lhc 13.2.0 → 13.4.0.pre.pro1766.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b7e042d800751c9fceb6d4f3e01513a1a849a3e00fb8bf7e0987bf1df73b5a45
-  data.tar.gz: 6fa4a578f6003a9ef46ca27ed81766ef2c4dbd07ad231d4201624274b7255153
+  metadata.gz: 14253d5b4b5d91f3ab982f01967045ecdbe49003e4c992544315a2fd0fdc1827
+  data.tar.gz: 7c8e6561080375d1a8cc3d8f5e6ef36ab6c5a09ba15dd0585544e66768336a27
 SHA512:
-  metadata.gz: 80b0d65063c77912df0cf07bc8f25acbb083af34186248689131283cb07e90f9bc2677973b96170d0eeba788b7bcde19ce0f3efddefe349501e33b3825f39b53
-  data.tar.gz: 2f0b273133f8fe5311eeaa4c46d11170430c58099c8599f855e303659f299fbab0ababbc5091999a0fc7c433a7eccdd80fbc343e5cac267aeae3aab7595bbdcb
+  metadata.gz: 20d7c5716b979647de9c84b0117ff17495ae55abc8d4ba20bc01d9deee37100335c0fc2a4a674ba4883f87c4fbcfa88e274da92aadc972c0385f6930c29db8f9
+  data.tar.gz: f41c9f8302517137811020d2337c2922de8b0cd471f3b744cf80b3ea3d4dad62d2c735305090d5f23912735b07840b92abf01ae2fb801b3b6b7f1e4139ebcccc

data/.github/workflows/rubocop.yml

@@ -8,20 +8,8 @@ jobs:
 
     steps:
       - uses: actions/checkout@v2
-      - uses: actions/setup-ruby@v1
+      - uses: ruby/setup-ruby@v1
         with:
-          ruby-version: 2.7.2
-      - name: Cache Ruby Gems
-        uses: actions/cache@v2
-        with:
-          path: /.tmp/vendor/bundle
-          key: ${{ runner.os }}-gems-latest-${{ hashFiles('**/Gemfile.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-gems-latest-
-      - name: Bundle Install
-        run: |
-          bundle config path /.tmp/vendor/bundle
-          bundle install --jobs 4 --retry 3
+          bundler-cache: true
       - name: Run Rubocop
-        run: |
-          bundle exec rubocop
+        run: bundle exec rubocop

data/.github/workflows/test.yml

@@ -8,20 +8,8 @@ jobs:
 
     steps:
       - uses: actions/checkout@v2
-      - uses: actions/setup-ruby@v1
+      - uses: ruby/setup-ruby@v1
         with:
-          ruby-version: 2.7.2
-      - name: Cache Ruby Gems
-        uses: actions/cache@v2
-        with:
-          path: /.tmp/vendor/bundle
-          key: ${{ runner.os }}-gems-latest-${{ hashFiles('**/Gemfile.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-gems-latest-
-      - name: Bundle Install
-        run: |
-          bundle config path /.tmp/vendor/bundle
-          bundle install --jobs 4 --retry 3
+          bundler-cache: true
       - name: Run Tests
-        run: |
-          bundle exec rspec
+        run: bundle exec rspec

data/.rubocop.yml

@@ -1,64 +1,386 @@
-# This is project specific rubocop configuration file.
-# You can tweak project settings here
-inherit_from:
-  - ./.rubocop.localch.yml
-
 AllCops:
-  TargetRubyVersion: 2.3
+  DisplayCopNames: true
+  DisplayStyleGuide: true
+  TargetRubyVersion: '2.7'
+  NewCops: enable
+  SuggestExtensions: false
   Exclude:
+    - 'db/**/*'
+    - 'script/**/*'
+    - 'vendor/bundle/**/*'
+    - 'vendor/assets/**/*'
+    - 'bin/**/*'
+    - 'config/unicorn.rb'
+    - 'config/compass.rb'
+    - 'Rakefile'
+    - 'app/controllers/error_trap_controller.rb'
+    - 'app/controllers/hsts_controller.rb'
+    - 'spec/lib/util_spec.rb'
     - vendor/**
     - vendor/**/.*
 
