lhc 12.3.0 → 13.4.0.pre.pro1766.1

data/lib/lhc/interceptors/zipkin.rb

@@ -12,6 +12,7 @@ class LHC::Zipkin < LHC::Interceptor
 
   def before_request
     return if !dependencies? || !tracing?
+
     ZipkinTracer::TraceContainer.with_trace_id(trace_id) do
       # add headers even if the current trace_id should not be sampled
       B3_HEADERS.each { |method, header| request.headers[header] = trace_id.send(method).to_s }
@@ -23,6 +24,7 @@ class LHC::Zipkin < LHC::Interceptor
   def after_response
     # only sample the current call if we're instructed to do so
     return unless dependencies? && trace_id.sampled?
+
     end_trace!
   end
 

data/lib/lhc/railtie.rb

@@ -4,7 +4,6 @@ module LHC
   class Railtie < Rails::Railtie
     initializer "lhc.configure_rails_initialization" do
       LHC::Caching.cache ||= Rails.cache
-      LHC::Caching.logger ||= Rails.logger
     end
   end
 end

data/lib/lhc/request.rb

@@ -12,7 +12,13 @@ class LHC::Request
 
   TYPHOEUS_OPTIONS ||= [:params, :method, :body, :headers, :follow_location, :params_encoding]
 
-  attr_accessor :response, :options, :raw, :format, :error_handler, :errors_ignored, :source
+  attr_accessor :response,
+                :options,
+                :raw,
+                :format,
+                :error_handler,
+                :errors_ignored,
+                :source
 
   def initialize(options, self_executing = true)
     self.errors_ignored = (options.fetch(:ignore, []) || []).to_a.compact
@@ -25,7 +31,11 @@ class LHC::Request
     interceptors.intercept(:before_raw_request)
     self.raw = create_request
     interceptors.intercept(:before_request)
-    run! if self_executing && !response
+    if self_executing && !response
+      run!
+    elsif response
+      on_complete(response)
+    end
   end
 
   def url
@@ -52,6 +62,23 @@ class LHC::Request
     raw.run
   end
 
+  def scrubbed_params
+    LHC::ParamsScrubber.new(params.deep_dup).scrubbed
+  end
+
+  def scrubbed_headers
+    LHC::HeadersScrubber.new(headers.deep_dup, options[:auth]).scrubbed
+  end
+
+  def scrubbed_options
+    scrubbed_options = options.deep_dup
+    scrubbed_options[:params] = LHC::ParamsScrubber.new(scrubbed_options[:params]).scrubbed
+    scrubbed_options[:headers] = LHC::HeadersScrubber.new(scrubbed_options[:headers], scrubbed_options[:auth]).scrubbed
+    scrubbed_options[:auth] = LHC::AuthScrubber.new(scrubbed_options[:auth]).scrubbed
+    scrubbed_options[:body] = LHC::BodyScrubber.new(scrubbed_options[:body]).scrubbed
+    scrubbed_options
+  end
+
   private
 
   attr_accessor :interceptors
@@ -63,6 +90,7 @@ class LHC::Request
 
   def optionally_encoded_url(options)
     return options[:url] unless options.fetch(:url_encoding, true)
+
     encode_url(options[:url])
   end
 
@@ -81,13 +109,15 @@ class LHC::Request
 
   def translate_body(options)
     return options if options.fetch(:body, nil).blank?
+
     options[:body] = format.to_body(options[:body])
     options
   end
 
   def encode_url(url)
     return url if url.nil?
-    URI.escape(url)
+
+    Addressable::URI.escape(url)
   end
 
   def typhoeusize(options)
@@ -96,6 +126,7 @@ class LHC::Request
     options.delete(:url)
     options.each do |key, _v|
       next if TYPHOEUS_OPTIONS.include? key
+
       method = "#{key}="
       options.delete key unless easy.respond_to?(method)
     end
@@ -107,6 +138,7 @@ class LHC::Request
   def use_configured_endpoint!
     endpoint = LHC.config.endpoints[options[:url]]
     return unless endpoint
+
     # explicit options override endpoint options
     new_options = endpoint.options.deep_merge(options)
     # set new options
@@ -128,13 +160,14 @@ class LHC::Request
   end
 
   def on_complete(response)
-    self.response = LHC::Response.new(response, self)
+    self.response = response.is_a?(LHC::Response) ? response : LHC::Response.new(response, self)
     interceptors.intercept(:after_response)
     handle_error(self.response) unless self.response.success?
   end
 
   def handle_error(response)
     return if ignore_error?
+
     throw_error(response) unless error_handler
     response.body_replacement = error_handler.call(response)
   end

data/lib/lhc/response.rb

@@ -50,6 +50,7 @@ class LHC::Response
 
   def format
     return LHC::Formats::JSON.new if request.nil?
+
     request.format
   end
 

data/lib/lhc/response/data.rb

@@ -18,7 +18,7 @@ class LHC::Response::Data
     end
   end
 
-  def method_missing(method, *args, &block) # rubocop:disable Style/MethodMissingSuper
+  def method_missing(method, *args, &block)
     @base.send(method, *args, &block)
   end
 

data/lib/lhc/rspec.rb

@@ -3,9 +3,8 @@
 require 'lhc'
 
