maitre_d 0.3.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 1e79119958343605dabd87304c21e2e9c770711b
-  data.tar.gz: 4ed73d17abf94091dfb18e566984637699e8569a
+SHA256:
+  metadata.gz: 764dc0a04e766ea678f0bde9321fd3328dd98a138094a129f36845c409dfad27
+  data.tar.gz: ae4e4c87d345644f054f6b8ff2c56ede552d77ebe98012612f665a72dc31e520
 SHA512:
-  metadata.gz: 36feafdb16cd476413a95b34da6dfc675c43fa47772b04d6ec34117aeb71c42646556700920582689dda9fa845667451c93f8812408d340e14cd76eb5fe6cb3a
-  data.tar.gz: aa9b728329779092e8f1482e50db5dbfe45751cce6957135ec35f8d7f959b162cd55fbcd0e093db3534b7bf82249becbccdc3604981f217dc780b61b5d7c10bd
+  metadata.gz: c3a147e73fae54e2c366fd269aa1be216295e80dd909285b31e997501d592b2040591a8fc4e9204f4c034b7da36dc47cdcca89df2a07f0b089a0cb5e9102195a
+  data.tar.gz: 42b838f44359b580ef759979c7bf3fd67acfb477ffb6bc972b7ffe9585767ad09b1077619a01507bd358592020af2a01b5c17a784be9e3e3b29f37cb1e5c54e9

data/.travis.yml

@@ -1,4 +1,5 @@
 language: ruby
 rvm:
-  - 1.9.3
+  - 2.6.6
+  - 2.7.2
 script: bundle exec rspec spec

data/Gemfile

@@ -1,8 +1,3 @@
 source "http://rubygems.org"
 
 gemspec
-
-# Until a new Grape release is out:
-gem 'grape',
-  :git => 'git://github.com/intridea/grape.git',
-  :ref => '212c96cdfb253a59bc93790808c568e559d04468'

data/README.textile

@@ -1,71 +1,60 @@
 h1. Maître d'
 
-"!https://secure.travis-ci.org/flying-sphinx/maitre_d.png!":http://travis-ci.org/flying-sphinx/maitre_d
+"!https://secure.travis-ci.org/flying-sphinx/maitre_d.svg!":http://travis-ci.org/flying-sphinx/maitre_d
 
-Rack APIs powered by Grape for managing Heroku, CloudControl and Opperator add-ons. If used within a Rails application, it'll automatically be mounted as a Rails engine at the appropriate paths.
+Rack APIs powered by Sliver for managing Heroku add-ons.
 
 Maître d' manages all the authorisation checking for API requests and provides simple hooks for you to write just the code you need to handle provisioning, plan changes, deprovisioning and single-sign-on (SSO) requests.
 
 h2. Installing
 
-Add the following to your Gemfile - and take note that we need the git repository reference for Grape, as it includes some needed commits that aren't in the latest gem release.
+Add the following to your Gemfile:
 
-<pre><code>gem 'grape',
-  :git => 'git://github.com/intridea/grape.git',
-  :ref => '212c96cdfb253a59bc93790808c568e559d04468'
-gem 'maitre_d', '~> 0.1.2'</code></pre>
+<pre><code>gem 'maitre_d', '~> 0.7.0'</code></pre>
 
 h3. With Rails
 
-Because there's a Rails engine as part of Maître d', the API routing is set up automatically. Jump forward to the configuration and listener setup below.
+Add the Rack app to your routes file:
+
+<pre><code>mount MaitreD::API.new(MaitreD::Heroku) => '/heroku'</code></pre>
 
 h3. Without Rails
 
-This library provides two APIs as mountable Rack applications for you - so you'll want to mount them at the appropriate paths: @MaitreD::Heroku::API@ at @/heroku@, @MaitreD::CloudControl::API@ at @/cloudcontrol@, and/or @MaitreD::Opperator::API@ at @/opperator@.
+As shown above, you can use Maître d' Rack API, mounting them to wherever you see fit. Once upon a time Heroku expected its endpoints to be at /heroku, but now things are a little more flexible.
 
 h2. Configuration
 
 You'll need to provide Maître d' with the appropriate provider credentials - in a Rails app, this would go in an initializer, but for Rack/Sinatra apps just get the values set before the routing is defined.
 