+require:
+  - rubocop-rspec
+  - rubocop-performance
+
+Bundler/OrderedGems:
+  Enabled: false
+
+Lint/SuppressedException:
+  Exclude:
+    - spec/**/*
+
+Lint/UriEscapeUnescape:
+  Enabled: false
+
 Lint/IneffectiveAccessModifier:
   Enabled: false
 
-Rails:
+Lint/ConstantDefinitionInBlock:
   Enabled: false
 
-RSpec/AnyInstance:
+Lint/ToJSON:
   Enabled: false
 
-RSpec/DescribedClass:
+Lint/NonDeterministicRequireOrder:
   Enabled: false
 
-RSpec/MultipleExpectations:
+Lint/DeprecatedConstants: # (new in 1.8)
   Enabled: false
 
-RSpec/HookArgument:
+Lint/EmptyBlock: # (new in 1.1)
   Enabled: false
 
-RSpec/ExampleLength:
+Lint/EmptyClass: # (new in 1.3)
+  Enabled: false
+
+Lint/OrAssignmentToConstant: # (new in 1.9)
+  Enabled: false
+
+Lint/SymbolConversion: # (new in 1.9)
+  Enabled: false
+
+Metrics/AbcSize:
+  Enabled: false
+
+Metrics/MethodLength:
+  Enabled: false
+
+Metrics/CyclomaticComplexity:
+  Enabled: false
+
+Metrics/PerceivedComplexity:
+  Enabled: false
+
+Metrics/ClassLength:
+  Enabled: false
+
+Metrics/ModuleLength:
+  Enabled: false
+
+Metrics/BlockLength:
+  Enabled: false
+
+Metrics/ParameterLists:
+  Enabled: false
+
+Metrics/BlockNesting:
+  Enabled: false
+
+Layout/MultilineOperationIndentation:
+  EnforcedStyle: indented
+
+Layout/DotPosition:
+  EnforcedStyle: leading
+
+Layout/ParameterAlignment:
+  Enabled: false
+
+Layout/EmptyLinesAroundClassBody:
+  Enabled: false
+
+Layout/FirstArrayElementIndentation:
+  EnforcedStyle: consistent
+
+Layout/MultilineMethodCallIndentation:
+  EnforcedStyle: indented
+
+Layout/MultilineMethodCallBraceLayout:
+  EnforcedStyle: symmetrical
+
+Layout/EmptyLinesAroundBlockBody:
+  EnforcedStyle: no_empty_lines
+
+Layout/HeredocIndentation:
+  Enabled: false
+
+Layout/MultilineArrayBraceLayout:
+  EnforcedStyle: symmetrical
+
+Layout/MultilineHashBraceLayout:
+  EnforcedStyle: symmetrical
+
+Layout/LineLength:
+  Enabled: false
+
+Style/RescueStandardError:
+  Enabled: false
+
+Style/StringLiterals:
+  Enabled: false
+
+Style/NumericLiterals:
+  Enabled: false
+
+Style/WordArray:
+  Enabled: false
+
+Style/Next:
+  Enabled: false
+
+Style/PercentLiteralDelimiters:
+  Enabled: false
+
+Style/GlobalVars:
+  Enabled: false
+
+Style/CommentAnnotation:
+  Enabled: false
+
+Style/SymbolProc:
+  Enabled: false
+
+Style/DoubleNegation:
+  Enabled: false
+
+Style/FormatString:
+  Enabled: false
+
+Style/AsciiComments:
+  Enabled: false
+
+Style/BarePercentLiterals:
+  Enabled: false
+
+Style/SingleLineBlockParams:
+  Enabled: false
+
+Style/MultilineBlockChain:
+  Enabled: false
+
+Style/RedundantCapitalW:
+  Enabled: false
+
+Style/RedundantPercentQ:
+  Enabled: false
+
+Style/BlockDelimiters:
+  Exclude:
+    - spec/**/*
+
+Style/IfUnlessModifier:
+  Enabled: false
+
+Style/ClassAndModuleChildren:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/GuardClause:
+  Enabled: false
+
+
+Style/NegatedIf:
+  Enabled: false
+
+Style/MutableConstant:
+  Enabled: false
+
+Style/ConditionalAssignment:
   Enabled: false
 
 Style/Lambda:
   Enabled: false
 
-RSpec/NestedGroups:
+Style/SymbolArray:
   Enabled: false
 
-RSpec/VerifiedDoubles:
+Style/HashSyntax:
+  EnforcedStyle: ruby19
+
+Style/FormatStringToken:
+  Enabled: false
+
+Style/TernaryParentheses:
+  EnforcedStyle: require_parentheses_when_complex
+
+Style/PerlBackrefs:
+  Enabled: false
+
+Style/RegexpLiteral:
+  AllowInnerSlashes: false
+  Exclude:
+    - spec/**/*
+
+Style/BlockComments:
+  Enabled: false
+
+Style/RedundantParentheses:
+  Enabled: false
+
+Style/NumericPredicate:
   Enabled: false
 
 Style/RedundantReturn:
   Enabled: false
 
-RSpec/InstanceVariable:
+Style/EmptyMethod:
+  EnforcedStyle: compact
+
+Style/ExpandPathArguments:
   Enabled: false
 
 Style/FrozenStringLiteralComment:
   Enabled: true
 
-Naming/MemoizedInstanceVariableName:
+Style/RedundantBegin:
+  Enabled: false
+
+Style/RedundantAssignment:
+  Enabled: false
+
+Style/SingleArgumentDig:
+  Enabled: false
+
+Style/OptionalBooleanParameter:
+  Enabled: false
+
+Style/CaseLikeIf:
+  Enabled: false
+
+Style/HashEachMethods:
+  Enabled: false 
+
+Style/HashConversion: # (new in 1.10)
+  Enabled: false
+
+Style/NilLambda: # (new in 1.3)
+  Enabled: false
+
+RSpec/DescribeClass:
+  Exclude:
+    - spec/views/**/*
+    - spec/routing/**/*
+    - spec/requests/**/*
+    - spec/features/**/*
+
+RSpec/FilePath:
+  Enabled: false
+
+RSpec/NamedSubject:
+  Enabled: false
+
+RSpec/LeadingSubject:
+  Enabled: false
+
+RSpec/ExpectInHook:
+  Enabled: false
+
+RSpec/ReturnFromStub:
+  Enabled: false
+
+RSpec/SubjectStub:
+  Enabled: false
+
+RSpec/EmptyLineAfterSubject:
+  Enabled: false
+
+RSpec/LetSetup:
+  Enabled: false
+
+RSpec/ImplicitExpect:
+  EnforcedStyle: is_expected
+
+RSpec/ScatteredLet:
+  Enabled: false
+
+RSpec/ContextWording:
+  Enabled: false
+
+RSpec/AnyInstance:
+  Enabled: false
+
+RSpec/DescribedClass:
+  Enabled: false
+
+RSpec/MultipleExpectations:
+  Enabled: false
+
+RSpec/HookArgument:
+  Enabled: false
+
+RSpec/ExampleLength:
+  Enabled: false
+
+RSpec/NestedGroups:
+  Enabled: false
+
+RSpec/VerifiedDoubles:
+  Enabled: false
+
+RSpec/InstanceVariable:
   Enabled: false
 
 RSpec/MessageSpies:
   Enabled: false
 
-RSpec/BeforeAfterAll:
+RSpec/FactoryBot/CreateList:
   Enabled: false
 
-Style/EmptyMethod:
-  EnforcedStyle: compact
+RSpec/BeforeAfterAll:
+  Enabled: false
 
 RSpec/RepeatedExample:
   Enabled: false
+
+Naming/FileName:
+  Exclude:
+    - Gemfile
+    - Brewfile
+    - Guardfile
+
+Naming/AccessorMethodName:
+  Exclude:
+    - spec/support/pages/**/*
+
+Naming/VariableNumber:
+  Enabled: false
+
+Naming/MethodParameterName:
+  Enabled: false
+
+Naming/MemoizedInstanceVariableName:
+  Enabled: false
+
+
+Performance/StringReplacement:
+  Enabled: false
+
+Performance/TimesMap:
+  Enabled: false
+
+Performance/RedundantBlockCall:
+  Enabled: false
+
+Performance/RedundantMatch:
+  Enabled: false
+
+Performance/RedundantMerge:
+  Enabled: false
+
+Performance/Casecmp:
+  Enabled: false
+
+Performance/StringInclude: # (new in 1.7)
+  Enabled: false

