RubyGems - jsonrpc2 - Versions diffs - 0.0.2 → 0.0.3 - Mend

jsonrpc2 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

data/lib/jsonrpc2/auth.rb CHANGED

@@ -5,9 +5,40 @@ class Auth
   # Validate an API request
   #
   #
-  def check(env, rpc)
+  def client_check(env, rpc)
     true
   end
+  # Check authorisation for customers accessing API
+  def browser_check(env)
+    true
+  end
+  # Never show internal details of an API object
+  def inspect
+    "#<#{self.class.name}:#{object_id.to_s(16)}>"
+  end
+  protected
+  # Parse Authorization: header
+  #
+  # @param [String] auth Header value
+  # @return [Array, false] [username, password] or false
+  def parse_basic_auth(auth)
+    return false unless auth
+    m = /Basic\s+([A-Za-z0-9+\/]+=*)/.match(auth)
+    user, pass = Base64.decode64(m[1]).split(/:/, 2)
+    [user, pass]
+  end
+  # Throw a 401 Rack response
+  def throw_401
+    throw(:rack_response, [401, {
+          'Content-Type'     => 'text/html',
+          'WWW-Authenticate' => 'Basic realm="API"'
+    }, ["<html><head/><body>Authentication Required</body></html>"]])
+  end
 end
 # @abstract Base class for http-based authentication methods, e.g.
@@ -31,21 +62,28 @@ class BasicAuth < HttpAuth
   # @param [Hash,Rack::Request] env Rack environment hash
   # @param [Hash] rpc JSON-RPC2 call content
   # @return [true] Returns true or throws :rack_response, [ 401, ... ]
-  def check(env, rpc)
-    valid?(env) or
-    throw(:rack_response, [401, {
-          'Content-Type'     => 'text/html',
-          'WWW-Authenticate' => 'Basic realm="API"'
-    }, ["<html><head/><body>Authentication Required</body></html>"]])
+  def client_check(env, rpc)
+    browser_check(env)
   end
+  # Checks that the browser is authorised to access the API (used by HTML API introspection)
+  #
+  # @param [Hash,Rack::Request] env Rack environment hash
+  # @return [true] Returns true or throws :rack_response, [ 401, ... ]
+  def browser_check(env)
+    valid?(env) or throw_401
+  end
+  protected
+  # Checks that http auth info is supplied and the username/password combo is valid
+  #
+  # @param [Hash] env Rack environment
+  # @return [Boolean] True if authentication details are ok
   def valid?(env)
-    auth = env['HTTP_AUTHORIZATION']
+    user, pass = parse_basic_auth(env['HTTP_AUTHORIZATION'])
-    return false unless auth
+    return false unless user && pass
-    m = /Basic\s+([A-Za-z0-9+\/]+=*)/.match(auth)
-    user, pass = Base64.decode64(m[1]).split(/:/, 2)
     user_valid?(user, pass)
   end

data/lib/jsonrpc2/html.rb CHANGED

@@ -53,9 +53,9 @@ HTML5
   def call(interface, request)
     #require 'pp'; pp interface.about
-    if interface.auth_with.kind_of?(JSONRPC2::HttpAuth)
+    if interface.auth_with
       response = catch(:rack_response) do
-        interface.auth_with.check(request.env, {}); nil
+        interface.auth_with.browser_check(request.env); nil
       end
       return response if response
     end
@@ -111,7 +111,14 @@ HTML5
 <hr>
+<div class="row">
+<div class="span6">
 <h2>Test method</h2>
+</div>
+<div class="span6">
+<h3>Result</h3>
+</div>
+</div>
 <div class="row">
 <div class="span6">
 <form method="POST" action="#{request.script_name}/#{info[:name]}">
@@ -124,10 +131,7 @@ HTML5
 </form>
 </div>
 <div class="span6">
-<h3>Result</h3>
-<xmp>
-#{options[:result]}
-</xmp>
+<pre style="white-space: prewrap">#{CGI.escapeHTML(JSON.pretty_unparse(JSON.parse(options[:result])))}</pre>
 </div>
 </div>

data/lib/jsonrpc2/interface.rb CHANGED

@@ -45,9 +45,9 @@ class Interface
       request = Rack::Request.new(environment)
       catch :rack_response do
         case JSONRPC2::HTTPUtils.which(environment['HTTP_ACCEPT'], %w[text/html application/json-rpc application/json])
-        when 'text/html', nil
+        when 'text/html'
           JSONRPC2::HTML.call(self, request)
-        when 'application/json-rpc', 'application/json'
+        when 'application/json-rpc', 'application/json', nil # Assume correct by default
           environment['rack.input'].rewind
           data = JSON.parse(environment['rack.input'].read)
           self.new(environment).rack_dispatch(data)
@@ -76,7 +76,6 @@ class Interface
     end
   end
-	protected
   # Dispatch call to api method(s)
   #
   # @param [Hash,Array] rpc_data Array of calls or Hash containing one call
@@ -89,6 +88,8 @@ class Interface
 			dispatch_single(rpc_data).to_json
 		end
 	end
+	protected
   # JSON result helper
 	def response_ok(id, result)
 		{ 'jsonrpc' => '2.0', 'result' => result, 'id' => id }
@@ -111,7 +112,7 @@ class Interface
 		begin
       if self.class.auth_with
-        self.class.auth_with.check(@env, rpc) or raise AuthFail, "Invalid credentials"
+        self.class.auth_with.client_check(@env, rpc) or raise AuthFail, "Invalid credentials"
       end
 			call(rpc['method'], rpc['id'], rpc['params'])
@@ -127,7 +128,7 @@ class Interface
   #
   # @return [Array] List of api method names
   def api_methods
-    public_methods(false).map(&:to_s) - ['rack_dispatch']
+    public_methods(false).map(&:to_s) - ['rack_dispatch', 'dispatch']
   end
   # Call method, checking param and return types

data/lib/jsonrpc2/version.rb CHANGED

@@ -1,5 +1,5 @@
 # JSONRPC2 namespace module
 module JSONRPC2
   # Version
-  VERSION = "0.0.2"
+  VERSION = "0.0.3"
 end

metadata CHANGED

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: jsonrpc2
 version: !ruby/object:Gem::Version
-  hash: 27
+  hash: 25
   prerelease:
   segments:
   - 0
   - 0
-  - 2
-  version: 0.0.2
+  - 3
+  version: 0.0.3
 platform: ruby
 authors:
 - Geoff Youngs