pushyd 0.7.1 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 233f9d4980695f14bed64169729254e8913307cb
-  data.tar.gz: 224431587e789f97fe31facb2bef49366b06db83
+  metadata.gz: c375b5fa1e240c7b9f125f63ccd7eb73854178ae
+  data.tar.gz: 5979f25c46eee2d49ba27cfe1802f82961399cff
 SHA512:
-  metadata.gz: d22640997b653d2494ec69c50120e75b5724d8d7e55a2fc6a71ec5eed43a90f76e6c961e7957deb4d352a65185c910dbcb45dcfdea7f6c66e1b47d76909962d7
-  data.tar.gz: 01cb61c001a925882533d08ebf75a8449581cc849227378a509607e57494a429d6773fd3af3f2599c61d9142ae57860a86150bc3081b2a05e636c93f4d586ff0
+  metadata.gz: 9b5083449c046a2a2a3d30ec0f0a0a6506844b8175c5ed211f93ccd5d635529f530c052c67357b0539c58a61e4baca8bbd8f0a1ff629f34ffcd04f234db535bd
+  data.tar.gz: ca4ff86afcf4fe9da2f9dbaac11ee40556d89b6230eabe50d2c14ddf3d824bdc7c227db20d9e1fc93d6d260681e116dc820107132bb3f45a5ad21940a43e92d5

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    pushyd (0.7.1)
+    pushyd (0.8.0)
       api-auth
       bunny (~> 2.3)
       chamber (~> 2.9)
@@ -37,7 +37,7 @@ GEM
       domain_name (~> 0.5)
     http-form_data (1.0.1)
     http_parser.rb (0.6.0)
-    json (1.8.3)
+    json (2.0.1)
     mime-types (2.99.2)
     netrc (0.11.0)
     newrelic_rpm (3.16.0.318)
@@ -50,19 +50,19 @@ GEM
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 3.0)
       netrc (~> 0.7)
-    rspec (3.4.0)
-      rspec-core (~> 3.4.0)
-      rspec-expectations (~> 3.4.0)
-      rspec-mocks (~> 3.4.0)
-    rspec-core (3.4.4)
-      rspec-support (~> 3.4.0)
-    rspec-expectations (3.4.0)
+    rspec (3.5.0)
+      rspec-core (~> 3.5.0)
+      rspec-expectations (~> 3.5.0)
+      rspec-mocks (~> 3.5.0)
+    rspec-core (3.5.0)
+      rspec-support (~> 3.5.0)
+    rspec-expectations (3.5.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.4.0)
-    rspec-mocks (3.4.1)
+      rspec-support (~> 3.5.0)
+    rspec-mocks (3.5.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.4.0)
-    rspec-support (3.4.1)
+      rspec-support (~> 3.5.0)
+    rspec-support (3.5.0)
     rubocop (0.41.1)
       parser (>= 2.3.1.1, < 3.0)
       powerpack (~> 0.1)

data/defaults.yml

@@ -1,14 +1,9 @@
 # common defaults
-bus:
-  host: localhost
-  port: 5672
-  user: guest
-  pass: guest
-
+amqp: amqp://guest:guest@localhost:5672/
 logs:
   path: '/tmp/'
-  file: null
-  newrelic: null
+  file: pushyd.log
+  newrelic: newrelic.log
   level: debug
 
 shout:

data/lib/pushyd/endpoint.rb

@@ -24,13 +24,12 @@ module PushyDaemon
     def init_logger logconf
       # Check structure conformity or set it to an empty hash
       logconf = {} unless logconf.is_a? Hash
-
-      # Extract context
-      logconf ||= {}
-      logfile   = logconf[:file]
       loglevel  = logconf[:level]
       me        = self.class.name
 
+      # Compute logfile
+      logfile = logfile(logconf, :file)
+
       # Prepare logger (may be NIL > won't output anything)
       @logger = Logger.new(logfile, LOG_ROTATION)
       @logger.formatter = Shared::LoggerFormatter
@@ -74,16 +73,9 @@ module PushyDaemon
 
     # Start connexion to RabbitMQ
     def connect_channel busconf
-      fail PushyDaemon::EndpointConnexionContext, "invalid bus host/port" unless (busconf.is_a? Hash) &&
-        busconf[:host] && busconf[:port]
-
-      info "connecting to #{busconf[:host]} port #{busconf[:port]}"
-      conn = Bunny.new host: busconf[:host].to_s,
-        port: busconf[:port].to_i,
-        user: busconf[:user].to_s,
-        pass: busconf[:pass].to_s,
-        heartbeat: :server,
-        logger: @logger
+      fail PushyDaemon::EndpointConnexionContext, "invalid bus host/port" unless busconf
+      info "connecting to #{busconf}"
+      conn = Bunny.new url: busconf.to_s, logger: @logger, heartbeat: :server
       conn.start
 
