lhc 15.0.1 → 15.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d9747364f9001f462e35cdc26b209f078daac57834bb4c1a801866f29abc2ba7
-  data.tar.gz: e03286ea873459b7093baef6c47807edb4a1543889e887bf0d708c0144b6a087
+  metadata.gz: 329757321e8e5c7d51dc13addb0309cf887c25e052733c134c512e3fdc8025f9
+  data.tar.gz: bf32d7ceaf7b395066db2d04b8d225c2bfe863d9173f12853a4742256bb9d0db
 SHA512:
-  metadata.gz: bc2238780fe87969d1dea621d44960febb3a19e7b650a5e6ce7939f942e47acd01a825e64c39ab4fb4dbeb5636aef1e0819b3f874b95c22461cee4d63ad44368
-  data.tar.gz: cc5a2707f9772cc79a3caa3aa96b3c0ffe1a0984fa06446e48a61a9c08240145d772b35b993f11ec24c278367c9db4d2bf35dafee1aa444818323e2aab3c99b6
+  metadata.gz: 30e0b077eb4417c4825bdb493c4b3d6573bf7ccc5eccda46fb4296ac2b077b90103469cecc8d9fc0daea77f04993f63323934acb9183a0937563ce9813a92780
+  data.tar.gz: 98246e237ca676d313d82670257566a182e7099af102721b36b4fb339823c7bdbb54d579d652d71d188b9d9b0d3e2e1b9c741a67eed4db689399e385a59eb836

data/.rubocop.yml

@@ -26,6 +26,9 @@ require:
 Bundler/OrderedGems:
   Enabled: false
 
+Gemspec/RequireMFA:
+  Enabled: false
+
 Lint/SuppressedException:
   Exclude:
     - spec/**/*
@@ -260,7 +263,7 @@ Style/CaseLikeIf:
   Enabled: false
 
 Style/HashEachMethods:
-  Enabled: false 
+  Enabled: false
 
 Style/HashConversion: # (new in 1.10)
   Enabled: false
@@ -268,6 +271,9 @@ Style/HashConversion: # (new in 1.10)
 Style/NilLambda: # (new in 1.3)
   Enabled: false
 
+Style/OpenStructUse:
+  Enabled: false
+
 RSpec/DescribeClass:
   Exclude:
     - spec/views/**/*

data/README.md

@@ -618,12 +618,18 @@ Adds the following to body of all requests:
 
 ##### Reauthenticate
 
-The current implementation can only offer reauthenticate for _client access tokens_. For this to work the following has to be given:
-
-* You have configured and implemented `LHC::Auth.refresh_client_token = -> { TokenRefreshUtil.client_access_token(true) }` which when called will force a refresh of the token and return the new value. It is also expected that this implementation will handle invalidating caches if necessary.
-* Your interceptors contain `LHC::Auth` and `LHC::Retry`, whereas `LHC::Retry` comes _after_ `LHC::Auth` in the chain.
+The current implementation offers only reauthentication for _client access tokens_.
+Make sure that your interceptors contain `LHC::Auth` and `LHC::Retry`, whereas `LHC::Retry` comes _after_ `LHC::Auth` in the chain.
+Provide the refresh token as following:
+```ruby
+LHC.get('http://local.ch', auth: { bearer: -> { access_token }, refresh_client_token: -> { TokenRefreshUtil.client_access_token(true) })
+```
+Where `TokenRefreshUtil.client_access_token(true)` forces a refresh of the token and returns the new token. It is also expected that this implementation will handle invalidating caches if necessary.
 
-##### Bearer Authentication with client access token
+You can also set a global `refresh_client_token`. This is not recommended for apps with multiple endpoint and different access tokens.
+```ruby
+LHC::Auth.refresh_client_token = -> { TokenRefreshUtil.client_access_token(true) }
+```
 
