queue_it 1.1.5 → 1.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: dc03e572dc3b9709897e704c40dd3d9d42d2e84a
4
- data.tar.gz: e82516ec9b5e40598d9dfa7974ba4ad89f38a368
3
+ metadata.gz: 587c18b540a06d28dee61fffa7ad6edba32dbd61
4
+ data.tar.gz: a658b21277dac5846d7d65a211f38a92e890d115
5
5
  SHA512:
6
- metadata.gz: 4142292b609ba1481f2007bc5de6caad7b031b20c86fd806fba92eb91087063e23e8790d916dcd7c1ca1b181074fe1904088b414e708424fcf106253f3fb56bb
7
- data.tar.gz: 6fe22aacde3bb74c7cea4de2ef7f8d23d1a1b81c8dee485b3c2c5af88d95b2a3cb7050081a845cb3d1afba5bf9374b782f5a97655a4574d6af72f0b390cc044d
6
+ metadata.gz: b1c61dc1c06bcd8856d390a97153146bc4e9cffd03a9715b7cee7c0c7dec9cf1d734094df2eb149dfcb0375e020f54454d758401faac2fab8df18bbe4116440d
7
+ data.tar.gz: 60251cb3097573560e11d35af2d6499d7b9546f7712154c4b9ea3aa765bb3b6dfab9fc3c387919193c69fda24f6a0ae8ea339a066f294c2825e891190b857de6
@@ -1,3 +1,8 @@
1
+ ### 1.1.6 - 2017-03-15
2
+
3
+ * Now by default, during creation event, we support using redirect urls
4
+ * Added possibility to pass redirect url for queue it
5
+
1
6
  ### 1.1.5 - 2016-06-02
2
7
 
3
8
  * Remove warning about circular argument reference - api_key in Ruby 2.3.1
@@ -1,5 +1,5 @@
1
1
  require "queue_it/version"
2
- require "queue_it/known_user_checker"
2
+ require "queue_it/extract_queue_number"
3
3
  require "queue_it/api/client"
4
4
  require "queue_it/api/event"
5
5
 
@@ -48,23 +48,23 @@ module QueueIt
48
48
  MICROSOFT_TIME_ZONE_INDEX_VALUES = {
49
49
  "Europe/Helsinki" => "FLE Standard Time",
50
50
  "Helsinki" => "FLE Standard Time",
51
-
51
+
52
52
  "Europe/London" => "GMT Standard Time",
53
53
  "London" => "GMT Standard Time",
54
54
  "Edinburgh" => "GMT Standard Time",
55
-
55
+
56
56
  "Europe/Dublin" => "GMT Standard Time",
57
57
  "Dublin" => "GMT Standard Time",
58
-
58
+
59
59
  "Europe/Copenhagen" => "Romance Standard Time",
60
60
  "Copenhagen" => "Romance Standard Time",
61
-
61
+
62
62
  "Europe/Paris" => "Romance Standard Time",
63
63
  "Paris" => "Romance Standard Time",
64
-
64
+
65
65
  "Europe/Stockholm" => "W. Europe Standard Time",
66
66
  "Stockholm" => "W. Europe Standard Time",
67
-
67
+
68
68
  "Europe/Rome" => "W. Europe Standard Time",
69
69
  "Rome" => "W. Europe Standard Time",
70
70
  }.freeze
@@ -113,7 +113,7 @@ module QueueIt
113
113
  "AfterEventRedirectPage" => "",
114
114
  "UseSSL" => "Auto",
115
115
  "JavaScriptSupportEnabled" => "False",
116
- "TargetUrlSupportEnabled" => "False",
116
+ "TargetUrlSupportEnabled" => "True",
117
117
  "SafetyNetMode" => "Disabled",
118
118
  "KnowUserSecurity" => "MD5Hash",
119
119
  "KnowUserSecretKey" => know_user_secret_key,
@@ -0,0 +1,45 @@
1
+ require 'digest/md5'
2
+
3
+ module QueueIt
4
+ class ExtractQueueNumber
5
+ def call(secret_key:, request_url:, request_params:)
6
+ encrypted_place_in_queue = request_params['p']
7
+ expected_hash = request_params['h']
8
+
9
+ raise QueueIt::MissingArgsGiven.new if queue_it_params_missing?(request_params)
10
+
11
+ if verify_md5_hash?(request_url, expected_hash, secret_key)
12
+ return decrypted_place_in_queue(encrypted_place_in_queue)
13
+ else
14
+ raise QueueIt::NotAuthorized.new
15
+ end
16
+ end
17
+
18
+ private
19
+
20
+ def queue_it_params_missing?(params)
21
+ queue_id = params['q'] # A QuID, the user’s queue ID
22
+ encrypted_place_in_queue = params['p'] # A text, an encrypted version of the user’s queue number
23
+ expected_hash = params['h'] # An integer calculated hash
24
+ timestamp = params['ts'] # An integer timestamp counting number of seconds since 1970-01-01 00:00:00 UTC
25
+
26
+ [queue_id, encrypted_place_in_queue, timestamp, expected_hash].any?(&:nil?)
27
+ end
28
+
29
+ # uses one char of each string at a given starting point
30
+ # given b852fe78-0d10-4254-823c-f8749c401153 should get 4212870
31
+ def decrypted_place_in_queue(encrypted_place_in_queue)
32
+ return encrypted_place_in_queue[ 30..30 ] + encrypted_place_in_queue[ 3..3 ] + encrypted_place_in_queue[ 11..11 ] +
33
+ encrypted_place_in_queue[ 20..20 ] + encrypted_place_in_queue[ 7..7 ] + encrypted_place_in_queue[ 26..26 ] +
34
+ encrypted_place_in_queue[ 9..9 ]
35
+ end
36
+
37
+ # TODO add timestamp check
38
+ def verify_md5_hash?(url, expected_hash, secret_key)
39
+ url_no_hash = "#{url[ 0..-33 ]}#{secret_key}"
40
+ actual_hash = Digest::MD5.hexdigest(url_no_hash)
41
+
42
+ return (expected_hash == actual_hash)
43
+ end
44
+ end
45
+ end
@@ -1,14 +1,17 @@
1
+ require 'queue_it/url_builder'
2
+
1
3
  module QueueIt
2
4
  module Queueable
3
5
  extend ActiveSupport::Concern
4
6
 
