rack-proxy 0.7.4 → 0.7.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 896fa421268e5b014853a876ec69e499e5e48b5befd5c7438ffacd4094ceeb75
4
- data.tar.gz: dfcdf003e020c8590eaaf1dd0a531f0a516b85ece47898261611e5149bd81411
3
+ metadata.gz: 62be6002663408927b7852a394d35481e9fa50f9554bff82c48313d66be49555
4
+ data.tar.gz: fea7d1541cbfe2d06149918b9011459ee283f3d447ef1f64cf7b2ebda9219234
5
5
  SHA512:
6
- metadata.gz: 16d0245d20d2144d34fbbb15f23ba719dd189c8d9e9166caf55c13e3492406a3af9803f76b6ae07b10c1d6700385caf2d41825188554834ef010a90af666250e
7
- data.tar.gz: f477d57ddd81d95f95e700952daf8168d4001098cc458b5aac2599cafc0847923ed25cd0ea6aed711e9bae6461b54a7e826f0d4ea34737a6b440bf961ba21251
6
+ metadata.gz: 95b87f8db0915a3075f22cbf6b0b657b11b363d56e67ab146726887ba251f02e04744f1ff2e7a9f2fde8ed5413ba6f1eaff2ce8e9bc8012a0bb2b435a0014321
7
+ data.tar.gz: 6adfa15976e581125984b3f39f95826c56ec9d5027af966b474cd4e101f9c57b5efb6f17a49620e979107943e40d76ae8775d908ea61e8908af8fbe7e62dd061
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rack-proxy (0.7.4)
4
+ rack-proxy (0.7.6)
5
5
  rack
6
6
 
7
7
  GEM
data/README.md CHANGED
@@ -6,7 +6,7 @@ Installation
6
6
  Add the following to your `Gemfile`:
7
7
 
8
8
  ```
9
- gem 'rack-proxy', '~> 0.7.4'
9
+ gem 'rack-proxy', '~> 0.7.6'
10
10
  ```
11
11
 
12
12
  Or install:
@@ -136,7 +136,7 @@ Test with `require 'rack_proxy_examples/example_service_proxy'`
136
136
  # 1. rails new test_app
137
137
  # 2. cd test_app
138
138
  # 3. install Rack-Proxy in `Gemfile`
139
- # a. `gem 'rack-proxy', '~> 0.7.4'`
139
+ # a. `gem 'rack-proxy', '~> 0.7.6'`
140
140
  # 4. install gem: `bundle install`
141
141
  # 5. create `config/initializers/proxy.rb` adding this line `require 'rack_proxy_examples/example_service_proxy'`
142
142
  # 6. run: `SERVICE_URL=http://guides.rubyonrails.org rails server`
@@ -297,6 +297,35 @@ Add some domain name like `debug.your_app.com` into your local `/etc/hosts` file
297
297
 
298
298
  Next start the proxy and your app. And now you can access to your Spring application through SSL connection via `https://debug.your_app.com` URI in a browser.
299
299
 
300
+ ### Using SSL/TLS certificates with HTTP connection
301
+ This may be helpful, when third-party API has authentication by client TLS certificates and you need to proxy your requests and sign them with certificate.
302
+
303
+ Just specify Rack::Proxy SSL options and your request will use TLS HTTP connection:
304
+ ```ruby
305
+ # config.ru
306
+ . . .
307
+
308
+ cert_raw = File.read('./certs/rootCA.crt')
309
+ key_raw = File.read('./certs/key.pem')
310
+
311
+ cert = OpenSSL::X509::Certificate.new(cert_raw)
312
+ key = OpenSSL::PKey.read(key_raw)
313
+
314
+ use TLSProxy, cert: cert, key: key, use_ssl: true, verify_mode: OpenSSL::SSL::VERIFY_PEER, ssl_version: 'TLSv1_2'
315
+ ```
316
+
317
+ And rewrite host for example:
318
+ ```ruby
319
+ # tls_proxy.rb
320
+ class TLSProxy < Rack::Proxy
321
+ attr_accessor :original_request, :query_params
322
+
323
+ def rewrite_env(env)
324
+ env["HTTP_HOST"] = "client-tls-auth-api.com:443"
325
+ env
326
+ end
327
+ end
328
+ ```
300
329
 
301
330
  WARNING
302
331
  ----
@@ -10,7 +10,7 @@ module Rack
10
10
  304 => true
11
11
  }.freeze
12
12
 
13
- attr_accessor :use_ssl, :verify_mode, :read_timeout, :ssl_version
13
+ attr_accessor :use_ssl, :verify_mode, :read_timeout, :ssl_version, :cert, :key
14
14
 
15
15
  def initialize(request, host, port = nil)
16
16
  @request, @host, @port = request, host, port
@@ -29,9 +29,7 @@ module Rack
29
29
  alias_method :status, :code
30
30
 
31
31
  def headers
32
- Utils::HeaderHash.new.tap do |h|
33
- response.to_hash.each { |k, v| h[k] = v }
34
- end
32
+ Rack::Proxy.build_header_hash(response.to_hash)
35
33
  end
36
34
 
37
35
  # Can be called only once!
@@ -60,7 +58,9 @@ module Rack
60
58
  http.use_ssl = use_ssl
61
59
  http.verify_mode = verify_mode
62
60
  http.read_timeout = read_timeout
63
- http.ssl_version = ssl_version if use_ssl
61
+ http.ssl_version = ssl_version if ssl_version
62
+ http.cert = cert if cert
63
+ http.key = key if key
64
64
  http.start
65
65
  end
66
66
  end
data/lib/rack/proxy.rb CHANGED
@@ -5,7 +5,7 @@ module Rack
5
5
 