 Reauthentication will be initiated if:
 

data/lhc.gemspec

@@ -24,6 +24,7 @@ Gem::Specification.new do |s|
 
   s.add_dependency 'activesupport', '>= 5.2'
   s.add_dependency 'addressable'
+  s.add_dependency 'local_uri'
   s.add_dependency 'typhoeus', '>= 0.11'
 
   s.add_development_dependency 'geminabox'
@@ -35,6 +36,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'rubocop', '~> 1.0'
   s.add_development_dependency 'rubocop-performance', '~> 1.0'
   s.add_development_dependency 'rubocop-rspec', '~> 1.26.0'
+  s.add_development_dependency 'sprockets-rails'
   s.add_development_dependency 'timecop'
   s.add_development_dependency 'webmock'
 

data/lib/lhc/error.rb

@@ -75,7 +75,7 @@ class LHC::Error < StandardError
     debug << "Options: #{request.scrubbed_options}"
     debug << "Headers: #{request.scrubbed_headers}"
     debug << "Response Code: #{response.code} (#{response.options[:return_code]})"
-    debug << "Response Options: #{response.options}"
+    debug << "Response Options: #{response.scrubbed_options}"
     debug << response.body
     debug << _message
     debug.map { |str| self.class.fix_invalid_encoding(str) }.join("\n")

data/lib/lhc/interceptors/auth.rb

@@ -39,7 +39,7 @@ class LHC::Auth < LHC::Interceptor
     set_bearer_authorization_header(token)
   end
 
-  # rubocop:disable Style/AccessorMethodName
+  # rubocop:disable Naming/AccessorMethodName
   def set_authorization_header(value)
     request.headers['Authorization'] = value
   end
@@ -50,10 +50,13 @@ class LHC::Auth < LHC::Interceptor
   end
 
   def set_bearer_authorization_header(token)
-    request.options[:auth].merge!(bearer_token: token)
+    auth_options = request.options[:auth] || {}
+    auth_options.merge!(bearer_token: token)
+    request.options[:auth] = auth_options unless request.options.key?(:auth)
+
     set_authorization_header("Bearer #{token}")
   end
-  # rubocop:enable Style/AccessorMethodName
+  # rubocop:enable Naming/AccessorMethodName
 
   def reauthenticate!
     # refresh token and update header

data/lib/lhc/interceptors/rollbar.rb

@@ -7,7 +7,7 @@ class LHC::Rollbar < LHC::Interceptor
   include LHC::FixInvalidEncodingConcern
 
   def after_response
-    return unless Object.const_defined?('Rollbar')
+    return unless Object.const_defined?(:Rollbar)
     return if response.success?
 
     request = response.request

data/lib/lhc/request.rb

@@ -72,6 +72,7 @@ class LHC::Request
 
   def scrubbed_options
     scrubbed_options = options.deep_dup
+    scrubbed_options[:cache] = LHC::CacheScrubber.new(scrubbed_options[:cache]).scrubbed
     scrubbed_options[:params] = LHC::ParamsScrubber.new(scrubbed_options[:params]).scrubbed
     scrubbed_options[:headers] = LHC::HeadersScrubber.new(scrubbed_options[:headers], scrubbed_options[:auth]).scrubbed
     scrubbed_options[:auth] = LHC::AuthScrubber.new(scrubbed_options[:auth]).scrubbed

data/lib/lhc/response.rb

@@ -54,6 +54,12 @@ class LHC::Response
     request.format
   end
 
+  def scrubbed_options
+    scrubbed_options = options.deep_dup
+    scrubbed_options[:effective_url] = LHC::EffectiveUrlScrubber.new(scrubbed_options[:effective_url]).scrubbed
+    scrubbed_options
+  end
+
   private
 
   attr_accessor :raw

data/lib/lhc/scrubbers/cache_scrubber.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+class LHC::CacheScrubber < LHC::Scrubber
+  def initialize(data)
+    super(data)
+    scrub_cache_options!
+  end
+
+  private
+
+  def scrub_cache_options!
+    return if scrubbed.blank?
+    return if scrub_elements.blank?
+
+    scrub_cache_key!
+  end
+
+  def scrub_cache_key!
+    return if scrubbed[:key].blank?
+
+    scrub_elements.each do |scrub_element|
+      matches = scrubbed[:key].match(/:#{scrub_element}=>"(.*?)"/)
+      next if matches.nil?
+
+      value = matches[-1]
+      scrubbed[:key].gsub!(value, SCRUB_DISPLAY)
+    end
+  end
+
+  def scrub_elements
+    # The cache key includes the whole request url inklusive params.
+    # We need to scrub those params from the cache key.
+    LHC.config.scrubs[:params]
+  end
+end