data/README.md

@@ -51,6 +51,7 @@ use it like:
   * [Configuration](#configuration)
      * [Configuring endpoints](#configuring-endpoints)
      * [Configuring placeholders](#configuring-placeholders)
+     * [Configuring scrubs](#configuring-scrubs)
   * [Interceptors](#interceptors)
      * [Quick start: Configure/Enable Interceptors](#quick-start-configureenable-interceptors)
      * [Interceptors on local request level](#interceptors-on-local-request-level)
@@ -491,6 +492,50 @@ You can configure global placeholders, that are used when generating urls from u
   LHC.get(:feedbacks) # http://datastore/v2/feedbacks
 ```
 
+### Configuring scrubs
+
+You can filter out sensitive request data from your log files and rollbar by appending them to `LHS.config.scrubs`. These values will be marked `[FILTERED]` in the log and on rollbar. Also nested parameters are being filtered.
+The scrubbing configuration affects all request done by LHC independent of the endpoint. You can scrub any attribute within `params`, `headers` or `body`. For auth you either can choose `:bearer` or `:auth` (default is both).
+
+LHS scrubs per default:
+- Bearer Token within the request header
+- Basic Auth username and password within the request header
+- password and password_confirmation within the request body
+
+Enhance the default scrubbing by pushing the name of the parameter, which should get scrubbed, as string to the existing configuration.
+You can also add multiple parameters at once by pushing multiple strings.
+
+Example:
+```ruby
+  LHC.configure do |c|
+    c.scrubs[:params] << 'api_key'
+    c.scrubs[:body].push('user_token', 'secret_key')
+  end
+```
+
+For disabling scrubbing, add following configuration:
+```ruby
+  LHC.configure do |c|
+    c.scrubs = {}
+  end
+```
+
+If you want to turn off `:bearer` or `:auth` scrubbing, then just overwrite the auth configuration.
+
+Example:
+```ruby
+  LHC.configure do |c|
+    c.scrubs[:auth] = [:bearer]
+  end
+```
+
+If your app has a different authentication strategy than Bearer Authentication or Basic Authentication then you can filter the data by scrubbing the whole header:
+```ruby
+  LHC.configure do |c|
+    c.scrubs[:headers] << 'Authorization'
+  end
+```
+
 ## Interceptors
 
 To monitor and manipulate the HTTP communication done with LHC, you can define interceptors that follow the (Inteceptor Pattern)[https://en.wikipedia.org/wiki/Interceptor_pattern].

data/lhc.gemspec

@@ -20,6 +20,7 @@ Gem::Specification.new do |s|
   s.require_paths = ['lib']
 
   s.requirements << 'Ruby >= 2.0.0'
+  s.required_ruby_version = '>= 2.7' # Needed for rubocop
 
   s.add_dependency 'activesupport', '>= 5.2'
   s.add_dependency 'addressable'
@@ -31,7 +32,8 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'rails', '>= 5.2'
   s.add_development_dependency 'redis'
   s.add_development_dependency 'rspec-rails', '>= 3.0.0'
-  s.add_development_dependency 'rubocop', '~> 0.57.1'
+  s.add_development_dependency 'rubocop', '~> 1.0'
+  s.add_development_dependency 'rubocop-performance', '~> 1.0'
   s.add_development_dependency 'rubocop-rspec', '~> 1.26.0'
   s.add_development_dependency 'timecop'
   s.add_development_dependency 'webmock'

data/lib/lhc/concerns/lhc/fix_invalid_encoding_concern.rb

@@ -12,6 +12,7 @@ module LHC
       # an empty string is returned instead
       def fix_invalid_encoding(string)
         return string unless string.is_a?(String)
+
         result = string.dup
 
         # we assume it's ISO-8859-1 first

data/lib/lhc/config.rb

@@ -5,14 +5,18 @@ require 'singleton'
 class LHC::Config
   include Singleton
 
+  attr_accessor :scrubs
+
   def initialize
     @endpoints = {}
     @placeholders = {}
+    @scrubs = default_scrubs
   end
 
   def endpoint(name, url, options = {})
     name = name.to_sym
     raise 'Endpoint already exists for that name' if @endpoints[name]
+
     @endpoints[name] = LHC::Endpoint.new(url, options)
   end
 
@@ -23,6 +27,7 @@ class LHC::Config
   def placeholder(name, value)
     name = name.to_sym
