rack-proxy 0.7.5 → 0.7.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +31 -2
- data/lib/rack/http_streaming_response.rb +4 -2
- data/lib/rack/proxy.rb +11 -4
- data/lib/rack_proxy_examples/example_service_proxy.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 62be6002663408927b7852a394d35481e9fa50f9554bff82c48313d66be49555
|
|
4
|
+
data.tar.gz: fea7d1541cbfe2d06149918b9011459ee283f3d447ef1f64cf7b2ebda9219234
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 95b87f8db0915a3075f22cbf6b0b657b11b363d56e67ab146726887ba251f02e04744f1ff2e7a9f2fde8ed5413ba6f1eaff2ce8e9bc8012a0bb2b435a0014321
|
|
7
|
+
data.tar.gz: 6adfa15976e581125984b3f39f95826c56ec9d5027af966b474cd4e101f9c57b5efb6f17a49620e979107943e40d76ae8775d908ea61e8908af8fbe7e62dd061
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -6,7 +6,7 @@ Installation
|
|
|
6
6
|
Add the following to your `Gemfile`:
|
|
7
7
|
|
|
8
8
|
```
|
|
9
|
-
gem 'rack-proxy', '~> 0.7.
|
|
9
|
+
gem 'rack-proxy', '~> 0.7.6'
|
|
10
10
|
```
|
|
11
11
|
|
|
12
12
|
Or install:
|
|
@@ -136,7 +136,7 @@ Test with `require 'rack_proxy_examples/example_service_proxy'`
|
|
|
136
136
|
# 1. rails new test_app
|
|
137
137
|
# 2. cd test_app
|
|
138
138
|
# 3. install Rack-Proxy in `Gemfile`
|
|
139
|
-
# a. `gem 'rack-proxy', '~> 0.7.
|
|
139
|
+
# a. `gem 'rack-proxy', '~> 0.7.6'`
|
|
140
140
|
# 4. install gem: `bundle install`
|
|
141
141
|
# 5. create `config/initializers/proxy.rb` adding this line `require 'rack_proxy_examples/example_service_proxy'`
|
|
142
142
|
# 6. run: `SERVICE_URL=http://guides.rubyonrails.org rails server`
|
|
@@ -297,6 +297,35 @@ Add some domain name like `debug.your_app.com` into your local `/etc/hosts` file
|
|
|
297
297
|
|
|
298
298
|
Next start the proxy and your app. And now you can access to your Spring application through SSL connection via `https://debug.your_app.com` URI in a browser.
|
|
299
299
|
|
|
300
|
+
### Using SSL/TLS certificates with HTTP connection
|
|
301
|
+
This may be helpful, when third-party API has authentication by client TLS certificates and you need to proxy your requests and sign them with certificate.
|
|
302
|
+
|
|
303
|
+
Just specify Rack::Proxy SSL options and your request will use TLS HTTP connection:
|
|
304
|
+
```ruby
|
|
305
|
+
# config.ru
|
|
306
|
+
. . .
|
|
307
|
+
|
|
308
|
+
cert_raw = File.read('./certs/rootCA.crt')
|
|
309
|
+
key_raw = File.read('./certs/key.pem')
|
|
310
|
+
|
|
311
|
+
cert = OpenSSL::X509::Certificate.new(cert_raw)
|
|
312
|
+
key = OpenSSL::PKey.read(key_raw)
|
|
313
|
+
|
|
314
|
+
use TLSProxy, cert: cert, key: key, use_ssl: true, verify_mode: OpenSSL::SSL::VERIFY_PEER, ssl_version: 'TLSv1_2'
|
|
315
|
+
```
|
|
316
|
+
|
|
317
|
+
And rewrite host for example:
|
|
318
|
+
```ruby
|
|
319
|
+
# tls_proxy.rb
|
|
320
|
+
class TLSProxy < Rack::Proxy
|
|
321
|
+
attr_accessor :original_request, :query_params
|
|
322
|
+
|
|
323
|
+
def rewrite_env(env)
|
|
324
|
+
env["HTTP_HOST"] = "client-tls-auth-api.com:443"
|
|
325
|
+
env
|
|
326
|
+
end
|
|
327
|
+
end
|
|
328
|
+
```
|
|
300
329
|
|
|
301
330
|
WARNING
|
|
302
331
|
----
|
|
@@ -10,7 +10,7 @@ module Rack
|
|
|
10
10
|
304 => true
|
|
11
11
|
}.freeze
|
|
12
12
|
|
|
13
|
-
attr_accessor :use_ssl, :verify_mode, :read_timeout, :ssl_version
|
|
13
|
+
attr_accessor :use_ssl, :verify_mode, :read_timeout, :ssl_version, :cert, :key
|
|
14
14
|
|
|
15
15
|
def initialize(request, host, port = nil)
|
|
16
16
|
@request, @host, @port = request, host, port
|
|
@@ -58,7 +58,9 @@ module Rack
|
|
|
58
58
|
http.use_ssl = use_ssl
|
|
59
59
|
http.verify_mode = verify_mode
|
|
60
60
|
http.read_timeout = read_timeout
|
|
61
|
-
http.ssl_version = ssl_version if
|
|
61
|
+
http.ssl_version = ssl_version if ssl_version
|
|
62
|
+
http.cert = cert if cert
|
|
63
|
+
http.key = key if key
|
|
62
64
|
http.start
|
|
63
65
|
end
|
|
64
66
|
end
|
data/lib/rack/proxy.rb
CHANGED
|
@@ -5,7 +5,7 @@ module Rack
|
|
|
5
5
|
|
|
6
6
|
# Subclass and bring your own #rewrite_request and #rewrite_response
|
|
7
7
|
class Proxy
|
|
8
|
-
VERSION = "0.7.
