maitre_d 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f3c4e61ea06b3875e6b2a365f0acabad42b242a9
-  data.tar.gz: 3767ddfb5f8b6e7d2f044ba6b978a4a9eb88b58e
+  metadata.gz: b27a7d6903d91dea29a32af183b05a2b87689190
+  data.tar.gz: 511c60706f0fd6d560d8930afb2eeac0815bb33e
 SHA512:
-  metadata.gz: e4c934c994c138437397a82f584a25e2631aaea6182b09a97d2a1952f1c0687894750d48e79b44b7ae863ce92cfb260de731cbd26d9d310d7f72bfee5a84e566
-  data.tar.gz: 184847e1566082599f09efead691839955baca8f6100b0472b4c1a09b880d20089a9982c07a3614e34c6b445594d5ebacda971ba1424d14f2309c6305442fe2d
+  metadata.gz: 894af66d98c2dd376de02fd6925d330fad5dc40c1dc223e0c06bc470c67120c6f1a68ae685b4f8b6987f5a372a85c739b27e4216be447a77fef71db4f9625d13
+  data.tar.gz: d01c6f9f505f9fe2a129ffac826eebb074139cfa678a0cc0a6eca961b6094d12590cf0b88b56b4b0ce936416400d94302fe7edc74870da9bf469910d4c0a4a3b

data/.travis.yml

@@ -1,4 +1,5 @@
 language: ruby
 rvm:
   - 1.9.3
+  - 2.2.0
 script: bundle exec rspec spec

data/Gemfile

@@ -1,8 +1,3 @@
 source "http://rubygems.org"
 
 gemspec
-
-# Until a new Grape release is out:
-gem 'grape',
-  :git => 'git://github.com/intridea/grape.git',
-  :ref => '212c96cdfb253a59bc93790808c568e559d04468'

data/README.textile

@@ -2,31 +2,28 @@ h1. Maître d'
 
 "!https://secure.travis-ci.org/flying-sphinx/maitre_d.png!":http://travis-ci.org/flying-sphinx/maitre_d
 
-Rack APIs powered by Grape for managing Heroku, CloudControl and Opperator add-ons.
+Rack APIs powered by Grape for managing Heroku and CloudControl add-ons.
 
 Maître d' manages all the authorisation checking for API requests and provides simple hooks for you to write just the code you need to handle provisioning, plan changes, deprovisioning and single-sign-on (SSO) requests.
 
 h2. Installing
 
-Add the following to your Gemfile - and take note that we need the git repository reference for Grape, as it includes some needed commits that aren't in the latest gem release.
+Add the following to your Gemfile:
 
-<pre><code>gem 'grape',
-  :git => 'git://github.com/intridea/grape.git',
-  :ref => '212c96cdfb253a59bc93790808c568e559d04468'
-gem 'maitre_d', '~> 0.4.0'</code></pre>
+<pre><code>gem 'maitre_d', '~> 0.5.0'</code></pre>
 
 h3. With Rails
 
 Add the appropriate Rack apps to your routes file:
 
-<pre><code>mount MaitreD::Broadstack::API   => '/broadstack'
-mount MaitreD::Heroku::API       => '/heroku'
-mount MaitreD::CloudControl::API => '/cloudcontrol'
-mount MaitreD::Opperator::API    => '/opperator'</code></pre>
+<pre><code># if you're supporting Heroku
+mount MaitreD::API.new(MaitreD::Heroku)       => '/heroku'
+# if you're supporting CloudControl
+mount MaitreD::API.new(MaitreD::CloudControl) => '/cloudcontrol'</code></pre>
 
 h3. Without Rails
 
-This library provides two APIs as mountable Rack applications for you - so you'll want to mount them at the appropriate paths: @MaitreD::Heroku::API@ at @/heroku@, @MaitreD::CloudControl::API@ at @/cloudcontrol@, and/or @MaitreD::Opperator::API@ at @/opperator@.
+As shown above, you can use Maître d' Rack API for both Heroku and Cloud Control. Mount them to wherever you see fit. Once upon a time Heroku expected its endpoints to be at /heroku, but now things are a little more flexible.
 
 h2. Configuration
 
@@ -48,28 +45,21 @@ MaitreD::CloudControl.configure do |config|
   config.password = 'random'
   config.sso_salt = 'gibberish'
   config.listener = CloudControlListener
-end
-
-require 'maitre_d/opperator'
-
-MaitreD::Opperator.configure do |config|
-  config.shared_secret = 'something-special'
-  config.listener      = OpperatorListener
 end</code></pre>
 
 The listeners that are mentioned in the code above are classes, which will handle valid API requests. Read on for more details on how to set them up.
 