data/lib/lhc/scrubbers/effective_url_scrubber.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+class LHC::EffectiveUrlScrubber < LHC::Scrubber
+  def initialize(data)
+    super(data)
+    scrub_effective_url_options!
+  end
+
+  private
+
+  def scrub_effective_url_options!
+    return if scrubbed.blank?
+    return if scrub_elements.blank?
+
+    scrub_effective_url!
+  end
+
+  def scrub_effective_url!
+    return if scrubbed.blank?
+
+    scrub_elements.each do |scrub_element|
+      uri = LocalUri::URI.new(scrubbed)
+      self.scrubbed = CGI.unescape(uri.query.merge(scrub_element => SCRUB_DISPLAY).to_s)
+    end
+  end
+
+  def scrub_elements
+    # The effective url includes the params of the request
+    # so we need to scrub those params from the effective url.
+    LHC.config.scrubs[:params]
+  end
+end

data/lib/lhc/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module LHC
-  VERSION ||= '15.0.1'
+  VERSION ||= '15.1.3'
 end

data/lib/lhc.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require 'local_uri'
 require 'typhoeus'
 require 'active_support/core_ext/object/blank'
 require 'active_support/core_ext/hash/keys'
@@ -119,6 +120,10 @@ module LHC
            'lhc/scrubbers/auth_scrubber'
   autoload :BodyScrubber,
            'lhc/scrubbers/body_scrubber'
+  autoload :CacheScrubber,
+           'lhc/scrubbers/cache_scrubber'
+  autoload :EffectiveUrlScrubber,
+           'lhc/scrubbers/effective_url_scrubber'
   autoload :HeadersScrubber,
            'lhc/scrubbers/headers_scrubber'
   autoload :ParamsScrubber,

data/spec/error/to_s_spec.rb

@@ -55,10 +55,12 @@ describe LHC::Error do
       end
 
       let(:response) do
+        options = { return_code: :internal_error, response_headers: "" }
         double('LHC::Response',
                request: request,
                code: 500,
-               options: { return_code: :internal_error, response_headers: "" },
+               options: options,
+               scrubbed_options: options,
                body: '{"status":500,"message":"undefined"}')
       end
 

data/spec/interceptors/auth/reauthentication_spec.rb

@@ -27,6 +27,27 @@ describe LHC::Auth do
     expect(auth_suceeding_after_recovery).to have_been_made.once
   end
 
+  context 'without `auth` options' do
+    let(:headers) do
+      { 'Authorization' => "Bearer #{initial_token}" }
+    end
+
+    before do
+      LHC::Auth.refresh_client_token = -> { refresh_token }
+    end
+
+    after do
+      LHC::Auth.refresh_client_token = -> { nil }
+    end
+
+    it 'recovery is attempted' do
+      LHC.config.endpoint(:local, 'http://local.ch')
+      # the retried request (with updated Bearer), that should work
+      LHC.get(:local, { headers: headers })
+      expect(auth_suceeding_after_recovery).to have_been_made.once
+    end
+  end
+
   it "recovery is not attempted again when the request has reauthenticated: true " do
     LHC.config.endpoint(:local, 'http://local.ch', auth: options.merge(reauthenticated: true))
     expect { LHC.get(:local) }.to raise_error(LHC::Unauthorized)

data/spec/interceptors/rollbar/main_spec.rb

@@ -9,7 +9,7 @@ describe LHC::Rollbar do
 
   context 'Rollbar is undefined' do
     before(:each) do
-      Object.send(:remove_const, 'Rollbar') if Object.const_defined?('Rollbar')
+      Object.send(:remove_const, 'Rollbar') if Object.const_defined?(:Rollbar)
     end
     it 'does not report' do
       stub_request(:get, 'http://local.ch').to_return(status: 400)

data/spec/request/scrubbed_options_spec.rb

@@ -18,9 +18,12 @@ describe LHC::Request do
   let(:params) { { api_key: 'api-key-params' } }
   let(:headers) { { private_key: 'private-key-header' } }
   let(:body) { { user_token: 'user-token-body' } }
+  let(:cache) do
+    { key: "LHS_REQUEST_CYCLE_CACHE(v1) POST http://local.ch?#{params}" }
+  end
 
   let(:request) do
-    response = LHC.post(:local, params: params, headers: headers, body: body)
+    response = LHC.post(:local, params: params, headers: headers, body: body, cache: cache)
     response.request
   end
 
