infraforge 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f74bcdd2929604a5104b7e3b5e55e6624db716dac9cb57a32aff3d6c1aef70e3
+  data.tar.gz: eed45a427b81a4ac159a30a87a931066f8410257bbc75c29ea4a829a2afa57d5
+SHA512:
+  metadata.gz: 969ab53e6b0ccc705aa9822316afb1b78fe6384138226d387568fb898a6a25fc128b65d47a7deed797b251da06ec588e9a9312553c7eb19c934fdd17bc920c6a
+  data.tar.gz: 1c824442fecddac7185cf151dbbccaeee69f8d38457e40e96c58ebce5a29884912a2f65050230b90df6cfeda290119869e679c509a0b42fabf7beb9e17e5d8da

data/README.md

@@ -0,0 +1,74 @@
+# InfraForge — Ruby SDK
+
+Official Ruby client for [InfraForge](https://infraforge.digitalforge.ia.br).
+
+## Install
+
+```bash
+gem install infraforge
+```
+
+Or add to `Gemfile`:
+
+```ruby
+gem "infraforge"
+```
+
+## Quickstart
+
+```ruby
+require "infraforge"
+
+c = InfraForge::Client.new(
+  url: "https://infraforge.example.com",
+  project_slug: "my-app",
+  api_key: "if_xxxxx",
+)
+
+# Sign in (stores session in memory)
+c.sign_in(email: "alice@example.com", password: "secret")
+
+# Run a SQL query — RLS enforced via JWT
+rows = c.query("SELECT id, title FROM posts WHERE author_id = current_user_id()")
+rows.each { |r| puts r["title"] }
+
+# Parameterized
+rows = c.query("SELECT * FROM posts WHERE id = $1", [42])
+
+# Sign up (admin may need to approve)
+res = c.sign_up(email: "alice@example.com", password: "secret", name: "Alice")
+puts "pending approval" if res[:pending]
+
+# Reset password
+c.request_password_reset("alice@example.com")
+
+# Sign out
+c.sign_out
+```
+
+## Social login (browser flow)
+
+```ruby
+url = c.social_login_url(provider: "google", redirect_to: "https://app.example.com/callback")
+# Redirect user to `url`. After auth, they land at redirect_to#token=<jwt>.
+# Extract the fragment in JS, POST to your Ruby service, then:
+c.set_token(jwt)
+```
+
+## Errors
+
+```ruby
+begin
+  c.sign_in(email: "a@b.com", password: "wrong")
+rescue InfraForge::AuthError => e
+  if e.pending
+    puts "pending admin approval"
+  else
+    puts "login failed: #{e.message}"
+  end
+end
+```
+
+## License
+
+MIT

data/infraforge.gemspec

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require_relative "lib/infraforge/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "infraforge"
+  spec.version = InfraForge::VERSION
+  spec.authors = ["InfraForge"]
+
+  spec.summary = "Official Ruby SDK for InfraForge."
+  spec.description = "Auth + database query client for the InfraForge self-hosted project provisioning platform."
+  spec.homepage = "https://infraforge.digitalforge.ia.br"
+  spec.license = "MIT"
+  spec.required_ruby_version = ">= 3.0"
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = "https://github.com/tuliobarreto1/Infraforge"
+
+  spec.files = Dir["lib/**/*.rb", "README.md", "infraforge.gemspec"]
+  spec.require_paths = ["lib"]
+end

data/lib/infraforge/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module InfraForge
+  VERSION = "0.1.0"
+end