-h2. Heroku Listener
+h2. Listeners
 
-Your Heroku listener class should handle the following four methods:
+Your listener classes should handle the following four methods:
 
 h3. @provision(heroku_id, plan, region, callback_url, logplex_token, options)@
 
-This gets called when Heroku's requesting an app be provisioned within your service, and expects a hash to be returned with the following keys:
+This gets called when the provider is requesting an app be provisioned within your service, and expects a hash to be returned with the following keys:
 
 <dl>
   <dt><code>id</code></dt>
-  <dd>Your local resource id, which Heroku will use in related requests (to change plans, deprovision or initialise single-sign-on).</dd>
+  <dd>Your local resource id, which the provider will use in related requests (to change plans, deprovision or initialise single-sign-on).</dd>
   <dt><code>config</code></dt>
   <dd>A hash of the newly provisioned resource's configuration values (that are provided as environment variables to the app in question).</dd>
   <dt><code>message</code></dt>
@@ -147,14 +137,6 @@ end</code></pre>
 
 You can have the listener class wherever you like - as long as it's available within the context of your Rails/Rack site, it'll work as expected.
 
-h2. CloudControl Listener
-
-CloudControl is pretty much the same as Heroku - it has the same expectations for a listener, so perhaps you can use the same class if you like. Anything that Heroku sends through as the heroku_id becomes cloudcontrol_id - but that's just a matter of treating the given parameter appropriately.
-
-h2. Opperator Listener
-
-This listener is currently in progress as the Opperator API is established.
-
 h2. Contributing
 
 Contributions are very much welcome - but keep in mind the following:
@@ -165,4 +147,4 @@ Contributions are very much welcome - but keep in mind the following:
 
 h2. Credits
 
-Copyright (c) 2011-2014, Maître d' is developed and maintained by Pat Allan, and is released under the open MIT Licence.
+Copyright (c) 2011-2015, Maître d' is developed and maintained by Pat Allan, and is released under the open MIT Licence.

data/addon-manifest.json

@@ -2,9 +2,16 @@
   "id": "foo",
   "api": {
     "config_vars": [ "FOO_PROVISIONED" ],
-    "password": "bar",
-    "sso_salt": "sea salt",
-    "production": "https://yourapp.com/",
-    "test": "http://localhost:9292/"
+    "regions": [ "us" ],
+    "password": "056e8ff3d55ea6e1a7cc4aa7afeaf3ac",
+    "sso_salt": "db0ce73d4bd2dfa1d66c713a9aaf8f76",
+    "production": {
+      "base_url": "https://yourapp.com/heroku/resources",
+      "sso_url": "https://yourapp.com/sso/login"
+    },
+    "test": {
+      "base_url": "http://localhost:9292/heroku/resources",
+      "sso_url": "http://localhost:9292/heroku/resources/sso"
+    }
   }
 }

data/lib/maitre_d.rb

@@ -1,4 +1,7 @@
-require 'grape'
+require 'sliver'
+require 'multi_json'
 
 module MaitreD
 end
+
+require 'maitre_d/api'

data/lib/maitre_d/api.rb

@@ -0,0 +1,30 @@
+class MaitreD::API
+  def initialize(configuration)
+    @configuration = configuration
+  end
+
+  def call(environment)
+    environment['maitre_d.configuration'] = configuration
+
+    endpoints.call environment
+  end
+
+  private
+
+  attr_reader :configuration
+
+  def endpoints
+    @endpoints ||= Sliver::API.new do |api|
+      api.connect :post,   '/resources/sso',   MaitreD::API::SSO
+      api.connect :post,   '/resources',       MaitreD::API::Create
+      api.connect :put,    %r{/resources/\d+}, MaitreD::API::ChangePlan
+      api.connect :delete, %r{/resources/\d+}, MaitreD::API::Delete
+    end
+  end
+end
+
+require 'maitre_d/api/authenticated'
+require 'maitre_d/api/change_plan'
+require 'maitre_d/api/create'
+require 'maitre_d/api/delete'
+require 'maitre_d/api/sso'

data/lib/maitre_d/api/authenticated.rb

@@ -0,0 +1,45 @@
+class MaitreD::API::Authenticated
+  include Sliver::Action
+
+  def skip?
+    return false if valid_authorization?
+
+    response.body   = ['401 Unauthorized']
+    response.status = 401
+    true
+  end
+
+  def call
+    response.body     = [MultiJson.dump(response.body)]
+    response.status ||= 200
+  end
+
+  private
+
+  def configuration
+    environment['maitre_d.configuration']
+  end
+
+  def listener
+    configuration.listener.new
+  end
+
+  def params
+    @params ||= MultiJson.load request.body.read
+  end
+
+  def provider_id
+    configuration.provider_id_from params
+  end
+
+  def valid_authorization?
+    valid_authorization.strip == environment['HTTP_AUTHORIZATION'].strip
+  end
+
+  def valid_authorization
+    encoded_authorization = Base64.encode64(
+      "#{configuration.id}:#{configuration.password}"
+    )
+    "Basic #{encoded_authorization}"
+  end
+end

