jko_api 0.1.3 → 0.2.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 3711a73e0bd2f3bb5186bf24f11d4530b9bbeb6c
-  data.tar.gz: e3a28ae1fc62c36cf5a3b77ee0f6820873fb9a75
+SHA256:
+  metadata.gz: 88aaa8b5e8d2dbda590b75a03aa6a860f982fe2be6bab9b2cd85ccc2a7e1b579
+  data.tar.gz: d3a107e9504ab41724cee758bb4f987f0c47de5b8f04a1a29943a4c1b79f1dd5
 SHA512:
-  metadata.gz: c6adaaad9e11e56f1971934b7522dae6cc7376e18ddae3b3358202ee73dc85452327d5eab3a62c594e05f525ced2320ff1df5b1acbcf03b8e8ce0faedcbadc6a
-  data.tar.gz: 26a75d36b762ffa83d8f74f93374b5a843f73fdc9d1c80e3f969afdd68722d2055e9d527e239b722f70477304680f2de002490f19c041bace08d668cd4816bc3
+  metadata.gz: fd91bf624a79ba36727c6ff46964b785aa250d2704958a54946e2a777a70f2317a24f4730a2de0f87df2cdd68f2633db5a0208488a7c0996c959b4e43e0fbdfd
+  data.tar.gz: f2426c6e85c5febd3abcc5317f324f97b790ad8bed546d57bec5051ebef4e286968334821365732788c0cdd16401e95a4c2df1af8d862a4c9d93bb3d1c07b00b

data/Gemfile

@@ -1,4 +1,5 @@
 source 'https://rubygems.org'
 
+gem 'warden-oauth2-strategies', github: 'airservice/warden-oauth2', require: false
 # Specify your gem's dependencies in jko_api.gemspec
 gemspec

data/README.md

@@ -6,7 +6,11 @@ This gem lets you make a single change and reversion an API without copying over
 
 ## Props
 
-99% of this gem was written by [Justin Ko](https://github.com/justinko). Since he's lazy and won't make a gem from it, I'm doing it for him :stuck_out_tongue: That's why the gem is named after him.
+90% of the code was originally written by [Justin Ko](https://github.com/justinko). Since he's lazy and won't make a gem from it, I'm doing it for him :stuck_out_tongue: That's why the gem is named after him. I've since modified some of the stuff, and will continue to make it easier to use and more configurable.
+
+## Requirements
+
+Rails 5+ and Ruby 2.3
 
 ## Installation
 
@@ -31,9 +35,19 @@ In your `config/initializers/jko_api.rb` add
 ```ruby
 JkoApi.configure do |c|
   # This is the default. You can override this if you need a different controller
-  # c.base_controller = Api::ApplicationController
+  # c.base_controller = ApiApplicationController
+
   # This is the folder name where all the api controllers would go
   # c.api_namespace = 'api'
+
+  # If you want to use your own authentication stuff, leave this as default
+  # c.use_authentication = false
+
+  # The built in authentication is Warden::OAuth2 with a Bearer strategy. Currently no other option exists
+  # c.strategy = :bearer
+
+  # If you use the authentication, then you will need to make some model, and set this value. More notes below.
+  # c.token_model = SomeModelYouCreated
 end
 ```
 
@@ -53,10 +67,10 @@ JkoApi.routes self do
 end  
 ```
 
-Place your version 1 controller code in `app/controllers/api/v1`. Controllers should all inherit from `Api::ApplicationController`, or something that inherits from that.
+Place your version 1 controller code in `app/controllers/api/v1`. Controllers should all inherit from `ApiApplicationController`, or something that inherits from that.
 
