lhs 21.2.3 → 22.0.0

data/lib/lhs/concerns/o_auth.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'active_support'
+
+module LHS
+  module OAuth
+    extend ActiveSupport::Concern
+
+    included do
+      prepend_before_action :lhs_store_oauth_access_token
+    end
+
+    private
+
+    def lhs_store_oauth_access_token
+      lhs_check_auto_oauth_enabled!
+      LHS::Interceptors::AutoOauth::ThreadRegistry.access_token = instance_exec(&LHS.config.auto_oauth)
+    end
+
+    def lhs_check_auto_oauth_enabled!
+      return if LHS.config.auto_oauth.present? && LHS.config.auto_oauth.is_a?(Proc)
+      raise 'You have to enable LHS.config.auto_oauth by passing a proc returning an access token!'
+    end
+  end
+end

data/lib/lhs/concerns/record/chainable.rb

@@ -64,11 +64,11 @@ class LHS::Record
         chain
       end
 
-      def includes(*args)
+      def includes_first_page(*args)
         Chain.new(self, Include.new(Chain.unfold(args)))
       end
 
-      def includes_all(*args)
+      def includes(*args)
         chain = Chain.new(self, Include.new(Chain.unfold(args)))
         chain.include_all!(args)
         chain
@@ -259,11 +259,11 @@ class LHS::Record
         push(ErrorHandling.new(error_class => handler))
       end
 
-      def includes(*args)
+      def includes_first_page(*args)
         push(Include.new(Chain.unfold(args)))
       end
 
-      def includes_all(*args)
+      def includes(*args)
         chain = push(Include.new(Chain.unfold(args)))
         chain.include_all!(args)
         chain

data/lib/lhs/concerns/record/configuration.rb

@@ -12,45 +12,62 @@ class LHS::Record
     mattr_accessor :configuration
 
     module ClassMethods
-      def configuration(args)
-        @configuration = args.freeze || {}
+      def configuration(args = nil)
+        if !args.nil?
+          @configuration = args
+        else
+          @configuration || {}
+        end
+      end
+
+      def auto_oauth?
+        LHS.config.auto_oauth && configuration && auto_oauth
+      end
+
+      def auto_oauth
+        configuration.fetch(:auto_oauth, false)
+      end
+
+      def oauth(provider = nil)
+        value = provider || true
+        configuration.present? ? configuration.merge!(auto_oauth: value) : configuration(auto_oauth: value)
       end
 
       def item_key
         symbolize_unless_complex(
-          @configuration.try(:[], :item_key) || :item
+          configuration.dig(:item_key) || :item
         )
       end
 
       def items_key
         symbolize_unless_complex(
-          @configuration.try(:[], :items_key) || :items
+          configuration.dig(:items_key) || :items
         )
       end
 
       def item_created_key
         symbolize_unless_complex(
-          @configuration.try(:[], :item_created_key)
+          configuration.dig(:item_created_key)
         )
       end
 
       def limit_key(type = nil)
         symbolize_unless_complex(
-          pagination_parameter(@configuration.try(:[], :limit_key), type) ||
+          pagination_parameter(configuration.dig(:limit_key), type) ||
           :limit
         )
       end
 
       def total_key
         symbolize_unless_complex(
-          @configuration.try(:[], :total_key) || :total
+          configuration.dig(:total_key) || :total
         )
       end
 
       # Key used for determine current page
       def pagination_key(type = nil)
         symbolize_unless_complex(
-          pagination_parameter(@configuration.try(:[], :pagination_key), type) ||
+          pagination_parameter(configuration.dig(:pagination_key), type) ||
           :offset
         )
       end
@@ -58,15 +75,15 @@ class LHS::Record
       # Strategy used for calculationg next pages and navigate pages
       def pagination_strategy
         symbolize_unless_complex(
-          @configuration.try(:[], :pagination_strategy) || :offset
+          configuration.dig(:pagination_strategy) || :offset
         )
       end
 
