lhs 21.2.4 → 21.3.0.pre.autoauth.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d29a70798d8ce33c3fbd253465123d32fe2fd4a97e213a9f3cdce1350e45bd85
-  data.tar.gz: 50d2cd571874e523de51ed9652d4faec1406087e69940ee87f4941f5d416e9b4
+  metadata.gz: a8391f6f7e78b219c2f48ca87b7f160a28feab0f5e113553a41b339d8f3b72df
+  data.tar.gz: 30e48a8d78cca4d1ed76595cfd72c90bda2cfd77873590254bdf92685df97df1
 SHA512:
-  metadata.gz: a6fcfc2a0507d730e88045b0489d0f463bcff6235fe5a10cafdbd6c3560ae0e561479f3f2ae766ef7495be8c8e6d0efbce2636f468ae98a488d413ece8d6ca75
-  data.tar.gz: c7c48a2130f9cf32de2fdc657f0ba3b50b71e10b062a297797b383b0c5f2fd9cbdf1a9023237dcf1ca44c9f822ec3dd25ef3180a9915c166850477592c623b48
+  metadata.gz: 00f6961b5546311a919830c913153ecfcbbbeec7a67079db66284ec9280caa6656ea023db44945b0387a0cf02b372736e20632318315f0b3d87811ded26f6aa8
+  data.tar.gz: 56c2dd947ba8c5b82800997198c7185bc4d331195d3d1040b779431569ece6bed89eb6822d98bf80aa880482e176f6337cf98518ee176c951363644ce01c2d64

data/README.md

@@ -2444,6 +2444,66 @@ LHS.configure do |config|
 end
 ```
 
+## Automatic Authentication (OAuth)
+
+LHS provides a way to have records automatically fetch and use OAuth authentication when performing requests within Rails.
+
+In order to enable automatic oauth authentication, perform the following steps:
+
+1. Make sure LHS is configured to perform `auto_oauth`. Provide a block that when executed in the controller context returns a valid access_token/bearer_token.
+```ruby
+# config/initializers/lhs.rb
+
+LHS.configure do |config|
+  config.auto_oauth = -> { access_token }
+end
+```
+
+2. Opt-in records requiring oauth authentication:
+
+```ruby
+# app/models/record.rb
+
+class Record < LHS::Record
+  oauth
+  # ...
+end
+```
+
+3. Include the `LHS::OAuth` context into your application controller:
+
+```ruby
+# app/controllers/application_controller.rb
+
+class ApplicationController < ActionController::Base
+  include LHS::OAuth
+
+  # ...
+end
+```
+
+4. Make sure you have the `LHC::Auth` interceptor enabled:
+
+```ruby
+# config/initializers/lhc.rb
+
+LHC.configure do |config|
+  config.interceptors = [LHC::Auth]
+end
+```
+
+Now you can perform requests based on the record that will be auto authenticated from now on:
+
+```ruby
+# app/controllers/some_controller.rb
+
+Record.find(1)
+```
+```
+https://records/1
+Authentication: 'Bearer token-12345'
+```
+
 ## Option Blocks
 
 In order to apply options to all requests performed in a give block, LHS provides option blocks.

data/lib/lhs.rb

@@ -22,6 +22,12 @@ module LHS
   autoload :Inspect,
     'lhs/concerns/inspect'
   module Interceptors
+    module AutoOauth
+      autoload :ThreadRegistry,
+        'lhs/interceptors/auto_oauth/thread_registry'
+      autoload :Interceptor,
+        'lhs/interceptors/auto_oauth/interceptor'
+    end
     module RequestCycleCache
       autoload :ThreadRegistry,
         'lhs/interceptors/request_cycle_cache/thread_registry'
@@ -41,6 +47,8 @@ module LHS
     'lhs/concerns/is_href'
   autoload :Item,
     'lhs/item'
+  autoload :OAuth,
+    'lhs/concerns/o_auth.rb'
   autoload :OptionBlocks,
     'lhs/concerns/option_blocks'
   autoload :Pagination,

data/lib/lhs/concerns/o_auth.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'active_support'
+
+module LHS
+  module OAuth
+    extend ActiveSupport::Concern
+
+    included do
+      prepend_before_action :lhs_store_oauth_access_token
+    end
+
+    private
+
+    def lhs_store_oauth_access_token
+      lhs_check_auto_oauth_enabled!
+      LHS::Interceptors::AutoOauth::ThreadRegistry.access_token = instance_exec(&LHS.config.auto_oauth)
+    end
+
+    def lhs_check_auto_oauth_enabled!
+      return if LHS.config.auto_oauth.present? && LHS.config.auto_oauth.is_a?(Proc)
+      raise 'You have to enable LHS.config.auto_oauth by passing a proc returning an access token!'