       # Create channel

data/lib/pushyd/proxy.rb

@@ -4,6 +4,7 @@ require 'terminal-table'
 
 module PushyDaemon
   class Proxy < Endpoint
+    include Shared::HmacSignature
 
     attr_accessor :table
 
@@ -19,7 +20,7 @@ module PushyDaemon
       @table.align_column(5, :right)
 
       # Start connexion to RabbitMQ and create channel
-      @channel = connect_channel Conf.bus
+      @channel = connect_channel Conf.amqp
       log_info "channel connected"
 
       # Check config
@@ -100,22 +101,14 @@ module PushyDaemon
           user_agent: Conf.generate(:user_agent),
           }
 
-      # Accordong to auth type
-      # log_info "propagate: auth[#{relay_auth}] class[#{relay_auth.class}]"
+      # Compute payload MD5
+      headers_md5 request
 
-      if !rule["hmac-user"]
-        # log_info "propagate: normal"
-
-      elsif !rule["hmac-secret"]
-        log_error "propagate: hmac: missing secret"
-        return
-      else
-        log_info "propagate: hmac: signing request"
-        request = ApiAuth.sign!(request, rule["hmac-user"].to_s, rule["hmac-secret"].to_s)
-      end
+      # Compute HMAC signature
+      headers_sign request, rule['hmac-method'], rule['hmac-user'], rule['hmac-secret'], [:date]
 
       # Send request
-      log_info "propagate: url", request.headers
+      log_info "propagate: #{relay_url}", request.headers
       response = request.execute
 
       # Handle exceptions
@@ -129,6 +122,8 @@ module PushyDaemon
         log_error "propagate: connection refused: #{e.message}"
       rescue StandardError => e
         log_error "propagate: unknown: #{e.message}, #{e.inspect}", e.backtrace
+      else
+        log_info "propagate: #{response.body}"
     end
 
     def parse payload, content_type #, fields = []
@@ -160,3 +155,4 @@ module PushyDaemon
 
   end
 end
+

data/lib/pushyd/shouter.rb

@@ -27,7 +27,7 @@ module PushyDaemon
       @period = config_shout[:period] || 0
 
       # Start connexion to RabbitMQ and create channel
-      @channel = connect_channel Conf.bus
+      @channel = connect_channel Conf.amqp
       log_info "channel connected"
 
       # Create exchange

data/lib/pushyd.rb

@@ -10,6 +10,7 @@ require "newrelic_rpm"
 # Shared libs
 require_relative "shared/logger_formatter"
 require_relative "shared/logger_helper"
+require_relative "shared/hmac_signature"
 require_relative "shared/conf"
 
