pushyd 0.7.1 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +13 -13
- data/defaults.yml +3 -8
- data/lib/pushyd/endpoint.rb +6 -14
- data/lib/pushyd/proxy.rb +10 -14
- data/lib/pushyd/shouter.rb +1 -1
- data/lib/pushyd.rb +1 -0
- data/lib/shared/hmac_signature.rb +87 -0
- data/lib/shared/logger_helper.rb +29 -14
- data/pushyd.gemspec +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c375b5fa1e240c7b9f125f63ccd7eb73854178ae
|
4
|
+
data.tar.gz: 5979f25c46eee2d49ba27cfe1802f82961399cff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9b5083449c046a2a2a3d30ec0f0a0a6506844b8175c5ed211f93ccd5d635529f530c052c67357b0539c58a61e4baca8bbd8f0a1ff629f34ffcd04f234db535bd
|
7
|
+
data.tar.gz: ca4ff86afcf4fe9da2f9dbaac11ee40556d89b6230eabe50d2c14ddf3d824bdc7c227db20d9e1fc93d6d260681e116dc820107132bb3f45a5ad21940a43e92d5
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
pushyd (0.
|
4
|
+
pushyd (0.8.0)
|
5
5
|
api-auth
|
6
6
|
bunny (~> 2.3)
|
7
7
|
chamber (~> 2.9)
|
@@ -37,7 +37,7 @@ GEM
|
|
37
37
|
domain_name (~> 0.5)
|
38
38
|
http-form_data (1.0.1)
|
39
39
|
http_parser.rb (0.6.0)
|
40
|
-
json (
|
40
|
+
json (2.0.1)
|
41
41
|
mime-types (2.99.2)
|
42
42
|
netrc (0.11.0)
|
43
43
|
newrelic_rpm (3.16.0.318)
|
@@ -50,19 +50,19 @@ GEM
|
|
50
50
|
http-cookie (>= 1.0.2, < 2.0)
|
51
51
|
mime-types (>= 1.16, < 3.0)
|
52
52
|
netrc (~> 0.7)
|
53
|
-
rspec (3.
|
54
|
-
rspec-core (~> 3.
|
55
|
-
rspec-expectations (~> 3.
|
56
|
-
rspec-mocks (~> 3.
|
57
|
-
rspec-core (3.
|
58
|
-
rspec-support (~> 3.
|
59
|
-
rspec-expectations (3.
|
53
|
+
rspec (3.5.0)
|
54
|
+
rspec-core (~> 3.5.0)
|
55
|
+
rspec-expectations (~> 3.5.0)
|
56
|
+
rspec-mocks (~> 3.5.0)
|
57
|
+
rspec-core (3.5.0)
|
58
|
+
rspec-support (~> 3.5.0)
|
59
|
+
rspec-expectations (3.5.0)
|
60
60
|
diff-lcs (>= 1.2.0, < 2.0)
|
61
|
-
rspec-support (~> 3.
|
62
|
-
rspec-mocks (3.
|
61
|
+
rspec-support (~> 3.5.0)
|
62
|
+
rspec-mocks (3.5.0)
|
63
63
|
diff-lcs (>= 1.2.0, < 2.0)
|
64
|
-
rspec-support (~> 3.
|
65
|
-
rspec-support (3.