data/lib/maitre_d/api/change_plan.rb

@@ -0,0 +1,15 @@
+class MaitreD::API::ChangePlan < MaitreD::API::Authenticated
+  def call
+    response.body = listener.plan_change(
+      resource_id, provider_id, params['plan']
+    )
+
+    super
+  end
+
+  private
+
+  def resource_id
+    request.path[%r{resources/(\d+)}, 1]
+  end
+end

data/lib/maitre_d/api/create.rb

@@ -0,0 +1,10 @@
+class MaitreD::API::Create < MaitreD::API::Authenticated
+  def call
+    response.body = listener.provision(
+      provider_id,             params['plan'],          params['region'],
+      params['callback_url'],  params['logplex_token'], params['options']
+    )
+
+    super
+  end
+end

data/lib/maitre_d/api/delete.rb

@@ -0,0 +1,13 @@
+class MaitreD::API::Delete < MaitreD::API::Authenticated
+  def call
+    response.body = listener.deprovision resource_id
+
+    super
+  end
+
+  private
+
+  def resource_id
+    request.path[%r{resources/(\d+)}, 1]
+  end
+end

data/lib/maitre_d/api/sso.rb

@@ -0,0 +1,65 @@
+class MaitreD::API::SSO
+  include Sliver::Action
+
+  def skip?
+    return false if valid_token? && valid_timestamp?
+
+    response.status = 403
+    response.body   = ['403 Forbidden']
+    response.headers['Content-Length'] = response.body.first.length.to_s
+
+    true
+  end
+
+  def call
+    hash = listener.single_sign_on params['id']
+
+    hash[:session] ||= {}
+    hash[:session].each { |key, value| session[key] = value }
+
+    if environment['action_dispatch.cookies']
+      environment['action_dispatch.cookies']['heroku-nav-data'] =
+        params['nav-data']
+    else
+      Rack::Utils.set_cookie_header! response.headers, 'heroku-nav-data',
+        :value => params['nav-data']
+    end
+
+    response.status    = 302
+    response.body      = ["Redirect to #{hash[:uri]}"]
+    response.headers ||= {}
+    response.headers['Location'] = hash[:uri]
+  end
+
+  private
+
+  def configuration
+    environment['maitre_d.configuration']
+  end
+
+  def expected_token
+    @expected_token ||= Digest::SHA1.hexdigest(
+      "#{params['id']}:#{configuration.sso_salt}:#{params['timestamp']}"
+    ).to_s
+  end
+
+  def listener
+    configuration.listener.new
+  end
+
+  def params
+    request.params
+  end
+
+  def session
+    environment['rack.session'] ||= {}
+  end
+
+  def valid_timestamp?
+    params['timestamp'].to_i >= (Time.now - 5*60).to_i
+  end
+
+  def valid_token?
+    expected_token == params['token']
+  end
+end

data/lib/maitre_d/cloud_control.rb

@@ -34,7 +34,8 @@ module MaitreD::CloudControl
   def self.sso_salt=(salt)
     @sso_salt = salt
   end
-end
 
-require 'maitre_d/cloud_control/api_helpers'
-require 'maitre_d/cloud_control/api'
+  def self.provider_id_from(params)
+    params['cloudcontrol_id']
+  end
+end

data/lib/maitre_d/heroku.rb

@@ -34,8 +34,8 @@ module MaitreD::Heroku
   def self.sso_salt=(salt)
     @sso_salt = salt
   end
-end
 
-require 'maitre_d/heroku/api_helpers'
-require 'maitre_d/heroku/api'
-require 'maitre_d/heroku/listener'
+  def self.provider_id_from(params)
+    params['heroku_id']
+  end
+end

data/maitre_d.gemspec

@@ -3,7 +3,7 @@ $:.push File.expand_path('../lib', __FILE__)
 
 Gem::Specification.new do |s|
   s.name        = 'maitre_d'
-  s.version     = '0.4.0'
+  s.version     = '0.5.0'
   s.authors     = ['Pat Allan']
   s.email       = ['pat@freelancing-gods.com']
   s.homepage    = 'http://github.com/flying-sphinx/maitre_d'
@@ -17,8 +17,11 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ['lib']
 
