jedlik 0.0.1

data/Gemfile

@@ -0,0 +1 @@
+gemspec

data/README.mkd

@@ -0,0 +1,25 @@
+Jedlik
+======
+
+Communicate with *Amazon DynamoDB* in Ruby. Raw access to the full API without
+having to handle temporary credentials or HTTP requests by yourself.
+
+Does not require the AWS gem.  
+Requires **Typhoeus**.
+
+Usage
+-----
+
+Jedlik maps the DynamoDB API closely. Once the connection object is ready, all
+requests are done through `#post`. The first argument is the name of the
+operation, the second is a hash that will be converted to JSON and used as the
+request body.
+
+    require 'jedlik'
+
+    conn = Jedlik::Connection.new 'DG7I54_KEY_ID', 'wr31PP+hu5d76+SECRET_KEY'
+
+    conn.post :ListTables    # => {"TableNames"=>["table1", "table2"]}
+
+    conn.post :GetItem, {:TableName => "table1", :Key => {:S => "foo"}}
+    # => Hash

data/lib/jedlik.rb

@@ -0,0 +1,16 @@
+require 'typhoeus'
+require 'time'
+require 'base64'
+require 'openssl'
+require 'cgi'
+require 'json'
+
+module Jedlik
+  class ClientError < Exception; end
+  class ServerError < Exception; end
+
+  require 'jedlik/typhoeus/request'
+
+  require 'jedlik/security_token_service'
+  require 'jedlik/connection'
+end

data/lib/jedlik/connection.rb

@@ -0,0 +1,75 @@
+module Jedlik
+
+  # Establishes a connection to Amazon DynamoDB using credentials.
+  class Connection
+    attr_reader :sts
+
+    DEFAULTS = {
+      :endpoint => 'dynamodb.us-east-1.amazonaws.com',
+    }
+
+    # Acceptable `opts` keys are:
+    #
+    #     :endpoint # DynamoDB endpoint to use.
+    #               # Default: 'dynamodb.us-east-1.amazonaws.com'
+    #
+    def initialize access_key_id, secret_access_key, opts={}
+      opts = DEFAULTS.merge opts
+      @sts = SecurityTokenService.new access_key_id, secret_access_key
+      @endpoint = opts[:endpoint]
+    end
+
+    # Create and send a request to DynamoDB.
+    # Returns a hash extracted from the response body.
+    #
+    # `operation` can be any DynamoDB operation. `data` is a hash that will be
+    # used as the request body (in JSON format). More info available at:
+    #
+    # http://docs.amazonwebservices.com/amazondynamodb/latest/developerguide
+    #
+    def post operation, data={}
+      request = new_request operation, data.to_json
+      request.sign sts
+      hydra.queue request; hydra.run
+      response = request.response
+
+      if status_ok? response
+        JSON.parse response.body
+      end
+    end
+
+  private
+
+    def hydra
+      Typhoeus::Hydra.hydra
+    end
+
+    def new_request operation, body
+      (Typhoeus::Request.new "https://#{@endpoint}/",
+      :method => :post,
+      :headers => {
+        'host' => @endpoint,
+        'content-type' => "application/x-amz-json-1.0",
+        'x-amz-date' => (Time.now.utc.strftime "%a, %d %b %Y %H:%M:%S GMT"),
+        'x-amz-security-token' => sts.session_token,
+        'x-amz-target' => "DynamoDB_20111205.#{operation}",
+        },
+      :body => body)
+    end
+
+    def status_ok? response
+      case response.code
+      when 200
+        true
+      when 400..499
+        js = JSON.parse response.body
+        (raise ClientError,
+        "#{js['__type'].match(/#(.+)\Z/)[1]}: #{js["message"]}")
+      when 500..599
+        raise ServerError
+      else
+        false
+      end
+    end
+  end
+end

data/lib/jedlik/security_token_service.rb

@@ -0,0 +1,96 @@
+module Jedlik
+
+  # SecurityTokenService automatically manages the creation and renewal of
+  # temporary AWS credentials.
+  #
+  # Usage:
+  #
+  #     credentials = SecurityTokenService.new "id", "secret key"
+  #     credentials.access_key_id     # => String
+  #     credentials.secret_access_key # => String
+  #     credentials.session_token     # => String
+  #
+  class SecurityTokenService
+
+    # A SecurityTokenService is initialized for a single AWS user using his
+    # credentials.
+    def initialize access_key_id, secret_access_key
+      @_access_key_id = access_key_id
+      @_secret_access_key = secret_access_key
+    end
+
+    # Get a temporary access key id from STS or from cache.
+    def access_key_id
+      obtain_credentials
+      @access_key_id
+    end
+
+    # Get a temporary secret access key from STS or from cache.
+    def secret_access_key
+      obtain_credentials
+      @secret_access_key
+    end
+
+    # Get a temporary session token from STS or from cache.
+    def session_token
+      obtain_credentials
+      @session_token
+    end
+
+    private
+
+    # Extract the contents of a given tag.
+    def get_tag tag, string
+      # Considering that the XML string received from STS is sane and always
+      # has the same simple structure, I think a simple regular expression
+      # can do the job (with the benefit of not adding a dependency on
+      # another library just for ONE method). I will switch to Nokogiri if
+      # needed.
+      string.match(/#{tag.to_s}>([^<]*)/)[1]
+    end
+
+    # Obtain temporary credentials, set to expire after 1 hour. If
+    # credentials were previously obtained, no request is made until they
+    # expire.
+    def obtain_credentials
+      if (not @expiration) or (@expiration <= Time.now.utc)
+        body = (Typhoeus::Request.get request_uri).body
+
+        @session_token = (get_tag :SessionToken, body)
+        @secret_access_key = (get_tag :SecretAccessKey, body)
+        @expiration = (Time.parse (get_tag :Expiration, body))
+        @access_key_id = (get_tag :AccessKeyId, body)
+      end
+    end
+
+    # Generate the params to be sent to STS.
+    def request_params
+      {
+        :AWSAccessKeyId   => @_access_key_id,
+        :Action           => 'GetSessionToken',
+        :DurationSeconds  => '3600',
+        :SignatureMethod  => 'HmacSHA256',
+        :SignatureVersion => '2',
+        :Timestamp        => Time.now.utc.iso8601,
+        :Version          => '2011-06-15',
+      }
+    end
+
+    # Generate the URI that should be requested.
+    def request_uri
+      qs = (request_params).map do |key, val|
+        [(CGI.escape key.to_s), (CGI.escape val)].join '='
+      end.join '&'
+
+      "https://sts.amazonaws.com/?#{qs}&Signature=" +
+      (CGI.escape (sign "GET\nsts.amazonaws.com\n/\n#{qs}"))
+    end
+
+    # Sign (HMAC-SHA256) a string using the secret key given at
+    # initialization.
+    def sign string
+      (Base64.encode64 (OpenSSL::HMAC.digest 'sha256',
+      @_secret_access_key, string)).chomp
+    end
+  end
+end