       # Allows record to be configured as not paginated,
       # as by default it's considered paginated
       def paginated
-        return true if @configuration.blank?
-        @configuration.fetch(:paginated, true)
+        return true if configuration.blank?
+        configuration.fetch(:paginated, true)
       end
 
       private

data/lib/lhs/concerns/record/request.rb

@@ -246,7 +246,9 @@ class LHS::Record
       def skip_loading_includes?(data, included)
         if data.collection?
           data.to_a.none? { |item| item[included].present? }
-        elsif data[included].present? && data[included].item? && data[included].href.blank?
+        elsif data.dig(included).blank?
+          true
+        elsif data[included].item? && data[included][:href].blank?
           true
         else
           !data._raw.key?(included)
@@ -515,20 +517,39 @@ class LHS::Record
         options[:url] = compute_url!(options[:params]) unless options.key?(:url)
         merge_explicit_params!(options[:params])
         options.delete(:params) if options[:params]&.empty?
-        inject_request_cycle_cache!(options)
+        inject_interceptors!(options)
         options
       end
 
-      # Injects options into request, that enable the request cycle cache interceptor
-      def inject_request_cycle_cache!(options)
-        return unless LHS.config.request_cycle_cache_enabled
+      def inject_interceptors!(options)
+        if LHS.config.request_cycle_cache_enabled
+          inject_interceptor!(
+            options,
+            LHS::Interceptors::RequestCycleCache::Interceptor,
+            LHC::Caching,
+            "[WARNING] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#caching-interceptor)!"
+          )
+        end
+
+        endpoint = find_endpoint(options[:params], options.fetch(:url, nil))
+        if auto_oauth? || (endpoint.options&.dig(:oauth) && LHS.config.auto_oauth) || options[:oauth]
+          inject_interceptor!(
+            options.merge!(record: self),
+            LHS::Interceptors::AutoOauth::Interceptor,
+            LHC::Auth,
+            "[WARNING] Can't enable auto oauth as LHC::Auth interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#authentication-interceptor)!"
+          )
+        end
+      end
+
+      def inject_interceptor!(options, interceptor, dependecy, warning)
         interceptors = options[:interceptors] || LHC.config.interceptors
-        if interceptors.include?(LHC::Caching)
+        if interceptors.include?(dependecy)
           # Ensure interceptor is prepend
-          interceptors = interceptors.unshift(LHS::Interceptors::RequestCycleCache::Interceptor)
+          interceptors = interceptors.unshift(interceptor)
           options[:interceptors] = interceptors
         else
-          warn("[WARNING] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/docs/interceptors/caching.md#caching-interceptor)!")
+          warn(warning)
         end
       end
 

data/lib/lhs/config.rb

@@ -5,7 +5,7 @@ require 'singleton'
 class LHS::Config
   include Singleton
 
-  attr_accessor :request_cycle_cache_enabled, :request_cycle_cache, :trace
+  attr_accessor :request_cycle_cache_enabled, :request_cycle_cache, :trace, :auto_oauth
 
   def initialize
     self.request_cycle_cache_enabled ||= true

data/lib/lhs/interceptors/auto_oauth/interceptor.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'active_support'
+
+module LHS
+  module Interceptors
+    module AutoOauth
+      extend ActiveSupport::Concern
+
+      class Interceptor < LHC::Interceptor
+
+        def before_request
+          request.options[:auth] = { bearer: token }
+        end
+
+        def tokens
+          @tokens ||= LHS::Interceptors::AutoOauth::ThreadRegistry.access_token
+        end
+
+        def token
+          if tokens.is_a?(Hash)
+            tokens.dig(
+              request.options[:oauth] ||
+              request.options[:record]&.auto_oauth
+            )
+          else
+            tokens
+          end
+        end
+      end
+    end
+  end
+end

data/lib/lhs/interceptors/auto_oauth/thread_registry.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'active_support'
+require 'active_support/per_thread_registry'
+
+module LHS
+  module Interceptors
+    module AutoOauth
+      extend ActiveSupport::Concern
+      class ThreadRegistry
+        # Using ActiveSupports PerThreadRegistry to be able to support Active Support v4.
+        # Will switch to thread_mattr_accessor (which comes with Activesupport) when we dropping support for Active Support v4.
+        extend ActiveSupport::PerThreadRegistry
+        attr_accessor :access_token
+      end
+    end
+  end
+end

data/lib/lhs/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module LHS
-  VERSION = '21.2.3'
+  VERSION = '22.0.0'
 end