+    end
+  end
+end

data/lib/lhs/concerns/record/configuration.rb

@@ -13,7 +13,15 @@ class LHS::Record
 
     module ClassMethods
       def configuration(args)
-        @configuration = args.freeze || {}
+        @configuration = args || {}
+      end
+
+      def auto_oauth?
+        LHS.config.auto_oauth && @configuration && @configuration.fetch(:auto_oauth, false)
+      end
+
+      def oauth
+        @configuration.present? ? @configuration.merge!(auto_oauth: true) : configuration(auto_oauth: true)
       end
 
       def item_key

data/lib/lhs/concerns/record/request.rb

@@ -517,20 +517,34 @@ class LHS::Record
         options[:url] = compute_url!(options[:params]) unless options.key?(:url)
         merge_explicit_params!(options[:params])
         options.delete(:params) if options[:params]&.empty?
-        inject_request_cycle_cache!(options)
+        inject_interceptors!(options)
         options
       end
 
-      # Injects options into request, that enable the request cycle cache interceptor
-      def inject_request_cycle_cache!(options)
-        return unless LHS.config.request_cycle_cache_enabled
+      def inject_interceptors!(options)
+        inject_interceptor!(
+          options,
+          LHS::Interceptors::RequestCycleCache::Interceptor,
+          LHC::Caching,
+          "[WARNING] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#caching-interceptor)!"
+        ) if LHS.config.request_cycle_cache_enabled
+
+        inject_interceptor!(
+          options,
+          LHS::Interceptors::AutoOauth::Interceptor,
+          LHC::Auth, 
+          "[WARNING] Can't enable auto oauth as LHC::Auth interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/README.md#authentication-interceptor)!"
+        ) if self.auto_oauth?
+      end
+
+      def inject_interceptor!(options, interceptor, dependecy, warning)
         interceptors = options[:interceptors] || LHC.config.interceptors
-        if interceptors.include?(LHC::Caching)
+        if interceptors.include?(dependecy)
           # Ensure interceptor is prepend
-          interceptors = interceptors.unshift(LHS::Interceptors::RequestCycleCache::Interceptor)
+          interceptors = interceptors.unshift(interceptor)
           options[:interceptors] = interceptors
         else
-          warn("[WARNING] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured (see https://github.com/local-ch/lhc/blob/master/docs/interceptors/caching.md#caching-interceptor)!")
+          warn(warning)
         end
       end
 

data/lib/lhs/config.rb

@@ -5,7 +5,7 @@ require 'singleton'
 class LHS::Config
   include Singleton
 
-  attr_accessor :request_cycle_cache_enabled, :request_cycle_cache, :trace
+  attr_accessor :request_cycle_cache_enabled, :request_cycle_cache, :trace, :auto_oauth
 
   def initialize
     self.request_cycle_cache_enabled ||= true

data/lib/lhs/interceptors/auto_oauth/interceptor.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'active_support'
+
+module LHS
+  module Interceptors
+    module AutoOauth
+      extend ActiveSupport::Concern
+
+      class Interceptor < LHC::Interceptor
+
+        def before_request
+          request.options[:auth] = { bearer: LHS::Interceptors::AutoOauth::ThreadRegistry.access_token }
+        end
+      end
+    end
+  end
+end

data/lib/lhs/interceptors/auto_oauth/thread_registry.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'active_support'
+require 'active_support/per_thread_registry'
+
+module LHS
+  module Interceptors
+    module AutoOauth
+      extend ActiveSupport::Concern
+      class ThreadRegistry
+        # Using ActiveSupports PerThreadRegistry to be able to support Active Support v4.
+        # Will switch to thread_mattr_accessor (which comes with Activesupport) when we dropping support for Active Support v4.