|
64
|
+
rspec-support (~> 3.5.0)
|
65
|
+
rspec-support (3.5.0)
|
66
66
|
rubocop (0.41.1)
|
67
67
|
parser (>= 2.3.1.1, < 3.0)
|
68
68
|
powerpack (~> 0.1)
|
data/defaults.yml
CHANGED
@@ -1,14 +1,9 @@
|
|
1
1
|
# common defaults
|
2
|
-
|
3
|
-
host: localhost
|
4
|
-
port: 5672
|
5
|
-
user: guest
|
6
|
-
pass: guest
|
7
|
-
|
2
|
+
amqp: amqp://guest:guest@localhost:5672/
|
8
3
|
logs:
|
9
4
|
path: '/tmp/'
|
10
|
-
file:
|
11
|
-
newrelic:
|
5
|
+
file: pushyd.log
|
6
|
+
newrelic: newrelic.log
|
12
7
|
level: debug
|
13
8
|
|
14
9
|
shout:
|
data/lib/pushyd/endpoint.rb
CHANGED
@@ -24,13 +24,12 @@ module PushyDaemon
|
|
24
24
|
def init_logger logconf
|
25
25
|
# Check structure conformity or set it to an empty hash
|
26
26
|
logconf = {} unless logconf.is_a? Hash
|
27
|
-
|
28
|
-
# Extract context
|
29
|
-
logconf ||= {}
|
30
|
-
logfile = logconf[:file]
|
31
27
|
loglevel = logconf[:level]
|
32
28
|
me = self.class.name
|
33
29
|
|
30
|
+
# Compute logfile
|
31
|
+
logfile = logfile(logconf, :file)
|
32
|
+
|
34
33
|
# Prepare logger (may be NIL > won't output anything)
|
35
34
|
@logger = Logger.new(logfile, LOG_ROTATION)
|
36
35
|
@logger.formatter = Shared::LoggerFormatter
|
@@ -74,16 +73,9 @@ module PushyDaemon
|
|
74
73
|
|
75
74
|
# Start connexion to RabbitMQ
|
76
75
|
def connect_channel busconf
|
77
|
-
fail PushyDaemon::EndpointConnexionContext, "invalid bus host/port" unless
|
78
|
-
|
79
|
-
|
80
|
-
info "connecting to #{busconf[:host]} port #{busconf[:port]}"
|
81
|
-
conn = Bunny.new host: busconf[:host].to_s,
|
82
|
-
port: busconf[:port].to_i,
|
83
|
-
user: busconf[:user].to_s,
|
84
|
-
pass: busconf[:pass].to_s,
|
85
|
-
heartbeat: :server,
|
86
|
-
logger: @logger
|
76
|
+
fail PushyDaemon::EndpointConnexionContext, "invalid bus host/port" unless busconf
|
77
|
+
info "connecting to #{busconf}"
|
78
|
+
conn = Bunny.new url: busconf.to_s, logger: @logger, heartbeat: :server
|
87
79
|
conn.start
|
88
80
|
|
89
81
|
# Create channel
|
data/lib/pushyd/proxy.rb
CHANGED
@@ -4,6 +4,7 @@ require 'terminal-table'
|
|
4
4
|
|
5
5
|
module PushyDaemon
|
6
6
|
class Proxy < Endpoint
|
7
|
+
include Shared::HmacSignature
|
7
8
|
|
8
9
|
attr_accessor :table
|
9
10
|
|
@@ -19,7 +20,7 @@ module PushyDaemon
|
|
19
20
|
@table.align_column(5, :right)
|
20
21
|
|
21
22
|
# Start connexion to RabbitMQ and create channel
|
22
|
-
@channel = connect_channel Conf.
|
23
|
+
@channel = connect_channel Conf.amqp
|
23
24
|
log_info "channel connected"
|
24
25
|
|
25
26
|
# Check config
|
@@ -100,22 +101,14 @@ module PushyDaemon
|
|
100
101
|
user_agent: Conf.generate(:user_agent),
|
101
102
|
}
|
102
103
|
|
103
|
-
#
|
104
|
-
|
104
|
+
# Compute payload MD5
|
105
|
+
headers_md5 request
|
105
106
|
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
elsif !rule["hmac-secret"]
|
110
|
-
log_error "propagate: hmac: missing secret"
|
111
|
-
return
|
112
|
-
else
|
113
|
-
log_info "propagate: hmac: signing request"
|
114
|
-
request = ApiAuth.sign!(request, rule["hmac-user"].to_s, rule["hmac-secret"].to_s)
|
115
|
-
end
|
107
|
+
# Compute HMAC signature
|
108
|
+
headers_sign request, rule['hmac-method'], rule['hmac-user'], rule['hmac-secret'], [:date]
|
116
109
|
|
117
110
|
# Send request
|