 # Project libs

data/lib/shared/hmac_signature.rb

@@ -0,0 +1,87 @@
+require 'openssl'
+require 'base64'
+
+module Shared
+  module HmacSignature
+
+    def headers_sign request, hmac_method, hmac_user, hmac_secret, names = ['date']
+      return unless hmac_user
+      unless hmac_secret && hmac_method
+        log_error "headers_sign: hmac: missing secret or method"
+        return
+      end
+
+      # OK, lets go
+      log_info "headers_sign: before: user[#{hmac_user}] secret[#{hmac_secret}] method[#{hmac_method}]", request.headers
+      hmac_sign_kong request.headers, hmac_user, hmac_secret, names
+      log_info "headers_sign: after:", request.headers
+    end
+
+    def headers_md5 request
+      request.headers['Content-MD5'] = Digest::MD5.hexdigest(request.payload.to_s)
+    end
+
+  private
+
+    def hmac_sign_kong headers, client_id, client_secret, names
+      # Update date
+      headers['Date'] = Time.now.strftime('%a, %d %b %Y %H:%M:%S GMT')
+      # headers['Content-MD5'] = Date.now.strftime('%a, %d %b %Y %H:%M:%S GMT')
+      # log_debug "hmac_sign_kong: headers", headers
+
+      # Filter headers we're going to hash
+      myheaders = hmac_headers_filter headers, names
+
+      # Signe string of headers
+      headers_signature = hmac_headers_hash myheaders, client_secret
+      log_debug "hmac_sign_kong #{myheaders.keys.inspect} #{headers_signature}"
+
+      # Add auth header
+      # headers['Authorization'] = hmac_build_header(client_id, myheaders, headers_signature)
+      headers['test'] = "testing123"
+
+      # That's OK
+      return headers
+    end
+
+
+    def hmac_build_header client_id, myheaders, signature
+      sprintf 'hmac username="%s", algorithm="hmac-sha1", headers="%s", signature="%s"',
+        client_id,
+        myheaders.keys.map(&:downcase).join(' '),
+        signature
+    end
+
+    def hmac_headers_filter headers, selection
+      out = {}
+
+      # Build array of keys as strings, downcase
+      selection_names = selection.map{|h| h.to_s.downcase}
+
+      # For each header, stack it or not
+      headers.each do |name, value|
+        name_down = name.downcase
+        next unless selection_names.include? name_down
+        out[name_down] = value
+      end
+
+      # We're done
+      return out
+    end
+
+    def hmac_headers_hash myheaders, client_secret
+      # Build headers string
+      data = myheaders.map do |name, value|
+        sprintf("%s: %s", name, value)
+      end.join("\n")
+
+      # Hash this
+      digest  = OpenSSL::Digest.new('sha1')
+      Base64.encode64(OpenSSL::HMAC.digest(digest, client_secret, data)).strip
+    end
+
+    def hmac_sign_data client_secret, data
+    end
+
+  end
+end

data/lib/shared/logger_helper.rb

@@ -2,6 +2,35 @@ require "logger"
 
 module Shared
   module LoggerHelper
+    CONFIG_PATH = :path
+
+    def logfile config, pipe
+      # Disabled if no valid config
+      return nil unless config.is_a?(Hash)
+
+      # Compute logfile and check if we can write there
+      logfile = File.expand_path(config[pipe].to_s, config[CONFIG_PATH].to_s)
+
+      # Check that we'll be able to create logfiles
+      if File.exists?(logfile)
+        # File is there, is it writable ?
+        unless File.writable?(logfile)
+          puts "LoggerHelper [#{pipe}] disabled: file not writable [#{logfile}]"
+          return nil
+        end
+      else
+        # No file here, can we create it ?
+        logdir = File.dirname(logfile)
+        unless File.writable?(logdir)
+          puts "LoggerHelper [#{pipe}] disabled: directory not writable [#{logdir}]"
+          return nil
+        end
+      end
+
+      # OK, return a clean file path
+      puts "LoggerHelper [#{pipe}] logging to [#{logfile}]"
+      return logfile
+    end
 
   protected
 
@@ -39,12 +68,6 @@ module Shared
 
     def build_messages severity, message, details = nil
       messages = []
-      # messages << "/---------------------------------------"
-      # messages << "severity: #{severity}"
-      # messages << "message: #{message.class}"
-      # messages << "details: #{details.class} #{details.inspect}"
-      # messages << "ARRAY(#{details.count})" if details.is_a? Array
-      # messages << "HASH(#{details.count})" if details.is_a? Hash
 
       prefix = build_prefix
 
@@ -66,13 +89,5 @@ module Shared
       logger.add severity, messages
     end
 
-    # def debug_lines lines, prefix = ''
-    #   if lines.is_a? Array
-    #     logger.debug lines.map{ |line| sprintf(LOG_MESSAGE_ARRAY, prefix, line) }
-    #   elsif lines.is_a? Hash
-    #     logger.debug lines.map{ |key, value| sprintf(LOG_MESSAGE_HASH, prefix, key, value) }
-    #   end
-    # end
-
   end
 end

data/pushyd.gemspec

@@ -1,7 +1,7 @@
 # coding: utf-8
 Gem::Specification.new do |spec|
   # Project version
-  spec.version                      = "0.7.1"
+  spec.version                      = "0.8.0"
 
   # Project description
   spec.name                         = "pushyd"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pushyd
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.8.0
 platform: ruby
 authors:
 - Bruno MEDICI
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-06-30 00:00:00.000000000 Z
+date: 2016-07-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -215,6 +215,7 @@ files:
 - lib/pushyd/proxy.rb
 - lib/pushyd/shouter.rb
 - lib/shared/conf.rb
+- lib/shared/hmac_signature.rb
 - lib/shared/logger_formatter.rb
 - lib/shared/logger_helper.rb
 - pushyd.gemspec