 RSpec.configure do |config|
-  LHC::Caching.cache = ActiveSupport::Cache::MemoryStore.new
-
   config.before(:each) do
+    LHC::Caching.cache = ActiveSupport::Cache::MemoryStore.new
     LHC::Caching.cache.clear
     LHC::Throttle.track = nil
   end

data/lib/lhc/scrubber.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+class LHC::Scrubber
+  attr_accessor :scrubbed
+
+  SCRUB_DISPLAY = '[FILTERED]'
+
+  def initialize(data)
+    @scrubbed = data.deep_dup
+  end
+
+  private
+
+  def scrub_auth_elements
+    LHC.config.scrubs.dig(:auth)
+  end
+
+  def scrub!
+    return if scrub_elements.blank?
+    return if scrubbed.blank?
+
+    LHC::Scrubber.scrub_hash!(scrub_elements, scrubbed) if scrubbed.is_a?(Hash)
+    LHC::Scrubber.scrub_array!(scrub_elements, scrubbed) if scrubbed.is_a?(Array)
+  end
+
+  def self.scrub_array!(scrub_elements, scrubbed)
+    scrubbed.each do |scrubbed_hash|
+      LHC::Scrubber.scrub_hash!(scrub_elements, scrubbed_hash)
+    end
+  end
+
+  def self.scrub_hash!(scrub_elements, scrubbed)
+    scrub_elements.each do |scrub_element|
+      if scrubbed.key?(scrub_element.to_s)
+        key = scrub_element.to_s
+      elsif scrubbed.key?(scrub_element.to_sym)
+        key = scrub_element.to_sym
+      end
+      next if key.blank?
+
+      scrubbed[key] = SCRUB_DISPLAY
+    end
+    scrubbed.values.each { |v| LHC::Scrubber.scrub_hash!(scrub_elements, v) if v.instance_of?(Hash) }
+  end
+end

data/lib/lhc/scrubbers/auth_scrubber.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+class LHC::AuthScrubber < LHC::Scrubber
+  def initialize(data)
+    super(data)
+    scrub_auth_options!
+  end
+
+  private
+
+  def scrub_auth_options!
+    return if scrubbed.blank?
+    return if scrub_auth_elements.blank?
+
+    scrub_basic_auth_options! if scrub_auth_elements.include?(:basic)
+    scrub_bearer_auth_options! if scrub_auth_elements.include?(:bearer)
+  end
+
+  def scrub_basic_auth_options!
+    return if scrubbed[:basic].blank?
+
+    scrubbed[:basic][:username] = SCRUB_DISPLAY
+    scrubbed[:basic][:password] = SCRUB_DISPLAY
+    scrubbed[:basic][:base_64_encoded_credentials] = SCRUB_DISPLAY
+  end
+
+  def scrub_bearer_auth_options!
+    return if scrubbed[:bearer].blank?
+
+    scrubbed[:bearer_token] = SCRUB_DISPLAY
+  end
+end

data/lib/lhc/scrubbers/body_scrubber.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+class LHC::BodyScrubber < LHC::Scrubber
+  def initialize(data)
+    super(data)
+    parse!
+    scrub!
+  end
+
+  private
+
+  def scrub_elements
+    LHC.config.scrubs[:body]
+  end
+
+  def parse!
+    return if scrubbed.nil?
+    return if scrubbed.is_a?(Hash)
+    return if scrubbed.is_a?(Array)
+
+    if scrubbed.is_a?(String)
+      json = scrubbed
+    else
+      json = scrubbed.to_json
+    end
+
+    parsed = JSON.parse(json)
+    self.scrubbed = parsed if parsed.is_a?(Hash) || parsed.is_a?(Array)
+  end
+end

data/lib/lhc/scrubbers/headers_scrubber.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+class LHC::HeadersScrubber < LHC::Scrubber
+  def initialize(data, auth_options)
+    super(data)
+    @auth_options = auth_options
+    scrub!
+    scrub_auth_headers!
+  end
+
+  private
+
+  attr_reader :auth_options
+
+  def scrub_elements
+    LHC.config.scrubs[:headers]
+  end
+
+  def scrub_auth_headers!
+    return if scrub_auth_elements.blank?
+    return if auth_options.blank?
+
+    scrub_basic_authentication_headers! if scrub_auth_elements.include?(:basic)
+    scrub_bearer_authentication_headers! if scrub_auth_elements.include?(:bearer)
+  end
+
+  def scrub_basic_authentication_headers!
+    return if auth_options[:basic].blank?
+    return if scrubbed['Authorization'].blank?
+
+    scrubbed['Authorization'] = scrubbed['Authorization'].gsub(auth_options[:basic][:base_64_encoded_credentials], SCRUB_DISPLAY)
+  end
+
+  def scrub_bearer_authentication_headers!
+    return if @auth_options[:bearer].blank?
+    return if @scrubbed['Authorization'].blank?
+
+    @scrubbed['Authorization'] = scrubbed['Authorization'].gsub(auth_options[:bearer_token], SCRUB_DISPLAY)
+  end
+end

