nucleus 0.1.0

data/lib/nucleus/core/adapter_authentication_inductor.rb

@@ -0,0 +1,62 @@
+module Nucleus
+  # The {AdapterAuthenticationInductor} patches adapter classes so that each method that is defined in the AdapterStub
+  # of the current API version is wrapped with the {Nucleus::Adapters::AuthenticationRetryWrapper}.
+  module AdapterAuthenticationInductor
+    include Nucleus::Logging
+
+    # Patch the adapter instance and use the authentication information of the environment.
+    # @param [Nucleus::Adapters::BaseAdapter] adapter_instance the adapter implementation instance to patch
+    # @param [Hash<String, String>] env environment which includes the HTTP authentication header
+    # @return [void]
+    def self.patch(adapter_instance, env)
+      stub_class(adapter_instance).instance_methods(false).each do |method_to_wrap|
+        # wrap method with authentication repetition call
+        patch_method(adapter_instance, method_to_wrap, env)
+      end
+    end
+
+    private
+
+    # Patch the actual method that is defined in an API version stub.
+    # The method shall than be able to update the authentication token if the initial authentication expired.<br>
+    # Only major authentication issues, e.g. if the credentials are repeatedly rejected,
+    # will be thrown to the adapter caller.
+    # @param [Nucleus::Adapters::BaseAdapter] adapter the adapter implementation to patch
+    # @param [Symbol] method_to_wrap method that shall be patched
+    # @param [Hash<String, String>] env environment which includes the HTTP authentication header
+    # @return [void]
+    # @private
+    def self.patch_method(adapter, method_to_wrap, env)
+      with_wrapper = :"#{method_to_wrap}_with_before_each_method_call"
+      without_wrapper = :"#{method_to_wrap}_without_before_each_method_call"
+      # patching should be done only once, return if method is already patched (!)
+      return if adapter.respond_to?(with_wrapper) && adapter.respond_to?(without_wrapper)
+
+      @__last_methods_added = [method_to_wrap, with_wrapper, without_wrapper]
+      # wrap the method call
+      adapter.class.send :define_method, with_wrapper do |*args, &block|
+        log.debug "Calling adapter method '#{method_to_wrap}' against #{endpoint_url}"
+        # use the AuthenticationRetryWrapper to retry calls if tokens expired, ...
+        Nucleus::Adapters::AuthenticationRetryWrapper.with_authentication(adapter, env) do
+          return send without_wrapper, *args, &block
+        end
+      end
+      # now do the actual method re-assignment
+      adapter.class.send :define_method, without_wrapper, adapter.method(method_to_wrap)
+      adapter.class.send :define_method, method_to_wrap, adapter.method(with_wrapper)
+      @__last_methods_added = nil
+    end
+    private_class_method :patch_method
+
+    # @private
+    def self.stub_class(adapter)
+      parent = adapter.class
+      loop do
+        break if parent.superclass == Adapters::BaseAdapter
+        parent = parent.superclass
+      end
+      parent
+    end
+    private_class_method :stub_class
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/auth_client.rb

@@ -0,0 +1,44 @@
+module Nucleus
+  module Adapters
+    class AuthClient
+      attr_reader :verify_ssl
+
+      # Create a new instance of an {AuthClient}.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      def initialize(check_certificates = true)
+        @verify_ssl = check_certificates
+      end
+
+      # Perform authentication with the given username and password at the desired endpoint.
+      # @param[String] username username to use for authentication
+      # @param[String] password password to the username, which is to be used for authentication
+      # @raise[Nucleus::Errors::EndpointAuthenticationError] if authentication failed
+      # @raise[Nucleus::Errors::UnknownAdapterCallError] if the generic AuthClient did expect the endpoint
+      # to behave differently, usually indicates implementation issues
+      # @return[Nucleus::Adapters::AuthClient] current AuthClient instance
+      def authenticate(username, password)
+        fail Errors::EndpointAuthenticationError, 'Authentication client does not support authentication'
+      end
+
+      # Get the authentication header for the current AuthClient instance that must be used to execute requests
+      # against the endpoint.<br>
+      # If the authentication is known to be expired, a refresh will be made first.
+      # @raise[Nucleus::Errors::EndpointAuthenticationError] if the refresh failed
+      # @return[Hash<String, String>] authentication header that enables requests against the endpoint
+      def auth_header
+        fail Errors::EndpointAuthenticationError,
+             'Authentication client does not support to create the authentication header'
+      end
+
+      # Refresh a rejected authentication and generate a new authentication header.<br>
+      # Should be called if the authentication is known to be expired, or when a request is rejected with an
+      # authentication header that used to be accepted.
+      # @raise [Nucleus::Errors::EndpointAuthenticationError] if token refresh failed or authentication never succeeded
+      # @return [Nucleus::Adapters::AuthClient] current AuthClient instance
+      def refresh
+        fail Errors::EndpointAuthenticationError, 'Authentication client does not support refresh'
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/authentication_retry_wrapper.rb

@@ -0,0 +1,79 @@
+module Nucleus
+  module Adapters
+    # The AuthenticationRetryWrapper module can be used to invoke commands in a block that repeats its execution in case
+    # the first attempt raises an {Nucleus::Errors::EndpointAuthenticationError}.
+    module AuthenticationRetryWrapper
+      extend Nucleus::Logging
+
+      # Executes a block, which should be an adapter call, using the authentication information.
+      # If the first call fails due to cached authentication information, the cache is going to get evicted,
+      # authentication repeated and finally the call will be executed again.
+      #
+      # @param [Nucleus::Adapters::BaseAdapter] adapter adapter that is used for the ongoing request
+      # @param [Hash<String, String>] env Rack environment, shall contain HTTP authentication information
+      # @return [Hash, void] result of the yield block execution, usually a Hash matching the Grape::Entity to represent
+      def self.with_authentication(adapter, env)
+        begin
+          response = yield
+        rescue Errors::EndpointAuthenticationError
+          # first attempt with actually valid credentials failed, try to refresh token based clients
+          username, password = username_password(env)
+          begin
+            auth_client = adapter.cached(adapter.cache_key(username, password))
+            auth_client.refresh
+            response = yield
+          rescue Errors::EndpointAuthenticationError
+            # refresh failed, too
+            log.debug 'Call failed (401), start repetition by removing outdated cache entry'
+            re_authenticate(adapter, env)
+            log.debug 'Repeating call block...'
+            response = yield
+            log.debug '... the repetition did pass just fine!'
+          end
+        end
+        response
+      end
+
+      # Try to refresh a token based authentication that can be renewed.
+      # The method shall only be invoked when there are cached authentication information
+      # that appear to be outdated.<br>
+      # If the refresh fails, a complete re-authentication will be forced.
+      #
+      # @param [Nucleus::Adapters::AuthClient] auth_client platform specific version of the authentication client
+      # @raise [Nucleus::Errors::EndpointAuthenticationError] if both, refresh and authentication fail
+      # @return [void]
+      def self.refresh_token(auth_client)
+        # we first try to renew our token before invalidating the cache
+        log.debug 'Call failed (401), start refreshing auth token'
+        auth_client.refresh unless auth_client.nil?
+        log.debug '... the auth token refresh succeeded'
+      end
+
+      # Re-authenticate the user with the help of the current adapter.
+      # The method shall only be invoked when there are cached authentication information that appear to be outdated.
+      # It calls the authentication for the current user to override the cached authentication headers.
+      #
+      # @param [Nucleus::Adapters::BaseAdapter] adapter adapter that is used for the ongoing request
+      # @param [Hash<String, String>] env Rack environment, shall contain HTTP authentication information
+      # @raise [Nucleus::Errors::EndpointAuthenticationError] if authentication at the endpoint fails
+      # @return [void]
+      def self.re_authenticate(adapter, env)
+        log.debug('Invoked re-authentication')
+        username, password = username_password(env)
+        auth_client = adapter.cached(adapter.cache_key(username, password))
+        # raises 401 if the authentication did not only expire, but became completely invalid
+        auth_client.authenticate(username, password)
+      end
+
+      # Extract the username and password from the current HTTP request.