data/lib/infraforge.rb

@@ -0,0 +1,205 @@
+# frozen_string_literal: true
+
+require "json"
+require "net/http"
+require "uri"
+require "base64"
+
+require_relative "infraforge/version"
+
+# InfraForge SDK — auth + database query against a project.
+#
+# Example:
+#   c = InfraForge::Client.new(url: "https://infraforge.example.com",
+#                              project_slug: "my-app",
+#                              api_key: "if_xxx")
+#   c.sign_in(email: "alice@example.com", password: "secret")
+#   rows = c.query("SELECT id FROM posts WHERE author_id = current_user_id()")
+module InfraForge
+  User = Struct.new(:id, :email, :role, :metadata, :created_at, keyword_init: true)
+  Session = Struct.new(:user, :token, keyword_init: true)
+
+  class AuthError < StandardError
+    attr_reader :pending
+
+    def initialize(message, pending: false)
+      super(message)
+      @pending = pending
+    end
+  end
+
+  class QueryError < StandardError; end
+
+  class Client
+    attr_reader :session
+
+    def initialize(url:, project_slug:, api_key:, timeout: 30)
+      @url = url.chomp("/")
+      @project_slug = project_slug
+      @api_key = api_key
+      @timeout = timeout
+      @session = nil
+    end
+
+    def token
+      @session&.token
+    end
+
+    # Manually set a JWT (e.g., received from external OAuth callback).
+    def set_token(token)
+      parts = token.split(".")
+      user = User.new(id: "", email: "", role: "authenticated")
+      if parts.size == 3
+        begin
+          payload = JSON.parse(base64url_decode(parts[1]))
+          user = User.new(
+            id: payload["sub"].to_s,
+            email: payload["email"].to_s,
+            role: (payload["role"] || "authenticated").to_s,
+          )
+        rescue StandardError
+          # leave default user
+        end
+      end
+      @session = Session.new(user: user, token: token)
+    end
+
+    # Register a new user. Returns { user:, pending:, message: }.
+    # If admin approval is required, status is 202 and pending is true.
+    def sign_up(email:, password:, name: nil)
+      body = { email: email, password: password }
+      body[:name] = name unless name.nil?
+      status, data = request(:post, auth_url("/register"), body: body)
+      raise AuthError, error_msg(data, status) if status >= 400
+
+      {
+        user: data["user"] ? user_from_hash(data["user"]) : nil,
+        pending: status == 202,
+        message: data["message"],
+      }
+    end
+
+    # Sign in. Stores session in memory.
+    def sign_in(email:, password:)
+      status, data = request(:post, auth_url("/login"), body: { email: email, password: password })
+      if status >= 400
+        pending = status == 403
+        raise AuthError.new(error_msg(data, status), pending: pending)
+      end
+
+      raise AuthError, "Malformed login response" unless data["user"] && data["token"]
+
+      @session = Session.new(user: user_from_hash(data["user"]), token: data["token"])
+    end
+
+    # Fetch current user from server.
+    def get_user
+      raise AuthError, "Not authenticated" if @session.nil?
+
+      status, data = request(:get, auth_url("/me"),
+        headers: { "Authorization" => "Bearer #{@session.token}" })
+      if status >= 400
+        @session = nil if status == 401
+        raise AuthError, error_msg(data, status)
+      end
+
+      user = user_from_hash(data.fetch("user"))
+      @session = Session.new(user: user, token: @session.token)
+      user
+    end
+
+    # Request password reset email (silent, no enumeration).
+    def request_password_reset(email)
+      status, data = request(:post, auth_url("/forgot-password"), body: { email: email })
+      raise AuthError, error_msg(data, status) if status >= 400
+
+      true
+    end
+
+    # Clear the in-memory session.
+    def sign_out
+      @session = nil
+    end
+
+    # Build the OAuth start URL for a browser flow.
+    def social_login_url(provider:, redirect_to:)
+      raise ArgumentError, "provider must be 'google' or 'github'" unless %w[google github].include?(provider)
+
+      "#{auth_url("/oauth/#{provider}/start")}?redirectTo=#{URI.encode_www_form_component(redirect_to)}"
+    end
+
+    # Run a SQL query — RLS enforced via current JWT.
+    def query(sql, params = [])
+      raise QueryError, "Not authenticated. Call sign_in first." if @session.nil?
+
+      status, data = request(:post, "#{@url}/api/query/#{@project_slug}",
+        headers: {
+          "x-infraforge-key" => @api_key,
+          "Authorization" => "Bearer #{@session.token}",
+        },
+        body: { query: sql, params: params })
+      raise QueryError, error_msg(data, status) if status >= 400
+
+      data["data"] || []
+    end
+
+    private
+
+    def auth_url(path)
+      "#{@url}/api/auth/#{@project_slug}#{path}"
+    end
+
+    def request(method, url, headers: {}, body: nil)
+      uri = URI(url)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = uri.scheme == "https"
+      http.read_timeout = @timeout
+      http.open_timeout = @timeout
+
+      req_class =
+        case method
+        when :get then Net::HTTP::Get
+        when :post then Net::HTTP::Post
+        when :put then Net::HTTP::Put
+        when :delete then Net::HTTP::Delete
+        else raise ArgumentError, "unsupported method: #{method}"
+        end
+
+      req = req_class.new(uri.request_uri)
+      headers.each { |k, v| req[k] = v }
+      if body
+        req["Content-Type"] = "application/json"
+        req.body = JSON.generate(body)
+      end
+
+      resp = http.request(req)
+      data =
+        begin
+          JSON.parse(resp.body || "{}")
+        rescue JSON::ParserError
+          {}
+        end
+      [resp.code.to_i, data]
+    end
+
+    def error_msg(data, status)
+      msg = data["error"]
+      msg && !msg.empty? ? msg : "HTTP #{status}"
+    end
+
+    def user_from_hash(h)
+      User.new(
+        id: h["id"].to_s,
+        email: h["email"].to_s,
+        role: (h["role"] || "authenticated").to_s,
+        metadata: h["metadata"],
+        created_at: h["created_at"],
+      )
+    end
+
+    def base64url_decode(s)
+      pad = (4 - (s.length % 4)) % 4
+      Base64.urlsafe_decode64(s + ("=" * pad))
+    end
+  end
+end

metadata

@@ -0,0 +1,45 @@
+--- !ruby/object:Gem::Specification
+name: infraforge
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- InfraForge
+bindir: bin
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies: []
+description: Auth + database query client for the InfraForge self-hosted project provisioning
+  platform.
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- infraforge.gemspec
+- lib/infraforge.rb
+- lib/infraforge/version.rb
+homepage: https://infraforge.digitalforge.ia.br
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://infraforge.digitalforge.ia.br
+  source_code_uri: https://github.com/tuliobarreto1/Infraforge
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '3.0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 4.0.6
+specification_version: 4
+summary: Official Ruby SDK for InfraForge.
+test_files: []