+        extend ActiveSupport::PerThreadRegistry
+        attr_accessor :access_token
+      end
+    end
+  end
+end

data/lib/lhs/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module LHS
-  VERSION = '21.2.4'
+  VERSION = '21.3.0.pre.autoauth.1'
 end

data/spec/auto_oauth_spec.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'Auto OAuth Authentication', type: :request, dummy_models: true do
+
+  context 'without LHC::Auth interceptor enabled' do
+
+    it 'shows a warning that it can not perform auto authentication' do
+      expect(lambda do
+        get '/automatic_authentication/oauth'
+      end).to output(
+        %r{\[WARNING\] Can't enable auto oauth as LHC::Auth interceptor is not enabled\/configured \(see https://github.com/local-ch/lhc/blob/master/README.md#authentication-interceptor\)!}
+      ).to_stderr
+    end
+  end
+
+  context 'with LHC::Auth interceptor enabled' do
+    let(:record_request) do
+      stub_request(:get, "http://datastore/v2/records_with_oauth/1")
+        .with(
+          headers: { 'Authorization' => "Bearer #{ApplicationController::ACCESS_TOKEN}" }
+        ).to_return(status: 200, body: { name: 'Record' }.to_json)
+    end
+
+    let(:records_request) do
+      stub_request(:get, "http://datastore/v2/records_with_oauth?color=blue")
+        .with(
+          headers: { 'Authorization' => "Bearer #{ApplicationController::ACCESS_TOKEN}" }
+        ).to_return(status: 200, body: { items: [ { name: 'Record' } ] }.to_json)
+    end
+
+    before do
+      LHC.configure do |config|
+        config.interceptors = [LHC::Auth]
+      end
+      record_request
+      records_request
+    end
+
+    after do
+      LHC.config.reset
+    end
+
+    it 'applies OAuth credentials for the individual request automatically' do
+      get '/automatic_authentication/oauth'
+      expect(record_request).to have_been_requested
+      expect(records_request).to have_been_requested
+    end
+  end
+end

data/spec/dummy/app/controllers/application_controller.rb

@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 
 class ApplicationController < ActionController::Base
+  include LHS::OAuth
+  ACCESS_TOKEN = 'token-12345'.freeze
+
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
@@ -8,4 +11,8 @@ class ApplicationController < ActionController::Base
   def root
     render nothing: true
   end
+
+  def access_token
+    ACCESS_TOKEN
+  end
 end

data/spec/dummy/app/controllers/automatic_authentication_controller.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class AutomaticAuthenticationController < ApplicationController
+
+  def o_auth
+    render json: {
+      record: DummyRecordWithOauth.find(1).as_json,
+      records: DummyRecordWithOauth.where(color: 'blue').as_json
+    }
+  end
+end

data/spec/dummy/app/models/dummy_record_with_oauth.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class DummyRecordWithOauth < LHS::Record
+  oauth
+  endpoint 'http://datastore/v2/records_with_oauth'
+  endpoint 'http://datastore/v2/records_with_oauth/{id}'
+end

data/spec/dummy/config/initializers/lhs.rb

@@ -0,0 +1,3 @@
+LHS.configure do |config|
+  config.auto_oauth = -> { access_token }
+end

data/spec/dummy/config/routes.rb

@@ -3,6 +3,9 @@
 Rails.application.routes.draw do
   root 'application#root'
 
+  # Automatic Authentication
+  get 'automatic_authentication/oauth' => 'automatic_authentication#o_auth'
+
   # Request Cycle Cache
   get 'request_cycle_cache/simple' => 'request_cycle_cache#simple'
   get 'request_cycle_cache/no_caching_interceptor' => 'request_cycle_cache#no_caching_interceptor'

data/spec/record/error_handling_integration_spec.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require 'rails_helper'
-require 'lhc/test/cache_helper.rb'
+require 'lhc/rspec'
 
 describe 'Error handling with chains', type: :request do
   let!(:request) do

data/spec/request_cycle_cache_spec.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require 'rails_helper'
-require 'lhc/test/cache_helper.rb'
+require 'lhc/rspec'
 
 describe 'Request Cycle Cache', type: :request do
   let!(:request) do
@@ -37,7 +37,7 @@ describe 'Request Cycle Cache', type: :request do
     expect(lambda do
       get '/request_cycle_cache/no_caching_interceptor'
     end).to output(
-      %r{\[WARNING\] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured \(see https://github.com/local-ch/lhc/blob/master/docs/interceptors/caching.md#caching-interceptor\)!}
+      %r{\[WARNING\] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured \(see https://github.com/local-ch/lhc/blob/master/README.md#caching-interceptor\)!}
     ).to_stderr
     expect(request).to have_been_made.times(2)