+      # @param [Hash<String, String>] env Rack environment, shall contain HTTP authentication information
+      # @return [Array<String>] username at response[0], password at response[1]
+      def self.username_password(env)
+        # resolve username & password for authentication request
+        auth_keys = %w(HTTP_AUTHORIZATION X-HTTP_AUTHORIZATION X_HTTP_AUTHORIZATION)
+        authorization_key = auth_keys.detect { |k| env.key?(k) }
+        env[authorization_key].split(' ', 2).last.unpack('m*').first.split(/:/, 2)
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/expiring_token_auth_client.rb

@@ -0,0 +1,53 @@
+module Nucleus
+  module Adapters
+    class ExpiringTokenAuthClient < TokenAuthClient
+      # Create a new instance of an {ExpiringTokenAuthClient}. An expiring token knows when it starts to be invalid,
+      # saving requests to the endpoint that would fail anyways.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yield [verify_ssl, username, password] Auth credentials token parser block,
+      # must provide the API token and its expiration date, usually retrieved from an HTTP call to the endpoint.
+      # @yieldparam [Boolean] verify_ssl true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yieldparam [String] username username to be used to retrieve the API token
+      # @yieldparam [String] password password to be used to retrieve the API token
+      # @yieldreturn [Array<String>] Array with 2 contents:
+      # [0] = API token to be used for authenticated API requests,
+      # nil if authentication failed, e.g. due to bad credentials
+      # [1] = Expiration time until the token is valid
+      def initialize(check_certificates = true, &token_expiration_parser)
+        @token_expiration_parser = token_expiration_parser
+        super(check_certificates)
+      end
+
+      # @see AuthClient#authenticate
+      def authenticate(username, password)
+        token, expiration_time = @token_expiration_parser.call(verify_ssl, username, password)
+        fail Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless token
+        # verification passed, credentials are valid
+        @api_token = token
+        @expires = expiration_time
+        self
+      end
+
+      # @see AuthClient#auth_header
+      def auth_header
+        fail Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @api_token
+        fail Errors::EndpointAuthenticationError, 'Cached authentication token expired' if expired?
+        { 'Authorization' => "Bearer #{api_token}" }
+      end
+
+      private
+
+      # Checks if the token is expired.
+      # @return [true, false] true if the token is expired, false if it is still valid
+      def expired?
+        @expires >= Time.now
+      end
+
+      def to_s
+        api_token
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/http_basic_auth_client.rb

@@ -0,0 +1,37 @@
+module Nucleus
+  module Adapters
+    # Implementation of the AuthClient that works with the HTTP basic authentication.
+    class HttpBasicAuthClient < AuthClient
+      # Create a new instance of an {HttpBasicAuthClient}.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yield [verify_ssl, username, password] Auth credentials verification block,
+      # must check if the combination of username and password is accepted by the endpoint.
+      # @yieldparam [Hash<String,String>] headers headers for an HTTP request,
+      # including the authentication header to be tested
+      # @yieldreturn [Boolean] true if the authentication was verified to be ok,
+      # false if an error occurred, e.g. with bad credentials
+      def initialize(check_certificates = true, &verification)
+        @verification = verification
+        super(check_certificates)
+      end
+
+      # @see AuthClient#authenticate
+      def authenticate(username, password)
+        packed_credentials = ["#{username}:#{password}"].pack('m*').gsub(/\n/, '')
+        valid = @verification.call(verify_ssl, 'Authorization' => "Basic #{packed_credentials}")
+        fail Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless valid
+        # verification passed, credentials are valid
+        @packed_credentials = packed_credentials
+        self
+      end
+
+      # @see AuthClient#auth_header
+      def auth_header
+        fail Errors::EndpointAuthenticationError,
+             'Authentication client was not authenticated yet' unless @packed_credentials
+        { 'Authorization' => "Basic #{@packed_credentials}" }
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/o_auth2_auth_client.rb

@@ -0,0 +1,95 @@
+module Nucleus
+  module Adapters
+    class OAuth2AuthClient < AuthClient
+      include Nucleus::Logging
+
+      # Create a new instance of an {OAuth2AuthClient}, which uses the standardized OAuth2 authentication method.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @param [String] auth_url URL to the OAuth2 endpoint
+      def initialize(auth_url, check_certificates = true)
+        @auth_url = auth_url
+        super(check_certificates)
+      end
+
+      def authenticate(username, password)
+        return self if @access_token
+        response = post(query: { grant_type: 'password', username: username, password: password })
+        body = body(response)
+        extract(body)
+        # refresh token is not included in later updates
+        @refresh_token = body[:refresh_token]
+        self
+      end
+
+      def auth_header
+        fail Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @access_token
+        if expired?