data/lib/jedlik/typhoeus/request.rb

@@ -0,0 +1,30 @@
+module Typhoeus
+  class Request
+    def sign sts
+      headers.merge!({'x-amzn-authorization' => [
+        "AWS3 AWSAccessKeyId=#{sts.access_key_id}",
+        "Algorithm=HmacSHA256",
+        "Signature=#{digest sts.secret_access_key}"
+      ].join(',')})
+    end
+
+    private
+
+    def digest secret_key
+      (Base64.encode64 (OpenSSL::HMAC.digest 'sha256',
+      secret_key, (Digest::SHA256.digest string_to_sign))).chomp
+    end
+
+    def string_to_sign
+      ["POST\n/\n\nhost:#{@parsed_uri.host}", amz_to_sts, body].join "\n"
+    end
+
+    def amz_to_sts
+      get_amz_headers.sort.map{|key, val| ([key, val].join ':') + "\n"}.join
+    end
+
+    def get_amz_headers
+      headers.select{|key, val| key =~ /\Ax-amz-/}
+    end
+  end
+end

data/spec/jedlik/security_token_service_spec.rb

@@ -0,0 +1,65 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+
+VALID_RESPONSE_BODY = "<GetSessionTokenResponse " +
+"xmlns=\"https://sts.amazonaws.com/doc/2011-06-15/\">
+<GetSessionTokenResult>
+<Credentials>
+<SessionToken>SESSION_TOKEN</SessionToken>
+<SecretAccessKey>SECRET_ACCESS_KEY</SecretAccessKey>
+<Expiration>2036-03-19T01:03:22.276Z</Expiration>
+<AccessKeyId>ACCESS_KEY_ID</AccessKeyId>
+</Credentials>
+</GetSessionTokenResult>
+<ResponseMetadata>
+<RequestId>f0fa5827-7156-11e1-8f1e-a92b58fdc66e</RequestId>
+</ResponseMetadata>
+</GetSessionTokenResponse>
+"
+
+module Jedlik
+  describe SecurityTokenService do
+    let(:sts){SecurityTokenService.new "access_key_id", "secret_access_key"}
+    let(:response){(Typhoeus::Response.new body: VALID_RESPONSE_BODY)}
+
+    before{Typhoeus::Request.stub(:get).and_return response}
+
+    shared_examples_for 'cached' do |method|
+      it 'sends a request to Amazon STS at first call' do
+        Typhoeus::Request.should_receive(:get).and_return response
+        sts.send method
+      end
+
+      it 'signs the request'
+
+      it 'caches its value' do
+        Typhoeus::Request.should_receive(:get).and_return response
+        sts.send method
+        sts.send method
+      end
+    end
+
+    describe 'access_key_id' do
+      it_behaves_like 'cached', :access_key_id
+
+      it 'returns a value' do
+        sts.access_key_id.should == "ACCESS_KEY_ID"
+      end
+    end
+
+    describe 'secret_access_key' do
+      it_behaves_like 'cached', :secret_access_key
+
+      it 'returns a value' do
+        sts.secret_access_key.should == "SECRET_ACCESS_KEY"
+      end
+    end
+
+    describe 'session_token' do
+      it_behaves_like 'cached', :session_token
+
+      it 'returns a value' do
+        sts.session_token.should == "SESSION_TOKEN"
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,9 @@
+require 'rspec'
+
+$:.unshift (File.join (File.dirname __FILE__), 'lib')
+require 'jedlik'
+
+RSpec.configure do |config|
+  config.color = true
+  config.formatter = :documentation
+end

metadata

@@ -0,0 +1,85 @@
+--- !ruby/object:Gem::Specification
+name: jedlik
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Hashmal
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-03-23 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: typhoeus
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Communicate with Amazon DynamoDB. Raw access to the full API without
+  having to handle temporary credentials or HTTP requests by yourself.
+email: jeremypinat@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/jedlik/connection.rb
+- lib/jedlik/security_token_service.rb
+- lib/jedlik/typhoeus/request.rb
+- lib/jedlik.rb
+- Gemfile
+- README.mkd
+- spec/jedlik/security_token_service_spec.rb
+- spec/spec_helper.rb
+homepage: http://github.com/hashmal/jedlik
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.19
+signing_key: 
+specification_version: 3
+summary: Communicate with Amazon DynamoDB.
+test_files: []