queue_it 1.1.2 → 1.1.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 6e0f8c10dbb05748bd09448b5f6d1421a8b406b7
-  data.tar.gz: e030dafd924558163c7abf88e2e69df608d5bd1d
+SHA256:
+  metadata.gz: c485ac9dd1277900f3ed127d294b5d54afcb27d3d79f80cd7fe54c668079c28f
+  data.tar.gz: 407a76048056f086591bd4fcd3088acb94f94be010f50937b0a645248258d497
 SHA512:
-  metadata.gz: e455106e76f90fc90f8bafb0bb61413ed303d7398d5bdb8ff2421e338d96253bcfcef8e11ec37199fef1e76d9d1de7d174bcc6aef1d7157f926ee30ae974a7de
-  data.tar.gz: e6d104ac4641fd6fd7a5c6af5ec5572a422f93789aa71af0e682de77b02f5a8eb392fbae647a94a3a5d97ca123f219927af494f296b10ce28daff0b2f4eec2f0
+  metadata.gz: 26ccccd935d7770cddfc276e3944be5664362969187b1967db1b9a239bedbd7f69e0f44bb021a8d4c40a826262b7545908ff3606eca47b5347184044e433af4b
+  data.tar.gz: 54df44820c6b12d1a9469f4187f8204dee202f898cf47ef60935aee262ad09fba40cb58937d65f27d6ffe92108adb6ea8371c0d2e5ce05249ee98b852df496d6

data/CHANGELOG.md

@@ -1,3 +1,20 @@
+### 1.1.6 - 2017-03-15
+
+* Now by default, during creation event, we support using redirect urls
+* Added possibility to pass redirect url for queue it
+
+### 1.1.5 - 2016-06-02
+
+* Remove warning about circular argument reference - api_key in Ruby 2.3.1
+
+### 1.1.4 - 2016-04-06
+
+* Solve gem publishing issue - no changes comparing to 1.1.3
+
+### 1.1.3 - 2016-04-06
+
+* do not rely on ActionDispatch::Resuest::Session API that was removed in Rails 4.2
+
 ### 1.1.2 - 2015-05-19
 
 * More time zone mappings.

data/lib/queue_it.rb

@@ -1,5 +1,5 @@
 require "queue_it/version"
-require "queue_it/known_user_checker"
+require "queue_it/extract_queue_number"
 require "queue_it/api/client"
 require "queue_it/api/event"
 

data/lib/queue_it/api/client.rb

@@ -8,9 +8,9 @@ module QueueIt
   module Api
     class Client
       JSON_FORMAT  = "application/json".freeze
-      ENDPOINT_URL = URI("https://api2.queue-it.net/2_0_beta/event").freeze
+      ENDPOINT_URL = URI("https://api2.queue-it.net/2_0/event").freeze
 
-      def initialize(api_key: api_key, debug: false)
+      def initialize(api_key: nil, debug: false)
         self.api_key = api_key
         self.debug   = debug
       end

data/lib/queue_it/api/event.rb

@@ -48,23 +48,23 @@ module QueueIt
       MICROSOFT_TIME_ZONE_INDEX_VALUES = {
         "Europe/Helsinki"   => "FLE Standard Time",
         "Helsinki"          => "FLE Standard Time",
-        
+
         "Europe/London"     => "GMT Standard Time",
         "London"            => "GMT Standard Time",
         "Edinburgh"         => "GMT Standard Time",
-        
+
         "Europe/Dublin"     => "GMT Standard Time",
         "Dublin"            => "GMT Standard Time",
-        
+
         "Europe/Copenhagen" => "Romance Standard Time",
         "Copenhagen"        => "Romance Standard Time",
-        
+
         "Europe/Paris"      => "Romance Standard Time",
         "Paris"             => "Romance Standard Time",
-        
+
         "Europe/Stockholm"  => "W. Europe Standard Time",
         "Stockholm"         => "W. Europe Standard Time",
-        
+
         "Europe/Rome"       => "W. Europe Standard Time",
         "Rome"              => "W. Europe Standard Time",
       }.freeze
@@ -113,7 +113,7 @@ module QueueIt
           "AfterEventRedirectPage"       => "",
           "UseSSL"                       => "Auto",
           "JavaScriptSupportEnabled"     => "False",
-          "TargetUrlSupportEnabled"      => "False",
+          "TargetUrlSupportEnabled"      => "True",
           "SafetyNetMode"                => "Disabled",
           "KnowUserSecurity"             => "MD5Hash",
           "KnowUserSecretKey"            => know_user_secret_key,