|
|
8
|
+
VERSION = "0.7.6".freeze
|
|
9
9
|
|
|
10
10
|
HOP_BY_HOP_HEADERS = {
|
|
11
11
|
'connection' => true,
|
|
@@ -73,6 +73,9 @@ module Rack
|
|
|
73
73
|
@backend = opts[:backend] ? URI(opts[:backend]) : nil
|
|
74
74
|
@read_timeout = opts.fetch(:read_timeout, 60)
|
|
75
75
|
@ssl_version = opts[:ssl_version]
|
|
76
|
+
@cert = opts[:cert]
|
|
77
|
+
@key = opts[:key]
|
|
78
|
+
@verify_mode = opts[:verify_mode]
|
|
76
79
|
|
|
77
80
|
@username = opts[:username]
|
|
78
81
|
@password = opts[:password]
|
|
@@ -123,7 +126,7 @@ module Rack
|
|
|
123
126
|
target_request.basic_auth(@username, @password) if @username && @password
|
|
124
127
|
|
|
125
128
|
backend = env.delete('rack.backend') || @backend || source_request
|
|
126
|
-
use_ssl = backend.scheme == "https"
|
|
129
|
+
use_ssl = backend.scheme == "https" || @cert
|
|
127
130
|
ssl_verify_none = (env.delete('rack.ssl_verify_none') || @ssl_verify_none) == true
|
|
128
131
|
read_timeout = env.delete('http.read_timeout') || @read_timeout
|
|
129
132
|
|
|
@@ -133,14 +136,18 @@ module Rack
|
|
|
133
136
|
target_response = HttpStreamingResponse.new(target_request, backend.host, backend.port)
|
|
134
137
|
target_response.use_ssl = use_ssl
|
|
135
138
|
target_response.read_timeout = read_timeout
|
|
136
|
-
target_response.verify_mode = OpenSSL::SSL::VERIFY_NONE if use_ssl && ssl_verify_none
|
|
137
139
|
target_response.ssl_version = @ssl_version if @ssl_version
|
|
140
|
+
target_response.verify_mode = (@verify_mode || OpenSSL::SSL::VERIFY_NONE) if use_ssl
|
|
141
|
+
target_response.cert = @cert if @cert
|
|
142
|
+
target_response.key = @key if @key
|
|
138
143
|
else
|
|
139
144
|
http = Net::HTTP.new(backend.host, backend.port)
|
|
140
145
|
http.use_ssl = use_ssl if use_ssl
|
|
141
146
|
http.read_timeout = read_timeout
|
|
142
|
-
http.verify_mode = OpenSSL::SSL::VERIFY_NONE if use_ssl && ssl_verify_none
|
|
143
147
|
http.ssl_version = @ssl_version if @ssl_version
|
|
148
|
+
http.verify_mode = (@verify_mode || OpenSSL::SSL::VERIFY_NONE if use_ssl) if use_ssl
|
|
149
|
+
http.cert = @cert if @cert
|
|
150
|
+
http.key = @key if @key
|
|
144
151
|
|
|
145
152
|
target_response = http.start do
|
|
146
153
|
http.request(target_request)
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
# 1. rails new test_app
|
|
6
6
|
# 2. cd test_app
|
|
7
7
|
# 3. install Rack-Proxy in `Gemfile`
|
|
8
|
-
# a. `gem 'rack-proxy', '~> 0.7.
|
|
8
|
+
# a. `gem 'rack-proxy', '~> 0.7.6'`
|
|
9
9
|
# 4. install gem: `bundle install`
|
|
10
10
|
# 5. create `config/initializers/proxy.rb` adding this line `require 'rack_proxy_examples/example_service_proxy'`
|
|
11
11
|
# 6. run: `SERVICE_URL=http://guides.rubyonrails.org rails server`
|