data/spec/auto_oauth_spec.rb

@@ -0,0 +1,169 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'Auto OAuth Authentication', type: :request, dummy_models: true do
+
+  context 'without LHC::Auth interceptor enabled' do
+
+    before do
+      LHS.configure do |config|
+        config.auto_oauth = -> { access_token }
+      end
+    end
+
+    it 'shows a warning that it can not perform auto authentication' do
+      expect(lambda do
+        get '/automatic_authentication/oauth'
+      end).to output(
+        %r{\[WARNING\] Can't enable auto oauth as LHC::Auth interceptor is not enabled\/configured \(see https://github.com/local-ch/lhc/blob/master/README.md#authentication-interceptor\)!}
+      ).to_stderr
+    end
+  end
+
+  context 'with LHC::Auth interceptor enabled' do
+
+    context 'with only one auth provider' do
+
+      let(:token) { ApplicationController::ACCESS_TOKEN }
+
+      let(:record_request) do
+        stub_request(:get, "http://datastore/v2/records_with_oauth/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      let(:records_request) do
+        stub_request(:get, "http://datastore/v2/records_with_oauth?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      before do
+        LHS.configure do |config|
+          config.auto_oauth = -> { access_token }
+        end
+        LHC.configure do |config|
+          config.interceptors = [LHC::Auth]
+        end
+        record_request
+        records_request
+      end
+
+      after do
+        LHC.config.reset
+      end
+
+      it 'applies OAuth credentials for the individual request automatically' do
+        get '/automatic_authentication/oauth'
+        expect(record_request).to have_been_requested
+        expect(records_request).to have_been_requested
+      end
+    end
+
+    context 'with multiple auth providers' do
+
+      before do
+        LHS.configure do |config|
+          config.auto_oauth = proc do
+            {
+              provider1: access_token_provider_1,
+              provider2: access_token_provider_2
+            }
+          end
+        end
+        LHC.configure do |config|
+          config.interceptors = [LHC::Auth]
+        end
+        record_request_provider_1
+        records_request_provider_2
+        records_request_per_endpoint_provider_1
+        record_request_per_endpoint_provider_2
+      end
+
+      let(:token) { ApplicationController::ACCESS_TOKEN }
+
+      let(:record_request_provider_1) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_1/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_1" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      let(:records_request_provider_2) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_2?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_2" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      let(:records_request_per_endpoint_provider_1) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_1" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      let(:record_request_per_endpoint_provider_2) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_2" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      after do
+        LHC.config.reset
+      end
+
+      it 'applies OAuth credentials for the individual request automatically no matter how many auth providers are configured ' do
+        get '/automatic_authentication/oauth_with_multiple_providers'
+        expect(record_request_provider_1).to have_been_requested
+        expect(records_request_provider_2).to have_been_requested
+        expect(records_request_per_endpoint_provider_1).to have_been_requested
+        expect(record_request_per_endpoint_provider_2).to have_been_requested
+      end
+    end
+
+    context 'with provider enabled for auto oauth' do
+
+      let(:token) { ApplicationController::ACCESS_TOKEN }
+
+      let(:record_request) do
+        stub_request(:get, "http://internalservice/v2/records/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      let(:records_request) do
+        stub_request(:get, "http://internalservice/v2/records?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      before do
+        LHS.configure do |config|
+          config.auto_oauth = -> { access_token }
+        end
+        LHC.configure do |config|
+          config.interceptors = [LHC::Auth]
+        end
+        record_request
+        records_request
+      end
+
+      after do
+        LHC.config.reset
+      end
+
+      it 'applies OAuth credentials for the individual request automatically' do
+        get '/automatic_authentication/oauth_with_provider'
+        expect(record_request).to have_been_requested
+        expect(records_request).to have_been_requested
+      end
+    end
+  end
+end

data/spec/dummy/app/controllers/application_controller.rb

@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 
 class ApplicationController < ActionController::Base
+  include LHS::OAuth
+  ACCESS_TOKEN = 'token-12345'
+
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
@@ -8,4 +11,16 @@ class ApplicationController < ActionController::Base
   def root
     render nothing: true
   end
+
+  def access_token
+    ACCESS_TOKEN
+  end
+
+  def access_token_provider_1
+    "#{ACCESS_TOKEN}_provider_1"
+  end
+
+  def access_token_provider_2
+    "#{ACCESS_TOKEN}_provider_2"
+  end
 end