6
6
  # Subclass and bring your own #rewrite_request and #rewrite_response
7
7
  class Proxy
8
- VERSION = "0.7.4".freeze
8
+ VERSION = "0.7.6".freeze
9
9
 
10
10
  HOP_BY_HOP_HEADERS = {
11
11
  'connection' => true,
@@ -24,11 +24,7 @@ module Rack
24
24
  !(/^HTTP_[A-Z0-9_\.]+$/ === k) || v.nil?
25
25
  end.map do |k, v|
26
26
  [reconstruct_header_name(k), v]
27
- end.inject(Utils::HeaderHash.new) do |hash, k_v|
28
- k, v = k_v
29
- hash[k] = v
30
- hash
31
- end
27
+ end.then { |pairs| build_header_hash(pairs) }
32
28
 
33
29
  x_forwarded_for = (headers['X-Forwarded-For'].to_s.split(/, +/) << env['REMOTE_ADDR']).join(', ')
34
30
 
@@ -39,7 +35,17 @@ module Rack
39
35
  mapped = headers.map do |k, v|
40
36
  [titleize(k), if v.is_a? Array then v.join("\n") else v end]
41
37
  end
42
- Utils::HeaderHash.new Hash[mapped]
38
+ build_header_hash Hash[mapped]
39
+ end
40
+
41
+ def build_header_hash(pairs)
42
+ if Rack.const_defined?(:Headers)
43
+ # Rack::Headers is only available from Rack 3 onward
44
+ Headers.new.tap { |headers| pairs.each { |k, v| headers[k] = v } }
45
+ else
46
+ # Rack::Utils::HeaderHash is deprecated from Rack 3 onward and is to be removed in 3.1
47
+ Utils::HeaderHash.new(pairs)
48
+ end
43
49
  end
44
50
 
45
51
  protected
@@ -67,6 +73,9 @@ module Rack
67
73
  @backend = opts[:backend] ? URI(opts[:backend]) : nil
68
74
  @read_timeout = opts.fetch(:read_timeout, 60)
69
75
  @ssl_version = opts[:ssl_version]
76
+ @cert = opts[:cert]
77
+ @key = opts[:key]
78
+ @verify_mode = opts[:verify_mode]
70
79
 
71
80
  @username = opts[:username]
72
81
  @password = opts[:password]
@@ -117,7 +126,7 @@ module Rack
117
126
  target_request.basic_auth(@username, @password) if @username && @password
118
127
 
119
128
  backend = env.delete('rack.backend') || @backend || source_request
120
- use_ssl = backend.scheme == "https"
129
+ use_ssl = backend.scheme == "https" || @cert
121
130
  ssl_verify_none = (env.delete('rack.ssl_verify_none') || @ssl_verify_none) == true
122
131
  read_timeout = env.delete('http.read_timeout') || @read_timeout
123
132
 
@@ -127,14 +136,18 @@ module Rack
127
136
  target_response = HttpStreamingResponse.new(target_request, backend.host, backend.port)
128
137
  target_response.use_ssl = use_ssl
129
138
  target_response.read_timeout = read_timeout
130
- target_response.verify_mode = OpenSSL::SSL::VERIFY_NONE if use_ssl && ssl_verify_none
131
139
  target_response.ssl_version = @ssl_version if @ssl_version
140
+ target_response.verify_mode = (@verify_mode || OpenSSL::SSL::VERIFY_NONE) if use_ssl
141
+ target_response.cert = @cert if @cert
142
+ target_response.key = @key if @key
132
143
  else
133
144
  http = Net::HTTP.new(backend.host, backend.port)
134
145
  http.use_ssl = use_ssl if use_ssl
135
146
  http.read_timeout = read_timeout
136
- http.verify_mode = OpenSSL::SSL::VERIFY_NONE if use_ssl && ssl_verify_none
137
147
  http.ssl_version = @ssl_version if @ssl_version
148
+ http.verify_mode = (@verify_mode || OpenSSL::SSL::VERIFY_NONE if use_ssl) if use_ssl
149
+ http.cert = @cert if @cert
150
+ http.key = @key if @key
138
151
 
139
152
  target_response = http.start do
140
153
  http.request(target_request)
@@ -5,7 +5,7 @@
5
5
  # 1. rails new test_app
6
6
  # 2. cd test_app
7
7
  # 3. install Rack-Proxy in `Gemfile`
8
- # a. `gem 'rack-proxy', '~> 0.7.4'`
8
+ # a. `gem 'rack-proxy', '~> 0.7.6'`
9
9
  # 4. install gem: `bundle install`
10
10
  # 5. create `config/initializers/proxy.rb` adding this line `require 'rack_proxy_examples/example_service_proxy'`
11
11
  # 6. run: `SERVICE_URL=http://guides.rubyonrails.org rails server`
@@ -4,7 +4,7 @@ require "rack/http_streaming_response"
4
4
  class HttpStreamingResponseTest < Test::Unit::TestCase
5
5
 
6
6
  def setup
7
- host, req = "mockapi.io", Net::HTTP::Get.new("/")
7
+ host, req = "example.com", Net::HTTP::Get.new("/")
8
8
  @response = Rack::HttpStreamingResponse.new(req, host, 443)
9
9
  @response.use_ssl = true
10
10
  end
@@ -37,7 +37,7 @@ class HttpStreamingResponseTest < Test::Unit::TestCase
37
37
  end
38
38
 
39
39
  def test_to_s
40
- assert_equal @response.headers["Content-Length"].first.to_i, @response.body.to_s.size
40
+ assert_equal @response.headers["Content-Length"].first.to_i, @response.body.to_s.bytesize
41
41
  end
42
42
 
43
43
  def test_to_s_called_twice
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-proxy
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.4
4
+ version: 0.7.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jacek Becela
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-09-13 00:00:00.000000000 Z
11
+ date: 2023-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack