imageproxy 0.1.0

data/spec/options_spec.rb

@@ -0,0 +1,87 @@
+require 'base64'
+require "#{File.dirname(__FILE__)}/../imageproxy"
+require "#{File.dirname(__FILE__)}/../lib/options"
+
+describe Options do
+  describe "parsing path" do
+    context "a simple URL" do
+      subject { Options.new "/process/color/blue/size/medium", {} }
+      its(:command) { should == "process" }
+      its(:color) { should == "blue" }
+      its(:size) { should == "medium" }
+    end
+
+    context "source" do
+      context "when double-escaped" do
+        subject { Options.new "/process/source/http%253A%252F%252Fexample.com%252Fdog.jpg", {} }
+        it("should unescape") { subject.source.should == "http://example.com/dog.jpg" }
+      end
+
+      context "when escaped" do
+        subject { Options.new "/process/source/http%3A%2F%2Fexample.com%2Fdog.jpg", {} }
+        it("should unescape") { subject.source.should == "http://example.com/dog.jpg" }
+      end
+
+      context "when not escaped" do
+        subject { Options.new "/process/source/foo", {} }
+        it("should not unescape") { subject.source.should == "foo" }
+      end
+
+      context "when parameter is named 'src'" do
+        subject { Options.new "/process/src/foo", {} }
+        it("should rename to 'source'") { subject.source.should == "foo" }
+      end
+    end
+
+    context "signature" do
+      context "when escaped with + signs" do
+        subject { Options.new "/process/source/foo/signature/foo+bar", {} }
+        it("should keep the + sign") { subject.signature.should == "foo+bar" }
+      end
+    end
+  end
+
+  describe "adding query params" do
+    subject { Options.new "/convert/source/foo", { "resize" => "20x20" } }
+    it("should add query params") { subject.resize.should == "20x20" }
+    it("should keep params from path") { subject.source.should == "foo" }
+  end
+
+  describe "content type" do
+    context "when guessing based on source filename" do
+      it("should understand .png") { Options.new("/convert", "source" => "foo.png").content_type.should == "image/png" }
+      it("should understand .jpg") { Options.new("/convert", "source" => "foo.jpg").content_type.should == "image/jpeg" }
+      it("should understand .JPEG") { Options.new("/convert", "source" => "foo.JPEG").content_type.should == "image/jpeg" }
+    end
+  end
+
+  describe "obfuscation" do
+    it "should allow the query string to be encoded in base64" do
+      encoded = CGI.escape(Base64.encode64("resize=20x20&source=http://example.com/dog.jpg"))
+      options = Options.new "/convert", "_" => encoded
+      options.resize.should == "20x20"
+      options.source.should == "http://example.com/dog.jpg"
+    end
+
+    it "should allow the path to be encoded in base64" do
+      encoded = CGI.escape(Base64.encode64("resize/20x20/source/http%3A%2F%2Fexample.com%2Fdog.jpg"))
+      options = Options.new "/convert/-/#{encoded}", {}
+      options.resize.should == "20x20"
+      options.source.should == "http://example.com/dog.jpg"
+    end
+  end
+
+  describe "quality" do
+    it "should be set to 0 if it's less than 0" do
+      Options.new("/convert", "quality" => "-39").quality.should == "0"
+    end
+
+    it "should be set to 100 if it's > 100" do
+      Options.new("/convert", "quality" => "293").quality.should == "100"
+    end
+    
+    it "should not change if it's >= 0 <= 100" do
+      Options.new("/convert", "quality" => "59").quality.should == "59"
+    end
+  end
+end