+  s.add_runtime_dependency 'sliver',     '~> 0.0.4'
+  s.add_runtime_dependency 'multi_json', '>= 1.3.0'
+
   s.add_development_dependency 'combustion',  '0.5.1'
-  s.add_development_dependency 'kensa',       '1.3.0'
-  s.add_development_dependency 'rails',       '3.1.3'
-  s.add_development_dependency 'rspec-rails', '2.7.0'
+  s.add_development_dependency 'kensa',       '2.1.0'
+  s.add_development_dependency 'rails',       '~> 4.1.0'
+  s.add_development_dependency 'rspec-rails', '~> 3.1.0'
 end

data/spec/api/cloud_control/provisioning_spec.rb

@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe 'CloudControl Provisioning API' do
+describe 'CloudControl Provisioning API', :type => :request do
   let(:authorisation) { "Basic #{Base64.encode64('baz:qux')}" }
   let(:json_response) { JSON.parse response.body }
 
@@ -14,31 +14,31 @@ describe 'CloudControl Provisioning API' do
     }
 
     it "returns a 401 if the HTTP authorisation does not match" do
-      post '/cloudcontrol/resources', params,
+      post '/cloudcontrol/resources', JSON.dump(params),
         {'HTTP_AUTHORIZATION' => 'Basic foobarbaz'}
 
-      response.status.should == 401
+      expect(response.status).to eq(401)
     end
 
     it "returns the resource id" do
-      post '/cloudcontrol/resources', params,
+      post '/cloudcontrol/resources', JSON.dump(params),
         {'HTTP_AUTHORIZATION' => authorisation}
 
-      json_response['id'].should == '123'
+      expect(json_response['id']).to eq('123')
     end
 
     it "returns the resource configuration" do
-      post '/cloudcontrol/resources', params,
+      post '/cloudcontrol/resources', JSON.dump(params),
         {'HTTP_AUTHORIZATION' => authorisation}
 
-      json_response['config'].should == {'FOO_PROVISIONED' => "true"}
+      expect(json_response['config']).to eq('FOO_PROVISIONED' => "true")
     end
 
     it "returns a custom message" do
-      post '/cloudcontrol/resources', params,
+      post '/cloudcontrol/resources', JSON.dump(params),
         {'HTTP_AUTHORIZATION' => authorisation}
 
-      json_response['message'].should == 'Add-on provisioned!'
+      expect(json_response['message']).to eq('Add-on provisioned!')
     end
   end
 
@@ -48,24 +48,24 @@ describe 'CloudControl Provisioning API' do
     }
 
     it "returns a 401 if the HTTP authorisation does not match" do
-      put '/cloudcontrol/resources/7', params,
+      put '/cloudcontrol/resources/7', JSON.dump(params),
         {'HTTP_AUTHORIZATION' => 'Basic foobarbaz'}
 
-      response.status.should == 401
+      expect(response.status).to eq(401)
     end
 
     it "returns the new resource configuration" do
-      put '/cloudcontrol/resources/7', params,
+      put '/cloudcontrol/resources/7', JSON.dump(params),
         {'HTTP_AUTHORIZATION' => authorisation}
 
-      json_response['config'].should == {'FOO_PROVISIONED' => "false"}
+      expect(json_response['config']).to eq('FOO_PROVISIONED' => "false")
     end
 
     it "returns a custom message" do
-      put '/cloudcontrol/resources/7', params,
+      put '/cloudcontrol/resources/7', JSON.dump(params),
         {'HTTP_AUTHORIZATION' => authorisation}
 
-      json_response['message'].should == 'Add-on upgraded or downgraded.'
+      expect(json_response['message']).to eq('Add-on upgraded or downgraded.')
     end
   end
 
@@ -74,21 +74,21 @@ describe 'CloudControl Provisioning API' do
       delete '/cloudcontrol/resources/28', {},
         {'HTTP_AUTHORIZATION' => 'Basic foobarbaz'}
 
-      response.status.should == 401
+      expect(response.status).to eq(401)
     end
 
     it "returns with a status of 200" do
       delete '/cloudcontrol/resources/28', {},
         {'HTTP_AUTHORIZATION' => authorisation}
 
-      response.status.should == 200
+      expect(response.status).to eq(200)
     end
 
     it "returns a custom message" do
       delete '/cloudcontrol/resources/28', {},
         {'HTTP_AUTHORIZATION' => authorisation}
 
-      json_response['message'].should == 'Add-on removed.'
+      expect(json_response['message']).to eq('Add-on removed.')
     end
   end
 end