 ```ruby
-class Api::V1::BarsController < Api::ApplicationController
+class Api::V1::BarsController < ApiApplicationController
   def index
     # do stuff
   end
@@ -80,7 +94,7 @@ end
 We can still do this though
 
 ```ruby
-class Api::V3::BarsController < Api::ApplicationController
+class Api::V3::BarsController < ApiApplicationController
   def index
     # do different stuff
   end
@@ -89,6 +103,63 @@ end
 
 You can test this all by booting up a simple rails app, then do `curl -H "Accept: application/vnd.api.v1+json" http://localhost:3000/bars`
 
+The `Accept` header is required to make the calls.
+
+## Authentication
+If your API calls need to be authenticated by some API key, then you will need to configure a few more things.
+
+```ruby
+JkoApi.configure do |c|
+  c.use_authentication = true
+  c.token_model = MyCustomTokenVerifier
+end
+```
+
+Your `MyCustomTokenVerifier` must be a ruby object that responds to a `locate` class method, and take a single string argument for the api token that needs to be authenticated. The method should return the token string if it's valid, and nil if it's not. You can [read more here](https://github.com/opperator/warden-oauth2#access-token).
+
+This `MyCustomTokenVerifier` could look a few different ways. One way would be to make this a rails model like
+
+```ruby
+class MyCustomTokenVerifier < ApplicationModel
+
+  def self.locate(token_string)
+    find_by(api_token: token_string)
+  end
+
+end
+```
+
+Another way would be a simple class that verifies against some configuration option like
+
+```ruby
+class MyCustomTokenVerifier
+
+  def self.locate(token_string)
+    if token_string == Rails.configuration.x.my_custom_api_token
+      token_string
+    else
+      nil
+    end
+  end
+end
+```
+
+## Testing
+If you're trying to test controllers, keep in mind that Rails doesn't process the middleware stack for controller tests. This means that the `JkoApi::Middleware` as well as the `JkoApi::Strategies` modules won't exist, and neither will `warden`. You can [read up more here](https://github.com/hassox/warden/issues/117).
+
+My recommendation for testing api endpoints is doing an integration test. With RSpec, just create your `spec/requests` folder, and add your spec for the endpoint you want to test.
+
+If you need access to a mock warden object, you can add
+
+```ruby
+require 'jko_api/test_helpers'
+include JkoApi::TestHelpers
+```
+
+## Debugging notes
+
+If you have a route that matches one of the API routes, and it's listed first, then Rails will match that route first. This might not be what you expected, so put your `JkoApi.routes` near the top to ensure that gets hit first.
+
 
 ## Contributing
 

data/app/controllers/api_application_controller.rb

@@ -0,0 +1,3 @@
+class ApiApplicationController < ActionController::Base
+  include JkoApi::Controller
+end

data/config/initializers/warden.rb

@@ -0,0 +1,7 @@
+JkoApi.auth_setup do
+  Warden::OAuth2.configure do |config|
+    if JkoApi.configuration.strategy.bearer?
+      config.token_model = JkoApi.configuration.token_model
+    end
+  end
+end

data/jko_api.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
   spec.email         = ["jeremywoertink@gmail.com"]
   spec.summary       = %q{A Rails API gem}
   spec.description   = %q{Some Rails API code written by JustinKo and ported to a badly written gem}
-  spec.homepage      = ""
+  spec.homepage      = "https://github.com/jwoertink/jko_api"
   spec.license       = "MIT"
 
   spec.files         = `git ls-files -z`.split("\x0")
@@ -18,8 +18,9 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 1.7"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_dependency "responders", "2.1.0"
-  spec.add_dependency "rails", ">= 4.2.0", "< 5"
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "rake"
+  spec.add_dependency "responders", ">= 2.4.0"
+  spec.add_dependency "rails", ">= 4.2.7"
+  spec.add_dependency "warden-oauth2"
 end

data/lib/jko_api.rb

@@ -2,7 +2,9 @@ require "active_support/all"
 require "active_model/railtie"
 require "action_controller/railtie"
 require "responders"
+require "warden-oauth2"
 require "jko_api/version"
+require "jko_api/strategies"
 require "jko_api/class_descendants_builder"
 require "jko_api/constraints"
 require "jko_api/controller"
@@ -20,17 +22,22 @@ module JkoApi
   ACCEPT_HEADER_REGEX = /\Aapplication\/vnd\.api(\.v([0-9]))?\+json\z/
 
   mattr_accessor :configuration, instance_accessor: false
+  mattr_accessor :auth_initializer, instance_accessor: false
   mattr_reader :current_version_number, instance_reader: false
+  @@versioning = nil
 
   def self.configure
     self.configuration ||= Configuration.new
     yield(configuration)
-    setup(configuration.base_controller)
+    self.configuration
   end
 
-  def self.setup(base_controller)
-    Util.stupid_hack!
-    ClassDescendantsBuilder.build base_controller, level: max_version_number
+  def self.complete_setup(base_controller)
+    if Rails.version.to_i < 5
+      Util.stupid_hack!
+    end
+    ClassDescendantsBuilder.build(base_controller, upto: max_version_number)
+    @@auth_initializer.call
   end
 
   def self.activated?
@@ -65,5 +72,11 @@ module JkoApi
     context.scope(module: JkoApi.configuration.api_namespace, constraints: JkoApi::Constraints, defaults: {format: :json}) do
       JkoApi.versions(context, &block)
     end
+    complete_setup(configuration.base_controller)
+    context
+  end
+
+  def self.auth_setup(&block)
+    self.auth_initializer = block
   end
 end

data/lib/jko_api/class_descendants_builder.rb

@@ -2,45 +2,79 @@ module JkoApi
   class ClassDescendantsBuilder
     LEVEL_REGEX = /\d+/
 
-    def self.build(base_class, level:)
+    def self.build(base_class, upto:)
       base_class.descendants.each do |descendant|
-        new(descendant, level).build
+        new(descendant, upto).build
       end
     end
 
-    def initialize(descendant, level)
-      @descendant, @level = descendant, level
+    attr_reader :descendant, :upto
+
+    def initialize(descendant, upto)
+      @descendant, @upto = descendant, upto
     end
 
     def build
-      initial_level.upto(@level - 1) do |level|
-        build_descendant(level) unless descendant_defined?(level)
+      initial_level.upto(upto) do |level|
+        unless Module.const_defined?(swap_level(level))
+          build_descendant level.pred
+        end
       end
     end
 
     private
 
-    def descendant_defined?(level)
-      !!swap_level(level.next).safe_constantize
-    end
-
     def build_descendant(level)
-      namespace(level.next).constantize.const_set(
-        swap_level(level.next).demodulize,
-        Class.new(swap_level(level).constantize)
+      namespace(level).const_set(
+        swap_level(level).demodulize,
+        Class.new(swap_level(level.next).constantize)
       )
     end
 
     def namespace(level)
-      swap_level(level).deconstantize.presence || 'Object'
+      deconstantized = swap_level(level).deconstantize
+      unless qualified_const_defined?(deconstantized)
+        qualified_const_set(deconstantized, Module.new)
+      end
+      deconstantized.constantize
     end
 
     def swap_level(level)
-      @descendant.name.sub LEVEL_REGEX, level.to_s
+      descendant.name.sub LEVEL_REGEX, level.to_s
     end
 
     def initial_level
-      @descendant.name[LEVEL_REGEX].to_i
+      descendant.name[LEVEL_REGEX].to_i
+    end
+
+    # Pulled from Rails 4.2 source
+    def qualified_const_defined?(path)
+      raise NameError, "#{path.inspect} is not a valid constant name!" unless /^(::)?([A-Z]\w*)(::[A-Z]\w*)*$/ =~ path
+
+      names = path.to_s.split('::')
+      names.shift if names.first.empty?
+
+      # We can't use defined? because it will invoke const_missing for the parent
+      # of the name we are checking.
+      names.inject(Module) do |mod, name|
+        return false unless mod.const_defined?(name, false)
+        mod.const_get name
+      end
+      return true
+    end
+
+    def qualified_const_set(path, value)
+      raise NameError.new("wrong constant name #$&") if path =~ /\A::[^:]+/
+      const_name = path.demodulize
+      mod_name = path.deconstantize
+      mod = mod_name.empty? ? self : qualified_const_get(mod_name)
+      mod.const_set(const_name, value) unless mod.const_defined?(const_name)
+    end
+
+    def qualified_const_get(path)
+      path.split('::').inject(Module) do |mod, name|
+        mod.const_get(name)
+      end
     end
   end
 end

data/lib/jko_api/configuration.rb

@@ -1,11 +1,21 @@
 module JkoApi
   class Configuration
 
-    attr_accessor :base_controller, :api_namespace
+    attr_accessor :base_controller, :api_namespace, :use_authentication, :token_model
 
     def initialize
-      @base_controller = Api::ApplicationController
+      @base_controller = ApiApplicationController
       @api_namespace = 'api'
+      @use_authentication = false
+      @strategy = :bearer
+    end
+
+    def authenticate?
+      use_authentication
+    end
+
+    def strategy
+      @strategy.to_s.inquiry
     end
 
   end

data/lib/jko_api/controller.rb

@@ -4,7 +4,12 @@ module JkoApi
 
     included do
       include JkoApi::ControllerHelpers
-      skip_authentication # TODO: make this configurable
+
+      if JkoApi.configuration&.use_authentication
+        prepend_before_action :authenticate!
+      else
+        skip_authentication
+      end
 
       self.responder = JkoApi::Responder
       respond_to :json
@@ -15,5 +20,14 @@ module JkoApi
     def render_json_errors(status, message = status)
       render json: JkoApi::RequestError[status, message], status: status
     end
+
+    def warden
+      request.env['warden']
+    end
+
+    def authenticate!
+      token = warden.authenticate!