+          log.debug('OAuth2 access_token is expired, trigger refresh before returning auth_header')
+          # token is expired, renew first
+          refresh
+        end
+        # then return the authorization header
+        header
+      end
+
+      def refresh
+        if @refresh_token.nil?
+          fail Errors::EndpointAuthenticationError, "Can't refresh token before initial authentication"
+        end
+        log.debug("Attempt to refresh the access_token with our refresh_token: '#{@refresh_token}'")
+        response = post(query: { grant_type: 'refresh_token', refresh_token: @refresh_token })
+        extract(body(response))
+        self
+      end
+
+      private
+
+      def post(params)
+        middleware = Excon.defaults[:middlewares].dup
+        middleware << Excon::Middleware::Decompress
+        middleware << Excon::Middleware::RedirectFollower
+        # explicitly allow redirects, otherwise they would cause an error
+        # TODO: Basic Y2Y6 could be cloud-foundry specific
+        request_params = { expects: [200, 301, 302, 303, 307, 308], middlewares: middleware.uniq,
+                           headers: { 'Authorization' => 'Basic Y2Y6',
+                                      'Content-Type' => 'application/x-www-form-urlencoded',
+                                      'Accept' => 'application/json' } }.merge(params)
+        # execute the post request and return the response
+        Excon.new(@auth_url, ssl_verify_peer: verify_ssl).post(request_params)
+      rescue Excon::Errors::HTTPStatusError => e
+        log.debug "OAuth2 authentication failed: #{e}"
+        case e.response.status
+        when 403
+          log.error("OAuth2 for '#{@auth_url}' failed with status 403 (access denied), indicating an adapter issue")
+          raise Errors::UnknownAdapterCallError, 'Access to resource denied, probably the adapter must be updated'
+        when 400, 401
+          raise Errors::EndpointAuthenticationError, body(e.response)[:error_description]
+        end
+        # re-raise all unhandled exception, indicating adapter issues
+        raise Errors::UnknownAdapterCallError, 'OAuth2 call failed unexpectedly, probably the adapter must be updated'
+      end
+
+      def header
+        { 'Authorization' => "#{@token_type} #{@access_token}" }
+      end
+
+      def expired?
+        return true if @expiration.nil?
+        Time.now >= @expiration
+      end
+
+      def body(response)
+        Oj.load(response.body, symbol_keys: true)
+      end
+
+      def extract(body)
+        @access_token = body[:access_token]
+        # number of seconds until expiration, deduct processing buffer
+        seconds_left = body[:expires_in] - 30
+        @expiration = Time.now + seconds_left
+        @token_type = body[:token_type]
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/auth/token_auth_client.rb

@@ -0,0 +1,36 @@
+module Nucleus
+  module Adapters
+    class TokenAuthClient < AuthClient
+      attr_reader :api_token
+
+      # Create a new instance of an {TokenAuthClient}.
+      # @param [Boolean] check_certificates true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yield [verify_ssl, username, password] Auth credentials token parser block,
+      # must provide the API token, usually retrieved from an HTTP call to the endpoint.
+      # @yieldparam [Boolean] verify_ssl true if SSL certificates are to be validated,
+      # false if they are to be ignored (e.g. when using self-signed certificates in development environments)
+      # @yieldparam [String] username username to be used to retrieve the API token
+      # @yieldparam [String] password password to be used to retrieve the API token
+      # @yieldreturn [String] API token to be used for authenticated API requests,
+      # nil if authentication failed, e.g. due to bad credentials
+      def initialize(check_certificates = true, &token_parser)
+        @token_parser = token_parser
+        super(check_certificates)
+      end
+
+      def authenticate(username, password)
+        token = @token_parser.call(verify_ssl, username, password)
+        fail Errors::EndpointAuthenticationError, 'Authentication failed, credentials seem to be invalid' unless token
+        # verification passed, credentials are valid
+        @api_token = token
+        self
+      end
+
+      def auth_header
+        fail Errors::EndpointAuthenticationError, 'Authentication client was not authenticated yet' unless @api_token
+        { 'Authorization' => "Bearer #{api_token}" }
+      end
+    end
+  end
+end

data/lib/nucleus/core/adapter_extensions/http_client.rb

@@ -0,0 +1,177 @@
+module Nucleus
+  module Adapters
+    module HttpClient
+      # Executes a HEAD request to the given URL.