118
|
-
log_info "propagate:
|
111
|
+
log_info "propagate: #{relay_url}", request.headers
|
119
112
|
response = request.execute
|
120
113
|
|
121
114
|
# Handle exceptions
|
@@ -129,6 +122,8 @@ module PushyDaemon
|
|
129
122
|
log_error "propagate: connection refused: #{e.message}"
|
130
123
|
rescue StandardError => e
|
131
124
|
log_error "propagate: unknown: #{e.message}, #{e.inspect}", e.backtrace
|
125
|
+
else
|
126
|
+
log_info "propagate: #{response.body}"
|
132
127
|
end
|
133
128
|
|
134
129
|
def parse payload, content_type #, fields = []
|
@@ -160,3 +155,4 @@ module PushyDaemon
|
|
160
155
|
|
161
156
|
end
|
162
157
|
end
|
158
|
+
|
data/lib/pushyd/shouter.rb
CHANGED
data/lib/pushyd.rb
CHANGED
@@ -0,0 +1,87 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
require 'base64'
|
3
|
+
|
4
|
+
module Shared
|
5
|
+
module HmacSignature
|
6
|
+
|
7
|
+
def headers_sign request, hmac_method, hmac_user, hmac_secret, names = ['date']
|
8
|
+
return unless hmac_user
|
9
|
+
unless hmac_secret && hmac_method
|
10
|
+
log_error "headers_sign: hmac: missing secret or method"
|
11
|
+
return
|
12
|
+
end
|
13
|
+
|
14
|
+
# OK, lets go
|
15
|
+
log_info "headers_sign: before: user[#{hmac_user}] secret[#{hmac_secret}] method[#{hmac_method}]", request.headers
|
16
|
+
hmac_sign_kong request.headers, hmac_user, hmac_secret, names
|
17
|
+
log_info "headers_sign: after:", request.headers
|
18
|
+
end
|
19
|
+
|
20
|
+
def headers_md5 request
|
21
|
+
request.headers['Content-MD5'] = Digest::MD5.hexdigest(request.payload.to_s)
|
22
|
+
end
|
23
|
+
|
24
|
+
private
|
25
|
+
|
26
|
+
def hmac_sign_kong headers, client_id, client_secret, names
|
27
|
+
# Update date
|
28
|
+
headers['Date'] = Time.now.strftime('%a, %d %b %Y %H:%M:%S GMT')
|
29
|
+
# headers['Content-MD5'] = Date.now.strftime('%a, %d %b %Y %H:%M:%S GMT')
|
30
|
+
# log_debug "hmac_sign_kong: headers", headers
|
31
|
+
|
32
|
+
# Filter headers we're going to hash
|
33
|
+
myheaders = hmac_headers_filter headers, names
|
34
|
+
|
35
|
+
# Signe string of headers
|
36
|
+
headers_signature = hmac_headers_hash myheaders, client_secret
|
37
|
+
log_debug "hmac_sign_kong #{myheaders.keys.inspect} #{headers_signature}"
|
38
|
+
|
39
|
+
# Add auth header
|
40
|
+
# headers['Authorization'] = hmac_build_header(client_id, myheaders, headers_signature)
|
41
|
+
headers['test'] = "testing123"
|
42
|
+
|
43
|
+
# That's OK
|
44
|
+
return headers
|
45
|
+
end
|
46
|
+
|
47
|
+
|
48
|
+
def hmac_build_header client_id, myheaders, signature
|
49
|
+
sprintf 'hmac username="%s", algorithm="hmac-sha1", headers="%s", signature="%s"',
|
50
|
+
client_id,
|
51
|
+
myheaders.keys.map(&:downcase).join(' '),
|
52
|
+
signature
|
53
|
+
end
|
54
|
+
|
55
|
+
def hmac_headers_filter headers, selection
|
56
|
+
out = {}
|
57
|
+
|
58
|
+
# Build array of keys as strings, downcase
|
59
|
+
selection_names = selection.map{|h| h.to_s.downcase}
|
60
|
+
|
61
|
+
# For each header, stack it or not
|
62
|
+
headers.each do |name, value|
|
63
|
+
name_down = name.downcase
|
64
|
+
next unless selection_names.include? name_down
|
65
|
+
out[name_down] = value
|
66
|
+
end
|
67
|
+
|
68
|
+
# We're done
|
69
|
+
return out
|
70
|
+
end
|
71
|
+
|
72
|
+