data/lib/queue_it/extract_queue_number.rb

@@ -0,0 +1,45 @@
+require 'digest/md5'
+
+module QueueIt
+  class ExtractQueueNumber
+    def call(secret_key:, request_url:, request_params:)
+      encrypted_place_in_queue = request_params['p']
+      expected_hash = request_params['h']
+
+      raise QueueIt::MissingArgsGiven.new if queue_it_params_missing?(request_params)
+
+      if verify_md5_hash?(request_url, expected_hash, secret_key)
+        return decrypted_place_in_queue(encrypted_place_in_queue)
+      else
+        raise QueueIt::NotAuthorized.new
+      end
+    end
+
+    private
+
+    def queue_it_params_missing?(params)
+      queue_id = params['q'] # A QuID, the user’s queue ID
+      encrypted_place_in_queue = params['p'] # A text, an encrypted version of the user’s queue number
+      expected_hash = params['h'] # An integer calculated hash
+      timestamp = params['ts'] # An integer timestamp counting number of seconds since 1970-01-01 00:00:00 UTC
+
+      [queue_id, encrypted_place_in_queue, timestamp, expected_hash].any?(&:nil?)
+    end
+
+    # uses one char of each string at a given starting point
+    # given b852fe78-0d10-4254-823c-f8749c401153 should get 4212870
+    def decrypted_place_in_queue(encrypted_place_in_queue)
+      return encrypted_place_in_queue[ 30..30 ] + encrypted_place_in_queue[ 3..3 ] + encrypted_place_in_queue[ 11..11 ] +
+             encrypted_place_in_queue[ 20..20 ] + encrypted_place_in_queue[ 7..7 ] + encrypted_place_in_queue[ 26..26 ] +
+             encrypted_place_in_queue[ 9..9 ]
+    end
+
+    # TODO add timestamp check
+    def verify_md5_hash?(url, expected_hash, secret_key)
+      url_no_hash = "#{url[ 0..-33 ]}#{secret_key}"
+      actual_hash = Digest::MD5.hexdigest(url_no_hash)
+
+      return (expected_hash == actual_hash)
+    end
+  end
+end

data/lib/queue_it/queueable.rb

@@ -1,14 +1,17 @@
+require 'queue_it/url_builder'
+
 module QueueIt
   module Queueable
     extend ActiveSupport::Concern
 
     included do
-      def protect_with_queue!(known_user_secret_key, event_id, customer_id)
+      def protect_with_queue!(known_user_secret_key, event_id, customer_id, redirect_url: nil)
         create_or_verify_queue_it_session(known_user_secret_key,
                                           event_id,
                                           customer_id,
-                                          request.url,
-                                          params)
+                                          request.original_url,
+                                          params,
+                                          redirect_url)
       end
 
       def queue_it_queue_id(event_id)
@@ -17,7 +20,9 @@ module QueueIt
 
       def destroy_all_queue_it_sessions
         session_variable_prefix = queue_it_session_variable("")
-        session.reject!{ |session_key| session_key.start_with?(session_variable_prefix) }
+        session.keys.select{ |session_key| session_key.start_with?(session_variable_prefix) }.each do |key|
+          session.delete(key)
+        end
       end
 
       def destroy_queue_it_session(event_id)
@@ -30,13 +35,16 @@ module QueueIt
 
     private
 
-      def create_or_verify_queue_it_session(secret_key, event_id, customer_id, request_url, params)
+      def create_or_verify_queue_it_session(secret_key, event_id, customer_id, request_url, params, current_tickets_url)
         # If there exists a session, we return. This needs to be refactored when we start to look at the timestamp parameter
         return if session[queue_it_session_variable(event_id)].present?
 
         begin
-          user_checker                                 = QueueIt::KnownUserChecker.new(secret_key, event_id, customer_id)
-          session[queue_it_session_variable(event_id)] = user_checker.create_or_verify_queue_it_session!(request_url, params)
+          queue_number = QueueIt::ExtractQueueNumber.new.(
+            secret_key: secret_key,
+            request_url: request_url,
+            request_params: params)
+          session[queue_it_session_variable(event_id)] = queue_number
 
           # If the request URL contains queue_it params we remove them and redirect
           # this is done to mask the params we use to create and verify the queue_it session
@@ -44,7 +52,7 @@ module QueueIt
             redirect_to QueueIt::UrlBuilder.clean_url(request_url) and return
           end
         rescue QueueIt::MissingArgsGiven
-          queue_url = QueueIt::UrlBuilder.build_queue_url(customer_id, event_id)
+          queue_url = QueueIt::UrlBuilder.build_queue_url(customer_id, event_id, current_tickets_url)
           destroy_all_queue_it_sessions
           render("queue_it/enter_queue", layout: false, locals: { queue_it_url: queue_url }) and return
         rescue QueueIt::NotAuthorized
@@ -53,8 +61,6 @@ module QueueIt
           render("queue_it/cheating_queue", layout: false, locals: { queue_it_url: queue_cancel_url }) and return
         end
       end
-
     end
-
   end
 end

data/lib/queue_it/url_builder.rb

@@ -2,8 +2,8 @@ require 'addressable/uri'
 
 module QueueIt
   class UrlBuilder
-    def self.build_queue_url(customer_id, event_id)
-      "http://q.queue-it.net/?c=#{customer_id}&e=#{event_id}"
+    def self.build_queue_url(customer_id, event_id, redirect_url)
+      "http://q.queue-it.net/?c=#{customer_id}&e=#{event_id}&t=#{CGI.escape(redirect_url)}"
     end
 
     def self.build_cancel_url(customer_id, event_id, queue_id = nil)

data/lib/queue_it/version.rb

@@ -1,3 +1,3 @@
 module QueueIt
-  VERSION = "1.1.2"
+  VERSION = "1.1.8"
 end

data/queue_it.gemspec

@@ -19,8 +19,8 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_runtime_dependency "addressable", "~> 2.3"
-  spec.add_runtime_dependency "faraday", "~> 0.9"
-  spec.add_runtime_dependency "faraday_middleware", "~> 0.9"
+  spec.add_runtime_dependency "faraday", "<= 2.0", ">= 0.9"
+  spec.add_runtime_dependency "faraday_middleware", "<= 2.0", ">= 0.9"
 
   spec.add_development_dependency "bundler", "~> 1.3"
   spec.add_development_dependency "rspec", "~> 3.2"

data/spec/queue_it/api/event_spec.rb

@@ -113,7 +113,7 @@ module QueueIt
 
           body = JSON.generate(valid_create_body)
 
-          stub = stub_request(:put, "https://api2.queue-it.net/2_0_beta/event/fancyevent")
+          stub = stub_request(:put, "https://api2.queue-it.net/2_0/event/fancyevent")
             .with(body: body, headers: headers)
 
           event_adapter.create_or_update(event_id:                         event_id,
@@ -148,7 +148,7 @@ module QueueIt
             "AfterEventRedirectPage"       => "",
             "UseSSL"                       => "Auto",
             "JavaScriptSupportEnabled"     => "False",
-            "TargetUrlSupportEnabled"      => "False",
+            "TargetUrlSupportEnabled"      => "True",
             "SafetyNetMode"                => "Disabled",
             "KnowUserSecurity"             => "MD5Hash",
             "KnowUserSecretKey"            => know_user_secret_key,
@@ -171,7 +171,7 @@ module QueueIt
         specify "Proper speed value is set" do
           body = { "MaxRedirectsPerMinute" => "15" }
 
