jsonrpc-rails 0.1.1 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +18 -2
- data/lib/jsonrpc-rails.rb +1 -3
- data/lib/jsonrpc_rails/middleware/validator.rb +27 -12
- data/lib/jsonrpc_rails/railtie.rb +4 -3
- data/lib/jsonrpc_rails/version.rb +2 -2
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 145a4a20db9c6d49fa01ca8b9eb0c1a853288195a78c099b4ecc9eefc4f551d8
|
|
4
|
+
data.tar.gz: c5ac9e090225a393917f0cda10c6d8a4d0593b428659d596539c1999edc3edcb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a5d77db449217fddce82825a2daac7019d9c2133759dfd23cf01c1eb10fb4ec9d91b24ceca98fadb244b011a6becb15fe40256ab5d318cc4e65a5d23b2842247
|
|
7
|
+
data.tar.gz: fdcf40b192d2f132d577c47195b007e67172e574f99936c3d74f2c30d31e7cc956a6dabba74ef8362777deaec2fb3f4a974736aa14991fd9e33ccba2bd28faf3
|
data/README.md
CHANGED
|
@@ -10,7 +10,7 @@ It integrates into Rails, allowing you to render JSON-RPC responses and validate
|
|
|
10
10
|
- **Rails Integration:** Easily integrate JSON-RPC 2.0 support via a Rails Railtie.
|
|
11
11
|
- **Custom Renderer:** Render responses with `render jsonrpc:`, automatically wrapping data in the JSON-RPC 2.0 envelope.
|
|
12
12
|
- **Error Handling:** Built-in support for both success and error responses according to the JSON-RPC 2.0 specification.
|
|
13
|
-
- **Request Validation:** Includes middleware (`
|
|
13
|
+
- **Request Validation:** Includes middleware (`JSONRPC_Rails::Middleware::Validator`) to strictly validate incoming JSON-RPC 2.0 requests (single and batch) against the specification structure.
|
|
14
14
|
- **Rails 8+ Compatibility:** Designed specifically for Rails 8 and later versions.
|
|
15
15
|
|
|
16
16
|
## Installation
|
|
@@ -38,6 +38,22 @@ gem install jsonrpc-rails
|
|
|
38
38
|
### Rendering Responses
|
|
39
39
|
|
|
40
40
|
Once installed, **jsonrpc-rails** registers a custom renderer with Rails.
|
|
41
|
+
|
|
42
|
+
Enable validation where you need it
|
|
43
|
+
|
|
44
|
+
Add this to config/application.rb (or an environment file):
|
|
45
|
+
```ruby
|
|
46
|
+
# Validate only the JSON‑RPC endpoints you expose
|
|
47
|
+
config.jsonrpc_rails.validated_paths = [
|
|
48
|
+
"/rpc", # exact string
|
|
49
|
+
%r{\A/api/v\d+/rpc\z}, # regexp
|
|
50
|
+
->(p) { p.start_with? "/rpc/private" } # lambda / proc
|
|
51
|
+
]
|
|
52
|
+
```
|
|
53
|
+
|
|
54
|
+
Leave the array empty (default) and the middleware is effectively off.
|
|
55
|
+
Use [/.*\z/] if you really want it on everywhere.
|
|
56
|
+
|
|
41
57
|
In your controllers, you can render JSON-RPC responses like so:
|
|
42
58
|
|
|
43
59
|
```ruby
|
|
@@ -81,7 +97,7 @@ You can override the default `message` or add `data` for either method by provid
|
|
|
81
97
|
|
|
82
98
|
### Handling Requests
|
|
83
99
|
|
|
84
|
-
The gem automatically inserts `
|
|
100
|
+
The gem automatically inserts `JSONRPC_Rails::Middleware::Validator` into your application's middleware stack. This middleware performs the following actions for incoming **POST** requests with `Content-Type: application/json`:
|
|
85
101
|
|
|
86
102
|
1. **Parses** the JSON body. Returns a JSON-RPC `Parse error (-32700)` if parsing fails.
|
|
87
103
|
2. **Validates** the structure against the JSON-RPC 2.0 specification (single or batch). It performs strict validation, ensuring `jsonrpc: "2.0"`, a string `method`, optional `params` (array/object), optional `id` (string/number/null), and **no extraneous keys**. Returns a JSON-RPC `Invalid Request (-32600)` error if validation fails. **Note:** For batch requests, if *any* individual request within the batch is structurally invalid, the entire batch is rejected with a single `Invalid Request (-32600)` error.