+      self.authenticated = !!token
+    end
   end
 end

data/lib/jko_api/controller_helpers.rb

@@ -5,7 +5,11 @@ module JkoApi
     included do
       class_attribute :authenticated
       self.authenticated = false
-      append_before_action { raise 'setup authentication' unless authenticated }
+      append_before_action do
+        unless authenticated
+          render(json: {error: 'Authentication Failed'}, status: 401)
+        end
+      end
     end
 
     class_methods do

data/lib/jko_api/engine.rb

@@ -3,7 +3,12 @@ require 'rails/railtie'
 module JkoApi
   class Engine < ::Rails::Engine
     initializer "jko_api.configure_rails_initialization" do |app|
-      app.middleware.use JkoApi::Middleware
+      app.middleware.use JkoApi::Middleware, only: proc { |env|
+        env['HTTP_ACCEPT'] && env['HTTP_ACCEPT'].include?('application/vnd.api') }
+
+      if JkoApi.configuration&.authenticate?
+        app.middleware.use "JkoApi::Strategies::#{JkoApi.configuration.strategy.to_s.capitalize}".constantize, only: proc { |env| env['HTTP_ACCEPT'] && env['HTTP_ACCEPT'].include?('application/vnd.api')  }
+      end
     end
   end
 end

data/lib/jko_api/middleware.rb

@@ -1,14 +1,17 @@
 module JkoApi
   class Middleware
-    def initialize(app)
+    def initialize(app, options={})
       @app = app
+      @only = options[:only]
     end
 
     def call(env)
-      if version_number = extract_version_number(env)
-        ::JkoApi.current_version_number = version_number
-      else
-        ::JkoApi.reset
+      if @only && @only.call(env)
+        if version_number = extract_version_number(env)
+          ::JkoApi.current_version_number = version_number
+        else
+          ::JkoApi.reset
+        end
       end
       @app.call env
     end

data/lib/jko_api/strategies.rb

@@ -0,0 +1 @@
+require 'jko_api/strategies/bearer'

data/lib/jko_api/strategies/bearer.rb

@@ -0,0 +1,26 @@
+module JkoApi
+  module Strategies
+    class Bearer
+
+      def initialize(app, options ={})
+        @app = app
+        @only = options[:only]
+        @mgr = Warden::Manager.new(@app, options) do |config|
+          config.strategies.add :bearer, Warden::OAuth2::Strategies::Bearer
+          config.default_strategies :bearer
+          config.failure_app = Warden::OAuth2::FailureApp
+        end
+
+        @mgr
+      end
+
+      def call(env)
+        if @only && @only.call(env)
+          @mgr.call(env)
+        else
+          @app.call(env)
+        end
+      end
+    end
+  end
+end

data/lib/jko_api/test_helpers.rb

@@ -0,0 +1,9 @@
+module JkoApi
+  module TestHelpers
+    extend ActiveSupport::Concern
+
+    included do
+      include Warden::Test::Mock
+    end
+  end
+end

data/lib/jko_api/util.rb

@@ -1,6 +1,8 @@
 module JkoApi
   class Util
 
+    # This was a hack needed in rails 4.2
+    # I'm keeping the code for backwards compatibility (for now)
     def self.stupid_hack!
       Rails.application.reload_routes!
       eager_load_api_controllers

data/lib/jko_api/version.rb

@@ -1,3 +1,3 @@
 module JkoApi
-  VERSION = "0.1.3"
+  VERSION = "0.2.9"
 end

metadata

@@ -1,77 +1,85 @@
 --- !ruby/object:Gem::Specification
 name: jko_api
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.2.9
 platform: ruby
 authors:
 - Jeremy Woertink
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-17 00:00:00.000000000 Z
+date: 2020-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: responders
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.4.0
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.2.0
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '5'
+        version: 4.2.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.2.0
-    - - "<"
+        version: 4.2.7
+- !ruby/object:Gem::Dependency
+  name: warden-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '0'
 description: Some Rails API code written by JustinKo and ported to a badly written
   gem
 email:
@@ -85,7 +93,8 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
-- app/controllers/api/application_controller.rb
+- app/controllers/api_application_controller.rb
+- config/initializers/warden.rb
 - jko_api.gemspec
 - lib/jko_api.rb
 - lib/jko_api/class_descendants_builder.rb
@@ -97,10 +106,13 @@ files:
 - lib/jko_api/middleware.rb
 - lib/jko_api/request_error.rb
 - lib/jko_api/responder.rb
+- lib/jko_api/strategies.rb
+- lib/jko_api/strategies/bearer.rb
+- lib/jko_api/test_helpers.rb
 - lib/jko_api/util.rb
 - lib/jko_api/version.rb
 - lib/jko_api/versioning.rb
-homepage: ''
+homepage: https://github.com/jwoertink/jko_api
 licenses:
 - MIT
 metadata: {}
@@ -119,8 +131,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: A Rails API gem

data/app/controllers/api/application_controller.rb

@@ -1,3 +0,0 @@
-class Api::ApplicationController < ActionController::Base
-  include JkoApi::Controller
-end