-          stub = stub_request(:put, "https://api2.queue-it.net/2_0_beta/event/fancyevent/queue/speed")
+          stub = stub_request(:put, "https://api2.queue-it.net/2_0/event/fancyevent/queue/speed")
             .with(body: body, headers: headers)
 
           event_adapter.set_speed(event_id: event_id, max_redirects_per_minute: max_redirects_per_minute)
@@ -182,7 +182,7 @@ module QueueIt
         specify "Speed must be greater than 5 so we send at least 5" do
           expected_body = { "MaxRedirectsPerMinute" => "5" }
 
-          stub = stub_request(:put, "https://api2.queue-it.net/2_0_beta/event/fancyevent/queue/speed")
+          stub = stub_request(:put, "https://api2.queue-it.net/2_0/event/fancyevent/queue/speed")
             .with(body: expected_body, headers: headers)
 
           event_adapter.set_speed(event_id: event_id, max_redirects_per_minute: 1)

data/spec/queue_it/extract_queue_number_spec.rb

@@ -0,0 +1,62 @@
+require 'queue_it'
+
+module QueueIt
+  RSpec.describe ExtractQueueNumber do
+    let(:secret_key) { "1c9950a7-f716-432e-b5fa-b148d00480db" }
+    let(:service) { ExtractQueueNumber.new }
+
+    specify "happy path" do
+      url = "https://example.com/some/path?q=2647344b-e639-4cd6-8a77-3a8801553716&p=053eeb2c-b272-41a2-aacf-2742bc99676c&ts=1489367379&c=examplecompany&e=someeventid42&rt=Queue&h=bbaf9807496ecb687c85bfcc1a8369e1"
+
+      result = service.(
+        secret_key: secret_key,
+        request_url: url,
+        request_params: parse_params(url))
+      expect(result).not_to be_empty
+    end
+
+    specify do
+      url = "https://example.com/some/path"
+
+      expect do
+        service.(secret_key: secret_key, request_url: url, request_params: {})
+      end.to raise_error(MissingArgsGiven)
+    end
+
+    specify "queue id param is required" do
+      url = "https://example.com/some/path?p=053eeb2c-b272-41a2-aacf-2742bc99676c&ts=1489367379&c=examplecompany&e=someeventid42&rt=Queue&h=bbaf9807496ecb687c85bfcc1a8369e1"
+
+      expect do
+        service.(secret_key: secret_key, request_url: url, request_params: parse_params(url))
+      end.to raise_error(MissingArgsGiven)
+    end
+
+    specify "timestamp param is required" do
+      url = "https://example.com/some/path?q=2647344b-e639-4cd6-8a77-3a8801553716&p=053eeb2c-b272-41a2-aacf-2742bc99676c&c=examplecompany&e=someeventid42&rt=Queue&h=bbaf9807496ecb687c85bfcc1a8369e1"
+
+      expect do
+        service.(secret_key: secret_key, request_url: url, request_params: parse_params(url))
+      end.to raise_error(MissingArgsGiven)
+    end
+
+    specify "encrypted place in queue param is required" do
+      url = "https://example.com/some/path?q=2647344b-e639-4cd6-8a77-3a8801553716&ts=1489367379&c=examplecompany&e=someeventid42&rt=Queue&h=bbaf9807496ecb687c85bfcc1a8369e1"
+
+      expect do
+        service.(secret_key: secret_key, request_url: url, request_params: parse_params(url))
+      end.to raise_error(MissingArgsGiven)
+    end
+
+    specify "hash is required" do
+      url = "https://example.com/some/path?q=2647345b-e639-4cd6-8a77-3a8801553716&p=053eeb2c-b272-41a2-aacf-2742bc99676c&ts=1489367379&c=examplecompany&e=someeventid42&rt=Queue"
+
+      expect do
+        service.(secret_key: secret_key, request_url: url, request_params: parse_params(url))
+      end.to raise_error(MissingArgsGiven)
+    end
+
+    def parse_params(url)
+      CGI.parse(URI.parse(url).query).each_with_object({}) {|(k,v),o| o[k] = v.first }
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: queue_it
 version: !ruby/object:Gem::Version
-  version: 1.1.2
+  version: 1.1.8
 platform: ruby
 authors:
 - Billetto
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-19 00:00:00.000000000 Z
+date: 2020-09-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -28,30 +28,42 @@ dependencies:
   name: faraday
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.9'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.9'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: faraday_middleware
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.9'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.9'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -114,7 +126,7 @@ files:
 - lib/queue_it/api/client.rb
 - lib/queue_it/api/error.rb
 - lib/queue_it/api/event.rb
-- lib/queue_it/known_user_checker.rb
+- lib/queue_it/extract_queue_number.rb
 - lib/queue_it/queueable.rb
 - lib/queue_it/railtie.rb
 - lib/queue_it/url_builder.rb
@@ -122,6 +134,7 @@ files:
 - queue_it.gemspec
 - spec/queue_it/api/client_spec.rb
 - spec/queue_it/api/event_spec.rb
+- spec/queue_it/extract_queue_number_spec.rb
 homepage: https://github.com/gfish/queue_it
 licenses:
 - GNU/GPLv3
@@ -141,11 +154,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Gem to handle the implementation of http://queue-it.net
 test_files:
 - spec/queue_it/api/client_spec.rb
 - spec/queue_it/api/event_spec.rb
+- spec/queue_it/extract_queue_number_spec.rb