5
7
  included do
6
- def protect_with_queue!(known_user_secret_key, event_id, customer_id)
8
+ def protect_with_queue!(known_user_secret_key, event_id, customer_id, redirect_url: nil)
7
9
  create_or_verify_queue_it_session(known_user_secret_key,
8
10
  event_id,
9
11
  customer_id,
10
- request.url,
11
- params)
12
+ request.original_url,
13
+ params,
14
+ redirect_url)
12
15
  end
13
16
 
14
17
  def queue_it_queue_id(event_id)
@@ -32,13 +35,16 @@ module QueueIt
32
35
 
33
36
  private
34
37
 
35
- def create_or_verify_queue_it_session(secret_key, event_id, customer_id, request_url, params)
38
+ def create_or_verify_queue_it_session(secret_key, event_id, customer_id, request_url, params, current_tickets_url)
36
39
  # If there exists a session, we return. This needs to be refactored when we start to look at the timestamp parameter
37
40
  return if session[queue_it_session_variable(event_id)].present?
38
41
 
39
42
  begin
40
- user_checker = QueueIt::KnownUserChecker.new(secret_key, event_id, customer_id)
41
- session[queue_it_session_variable(event_id)] = user_checker.create_or_verify_queue_it_session!(request_url, params)
43
+ queue_number = QueueIt::ExtractQueueNumber.new.(
44
+ secret_key: secret_key,
45
+ request_url: request_url,
46
+ request_params: params)
47
+ session[queue_it_session_variable(event_id)] = queue_number
42
48
 
43
49
  # If the request URL contains queue_it params we remove them and redirect
44
50
  # this is done to mask the params we use to create and verify the queue_it session
@@ -46,7 +52,7 @@ module QueueIt
46
52
  redirect_to QueueIt::UrlBuilder.clean_url(request_url) and return
47
53
  end
48
54
  rescue QueueIt::MissingArgsGiven
49
- queue_url = QueueIt::UrlBuilder.build_queue_url(customer_id, event_id)
55
+ queue_url = QueueIt::UrlBuilder.build_queue_url(customer_id, event_id, current_tickets_url)
50
56
  destroy_all_queue_it_sessions
51
57
  render("queue_it/enter_queue", layout: false, locals: { queue_it_url: queue_url }) and return
52
58
  rescue QueueIt::NotAuthorized
@@ -55,8 +61,6 @@ module QueueIt
55
61
  render("queue_it/cheating_queue", layout: false, locals: { queue_it_url: queue_cancel_url }) and return
56
62
  end
57
63
  end
58
-
59
64
  end
60
-
61
65
  end
62
66
  end
@@ -2,8 +2,8 @@ require 'addressable/uri'
2
2
 