+      #
+      # @param [String] path path to add to the endpoint URL
+      # @param [Hash] params options to call the post request with
+      # @option params [Array<int>] :expects ([200]) http status code that is expected
+      # @option params [Hash] :headers request headers to use with the request
+      # @option params [Boolean] :native_call if true the request is a native API call and shall return the
+      # unprocessed response
+      # @raise [Nucleus::Errors::AdapterError] if the call failed and did not return the expected code(s)
+      def head(path, params = {})
+        execute_request(:head, [200], path, params, params.delete(:native_call) { false })
+      end
+
+      # Executes a GET request to the given URL.
+      #
+      # @param [String] path path to add to the endpoint URL
+      # @param [Hash] params options to call the post request with
+      # @option params [Array<int>] :expects ([200]) http status code that is expected
+      # @option params [Hash] :headers request headers to use with the request
+      # @option params [Boolean] :native_call if true the request is a native API call and shall return the
+      # unprocessed response
+      # @raise [Nucleus::Errors::AdapterError] if the call failed and did not return the expected code(s)
+      def get(path, params = {})
+        execute_request(:get, [200], path, params, params.delete(:native_call) { false })
+      end
+
+      # Executes a POST request to the given URL.
+      #
+      # @param [String] path path to add to the endpoint URL
+      # @param [Hash] params options to call the post request with
+      # @option params [Array<int>] :expects ([200,201]) http status code that is expected
+      # @option params [Hash] :body request body, will be converted to json format
+      # @option params [Hash] :headers request headers to use with the request
+      # @option params [Boolean] :native_call if true the request is a native API call and shall return the
+      # unprocessed response
+      # @raise [Nucleus::Errors::AdapterError] if the call failed and did not return the expected code(s)
+      def post(path, params = {})
+        execute_request(:post, [200, 201], path, params, params.delete(:native_call) { false })
+      end
+
+      # Executes a PATCH request to the given URL.
+      #
+      # @param [String] path path to add to the endpoint URL
+      # @param [Hash] params options to call the post request with
+      # @option params [Array<int>] :expects ([200,201]) http status code that is expected
+      # @option params [Hash] :body request body, will be converted to json format
+      # @option params [Hash] :headers request headers to use with the request
+      # @option params [Boolean] :native_call if true the request is a native API call and shall return the
+      # unprocessed response
+      # @raise [Nucleus::Errors::AdapterError] if the call failed and did not return the expected code(s)
+      def patch(path, params = {})
+        execute_request(:patch, [200, 201], path, params, params.delete(:native_call) { false })
+      end
+
+      # Executes a PUT request to the given URL.
+      #
+      # @param [String] path path to add to the endpoint URL
+      # @param [Hash] params options to call the post request with
+      # @option params [Array<int>] :expects ([200,201]) http status code that is expected
+      # @option params [Hash] :body request body, will be converted to json format
+      # @option params [Hash] :headers request headers to use with the request
+      # @option params [Boolean] :native_call if true the request is a native API call and shall return the
+      # unprocessed response
+      # @raise [Nucleus::Errors::AdapterError] if the call failed and did not return the expected code(s)
+      def put(path, params = {})
+        execute_request(:put, [200, 201], path, params, params.delete(:native_call) { false })
+      end
+
+      # Executes a DELETE request to the given URL.