data/lib/lhc/scrubbers/params_scrubber.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class LHC::ParamsScrubber < LHC::Scrubber
+  def initialize(data)
+    super(data)
+    scrub!
+  end
+
+  private
+
+  def scrub_elements
+    LHC.config.scrubs[:params]
+  end
+end

data/lib/lhc/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module LHC
-  VERSION ||= '12.3.0'
+  VERSION ||= '13.4.0-pro1766.1'
 end

data/spec/config/scrubs_spec.rb

@@ -0,0 +1,108 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe LHC do
+  it 'has a default value for scrubs' do
+    expect(LHC.config.scrubs[:auth]).to eq [:bearer, :basic]
+    expect(LHC.config.scrubs[:params]).to eq []
+    expect(LHC.config.scrubs[:headers]).to eq []
+    expect(LHC.config.scrubs[:body]).to eq ['password', 'password_confirmation']
+  end
+
+  describe 'auth' do
+    context 'when only bearer auth should get scrubbed' do
+      before(:each) do
+        LHC.configure do |c|
+          c.scrubs[:auth] = [:bearer]
+        end
+      end
+
+      it 'has only bearer auth in scrubs' do
+        expect(LHC.config.scrubs[:auth]).to eq([:bearer])
+        expect(LHC.config.scrubs[:params]).to eq []
+        expect(LHC.config.scrubs[:headers]).to eq []
+        expect(LHC.config.scrubs[:body]).to eq ['password', 'password_confirmation']
+      end
+    end
+  end
+
+  context 'params' do
+    context 'when additional param "api_key" should be scrubbed' do
+      before(:each) do
+        LHC.configure do |c|
+          c.scrubs[:params] << 'api_key'
+        end
+      end
+
+      it 'has "api_key" in scrubs' do
+        expect(LHC.config.scrubs[:auth]).to eq [:bearer, :basic]
+        expect(LHC.config.scrubs[:params]).to eq ['api_key']
+        expect(LHC.config.scrubs[:headers]).to eq []
+        expect(LHC.config.scrubs[:body]).to eq ['password', 'password_confirmation']
+      end
+    end
+  end
+
+  context 'headers' do
+    context 'when additional header "private_key" should be scrubbed' do
+      before(:each) do
+        LHC.configure do |c|
+          c.scrubs[:headers] << 'private_key'
+        end
+      end
+
+      it 'has "private_key" in scrubs' do
+        expect(LHC.config.scrubs[:auth]).to eq [:bearer, :basic]
+        expect(LHC.config.scrubs[:params]).to eq []
+        expect(LHC.config.scrubs[:headers]).to eq ['private_key']
+        expect(LHC.config.scrubs[:body]).to eq ['password', 'password_confirmation']
+      end
+    end
+  end
+
+  context 'body' do
+    context 'when only password should get scrubbed' do
+      before(:each) do
+        LHC.configure do |c|
+          c.scrubs[:body] = ['password']
+        end
+      end
+
+      it 'has password in scrubs' do
+        expect(LHC.config.scrubs[:auth]).to eq [:bearer, :basic]
+        expect(LHC.config.scrubs[:params]).to eq []
+        expect(LHC.config.scrubs[:headers]).to eq []
+        expect(LHC.config.scrubs[:body]).to eq(['password'])
+      end
+    end
+
+    context 'when "user_token" should be scrubbed' do
+      before(:each) do
+        LHC.configure do |c|
+          c.scrubs[:body] << 'user_token'
+        end
+      end
+
+      it 'has user_token in scrubs' do
+        expect(LHC.config.scrubs[:auth]).to eq [:bearer, :basic]
+        expect(LHC.config.scrubs[:params]).to eq []
+        expect(LHC.config.scrubs[:headers]).to eq []
+        expect(LHC.config.scrubs[:body]).to eq(['password', 'password_confirmation', 'user_token'])
+      end
+    end
+  end
+
+  context 'when nothing should be scrubbed' do
+    before(:each) do
+      LHC.configure do |c|
+        c.scrubs = {}
+      end
+    end
+
+    it 'does not have scrubs' do
+      expect(LHC.config.scrubs.blank?).to be true
+      expect(LHC.config.scrubs[:auth]).to be nil
+    end
+  end
+end