@@ -30,6 +33,8 @@ describe LHC::Request do
     expect(request.scrubbed_options[:body]).to include(user_token: LHC::Scrubber::SCRUB_DISPLAY)
     expect(request.scrubbed_options[:auth][:bearer_token]).to eq(LHC::Scrubber::SCRUB_DISPLAY)
     expect(request.scrubbed_options[:auth][:basic]).to be nil
+    expect(request.scrubbed_options[:cache])
+      .to include(key: "LHS_REQUEST_CYCLE_CACHE(v1) POST http://local.ch?{:api_key=>\"[FILTERED]\"}")
   end
 
   context 'when bearer auth is not a proc' do
@@ -53,6 +58,19 @@ describe LHC::Request do
     end
   end
 
+  context 'when parameter should not get scrubbed' do
+    let(:params) { { any_parameter: 'any-parameter' } }
+
+    let(:cache) do
+      { key: "LHS_REQUEST_CYCLE_CACHE(v1) POST http://local.ch?#{params}" }
+    end
+
+    it 'does not scrubb the parameter' do
+      expect(request.scrubbed_options[:cache])
+        .to include(key: "LHS_REQUEST_CYCLE_CACHE(v1) POST http://local.ch?#{params}")
+    end
+  end
+
   context 'when body data is nested' do
     let(:body) do
       {
@@ -104,6 +122,8 @@ describe LHC::Request do
       expect(request.scrubbed_options[:headers]).not_to include(private_key: LHC::Scrubber::SCRUB_DISPLAY)
       expect(request.scrubbed_options[:body]).not_to include(user_token: LHC::Scrubber::SCRUB_DISPLAY)
       expect(request.scrubbed_options[:auth][:bearer_token]).not_to eq(LHC::Scrubber::SCRUB_DISPLAY)
+      expect(request.scrubbed_options[:cache])
+        .not_to include(key: "LHS_REQUEST_CYCLE_CACHE(v1) POST http://local.ch?{:api_key=>\"[FILTERED]\"}")
     end
   end
 

data/spec/response/scrubbed_options_spec.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe LHC::Response do
+  let(:options) do
+    { effective_url: 'http://local.ch?api_key=api-key' }
+  end
+
+  let(:raw_response) { OpenStruct.new(options: options) }
+
+  before do
+    LHC.config.scrubs[:params] << 'api_key'
+  end
+
+  it 'scrubbes effective url' do
+    response = LHC::Response.new(raw_response, nil)
+    expect(response.scrubbed_options[:effective_url]).to eq "http://local.ch?api_key=#{LHC::Scrubber::SCRUB_DISPLAY}"
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lhc
 version: !ruby/object:Gem::Version
-  version: 15.0.1
+  version: 15.1.3
 platform: ruby
 authors:
 - https://github.com/local-ch/lhc/contributors
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-12 00:00:00.000000000 Z
+date: 2022-01-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -38,6 +38,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: local_uri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: typhoeus
   requirement: !ruby/object:Gem::Requirement
@@ -178,6 +192,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.26.0
+- !ruby/object:Gem::Dependency
+  name: sprockets-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
@@ -273,6 +301,8 @@ files:
 - lib/lhc/scrubber.rb
 - lib/lhc/scrubbers/auth_scrubber.rb
 - lib/lhc/scrubbers/body_scrubber.rb
+- lib/lhc/scrubbers/cache_scrubber.rb
+- lib/lhc/scrubbers/effective_url_scrubber.rb
 - lib/lhc/scrubbers/headers_scrubber.rb
 - lib/lhc/scrubbers/params_scrubber.rb
 - lib/lhc/test/cache_helper.rb
@@ -401,6 +431,7 @@ files:
 - spec/response/effective_url_spec.rb
 - spec/response/headers_spec.rb
 - spec/response/options_spec.rb
+- spec/response/scrubbed_options_spec.rb
 - spec/response/success_spec.rb
 - spec/response/time_spec.rb
 - spec/spec_helper.rb
@@ -560,6 +591,7 @@ test_files:
 - spec/response/effective_url_spec.rb
 - spec/response/headers_spec.rb
 - spec/response/options_spec.rb
+- spec/response/scrubbed_options_spec.rb
 - spec/response/success_spec.rb
 - spec/response/time_spec.rb
 - spec/spec_helper.rb