-<pre><code>MaitreD::Heroku.configure do |config|
-  config.id       = 'addon-id'
-  config.password = 'random'
-  config.sso_salt = 'gibberish'
-  config.listener = HerokuListener
-end
+<pre><code>require 'maitre_d/heroku'
 
-MaitreD::CloudControl.configure do |config|
+MaitreD::Heroku.configure do |config|
   config.id       = 'addon-id'
   config.password = 'random'
   config.sso_salt = 'gibberish'
-  config.listener = CloudControlListener
-end
-
-MaitreD::Opperator.configure do |config|
-  config.shared_secret = 'something-special'
-  config.listener      = OpperatorListener
+  config.listener = HerokuListener
 end</code></pre>
 
-The listeners that are mentioned in the code above are classes, which will handle valid API requests. Read on for more details on how to set them up.
+The listener that is mentioned in the code above is a class, which will handle valid API requests. Read on for more details on how to set them up.
 
-h2. Heroku Listener
+h2. Listeners
 
-Your Heroku listener class should handle the following four methods:
+Your listener class should handle the following four methods:
 
-h3. @provision(heroku_id, plan, region, callback_url, logplex_token, options)@
+h3. @provision(params)@
 
-This gets called when Heroku's requesting an app be provisioned within your service, and expects a hash to be returned with the following keys:
+This gets called when the provider is requesting an app be provisioned within your service, and expects a hash to be returned with the following keys:
 
 <dl>
   <dt><code>id</code></dt>
-  <dd>Your local resource id, which Heroku will use in related requests (to change plans, deprovision or initialise single-sign-on).</dd>
+  <dd>Your local resource id, which the provider will use in related requests (to change plans, deprovision or initialise single-sign-on).</dd>
   <dt><code>config</code></dt>
   <dd>A hash of the newly provisioned resource's configuration values (that are provided as environment variables to the app in question).</dd>
   <dt><code>message</code></dt>
   <dd>An optional message that will be displayed when your add-on is added via the command-line.</dd>
 </dl>
 
-h3. @plan_change(resource_id, heroku_id, plan)@
+h3. @plan_change(resource_id, plan)@
 
 This gets called when an app is upgrading or downgrading from their current plan. You need to return a hash with the following keys:
 
@@ -94,13 +83,13 @@ Maître d' will check the token and timestamp provided, and sets up the nav-data
 Here's a very basic example:
 
 <pre><code>class HerokuListener
-  def provision(heroku_id, plan, region, callback_url, logplex_token, options)
-    plan   = Plan.find_by_name plan
+  def provision(params)
+    plan   = Plan.find_by_name params["plan"]
     widget = Widget.create(
-      :heroku_id    => heroku_id,
-      :callback_url => callback_url,
+      :heroku_id    => params["uuid"],
+      :callback_url => params["callback_url"],
       :plan         => plan,
-      :region       => region
+      :region       => params["region"]
     )
 
     {
@@ -110,9 +99,9 @@ Here's a very basic example:
     }
   end
 
-  def plan_change(resource_id, heroku_id, plan)
+  def plan_change(resource_id, plan)
     plan   = Plan.find_by_name plan
-    widget = Widget.find resource_id
+    widget = Widget.find_by! heroku_id: resource_id
     widget.plan = plan
     widget.save
 
@@ -120,12 +109,12 @@ Here's a very basic example:
   end
 
   def deprovision(resource_id)
-    widget = Widget.find resource_id
+    widget = Widget.find_by! heroku_id: resource_id
     widget.destroy
   end
 
   def single_sign_on(resource_id)
-    widget = Widget.find resource_id
+    widget = Widget.find_by! heroku_id: resource_id
 
     {
       :uri     => '/my/dashboard',
@@ -136,14 +125,6 @@ end</code></pre>
 
 You can have the listener class wherever you like - as long as it's available within the context of your Rails/Rack site, it'll work as expected.
 