data/lib/queue_it/known_user_checker.rb

@@ -1,60 +0,0 @@
-require 'digest/md5'
-require "queue_it/url_builder"
-
-module QueueIt
-  class KnownUserChecker
-
-    attr_accessor :shared_event_key, :event_id, :customer_id
-
-    def initialize(shared_event_key, event_id, customer_id)
-      self.shared_event_key = shared_event_key
-      self.event_id         = event_id
-      self.customer_id      = customer_id
-    end
-
-    # This is bound to Rails!
-    def create_or_verify_queue_it_session!(url, params)
-      queue_id                  = params['q' ] # A QuID, the user’s queue ID
-      encrypted_place_in_queue  = params['p' ] # A text, an encrypted version of the user’s queue number
-      expected_hash             = params['h' ] # An integer calculated hash
-      timestamp                 = params['ts'] # An integer timestamp counting number of seconds since 1970-01-01 00:00:00 UTC
-
-      verify_request!(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
-    end
-
-    def verify_request!(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
-      if verify_md5_hash?(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
-        decrypted_place_in_queue(encrypted_place_in_queue)
-      else
-        raise QueueIt::NotAuthorized.new
-      end
-    end
-
-  private
-
-    # uses one char of each string at a given starting point
-    # given b852fe78-0d10-4254-823c-f8749c401153 should get 4212870
-    def decrypted_place_in_queue(encrypted_place_in_queue)
-      return encrypted_place_in_queue[ 30..30 ] + encrypted_place_in_queue[ 3..3 ] + encrypted_place_in_queue[ 11..11 ] +
-             encrypted_place_in_queue[ 20..20 ] + encrypted_place_in_queue[ 7..7 ] + encrypted_place_in_queue[ 26..26 ] +
-             encrypted_place_in_queue[ 9..9 ]
-    end
-
-    # TODO add timestamp check
-    def verify_md5_hash?(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
-      raise QueueIt::MissingArgsGiven.new if [ url, queue_id, encrypted_place_in_queue, timestamp, expected_hash ].any?( &:nil? )
-
-      url_no_hash = "#{ url[ 0..-33 ] }#{ shared_event_key }" # Remove hash value and add SharedEventKey
-      actual_hash = Digest::MD5.hexdigest( utf8_encode( url_no_hash ) )
-
-      return false unless expected_hash == actual_hash
-      true
-    end
-
-    def utf8_encode(s)
-      s.encode('UTF-8', 'UTF-8')
-      s
-    end
-
-  end
-end