+      #
+      # @param [String] path path to add to the endpoint URL
+      # @param [Hash] params options to call the post request with
+      # @option params [Array<int>] :expects ([200,204]) http status code that is expected
+      # @option params [Hash] :headers request headers to use with the request
+      # @option params [Boolean] :native_call if true the request is a native API call and shall return the
+      # unprocessed response
+      # @raise [Nucleus::Errors::AdapterError] if the call failed and did not return the expected code(s)
+      def delete(path, params = {})
+        execute_request(:delete, [200, 204], path, params, params.delete(:native_call) { false })
+      end
+
+      private
+
+      def execute_request(method, default_expect, path, params, native_call = false)
+        params[:expects] = default_expect unless params.key? :expects
+        params[:method] = method
+
+        url = Regexp::PERFECT_URL_PATTERN =~ path ? path : to_url(path)
+        response = Excon.new(url, excon_connection_params(params)).request(add_common_request_params(params))
+        # we never want the JSON string, but always the hash representation
+        response.body = hash_of(response.body)
+        response
+      rescue Excon::Errors::HTTPStatusError => e
+        handle_execute_request_error(e, url, native_call)
+      end
+
+      def handle_execute_request_error(e, url, native_call)
+        log.debug 'ERROR, Excon could not execute the request.'
+        # transform json response to Hash object
+        e.response.body = hash_of(e.response.body)
+
+        # if this is a native API call, do not further process the error
+        return e.response if native_call
+
+        # fail with adapter specific error handling
+        handle_error(e.response) if respond_to?(:handle_error)
+        fallback_error_handling(e, url)
+      end
+
+      def fallback_error_handling(e, url)
+        error_status = e.response.status
+        # arriving here, error could not be processed --> use fallback errors
+        if e.is_a? Excon::Errors::ServerError
+          fail Errors::UnknownAdapterCallError, e.message
+        elsif error_status == 404
+          log.error("Resource not found (404) at '#{url}', indicating an adapter issue")
+          fail Errors::UnknownAdapterCallError, 'Resource not found, probably the adapter must be updated'
+        elsif error_status == 401
+          fail Errors::EndpointAuthenticationError,
+               'Auth. failed, probably cache is outdated or permissions were revoked?'
+        else
+          log.error("Fallback error handling (#{error_status}) at '#{url}', indicating an adapter issue")
+          fail Errors::UnknownAdapterCallError, e.message
+        end
+      end
+
+      def to_url(path)
+        # insert missing slash, prevent double slashes
+        return "#{@endpoint_url}/#{path}" unless @endpoint_url.end_with?('/') || path.start_with?('/')
+        "#{@endpoint_url}#{path}"
+      end
+
+      def excon_connection_params(params)
+        middleware = Excon.defaults[:middlewares].dup
+
+        if params[:follow_redirects] == false
+          middleware = [Excon::Middleware::ResponseParser, Excon::Middleware::Decompress].push(*middleware).uniq
+        else
+          middleware = [Excon::Middleware::ResponseParser, Excon::Middleware::RedirectFollower,
+                        Excon::Middleware::Decompress].push(*middleware).uniq
+        end
+        { middlewares: middleware, ssl_verify_peer: @check_certificates }
+      end
+
+      def hash_of(message_body)
+        return {} if message_body.nil? || message_body.empty?
+        begin
+          return Oj.load(message_body, symbol_keys: true)
+        rescue Oj::Error
+          # parsing failed, content probably is no valid JSON content
+          message_body
+        end
+      end
+
+      def add_common_request_params(params)
+        common_params = { connection_timeout: 610, write_timeout: 600, read_timeout: 600 }
+        # allow to follow redirects in the APIs
+        allowed_status_codes = params.key?(:expects) ? [*params[:expects]] : []
+        unless params[:follow_redirects] == false
+          allowed_status_codes.push(*[301, 302, 303, 307, 308])
+        end
+
+        params[:expects] = allowed_status_codes.uniq
+        # use default or customized headers
+        params[:headers] = headers unless params[:headers]
+        # specify encoding if not done yet: use only gzip since deflate does cause issues with VCR cassettes in tests
+        params[:headers]['Accept-Encoding'] = 'gzip' unless params[:headers].key? 'Accept-Encoding'
+        params[:body] = params[:body].to_json if params.key? :body
+        # merge and return
+        common_params.merge params
+      end
+    end
+  end
+end