1024
+            end
+
+            digest.update(mb_buffer)
+            value.rewind
+            digest.hexdigest
+          else
+            OpenSSL::Digest.new(@algorithm).hexdigest(value)
+          end
+        end
+
+        def hmac(key, value)
+          OpenSSL::HMAC.digest(OpenSSL::Digest.new(@algorithm), key, value)
+        end
+
+        def hexhmac(key, value)
+          OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new(@algorithm), key, value)
+        end
+      end
+
+      class << self
+        def extra_options(options)
+          Class.new(options.class) do
+            def_option(:sigv4_signer) do |signer|
+              signer.is_a?(Signer) ? signer : Signer.new(signer)
+            end
+          end.new.merge(options)
+        end
+
+        def load_dependencies(klass)
+          require "openssl"
+          klass.plugin(:expect)
+          klass.plugin(:compression)
+        end
+      end
+
+      module InstanceMethods
+        def aws_sigv4_authentication(**options)
+          with(sigv4_signer: Signer.new(**options))
+        end
+
+        def build_request(*, _)
+          request = super
+
+          return request if request.headers.key?("authorization")
+
+          signer = request.options.sigv4_signer
+
+          return request unless signer
+
+          signer.sign!(request)
+
+          request
+        end
+      end
+
+      module RequestMethods
+        def canonical_path
+          path = uri.path.dup
+          path << "/" if path.empty?
+          path.gsub(%r{[^/]+}) { |part| CGI.escape(part.encode("UTF-8")).gsub("+", "%20").gsub("%7E", "~") }
+        end
+
+        def canonical_query
+          params = query.split("&")
+          # params = params.map { |p| p.match(/=/) ? p : p + '=' }
+          # From: https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html
+          # Sort the parameter names by character code point in ascending order.
+          # Parameters with duplicate names should be sorted by value.
+          #
+          # Default sort <=> in JRuby will swap members
+          # occasionally when <=> is 0 (considered still sorted), but this
+          # causes our normalized query string to not match the sent querystring.
+          # When names match, we then sort by their values.  When values also
+          # match then we sort by their original order
+          params.each.with_index.sort do |a, b|
+            a, a_offset = a
+            b, b_offset = b
+            a_name, a_value = a.split("=")
+            b_name, b_value = b.split("=")
+            if a_name == b_name
+              if a_value == b_value
+                a_offset <=> b_offset
+              else
+                a_value <=> b_value
+              end
+            else
+              a_name <=> b_name
+            end
+          end.map(&:first).join("&")
+        end
+      end
+    end
+    register_plugin :aws_sigv4, AWSSigV4
+  end
+end

data/lib/httpx/plugins/compression.rb

@@ -13,15 +13,17 @@ module HTTPX
     # https://gitlab.com/honeyryderchuck/httpx/wikis/Compression
     #
     module Compression
-      extend Registry
-
       class << self
-        def load_dependencies(klass)
+        def configure(klass)
           klass.plugin(:"compression/gzip")
           klass.plugin(:"compression/deflate")
         end
 
         def extra_options(options)
+          encodings = Module.new do
+            extend Registry
+          end
+
           Class.new(options.class) do
             def_option(:compression_threshold_size) do |bytes|
               bytes = Integer(bytes)
@@ -29,7 +31,13 @@ module HTTPX
 
               bytes
             end
-          end.new(options).merge(headers: { "accept-encoding" => Compression.registry.keys })
+
+            def_option(:encodings) do |encs|
+              raise Error, ":encodings must be a registry" unless encs.respond_to?(:registry)
+
+              encs
+            end
+          end.new(options).merge(encodings: encodings)
         end
       end
 
@@ -37,7 +45,11 @@ module HTTPX
         def initialize(*)
           super
           # forego compression in the Range cases
-          @headers.delete("accept-encoding") if @headers.key?("range")
+          if @headers.key?("range")
+            @headers.delete("accept-encoding")
+          else
+            @headers["accept-encoding"] ||= @options.encodings.registry.keys
+          end
         end
       end
 
@@ -52,7 +64,7 @@ module HTTPX
           @headers.get("content-encoding").each do |encoding|
             next if encoding == "identity"
 
-            @body = Encoder.new(@body, Compression.registry(encoding).deflater)
+            @body = Encoder.new(@body, options.encodings.registry(encoding).deflater)
           end
           @headers["content-length"] = @body.bytesize unless chunked?
         end
@@ -61,7 +73,7 @@ module HTTPX
       module ResponseBodyMethods
         attr_reader :encodings
 
-        def initialize(*, **)
+        def initialize(*)
           @encodings = []
 
           super
@@ -80,7 +92,7 @@ module HTTPX
           @_inflaters = @headers.get("content-encoding").map do |encoding|
             next if encoding == "identity"
 
-            inflater = Compression.registry(encoding).inflater(compressed_length)
+            inflater = @options.encodings.registry(encoding).inflater(compressed_length)
             # do not uncompress if there is no decoder available. In fact, we can't reliably
             # continue decompressing beyond that, so ignore.
             break unless inflater