def hmac_headers_hash myheaders, client_secret
|
73
|
+
# Build headers string
|
74
|
+
data = myheaders.map do |name, value|
|
75
|
+
sprintf("%s: %s", name, value)
|
76
|
+
end.join("\n")
|
77
|
+
|
78
|
+
# Hash this
|
79
|
+
digest = OpenSSL::Digest.new('sha1')
|
80
|
+
Base64.encode64(OpenSSL::HMAC.digest(digest, client_secret, data)).strip
|
81
|
+
end
|
82
|
+
|
83
|
+
def hmac_sign_data client_secret, data
|
84
|
+
end
|
85
|
+
|
86
|
+
end
|
87
|
+
end
|
data/lib/shared/logger_helper.rb
CHANGED
@@ -2,6 +2,35 @@ require "logger"
|
|
2
2
|
|
3
3
|
module Shared
|
4
4
|
module LoggerHelper
|
5
|
+
CONFIG_PATH = :path
|
6
|
+
|
7
|
+
def logfile config, pipe
|
8
|
+
# Disabled if no valid config
|
9
|
+
return nil unless config.is_a?(Hash)
|
10
|
+
|
11
|
+
# Compute logfile and check if we can write there
|
12
|
+
logfile = File.expand_path(config[pipe].to_s, config[CONFIG_PATH].to_s)
|
13
|
+
|
14
|
+
# Check that we'll be able to create logfiles
|
15
|
+
if File.exists?(logfile)
|
16
|
+
# File is there, is it writable ?
|
17
|
+
unless File.writable?(logfile)
|
18
|
+
puts "LoggerHelper [#{pipe}] disabled: file not writable [#{logfile}]"
|
19
|
+
return nil
|
20
|
+
end
|
21
|
+
else
|
22
|
+
# No file here, can we create it ?
|
23
|
+
logdir = File.dirname(logfile)
|
24
|
+
unless File.writable?(logdir)
|
25
|
+
puts "LoggerHelper [#{pipe}] disabled: directory not writable [#{logdir}]"
|
26
|
+
return nil
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
# OK, return a clean file path
|
31
|
+
puts "LoggerHelper [#{pipe}] logging to [#{logfile}]"
|
32
|
+
return logfile
|
33
|
+
end
|
5
34
|
|
6
35
|
protected
|
7
36
|
|
@@ -39,12 +68,6 @@ module Shared
|
|
39
68
|
|
40
69
|
def build_messages severity, message, details = nil
|
41
70
|
messages = []
|
42
|
-
# messages << "/---------------------------------------"
|
43
|
-
# messages << "severity: #{severity}"
|
44
|
-
# messages << "message: #{message.class}"
|
45
|
-
# messages << "details: #{details.class} #{details.inspect}"
|
46
|
-
# messages << "ARRAY(#{details.count})" if details.is_a? Array
|
47
|
-
# messages << "HASH(#{details.count})" if details.is_a? Hash
|
48
71
|
|
49
72
|
prefix = build_prefix
|
50
73
|
|
@@ -66,13 +89,5 @@ module Shared
|
|
66
89
|
logger.add severity, messages
|
67
90
|
end
|
68
91
|
|
69
|
-
# def debug_lines lines, prefix = ''
|
70
|
-
# if lines.is_a? Array
|
71
|
-
# logger.debug lines.map{ |line| sprintf(LOG_MESSAGE_ARRAY, prefix, line) }
|
72
|
-
# elsif lines.is_a? Hash
|
73
|
-
# logger.debug lines.map{ |key, value| sprintf(LOG_MESSAGE_HASH, prefix, key, value) }
|
74
|
-
# end
|
75
|
-
# end
|
76
|
-
|
77
92
|
end
|
78
93
|
end
|
data/pushyd.gemspec
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pushyd
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Bruno MEDICI
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-06
|
11
|
+
date: 2016-07-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -215,6 +215,7 @@ files:
|
|
215
215
|
- lib/pushyd/proxy.rb
|
216
216
|
- lib/pushyd/shouter.rb
|
217
217
|
- lib/shared/conf.rb
|
218
|
+
- lib/shared/hmac_signature.rb
|
218
219
|
- lib/shared/logger_formatter.rb
|
219
220
|
- lib/shared/logger_helper.rb
|
220
221
|
- pushyd.gemspec
|