data/spec/server_spec.rb

@@ -0,0 +1,122 @@
+require 'spec_helper'
+
+describe "Server" do
+  include Rack::Test::Methods
+
+  RSpec::Matchers.define :succeed do
+    match do |actual|
+      actual.status == 200
+    end
+  end
+
+  RSpec::Matchers.define :fail do
+    match do |actual|
+      actual.status == 500
+    end
+  end
+
+  def app
+    @app ||= Server.new
+  end
+
+  context "when converting" do
+    it "should send back the right result" do
+      app.stub!(:config) { |sym| nil }
+      get("/convert/resize/10x20/source/#{escaped_test_image_url}").should succeed
+      Compare.new(response_body_as_file, test_image_path("10x20")).execute.should == "0"
+    end
+  end
+
+  context "when identifying" do
+    it "should send back information about the image" do
+      app.stub!(:config) { |sym| nil }
+      get "/identify/source/#{escaped_test_image_url}"
+      last_response.body.should =~ /Format: PNG.*Geometry: 200x116\+0\+0/m
+    end
+  end
+
+  context "when signature is required" do
+    before do
+      @secret = "SEEKRET"
+      app.stub!(:config) { |sym| {:signature_required => "true", :signature_secret => @secret}[sym] }
+    end
+
+    it "should fail if the signature is missing" do
+      get("/convert/resize/10x20/source/#{escaped_test_image_url}").should fail
+    end
+
+    it "should fail if the signature is incorrect" do
+      url = "/convert/resize/10x20/source/#{escaped_test_image_url}"
+      signature = "BAD"
+      get("#{url}?signature=#{signature}").should fail
+    end
+
+    it "should work if the signature is correct" do
+      url = "/convert/resize/10x20/source/#{escaped_test_image_url}"
+      signature = Signature.create(url, @secret)
+      get("#{url}?signature=#{CGI.escape(signature)}").should succeed
+    end
+
+    it "should work if the signature is part of the path" do
+      url = "/convert/resize/10x20/source/#{escaped_test_image_url}"
+      signature = Signature.create(url, @secret)
+      get("#{url}/signature/#{URI.escape(signature)}").should succeed
+    end
+  end
+
+  context "when limiting to certain domains" do
+    before do
+      app.stub!(:config) { |sym| {:allowed_domains => " example.com  ,example.org"}[sym] }
+    end
+
+    it "should parse the allowed domains" do
+      app.send(:allowed_domains).should =~ ["example.com", "example.org"]
+    end
+
+    it "should only examine the second-level domain" do
+      app.send(:url_to_domain, "http://foo.bar.example.com/something").should == "example.com"
+    end
+
+    it "should fail if the source domain is not in the allowed domains" do
+      get("/convert/resize/10x20/source/#{CGI.escape('http://example.net/dog.jpg')}").should fail
+    end
+
+    it "should pass if the source domain is in the allowed domains" do
+      get("/convert/resize/10x20/source/#{CGI.escape('http://example.org/dog.jpg')}").should succeed
+    end
+  end
+
+  context "when limiting to a maximum size" do
+    before do
+      app.stub!(:config) { |sym| { :max_size => "50" }[sym] }
+    end
+
+    it "should parse out the larger dimension" do
+      app.send(:requested_size, "10x50").should == 50
+      app.send(:requested_size, "50x50").should == 50
+      app.send(:requested_size, "50").should == 50
+    end
+    
+    it "should pass when converting to a smaller size" do
+      get("/convert/resize/20x20/source/#{escaped_test_image_url}").should succeed
+    end
+
+    it "should pass when converting to the max size" do
+      get("/convert/resize/50x50/source/#{escaped_test_image_url}").should succeed
+    end
+
+    it "should fail when converting to a larger size" do
+      get("/convert/resize/50x51/source/#{escaped_test_image_url}").should fail
+    end
+
+    it "should pass when thumbnailing to a smaller size" do
+      get("/convert/thumbnail/20x20/source/#{escaped_test_image_url}").should succeed
+    end
+
+    it "should fail when thumbnailing to a larger size" do
+      get("/convert/thumbnail/50x51/source/#{escaped_test_image_url}").should fail
+    end
+
+  end
+end
+