3
3
  module QueueIt
4
4
  class UrlBuilder
5
- def self.build_queue_url(customer_id, event_id)
6
- "http://q.queue-it.net/?c=#{customer_id}&e=#{event_id}"
5
+ def self.build_queue_url(customer_id, event_id, redirect_url)
6
+ "http://q.queue-it.net/?c=#{customer_id}&e=#{event_id}&t=#{CGI.escape(redirect_url)}"
7
7
  end
8
8
 
9
9
  def self.build_cancel_url(customer_id, event_id, queue_id = nil)
@@ -1,3 +1,3 @@
1
1
  module QueueIt
2
- VERSION = "1.1.5"
2
+ VERSION = "1.1.6"
3
3
  end
@@ -148,7 +148,7 @@ module QueueIt
148
148
  "AfterEventRedirectPage" => "",
149
149
  "UseSSL" => "Auto",
150
150
  "JavaScriptSupportEnabled" => "False",
151
- "TargetUrlSupportEnabled" => "False",
151
+ "TargetUrlSupportEnabled" => "True",
152
152
  "SafetyNetMode" => "Disabled",
153
153
  "KnowUserSecurity" => "MD5Hash",
154
154
  "KnowUserSecretKey" => know_user_secret_key,
@@ -0,0 +1,62 @@
1
+ require 'queue_it'
2
+
3
+ module QueueIt
4
+ RSpec.describe ExtractQueueNumber do
5
+ let(:secret_key) { "1c9950a7-f716-432e-b5fa-b148d00480db" }
6
+ let(:service) { ExtractQueueNumber.new }
7
+
8
+ specify "happy path" do
9
+ url = "https://example.com/some/path?q=2647344b-e639-4cd6-8a77-3a8801553716&p=053eeb2c-b272-41a2-aacf-2742bc99676c&ts=1489367379&c=examplecompany&e=someeventid42&rt=Queue&h=bbaf9807496ecb687c85bfcc1a8369e1"
10
+
11
+ result = service.(
12
+ secret_key: secret_key,
13
+ request_url: url,
14
+ request_params: parse_params(url))
15
+ expect(result).not_to be_empty
16
+ end
17
+
18
+ specify do
19
+ url = "https://example.com/some/path"
20
+
21
+ expect do
22
+ service.(secret_key: secret_key, request_url: url, request_params: {})
23
+ end.to raise_error(MissingArgsGiven)
24
+ end
25
+
26
+ specify "queue id param is required" do
27
+ url = "https://example.com/some/path?p=053eeb2c-b272-41a2-aacf-2742bc99676c&ts=1489367379&c=examplecompany&e=someeventid42&rt=Queue&h=bbaf9807496ecb687c85bfcc1a8369e1"
28
+
29
+ expect do
30
+ service.(secret_key: secret_key, request_url: url, request_params: parse_params(url))
31
+ end.to raise_error(MissingArgsGiven)
32
+ end
33
+
34
+ specify "timestamp param is required" do
35
+ url = "https://example.com/some/path?q=2647344b-e639-4cd6-8a77-3a8801553716&p=053eeb2c-b272-41a2-aacf-2742bc99676c&c=examplecompany&e=someeventid42&rt=Queue&h=bbaf9807496ecb687c85bfcc1a8369e1"
36
+
37
+ expect do
38
+ service.(secret_key: secret_key, request_url: url, request_params: parse_params(url))
39
+ end.to raise_error(MissingArgsGiven)
40
+ end
41
+
42
+ specify "encrypted place in queue param is required" do
43
+ url = "https://example.com/some/path?q=2647344b-e639-4cd6-8a77-3a8801553716&ts=1489367379&c=examplecompany&e=someeventid42&rt=Queue&h=bbaf9807496ecb687c85bfcc1a8369e1"
44
+
45
+ expect do
46
+ service.(secret_key: secret_key, request_url: url, request_params: parse_params(url))
47
+ end.to raise_error(MissingArgsGiven)
48
+ end
49
+
50
+ specify "hash is required" do
51
+ url = "https://example.com/some/path?q=2647345b-e639-4cd6-8a77-3a8801553716&p=053eeb2c-b272-41a2-aacf-2742bc99676c&ts=1489367379&c=examplecompany&e=someeventid42&rt=Queue"
52
+
53
+ expect do
54
+ service.(secret_key: secret_key, request_url: url, request_params: parse_params(url))
55
+ end.to raise_error(MissingArgsGiven)
56
+ end
57
+
58
+ def parse_params(url)
59
+ CGI.parse(URI.parse(url).query).each_with_object({}) {|(k,v),o| o[k] = v.first }
60
+ end
61
+ end
62
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: queue_it
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.5
4
+ version: 1.1.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Billetto
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-06-02 00:00:00.000000000 Z
11
+ date: 2017-03-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: addressable
@@ -114,7 +114,7 @@ files:
114
114
  - lib/queue_it/api/client.rb
115
115
  - lib/queue_it/api/error.rb
116
116
  - lib/queue_it/api/event.rb
117
- - lib/queue_it/known_user_checker.rb
117
+ - lib/queue_it/extract_queue_number.rb
118
118
  - lib/queue_it/queueable.rb
119
119
  - lib/queue_it/railtie.rb
120
120
  - lib/queue_it/url_builder.rb
@@ -122,6 +122,7 @@ files:
122
122
  - queue_it.gemspec
123
123
  - spec/queue_it/api/client_spec.rb
124
124
  - spec/queue_it/api/event_spec.rb
125
+ - spec/queue_it/extract_queue_number_spec.rb
125
126
  homepage: https://github.com/gfish/queue_it
126
127
  licenses:
127
128
  - GNU/GPLv3
@@ -142,10 +143,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
142
143
  version: '0'
143
144
  requirements: []
144
145
  rubyforge_project:
145
- rubygems_version: 2.4.5
146
+ rubygems_version: 2.5.1
146
147
  signing_key:
147
148
  specification_version: 4
148
149
  summary: Gem to handle the implementation of http://queue-it.net
149
150
  test_files:
150
151
  - spec/queue_it/api/client_spec.rb
151
152
  - spec/queue_it/api/event_spec.rb
153
+ - spec/queue_it/extract_queue_number_spec.rb
@@ -1,60 +0,0 @@
1
- require 'digest/md5'
2
- require "queue_it/url_builder"
3
-
4
- module QueueIt
5
- class KnownUserChecker
6
-
7
- attr_accessor :shared_event_key, :event_id, :customer_id
8
-
9
- def initialize(shared_event_key, event_id, customer_id)
10
- self.shared_event_key = shared_event_key
11
- self.event_id = event_id
12
- self.customer_id = customer_id
13
- end
14
-
15
- # This is bound to Rails!
16
- def create_or_verify_queue_it_session!(url, params)
17
- queue_id = params['q' ] # A QuID, the user’s queue ID
18
- encrypted_place_in_queue = params['p' ] # A text, an encrypted version of the user’s queue number
19
- expected_hash = params['h' ] # An integer calculated hash
20
- timestamp = params['ts'] # An integer timestamp counting number of seconds since 1970-01-01 00:00:00 UTC
21
-
22
- verify_request!(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
23
- end
24
-
25
- def verify_request!(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
26
- if verify_md5_hash?(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
27
- decrypted_place_in_queue(encrypted_place_in_queue)
28
- else
29
- raise QueueIt::NotAuthorized.new
30
- end
31
- end
32
-
33
- private
34
-
35
- # uses one char of each string at a given starting point
36
- # given b852fe78-0d10-4254-823c-f8749c401153 should get 4212870
37
- def decrypted_place_in_queue(encrypted_place_in_queue)
38
- return encrypted_place_in_queue[ 30..30 ] + encrypted_place_in_queue[ 3..3 ] + encrypted_place_in_queue[ 11..11 ] +
39
- encrypted_place_in_queue[ 20..20 ] + encrypted_place_in_queue[ 7..7 ] + encrypted_place_in_queue[ 26..26 ] +
40
- encrypted_place_in_queue[ 9..9 ]
41
- end
42
-
43
- # TODO add timestamp check
44
- def verify_md5_hash?(url, queue_id, encrypted_place_in_queue, expected_hash, timestamp)
45
- raise QueueIt::MissingArgsGiven.new if [ url, queue_id, encrypted_place_in_queue, timestamp, expected_hash ].any?( &:nil? )
46
-
47
- url_no_hash = "#{ url[ 0..-33 ] }#{ shared_event_key }" # Remove hash value and add SharedEventKey
48
- actual_hash = Digest::MD5.hexdigest( utf8_encode( url_no_hash ) )
49
-
50
- return false unless expected_hash == actual_hash
51
- true
52
- end
53
-
54
- def utf8_encode(s)
55
- s.encode('UTF-8', 'UTF-8')
56
- s
57
- end
58
-
59
- end
60
- end