lhs 21.3.0.pre.autoauth.1 → 22.1.1.pre

data/lib/lhs/concerns/record/request.rb

@@ -187,7 +187,7 @@ class LHS::Record
           options = extend_with_reference(options, reference)
           addition = load_include(options, data, sub_includes, reference)
           extend_raw_data!(data, addition, included)
-          expand_addition!(data, included, options) if no_expanded_data?(addition)
+          expand_addition!(data, included, options) unless expanded_data?(addition)
         end
       end
 
@@ -208,25 +208,21 @@ class LHS::Record
         options = extend_with_reference(options, reference.except(:url))
         record = record_for_options(options) || self
         options = convert_options_to_endpoints(options) if record_for_options(options)
-        expanded_data = begin
-          record.request(options)
-        rescue LHC::NotFound
-          LHS::Data.new({}, data, record)
-        end
+        expanded_data = record.request(options)
         extend_raw_data!(data, expanded_data, included)
       end
 
-      def no_expanded_data?(addition)
+      def expanded_data?(addition)
         return false if addition.blank?
         if addition.item?
-          (addition._raw.keys - [:href]).empty?
+          (addition._raw.keys - [:href]).any?
         elsif addition.collection?
           addition.all? do |item|
             next if item.blank?
             if item._raw.is_a?(Hash)
-              (item._raw.keys - [:href]).empty?
+              (item._raw.keys - [:href]).any?
             elsif item._raw.is_a?(Array)
-              item.any? { |item| (item._raw.keys - [:href]).empty? }
+              item.any? { |item| (item._raw.keys - [:href]).any? }
             end
           end
         end
@@ -351,15 +347,11 @@ class LHS::Record
       def load_include(options, data, sub_includes, references)
         record = record_for_options(options) || self
         options = convert_options_to_endpoints(options) if record_for_options(options)
-        begin
-          prepare_options_for_include_request!(options, sub_includes, references)
-          if references && references[:all] # include all linked resources
-            load_include_all!(options, record, sub_includes, references)
-          else # simply request first page/batch
-            load_include_simple!(options, record)
-          end
-        rescue LHC::NotFound
-          LHS::Data.new({}, data, record)
+        prepare_options_for_include_request!(options, sub_includes, references)
+        if references && references[:all] # include all linked resources
+          load_include_all!(options, record, sub_includes, references)
+        else # simply request first page/batch
+          load_include_simple!(options, record)
         end
       end
 
@@ -522,19 +514,24 @@ class LHS::Record
       end
 
       def inject_interceptors!(options)
-        inject_interceptor!(
-          options,
-          LHS::Interceptors::RequestCycleCache::Interceptor,
-          LHC::Caching,
-          "[WARNING] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#caching-interceptor)!"
-        ) if LHS.config.request_cycle_cache_enabled
-
-        inject_interceptor!(
-          options,
-          LHS::Interceptors::AutoOauth::Interceptor,
-          LHC::Auth, 
-          "[WARNING] Can't enable auto oauth as LHC::Auth interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#authentication-interceptor)!"
-        ) if self.auto_oauth?
+        if LHS.config.request_cycle_cache_enabled
+          inject_interceptor!(
+            options,
+            LHS::Interceptors::RequestCycleCache::Interceptor,
+            LHC::Caching,
+            "[WARNING] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#caching-interceptor)!"
+          )
+        end
+
+        endpoint = find_endpoint(options[:params], options.fetch(:url, nil))
+        if auto_oauth? || (endpoint.options&.dig(:oauth) && LHS.config.auto_oauth) || options[:oauth]
+          inject_interceptor!(
+            options.merge!(record: self),
+            LHS::Interceptors::AutoOauth::Interceptor,
+            LHC::Auth,
+            "[WARNING] Can't enable auto oauth as LHC::Auth interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#authentication-interceptor)!"
+          )
+        end
       end
 
       def inject_interceptor!(options, interceptor, dependecy, warning)

data/lib/lhs/concerns/record/update.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'active_support'
+
+class LHS::Record
+
+  module Update
+    extend ActiveSupport::Concern
+
+    included do
+      class <<self
+        alias_method :update, :create
+        alias_method :update!, :create!
+      end
+    end
+  end
+end

data/lib/lhs/interceptors/auto_oauth/interceptor.rb

@@ -10,7 +10,22 @@ module LHS
       class Interceptor < LHC::Interceptor
 
         def before_request
-          request.options[:auth] = { bearer: LHS::Interceptors::AutoOauth::ThreadRegistry.access_token }
+          request.options[:auth] = { bearer: token }
+        end
+
+        def tokens
+          @tokens ||= LHS::Interceptors::AutoOauth::ThreadRegistry.access_token
+        end
+
+        def token
+          if tokens.is_a?(Hash)
+            tokens.dig(
+              request.options[:oauth] ||
+              request.options[:record]&.auto_oauth
+            )
+          else
+            tokens
+          end
         end
       end
     end

