lhs 21.2.2 → 21.3.0

data/lib/lhs/concerns/record/request.rb

@@ -246,7 +246,9 @@ class LHS::Record
       def skip_loading_includes?(data, included)
         if data.collection?
           data.to_a.none? { |item| item[included].present? }
-        elsif data[included].present? && data[included].item? && data[included].href.blank?
+        elsif data.dig(included).blank?
+          true
+        elsif data[included].item? && data[included][:href].blank?
           true
         else
           !data._raw.key?(included)
@@ -515,20 +517,39 @@ class LHS::Record
         options[:url] = compute_url!(options[:params]) unless options.key?(:url)
         merge_explicit_params!(options[:params])
         options.delete(:params) if options[:params]&.empty?
-        inject_request_cycle_cache!(options)
+        inject_interceptors!(options)
         options
       end
 
-      # Injects options into request, that enable the request cycle cache interceptor
-      def inject_request_cycle_cache!(options)
-        return unless LHS.config.request_cycle_cache_enabled
+      def inject_interceptors!(options)
+        if LHS.config.request_cycle_cache_enabled
+          inject_interceptor!(
+            options,
+            LHS::Interceptors::RequestCycleCache::Interceptor,
+            LHC::Caching,
+            "[WARNING] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#caching-interceptor)!"
+          )
+        end
+
+        endpoint = find_endpoint(options[:params], options.fetch(:url, nil))
+        if auto_oauth? || (endpoint.options&.dig(:oauth) && LHS.config.auto_oauth)
+          inject_interceptor!(
+            options.merge!(record: self),
+            LHS::Interceptors::AutoOauth::Interceptor,
+            LHC::Auth,
+            "[WARNING] Can't enable auto oauth as LHC::Auth interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#authentication-interceptor)!"
+          )
+        end
+      end
+
+      def inject_interceptor!(options, interceptor, dependecy, warning)
         interceptors = options[:interceptors] || LHC.config.interceptors
-        if interceptors.include?(LHC::Caching)
+        if interceptors.include?(dependecy)
           # Ensure interceptor is prepend
-          interceptors = interceptors.unshift(LHS::Interceptors::RequestCycleCache::Interceptor)
+          interceptors = interceptors.unshift(interceptor)
           options[:interceptors] = interceptors
         else
-          warn("[WARNING] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/docs/interceptors/caching.md#caching-interceptor)!")
+          warn(warning)
         end
       end
 

data/lib/lhs/config.rb

@@ -5,7 +5,7 @@ require 'singleton'
 class LHS::Config
   include Singleton
 
-  attr_accessor :request_cycle_cache_enabled, :request_cycle_cache, :trace
+  attr_accessor :request_cycle_cache_enabled, :request_cycle_cache, :trace, :auto_oauth
 
   def initialize
     self.request_cycle_cache_enabled ||= true

data/lib/lhs/interceptors/auto_oauth/interceptor.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'active_support'
+
+module LHS
+  module Interceptors
+    module AutoOauth
+      extend ActiveSupport::Concern
+
+      class Interceptor < LHC::Interceptor
+
+        def before_request
+          request.options[:auth] = { bearer: token }
+        end
+
+        def tokens
+          @tokens ||= LHS::Interceptors::AutoOauth::ThreadRegistry.access_token
+        end
+
+        def token
+          if tokens.is_a?(Hash)
+            tokens.dig(
+              request.options[:oauth] ||
+              request.options[:record]&.auto_oauth
+            )
+          else
+            tokens
+          end
+        end
+      end
+    end
+  end
+end

data/lib/lhs/interceptors/auto_oauth/thread_registry.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'active_support'
+require 'active_support/per_thread_registry'
+
+module LHS
+  module Interceptors
+    module AutoOauth
+      extend ActiveSupport::Concern
+      class ThreadRegistry
+        # Using ActiveSupports PerThreadRegistry to be able to support Active Support v4.
+        # Will switch to thread_mattr_accessor (which comes with Activesupport) when we dropping support for Active Support v4.
+        extend ActiveSupport::PerThreadRegistry
+        attr_accessor :access_token
+      end
+    end
+  end
+end

data/lib/lhs/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module LHS
-  VERSION = '21.2.2'
+  VERSION = '21.3.0'
 end

data/spec/auto_oauth_spec.rb

@@ -0,0 +1,129 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'Auto OAuth Authentication', type: :request, dummy_models: true do
+
+  context 'without LHC::Auth interceptor enabled' do
+
+    before do
+      LHS.configure do |config|
+        config.auto_oauth = -> { access_token }
+      end
+    end
+
+    it 'shows a warning that it can not perform auto authentication' do
+      expect(lambda do
+        get '/automatic_authentication/oauth'
+      end).to output(
+        %r{\[WARNING\] Can't enable auto oauth as LHC::Auth interceptor is not enabled\/configured \(see https://github.com/local-ch/lhc/blob/master/README.md#authentication-interceptor\)!}
+      ).to_stderr
+    end
+  end
+
+  context 'with LHC::Auth interceptor enabled' do
+
+    context 'with only one auth provider' do
+
+      let(:token) { ApplicationController::ACCESS_TOKEN }
+
+      let(:record_request) do
+        stub_request(:get, "http://datastore/v2/records_with_oauth/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      let(:records_request) do
+        stub_request(:get, "http://datastore/v2/records_with_oauth?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      before do
+        LHS.configure do |config|
+          config.auto_oauth = -> { access_token }
+        end
+        LHC.configure do |config|
+          config.interceptors = [LHC::Auth]
+        end
+        record_request
+        records_request
+      end
+
+      after do
+        LHC.config.reset
+      end
+
+      it 'applies OAuth credentials for the individual request automatically' do
+        get '/automatic_authentication/oauth'
+        expect(record_request).to have_been_requested
+        expect(records_request).to have_been_requested
+      end
+    end
+
+    context 'with multiple auth providers' do
+
+      before do
+        LHS.configure do |config|
+          config.auto_oauth = proc do
+            {
+              provider1: access_token_provider_1,
+              provider2: access_token_provider_2
+            }
+          end
+        end
+        LHC.configure do |config|
+          config.interceptors = [LHC::Auth]
+        end
+        record_request_provider_1
+        records_request_provider_2
+        records_request_per_endpoint_provider_1
+        record_request_per_endpoint_provider_2
+      end
+
+      let(:token) { ApplicationController::ACCESS_TOKEN }
+
+      let(:record_request_provider_1) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_1/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_1" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      let(:records_request_provider_2) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_2?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_2" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      let(:records_request_per_endpoint_provider_1) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_1" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      let(:record_request_per_endpoint_provider_2) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_2" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      after do
+        LHC.config.reset
+      end
+
+      it 'applies OAuth credentials for the individual request automatically no matter how many auth providers are configured ' do
+        get '/automatic_authentication/oauth_with_multiple_providers'
+        expect(record_request_provider_1).to have_been_requested
+        expect(records_request_provider_2).to have_been_requested
+        expect(records_request_per_endpoint_provider_1).to have_been_requested
+        expect(record_request_per_endpoint_provider_2).to have_been_requested
+      end
+    end
+  end
+end

data/spec/autoloading_spec.rb

@@ -4,18 +4,45 @@ require "rails_helper"
 
 describe LHS, type: :request do
   context 'autoloading' do
-    it "pre/re-loads all LHS classes initialy,|
-        because it's necessary for endpoint-to-record-class-discovery",
-    reset_before: false do
-      all_endpoints = LHS::Record::Endpoints.all
-      expect(all_endpoints['http://datastore/v2/users']).to be_present
-      expect(all_endpoints['http://datastore/v2/users/{id}']).to be_present
+
+    let(:endpoints) { LHS::Record::Endpoints.all }
+
+    it "pre/re-loads all LHS classes initialy, because it's necessary for endpoint-to-record-class-discovery", reset_before: false do
+
+      expect(endpoints['http://datastore/v2/users']).to be_present
+      expect(endpoints['http://datastore/v2/users/{id}']).to be_present
+
       expect(
-        User.endpoints.detect { |endpoint| endpoint.url == 'http://datastore/v2/users' }
+        DummyUser.endpoints.detect { |endpoint| endpoint.url == 'http://datastore/v2/users' }
       ).to be_present
       expect(
-        User.endpoints.detect { |endpoint| endpoint.url == 'http://datastore/v2/users/{id}' }
+        DummyUser.endpoints.detect { |endpoint| endpoint.url == 'http://datastore/v2/users/{id}' }
       ).to be_present
     end
+
+    it "also pre/re-loads all LHS classes that inherited from an LHS provider, because it's necessary for endpoint-to-record-class-discovery", reset_before: false do
+
+      expect(endpoints['http://customers']).to be_present
+      expect(endpoints['http://customers/{id}']).to be_present
+
+      expect(
+        DummyCustomer.endpoints.detect { |endpoint| endpoint.url == 'http://customers' }
+      ).to be_present
+      expect(
+        DummyCustomer.endpoints.detect { |endpoint| endpoint.url == 'http://customers/{id}' }
+      ).to be_present
+
+      customer_request = stub_request(:get, "http://customers/1")
+        .with(
+          headers: {
+            'Authorization' => 'token123'
+          }
+        )
+        .to_return(body: { name: 'Steve' }.to_json)
+
+      DummyCustomer.find(1)
+
+      expect(customer_request).to have_been_requested
+    end
   end
 end

data/spec/dummy/app/controllers/application_controller.rb

@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 
 class ApplicationController < ActionController::Base
+  include LHS::OAuth
+  ACCESS_TOKEN = 'token-12345'
+
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
@@ -8,4 +11,16 @@ class ApplicationController < ActionController::Base
   def root
     render nothing: true
   end
+
+  def access_token
+    ACCESS_TOKEN
+  end
+
+  def access_token_provider_1
+    "#{ACCESS_TOKEN}_provider_1"
+  end
+
+  def access_token_provider_2
+    "#{ACCESS_TOKEN}_provider_2"
+  end
 end

data/spec/dummy/app/controllers/automatic_authentication_controller.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+class AutomaticAuthenticationController < ApplicationController
+
+  def o_auth
+    render json: {
+      record: DummyRecordWithOauth.find(1).as_json,
+      records: DummyRecordWithOauth.where(color: 'blue').as_json
+    }
+  end
+
+  def o_auth_with_multiple_providers
+    render json: {
+      record: DummyRecordWithMultipleOauthProviders1.find(1).as_json,
+      records: DummyRecordWithMultipleOauthProviders2.where(color: 'blue').as_json,
+      per_endpoint: {
+        record: DummyRecordWithMultipleOauthProvidersPerEndpoint.find(1).as_json,
+        records: DummyRecordWithMultipleOauthProvidersPerEndpoint.where(color: 'blue').as_json
+      }
+    }
+  end
+end

data/spec/dummy/app/controllers/error_handling_with_chains_controller.rb

@@ -5,7 +5,7 @@ class ErrorHandlingWithChainsController < ApplicationController
   # Example where the query chain is resolved
   # in the view (during render 'show')
   def fetch_in_view
-    @records = Record
+    @records = DummyRecord
       .handle(LHC::Error, ->(error) { handle_error(error) })
       .where(color: 'blue')
     render 'show'
@@ -15,7 +15,7 @@ class ErrorHandlingWithChainsController < ApplicationController
   # Example where the query chain is resolved
   # before the view is rendered
   def fetch_in_controller
-    @records = Record
+    @records = DummyRecord
       .handle(LHC::Error, ->(error) { handle_error(error) })
       .where(color: 'blue').fetch
     render 'show'

data/spec/dummy/app/controllers/extended_rollbar_controller.rb

@@ -3,8 +3,8 @@
 class ExtendedRollbarController < ApplicationController
 
   def extended_rollbar
-    Record.where(color: 'blue').fetch
-    Record.where(color: 'red').fetch
+    DummyRecord.where(color: 'blue').fetch
+    DummyRecord.where(color: 'red').fetch
     raise "Let's see if rollbar logs information about what kind of requests where made around here!"
   end
 end

data/spec/dummy/app/controllers/option_blocks_controller.rb

@@ -4,12 +4,12 @@ class OptionBlocksController < ApplicationController
 
   def first
     LHS::OptionBlocks::CurrentOptionBlock.options = { params: { request: 'first' } }
-    Record.where(request: 'second').fetch
+    DummyRecord.where(request: 'second').fetch
     render text: 'ok'
   end
 
   def second
-    Record.where(request: 'second').fetch
+    DummyRecord.where(request: 'second').fetch
     render text: 'ok'
   end
 end

data/spec/dummy/app/models/dummy_customer.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class DummyCustomer < Providers::CustomerSystem
+  endpoint 'http://customers'
+  endpoint 'http://customers/{id}'
+end

data/spec/dummy/app/models/{record.rb → dummy_record.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class Record < LHS::Record
+class DummyRecord < LHS::Record
   endpoint 'http://datastore/v2/records'
   endpoint 'http://datastore/v2/records/{id}'
 end

data/spec/dummy/app/models/dummy_record_with_multiple_oauth_providers1.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class DummyRecordWithMultipleOauthProviders1 < LHS::Record
+  oauth(:provider1)
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_1'
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_1/{id}'
+end

data/spec/dummy/app/models/dummy_record_with_multiple_oauth_providers2.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class DummyRecordWithMultipleOauthProviders2 < LHS::Record
+  oauth(:provider2)
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_2'
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_2/{id}'
+end

data/spec/dummy/app/models/dummy_record_with_multiple_providers_per_endpoint.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class DummyRecordWithMultipleOauthProvidersPerEndpoint < LHS::Record
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint', oauth: :provider1
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint/{id}', oauth: :provider2
+end