data/spec/signature_spec.rb

@@ -0,0 +1,74 @@
+require 'spec_helper'
+
+describe Signature do
+  describe "#create" do
+    it "should create a signature from a query string" do
+      Signature.create("/convert?src=http://www.example.com/dog.jpg&resize=400x400&signature=AAA&key=BBB", "SECRET").should_not be_nil
+    end
+
+    it "should ignore the signature param" do
+      Signature.create("/convert?src=SRC&resize=10x10&signature=SIG&key=KEY", "SECRET").should == Signature.create("/convert?src=SRC&resize=10x10&key=KEY", "SECRET")
+    end
+  end
+
+  describe "#correct?" do
+    it "should validate a signature" do
+      Signature.correct?(Signature.create("/convert?src=SRC&resize=10x10&key=KEY", "SECRET"), "/convert?src=SRC&resize=10x10&key=KEY", "SECRET").should be_true
+    end
+
+    it "should return false if signature is nil" do
+      Signature.correct?(nil, "/convert?src=SRC&resize=10x10&key=KEY", "SECRET").should be_false
+    end
+
+    it "should handle URL-safe signatures" do
+      Signature.correct?("_v70E0zfdcRR4cJehS2mhvqJ-8s=", "YLANEBHFSJGCAWKDNCKWEKJRXKPMYU", "SECRET").should be_true
+    end
+
+    it "should handle non-URL-safe signatures" do
+      Signature.correct?("k7DMQ/G8YAsbSovX+mDFjlHHMjo=", "YPMMYCRRECCCIPSXPDDFIJFSINOIRC", "SECRET").should be_true
+    end
+  end
+
+  describe "#remove_signature_from" do
+    it "should remove the signature when it's the only query param" do
+      Signature.remove_signature_from("/convert/a/apple/b/banana?signature=SIG").should ==
+        "/convert/a/apple/b/banana"
+    end
+
+    it "should remove the signature from the beginning of the query string" do
+      Signature.remove_signature_from("/convert/a/apple/b/banana?signature=SIG&c=cherry&d=donut").should == 
+        "/convert/a/apple/b/banana?c=cherry&d=donut"
+    end
+    
+    it "should remove the signature from the middle of the query string" do
+      Signature.remove_signature_from("/convert/a/apple/b/banana?c=cherry&signature=SIG&d=donut").should == 
+        "/convert/a/apple/b/banana?c=cherry&d=donut"
+    end
+    
+    it "should remove the signature from the end of the query string" do
+      Signature.remove_signature_from("/convert/a/apple/b/banana?c=cherry&d=donut&signature=SIG").should == 
+        "/convert/a/apple/b/banana?c=cherry&d=donut"
+    end
+
+    it "should remove the signature from the beginning of the path" do
+      Signature.remove_signature_from("/convert/signature/SIG/a/apple/b/banana?c=cherry&d=donut").should ==
+        "/convert/a/apple/b/banana?c=cherry&d=donut"
+    end
+
+    it "should remove the signature from the middle of the path" do
+      Signature.remove_signature_from("/convert/a/apple/signature/SIG/b/banana?c=cherry&d=donut").should ==
+        "/convert/a/apple/b/banana?c=cherry&d=donut"
+    end
+
+    it "should remove the signature from the end of the path" do
+      Signature.remove_signature_from("/convert/a/apple/b/banana/signature/SIG?c=cherry&d=donut").should ==
+        "/convert/a/apple/b/banana?c=cherry&d=donut"
+    end
+
+    it "should remove the signature from the end of the path when there's no query string" do
+      Signature.remove_signature_from("/convert/a/apple/b/banana/signature/SIG").should ==
+        "/convert/a/apple/b/banana"
+    end
+  end
+end
+

data/spec/spec_helper.rb

@@ -0,0 +1,23 @@
+Bundler.require :test
+
+Dir.glob(File.join(File.dirname(__FILE__), "..", "lib", "**", "*.rb")).each {|f| require f }
+
+def response_body_as_file
+  result_file = Tempfile.new("request_spec")
+  result_file.write(last_response.body)
+  result_file.close
+  result_file
+end
+
+def test_image_path(size=nil)
+  size_suffix = size.nil? ? "" : "_#{size}"
+  File.expand_path(File.dirname(__FILE__) + "/../public/sample#{size_suffix}.png")
+end
+
+def test_image_url
+  "file://#{test_image_path}"
+end
+
+def escaped_test_image_url
+  CGI.escape test_image_url
+end

metadata

@@ -0,0 +1,184 @@
+--- !ruby/object:Gem::Specification 
+name: imageproxy
+version: !ruby/object:Gem::Version 
+  prerelease: 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Erik Hanson
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-06-08 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rack
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :runtime
+  prerelease: false
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: rake
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :runtime
+  prerelease: false
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: mime-types
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :runtime
+  prerelease: false
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: heroku
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: shotgun
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: rack-test
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: awesome_print
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id008
+- !ruby/object:Gem::Dependency 
+  name: jeweler
+  requirement: &id009 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id009
+description: A image processing proxy server, written in Ruby as a Rack application. Requires ImageMagick.
+email: erik@eahanson.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE.txt
+- README.mdown
+files: 
+- .document
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.mdown
+- Rakefile
+- VERSION
+- config.ru
+- imageproxy.gemspec
+- imageproxy.rb
+- lib/command.rb
+- lib/compare.rb
+- lib/convert.rb
+- lib/identify.rb
+- lib/options.rb
+- lib/selftest.rb
+- lib/server.rb
+- lib/signature.rb
+- public/background.png
+- public/sample.png
+- public/sample_10x20.png
+- spec/command_spec.rb
+- spec/convert_spec.rb
+- spec/options_spec.rb
+- spec/server_spec.rb
+- spec/signature_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/eahanson/imageproxy
+licenses: 
+- MIT
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: -3683020924727670917
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: A image processing proxy server, written in Ruby as a Rack application.
+test_files: []
+