data/lib/lhs/record.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class LHS::Record
+  autoload :AttributeAssignment,
+    'lhs/concerns/record/attribute_assignment'
   autoload :Batch,
     'lhs/concerns/record/batch'
   autoload :Chainable,
@@ -45,9 +47,10 @@ class LHS::Record
     'lhs/concerns/record/scope'
   autoload :Tracing,
     'lhs/concerns/record/tracing'
-  autoload :AttributeAssignment,
-    'lhs/concerns/record/attribute_assignment'
+  autoload :Update,
+    'lhs/concerns/record/update'
 
+  include AttributeAssignment
   include Batch
   include Chainable
   include Configuration
@@ -72,7 +75,7 @@ class LHS::Record
   include Relations
   include Scope
   include Tracing
-  include AttributeAssignment
+  include Update
 
   delegate :_proxy, :_endpoint, :merge_raw!, :select, :becomes, :respond_to?, to: :_data
 

data/lib/lhs/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module LHS
-  VERSION = '21.3.0.pre.autoauth.1'
+  VERSION = '22.1.1.pre'
 end

data/spec/auto_oauth_spec.rb

@@ -6,6 +6,12 @@ describe 'Auto OAuth Authentication', type: :request, dummy_models: true do
 
   context 'without LHC::Auth interceptor enabled' do
 
+    before do
+      LHS.configure do |config|
+        config.auto_oauth = -> { access_token }
+      end
+    end
+
     it 'shows a warning that it can not perform auto authentication' do
       expect(lambda do
         get '/automatic_authentication/oauth'
@@ -16,36 +22,148 @@ describe 'Auto OAuth Authentication', type: :request, dummy_models: true do
   end
 
   context 'with LHC::Auth interceptor enabled' do
-    let(:record_request) do
-      stub_request(:get, "http://datastore/v2/records_with_oauth/1")
-        .with(
-          headers: { 'Authorization' => "Bearer #{ApplicationController::ACCESS_TOKEN}" }
-        ).to_return(status: 200, body: { name: 'Record' }.to_json)
-    end
 
-    let(:records_request) do
-      stub_request(:get, "http://datastore/v2/records_with_oauth?color=blue")
-        .with(
-          headers: { 'Authorization' => "Bearer #{ApplicationController::ACCESS_TOKEN}" }
-        ).to_return(status: 200, body: { items: [ { name: 'Record' } ] }.to_json)
-    end
+    context 'with only one auth provider' do
 
-    before do
-      LHC.configure do |config|
-        config.interceptors = [LHC::Auth]
+      let(:token) { ApplicationController::ACCESS_TOKEN }
+
+      let(:record_request) do
+        stub_request(:get, "http://datastore/v2/records_with_oauth/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      let(:records_request) do
+        stub_request(:get, "http://datastore/v2/records_with_oauth?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      before do
+        LHS.configure do |config|
+          config.auto_oauth = -> { access_token }
+        end
+        LHC.configure do |config|
+          config.interceptors = [LHC::Auth]
+        end
+        record_request
+        records_request
+      end
+
+      after do
+        LHC.config.reset
+      end
+
+      it 'applies OAuth credentials for the individual request automatically' do
+        get '/automatic_authentication/oauth'
+        expect(record_request).to have_been_requested
+        expect(records_request).to have_been_requested
       end
-      record_request
-      records_request
     end
 
-    after do
-      LHC.config.reset
+    context 'with multiple auth providers' do
+
+      before do
+        LHS.configure do |config|
+          config.auto_oauth = proc do
+            {
+              provider1: access_token_provider_1,
+              provider2: access_token_provider_2
+            }
+          end
+        end
+        LHC.configure do |config|
+          config.interceptors = [LHC::Auth]
+        end
+        record_request_provider_1
+        records_request_provider_2
+        records_request_per_endpoint_provider_1
+        record_request_per_endpoint_provider_2
+      end
+
+      let(:token) { ApplicationController::ACCESS_TOKEN }
+
+      let(:record_request_provider_1) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_1/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_1" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      let(:records_request_provider_2) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_2?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_2" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      let(:records_request_per_endpoint_provider_1) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_1" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      let(:record_request_per_endpoint_provider_2) do
+        stub_request(:get, "http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}_provider_2" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      after do
+        LHC.config.reset
+      end
+
+      it 'applies OAuth credentials for the individual request automatically no matter how many auth providers are configured ' do
+        get '/automatic_authentication/oauth_with_multiple_providers'
+        expect(record_request_provider_1).to have_been_requested
+        expect(records_request_provider_2).to have_been_requested
+        expect(records_request_per_endpoint_provider_1).to have_been_requested
+        expect(record_request_per_endpoint_provider_2).to have_been_requested
+      end
     end
 