   end
@@ -70,7 +70,7 @@ describe 'Request Cycle Cache', type: :request do
       expect(lambda do
         get '/request_cycle_cache/no_caching_interceptor'
       end).not_to output(
-        %r{\[WARNING\] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured \(see https://github.com/local-ch/lhc/blob/master/docs/interceptors/caching.md#caching-interceptor\)!}
+        %r{\[WARNING\] Can't enable request cycle cache as LHC::Caching interceptor is not enabled/configured \(see https://github.com/local-ch/lhc/blob/master/README.md#caching-interceptor\)!}
       ).to_stderr
       expect(request).to have_been_made.times(2)
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lhs
 version: !ruby/object:Gem::Version
-  version: 21.2.4
+  version: 21.3.0.pre.autoauth.1
 platform: ruby
 authors:
 - https://github.com/local-ch/lhs/graphs/contributors
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-04-20 00:00:00.000000000 Z
+date: 2020-06-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -283,6 +283,7 @@ files:
 - lib/lhs/concerns/item/save.rb
 - lib/lhs/concerns/item/update.rb
 - lib/lhs/concerns/item/validation.rb
+- lib/lhs/concerns/o_auth.rb
 - lib/lhs/concerns/option_blocks.rb
 - lib/lhs/concerns/proxy/accessors.rb
 - lib/lhs/concerns/proxy/create.rb
@@ -314,6 +315,8 @@ files:
 - lib/lhs/config.rb
 - lib/lhs/data.rb
 - lib/lhs/endpoint.rb
+- lib/lhs/interceptors/auto_oauth/interceptor.rb
+- lib/lhs/interceptors/auto_oauth/thread_registry.rb
 - lib/lhs/interceptors/extended_rollbar/handler.rb
 - lib/lhs/interceptors/extended_rollbar/interceptor.rb
 - lib/lhs/interceptors/extended_rollbar/thread_registry.rb
@@ -340,6 +343,7 @@ files:
 - lib/lhs/version.rb
 - script/ci/build.sh
 - spec/.DS_Store
+- spec/auto_oauth_spec.rb
 - spec/autoloading_spec.rb
 - spec/collection/accessors_spec.rb
 - spec/collection/collection_items_spec.rb
@@ -372,6 +376,7 @@ files:
 - spec/dummy/app/assets/javascripts/application.js
 - spec/dummy/app/assets/stylesheets/application.css
 - spec/dummy/app/controllers/application_controller.rb
+- spec/dummy/app/controllers/automatic_authentication_controller.rb
 - spec/dummy/app/controllers/concerns/.keep
 - spec/dummy/app/controllers/error_handling_with_chains_controller.rb
 - spec/dummy/app/controllers/extended_rollbar_controller.rb
@@ -383,6 +388,7 @@ files:
 - spec/dummy/app/models/concerns/.keep
 - spec/dummy/app/models/dummy_customer.rb
 - spec/dummy/app/models/dummy_record.rb
+- spec/dummy/app/models/dummy_record_with_oauth.rb
 - spec/dummy/app/models/dummy_user.rb
 - spec/dummy/app/models/providers/customer_system.rb
 - spec/dummy/app/views/error_handling_with_chains/error.html.erb
@@ -404,6 +410,7 @@ files:
 - spec/dummy/config/initializers/cookies_serializer.rb
 - spec/dummy/config/initializers/filter_parameter_logging.rb
 - spec/dummy/config/initializers/inflections.rb
+- spec/dummy/config/initializers/lhs.rb
 - spec/dummy/config/initializers/mime_types.rb
 - spec/dummy/config/initializers/rollbar.rb
 - spec/dummy/config/initializers/session_store.rb
@@ -548,9 +555,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements:
 - Ruby >= 2.3.0
 rubygems_version: 3.0.6
@@ -559,6 +566,7 @@ specification_version: 4
 summary: 'REST services accelerator: Rails gem providing an easy, active-record-like
   interface for http (hypermedia) json services'
 test_files:
+- spec/auto_oauth_spec.rb
 - spec/autoloading_spec.rb
 - spec/collection/accessors_spec.rb
 - spec/collection/collection_items_spec.rb
@@ -591,6 +599,7 @@ test_files:
 - spec/dummy/app/assets/javascripts/application.js
 - spec/dummy/app/assets/stylesheets/application.css
 - spec/dummy/app/controllers/application_controller.rb
+- spec/dummy/app/controllers/automatic_authentication_controller.rb
 - spec/dummy/app/controllers/concerns/.keep
 - spec/dummy/app/controllers/error_handling_with_chains_controller.rb
 - spec/dummy/app/controllers/extended_rollbar_controller.rb
@@ -602,6 +611,7 @@ test_files:
 - spec/dummy/app/models/concerns/.keep
 - spec/dummy/app/models/dummy_customer.rb
 - spec/dummy/app/models/dummy_record.rb
+- spec/dummy/app/models/dummy_record_with_oauth.rb
 - spec/dummy/app/models/dummy_user.rb
 - spec/dummy/app/models/providers/customer_system.rb
 - spec/dummy/app/views/error_handling_with_chains/error.html.erb
@@ -623,6 +633,7 @@ test_files:
 - spec/dummy/config/initializers/cookies_serializer.rb
 - spec/dummy/config/initializers/filter_parameter_logging.rb
 - spec/dummy/config/initializers/inflections.rb
+- spec/dummy/config/initializers/lhs.rb
 - spec/dummy/config/initializers/mime_types.rb
 - spec/dummy/config/initializers/rollbar.rb
 - spec/dummy/config/initializers/session_store.rb