-h2. CloudControl Listener
-
-CloudControl is pretty much the same as Heroku - it has the same expectations for a listener, so perhaps you can use the same class if you like. Anything that Heroku sends through as the heroku_id becomes cloudcontrol_id - but that's just a matter of treating the given parameter appropriately.
-
-h2. Opperator Listener
-
-This listener is currently in progress as the Opperator API is established.
-
 h2. Contributing
 
 Contributions are very much welcome - but keep in mind the following:
@@ -154,4 +135,4 @@ Contributions are very much welcome - but keep in mind the following:
 
 h2. Credits
 
-Copyright (c) 2011-2012, Maître d' is developed and maintained by Pat Allan, and is released under the open MIT Licence.
+Copyright (c) 2011-2020, Maître d' is developed and maintained by Pat Allan, and is released under the open MIT Licence.

data/addon-manifest.json

@@ -2,9 +2,16 @@
   "id": "foo",
   "api": {
     "config_vars": [ "FOO_PROVISIONED" ],
-    "password": "bar",
-    "sso_salt": "sea salt",
-    "production": "https://yourapp.com/",
-    "test": "http://localhost:9292/"
+    "regions": [ "us" ],
+    "password": "056e8ff3d55ea6e1a7cc4aa7afeaf3ac",
+    "sso_salt": "db0ce73d4bd2dfa1d66c713a9aaf8f76",
+    "production": {
+      "base_url": "https://yourapp.com/heroku/resources",
+      "sso_url": "https://yourapp.com/sso/login"
+    },
+    "test": {
+      "base_url": "http://localhost:9292/heroku/resources",
+      "sso_url": "http://localhost:9292/heroku/resources/sso"
+    }
   }
 }

data/lib/maitre_d.rb

@@ -1,11 +1,7 @@
-require 'grape'
+require 'sliver'
+require 'multi_json'
 
 module MaitreD
 end
 
-require 'maitre_d/broadstack'
-require 'maitre_d/heroku'
-require 'maitre_d/cloud_control'
-require 'maitre_d/opperator'
-
-require 'maitre_d/engine' if defined?(Rails)
+require 'maitre_d/api'

data/lib/maitre_d/api.rb

@@ -0,0 +1,32 @@
+class MaitreD::API
+  def initialize(configuration)
+    @configuration = configuration
+  end
+
+  def call(environment)
+    environment['maitre_d.configuration'] = configuration
+
+    endpoints.call environment
+  end
+
+  private
+
+  attr_reader :configuration
+
+  def endpoints
+    @endpoints ||= Sliver::API.new do |api|
+      api.connect :post,   '/resources/sso',   MaitreD::API::SSO
+      api.connect :post,   '/resources',       MaitreD::API::Create
+      api.connect :put,    %r{/resources/\d+}, MaitreD::API::ChangePlan
+      api.connect :delete, %r{/resources/\d+}, MaitreD::API::Delete
+    end
+  end
+end
+
+require 'maitre_d/api/authentication_guard'
+require 'maitre_d/api/authenticated'
+require 'maitre_d/api/change_plan'
+require 'maitre_d/api/create'
+require 'maitre_d/api/delete'
+require 'maitre_d/api/sso_guard'
+require 'maitre_d/api/sso'

data/lib/maitre_d/api/authenticated.rb

@@ -0,0 +1,30 @@
+class MaitreD::API::Authenticated
+  include Sliver::Action
+
+  def self.guards
+    [MaitreD::API::AuthenticationGuard]
+  end
+
+  def call
+    response.body     = [MultiJson.dump(response.body)]
+    response.status ||= 200
+  end
+
+  def configuration
+    environment['maitre_d.configuration']
+  end
+
+  private
+
+  def listener
+    configuration.listener.new
+  end
+
+  def params
+    @params ||= MultiJson.load request.body.read
+  end
+
+  def provider_id
+    configuration.provider_id_from params
+  end
+end

data/lib/maitre_d/api/authentication_guard.rb

@@ -0,0 +1,25 @@
+class MaitreD::API::AuthenticationGuard < Sliver::Hook
+  def continue?
+    valid_authorization?
+  end
+
+  def respond
+    response.status = 401
+    response.body   = ['401 Unauthorized']
+    response.headers['Content-Length'] = response.body.first.length.to_s
+  end
+
+  private
+
+  def expected_credentials
+    "#{action.configuration.id}:#{action.configuration.password}"
+  end
+
+  def provided_credentials
+    Base64.decode64 action.request.env['HTTP_AUTHORIZATION'].gsub(/^Basic /, '')
+  end
+
+  def valid_authorization?
+    provided_credentials == expected_credentials
+  end
+end

data/lib/maitre_d/api/change_plan.rb

@@ -0,0 +1,15 @@
+class MaitreD::API::ChangePlan < MaitreD::API::Authenticated
+  def call
+    response.body = listener.plan_change(
+      resource_id, params['plan']
+    )
+
+    super
+  end
+
+  private
+
+  def resource_id
+    request.path[%r{resources/([\w-]+)}, 1]
+  end
+end

data/lib/maitre_d/api/create.rb

@@ -0,0 +1,7 @@
+class MaitreD::API::Create < MaitreD::API::Authenticated
+  def call
+    response.body = listener.provision(params)
+
+    super
+  end
+end

data/lib/maitre_d/api/delete.rb

@@ -0,0 +1,13 @@
+class MaitreD::API::Delete < MaitreD::API::Authenticated
+  def call
+    response.body = listener.deprovision resource_id
+
+    super
+  end
+
+  private
+
+  def resource_id
+    request.path[%r{resources/([\w-]+)}, 1]
+  end
+end

data/lib/maitre_d/api/sso.rb

@@ -0,0 +1,45 @@
+class MaitreD::API::SSO
+  include Sliver::Action
+
+  def self.guards
+    [MaitreD::API::SSOGuard]
+  end
+
+  def call
+    hash = listener.single_sign_on params['resource_id']
+
+    hash[:session] ||= {}
+    hash[:session].each { |key, value| session[key] = value }
+
+    if environment['action_dispatch.cookies']
+      environment['action_dispatch.cookies']['heroku-nav-data'] =
+        params['nav-data']
+    else
+      Rack::Utils.set_cookie_header! response.headers, 'heroku-nav-data',
+        :value => params['nav-data']
+    end
+
+    response.status    = 302
+    response.body      = ["Redirect to #{hash[:uri]}"]
+    response.headers ||= {}
+    response.headers['Location'] = hash[:uri]
+  end
+
+  def configuration
+    environment['maitre_d.configuration']
+  end
+
+  private
+
+  def listener
+    configuration.listener.new
+  end
+
+  def params
+    request.params
+  end
+
+  def session
+    environment['rack.session'] ||= {}
+  end
+end

data/lib/maitre_d/api/sso_guard.rb

@@ -0,0 +1,31 @@
+class MaitreD::API::SSOGuard < Sliver::Hook
+  def continue?
+    valid_token? && valid_timestamp?
+  end
+
+  def respond
+    response.status = 403
+    response.body   = ['403 Forbidden']
+    response.headers['Content-Length'] = response.body.first.length.to_s
+  end
+
+  private
+
+  def expected_token
+    @expected_token ||= Digest::SHA1.hexdigest(
+      "#{params['resource_id']}:#{action.configuration.sso_salt}:#{params['timestamp']}"
+    ).to_s
+  end
+
+  def params
+    action.request.params
+  end
+
+  def valid_timestamp?
+    params['timestamp'].to_i >= (Time.now - 5*60).to_i
+  end
+
+  def valid_token?
+    expected_token == params['resource_token']
+  end
+end

data/lib/maitre_d/heroku.rb

@@ -34,8 +34,8 @@ module MaitreD::Heroku
   def self.sso_salt=(salt)
     @sso_salt = salt
   end
-end
 
-require 'maitre_d/heroku/api_helpers'
-require 'maitre_d/heroku/api'
-require 'maitre_d/heroku/listener'
+  def self.provider_id_from(params)
+    params['heroku_id']
+  end
+end