|
data/lib/jsonrpc-rails.rb
CHANGED
|
@@ -7,7 +7,5 @@ require_relative "json_rpc/request"
|
|
|
7
7
|
require_relative "json_rpc/response"
|
|
8
8
|
require_relative "json_rpc/notification"
|
|
9
9
|
|
|
10
|
-
|
|
11
|
-
module JSON_RPC_Rails
|
|
12
|
-
# You might add gem-level configuration or methods here if needed later.
|
|
10
|
+
module JSONRPC_Rails
|
|
13
11
|
end
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require "json"
|
|
4
|
-
require "active_support/json"
|
|
4
|
+
require "active_support/json"
|
|
5
5
|
|
|
6
|
-
module
|
|
6
|
+
module JSONRPC_Rails
|
|
7
7
|
module Middleware
|
|
8
8
|
# Rack middleware to strictly validate incoming JSON-RPC 2.0 requests.
|
|
9
9
|
# It checks for correct Content-Type, parses JSON, and validates the structure
|
|
@@ -18,23 +18,25 @@ module JSON_RPC_Rails
|
|
|
18
18
|
# Other valid JSON payloads (e.g., strings, numbers, booleans, null) are passed through.
|
|
19
19
|
class Validator
|
|
20
20
|
CONTENT_TYPE = "application/json"
|
|
21
|
-
ENV_PAYLOAD_KEY = "jsonrpc.payload"
|
|
21
|
+
ENV_PAYLOAD_KEY = :"jsonrpc.payload"
|
|
22
22
|
|
|
23
|
-
def initialize(app)
|
|
23
|
+
def initialize(app, paths = nil)
|
|
24
24
|
@app = app
|
|
25
|
+
|
|
26
|
+
@paths = Array(paths || Rails.configuration.jsonrpc_rails.validated_paths)
|
|
25
27
|
end
|
|
26
28
|
|
|
27
29
|
def call(env)
|
|
28
|
-
|
|
30
|
+
return @app.call(env) unless validate_path?(env["PATH_INFO"])
|
|
29
31
|
|
|
30
32
|
# Only process POST requests with the correct Content-Type
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
end
|
|
33
|
+
return @app.call(env) unless env["REQUEST_METHOD"] == "POST" &&
|
|
34
|
+
env["CONTENT_TYPE"]&.start_with?(CONTENT_TYPE)
|
|
34
35
|
|
|
35
36
|
# Read and parse the request body
|
|
36
|
-
|
|
37
|
-
|
|
37
|
+
# Safely read and rewind
|
|
38
|
+
body = env["rack.input"].read
|
|
39
|
+
env["rack.input"].rewind
|
|
38
40
|
payload = parse_json(body)
|
|
39
41
|
|
|
40
42
|
# Handle JSON parsing errors
|
|
@@ -89,6 +91,19 @@ module JSON_RPC_Rails
|
|
|
89
91
|
nil
|
|
90
92
|
end
|
|
91
93
|
|
|
94
|
+
def validate_path?(path)
|
|
95
|
+
return false if @paths.empty?
|
|
96
|
+
|
|
97
|
+
@paths.any? do |m|
|
|
98
|
+
case m
|
|
99
|
+
when String then path == m
|
|
100
|
+
when Regexp then m.match?(path)
|
|
101
|
+
when Proc then m.call(path)
|
|
102
|
+
else false
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
end
|
|
106
|
+
|
|
92
107
|
# Performs strict validation on a single object to ensure it conforms
|
|
93
108
|
# to the JSON-RPC 2.0 structure (jsonrpc, method, params, id) and
|
|
94
109
|
# has no extraneous keys.
|
|
@@ -108,8 +123,8 @@ module JSON_RPC_Rails
|
|
|
108
123
|
return false
|
|
109
124
|
end
|
|
110
125
|
|
|
111
|
-
# Optional 'id' must be a String, Number (Integer
|
|
112
|
-
if obj.key?("id") && ![ String, Integer,
|
|
126
|
+
# Optional 'id' must be a String, Number (Integer), or Null if present
|
|
127
|
+
if obj.key?("id") && ![ String, Integer, NilClass ].include?(obj["id"].class)
|
|
113
128
|
return false
|
|
114
129
|
end
|
|
115
130
|
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
require_relative "middleware/validator"
|
|
2
2
|
|
|
3
|
-
module
|
|
3
|
+
module JSONRPC_Rails
|
|
4
4
|
# Use Rails::Railtie to integrate with the Rails application
|
|
5
5
|
class Railtie < Rails::Railtie
|
|
6
|
+
config.jsonrpc_rails = ActiveSupport::OrderedOptions.new
|
|
7
|
+
config.jsonrpc_rails.validated_paths = [] # By default, we inject it into the void.
|
|
6
8
|
# Insert the JSON-RPC Validator middleware early in the stack.
|
|
7
|
-
# Inserting before Rack::Sendfile, which is typically present early in the stack.
|
|
8
9
|
initializer "jsonrpc-rails.add_validator_middleware" do |app|
|
|
9
|
-
app.middleware.use
|
|
10
|
+
app.middleware.use JSONRPC_Rails::Middleware::Validator
|
|
10
11
|
end
|
|
11
12
|
|
|
12
13
|
initializer "jsonrpc-rails.add_renderers" do
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
module
|
|
2
|
-
VERSION = "0.
|
|
1
|
+
module JSONRPC_Rails
|
|
2
|
+
VERSION = "0.3.1"
|
|
3
3
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jsonrpc-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Abdelkader Boudih
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date:
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: railties
|
|
@@ -65,7 +65,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
65
65
|
- !ruby/object:Gem::Version
|
|
66
66
|
version: '0'
|
|
67
67
|
requirements: []
|
|
68
|
-
rubygems_version: 3.6.
|
|
68
|
+
rubygems_version: 3.6.7
|
|
69
69
|
specification_version: 4
|
|
70
70
|
summary: A Railtie-based gem that brings JSON-RPC 2.0 support to your Rails application.
|
|
71
71
|
test_files: []
|