-    it 'applies OAuth credentials for the individual request automatically' do
-      get '/automatic_authentication/oauth'
-      expect(record_request).to have_been_requested
-      expect(records_request).to have_been_requested
+    context 'with provider enabled for auto oauth' do
+
+      let(:token) { ApplicationController::ACCESS_TOKEN }
+
+      let(:record_request) do
+        stub_request(:get, "http://internalservice/v2/records/1")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { name: 'Record' }.to_json)
+      end
+
+      let(:records_request) do
+        stub_request(:get, "http://internalservice/v2/records?color=blue")
+          .with(
+            headers: { 'Authorization' => "Bearer #{token}" }
+          ).to_return(status: 200, body: { items: [{ name: 'Record' }] }.to_json)
+      end
+
+      before do
+        LHS.configure do |config|
+          config.auto_oauth = -> { access_token }
+        end
+        LHC.configure do |config|
+          config.interceptors = [LHC::Auth]
+        end
+        record_request
+        records_request
+      end
+
+      after do
+        LHC.config.reset
+      end
+
+      it 'applies OAuth credentials for the individual request automatically' do
+        get '/automatic_authentication/oauth_with_provider'
+        expect(record_request).to have_been_requested
+        expect(records_request).to have_been_requested
+      end
     end
   end
 end

data/spec/dummy/app/controllers/application_controller.rb

@@ -2,7 +2,7 @@
 
 class ApplicationController < ActionController::Base
   include LHS::OAuth
-  ACCESS_TOKEN = 'token-12345'.freeze
+  ACCESS_TOKEN = 'token-12345'
 
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
@@ -15,4 +15,12 @@ class ApplicationController < ActionController::Base
   def access_token
     ACCESS_TOKEN
   end
+
+  def access_token_provider_1
+    "#{ACCESS_TOKEN}_provider_1"
+  end
+
+  def access_token_provider_2
+    "#{ACCESS_TOKEN}_provider_2"
+  end
 end

data/spec/dummy/app/controllers/automatic_authentication_controller.rb

@@ -8,4 +8,22 @@ class AutomaticAuthenticationController < ApplicationController
       records: DummyRecordWithOauth.where(color: 'blue').as_json
     }
   end
+
+  def o_auth_with_multiple_providers
+    render json: {
+      record: DummyRecordWithMultipleOauthProviders1.find(1).as_json,
+      records: DummyRecordWithMultipleOauthProviders2.where(color: 'blue').as_json,
+      per_endpoint: {
+        record: DummyRecordWithMultipleOauthProvidersPerEndpoint.find(1).as_json,
+        records: DummyRecordWithMultipleOauthProvidersPerEndpoint.where(color: 'blue').as_json
+      }
+    }
+  end
+
+  def o_auth_with_provider
+    render json: {
+      record: DummyRecordWithAutoOauthProvider.find(1).as_json,
+      records: DummyRecordWithAutoOauthProvider.where(color: 'blue').as_json
+    }
+  end
 end

data/spec/dummy/app/models/dummy_record_with_auto_oauth_provider.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class DummyRecordWithAutoOauthProvider < Providers::InternalServices
+  endpoint 'http://internalservice/v2/records'
+  endpoint 'http://internalservice/v2/records/{id}'
+end

data/spec/dummy/app/models/dummy_record_with_multiple_oauth_providers1.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class DummyRecordWithMultipleOauthProviders1 < LHS::Record
+  oauth(:provider1)
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_1'
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_1/{id}'
+end

data/spec/dummy/app/models/dummy_record_with_multiple_oauth_providers2.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class DummyRecordWithMultipleOauthProviders2 < LHS::Record
+  oauth(:provider2)
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_2'
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_2/{id}'
+end

data/spec/dummy/app/models/dummy_record_with_multiple_providers_per_endpoint.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class DummyRecordWithMultipleOauthProvidersPerEndpoint < LHS::Record
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint', oauth: :provider1
+  endpoint 'http://datastore/v2/records_with_multiple_oauth_providers_per_endpoint/{id}', oauth: :provider2
+end

data/spec/dummy/app/models/providers/internal_services.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Providers
+  class InternalServices < LHS::Record
+    provider(oauth: true)
+  end
+end