     raise 'Placeholder already exists for that name' if @placeholders[name]
+
     @placeholders[name] = value
   end
 
@@ -36,12 +41,23 @@ class LHC::Config
 
   def interceptors=(interceptors)
     raise 'Default interceptors already set and can only be set once' if @interceptors
+
     @interceptors = interceptors
   end
 
+  def default_scrubs
+    {
+      auth: [:bearer, :basic],
+      params: [],
+      headers: [],
+      body: ['password', 'password_confirmation']
+    }
+  end
+
   def reset
     @endpoints = {}
     @placeholders = {}
     @interceptors = nil
+    @scrubs = default_scrubs
   end
 end

data/lib/lhc/endpoint.rb

@@ -55,6 +55,7 @@ class LHC::Endpoint
   # Example: {+datastore}/contracts/{id} == http://local.ch/contracts/1
   def match?(url)
     return true if url == uri.pattern
+
     match_data = match_data(url)
     return false if match_data.nil?
 
@@ -75,6 +76,7 @@ class LHC::Endpoint
   def values_as_params(url)
     match_data = match_data(url)
     return if match_data.nil?
+
     Hash[match_data.variables.map(&:to_sym).zip(match_data.values)]
   end
 
@@ -103,6 +105,7 @@ class LHC::Endpoint
   # creates params according to template
   def self.values_as_params(template, url)
     raise("#{url} does not match the template: #{template}") if !match?(url, template)
+
     new(template).values_as_params(url)
   end
 

data/lib/lhc/error.rb

@@ -43,6 +43,7 @@ class LHC::Error < StandardError
 
   def self.find(response)
     return LHC::Timeout if response.timeout?
+
     status_code = response.code.to_s[0..2].to_i
     error = map[status_code]
     error ||= LHC::UnknownError
@@ -65,13 +66,14 @@ class LHC::Error < StandardError
 
   def to_s
     return response.to_s unless response.is_a?(LHC::Response)
+
     request = response.request
     return unless request.is_a?(LHC::Request)
 
     debug = []
     debug << [request.method, request.url].map { |str| self.class.fix_invalid_encoding(str) }.join(' ')
-    debug << "Options: #{request.options}"
-    debug << "Headers: #{request.headers}"
+    debug << "Options: #{request.scrubbed_options}"
+    debug << "Headers: #{request.scrubbed_headers}"
     debug << "Response Code: #{response.code} (#{response.options[:return_code]})"
     debug << "Response Options: #{response.options}"
     debug << response.body

data/lib/lhc/interceptors/auth.rb

@@ -16,6 +16,7 @@ class LHC::Auth < LHC::Interceptor
   def after_response
     return unless configuration_correct?
     return unless reauthenticate?
+
     reauthenticate!
   end
 
@@ -29,7 +30,7 @@ class LHC::Auth < LHC::Interceptor
   def basic_authentication!
     auth = auth_options[:basic]
     credentials = "#{auth[:username]}:#{auth[:password]}"
-    set_authorization_header("Basic #{Base64.strict_encode64(credentials).chomp}")
+    set_basic_authorization_header(Base64.strict_encode64(credentials).chomp)
   end
 
   def bearer_authentication!
@@ -43,7 +44,13 @@ class LHC::Auth < LHC::Interceptor
     request.headers['Authorization'] = value
   end
 
+  def set_basic_authorization_header(base_64_encoded_credentials)
+    request.options[:auth][:basic] = request.options[:auth][:basic].merge(base_64_encoded_credentials: base_64_encoded_credentials)
+    set_authorization_header("Basic #{base_64_encoded_credentials}")
+  end
+
   def set_bearer_authorization_header(token)
+    request.options[:auth] = request.options[:auth].merge(bearer_token: token)
     set_authorization_header("Bearer #{token}")
   end
   # rubocop:enable Style/AccessorMethodName
@@ -86,11 +93,13 @@ class LHC::Auth < LHC::Interceptor
 
   def refresh_client_token?
     return true if refresh_client_token_option.is_a?(Proc)
+
     warn("[WARNING] The given refresh_client_token must be a Proc for reauthentication.")
   end
 
   def retry_interceptor?
     return true if all_interceptor_classes.include?(LHC::Retry) && all_interceptor_classes.index(LHC::Retry) > all_interceptor_classes.index(self.class)
+
     warn("[WARNING] Your interceptors must include LHC::Retry after LHC::Auth.")
   end
 end