rack-proxy 0.7.5 → 0.7.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fb78b8ebb5f71066481f1cbbf87fe0709b9a89d7da3da1ed86d5a095a4cb8ebb
-  data.tar.gz: aeeff912be2bf0bc5b75cae9f94192c2feae70742d734a2bd7fbf247cfd7c091
+  metadata.gz: 888784aa8d1d28ae0dc2a1352aa44ba8e639d5cd604043facbb31da3fa1dc759
+  data.tar.gz: 9ba49effcffcacb930ab08fe2f6a9fd08040b60800b8aa8e5ccc274053f36c4e
 SHA512:
-  metadata.gz: 557cf33c379e4e2847196fd77c5bdc25c802fcc0ac112cd56780459145927b664dad1d86ccaf9d2f65eadf3ce1faedc2c26e8bdc84ac79ef8eb40f98f57c604e
-  data.tar.gz: edc8229c7b4a936d9a4f9f1717cd0f07144597b54fae6a89f5d528692436cb6005ae01778a603f20748518ba2b034c161de576d917abb8789632e0040378916d
+  metadata.gz: 606ed720fb5b8c67cd1fc3058b9644e88fb2e7768d4fce4606ba0332fac24cadca11a36ab50d97cb7ff5767664864b1c1a2cf5108cd58a66fecfb3b93de37517
+  data.tar.gz: a91cc8541d7af6c390fe1c0faa3c923942a14cce746eebc3d170b95b45aafc5871a04ad1ec9fee6f0c07500534755c794f76d0c14bccdcf5fdaad06e239aeb07

data/Gemfile.lock

@@ -1,22 +1,22 @@
 PATH
   remote: .
   specs:
-    rack-proxy (0.7.5)
+    rack-proxy (0.7.7)
       rack
 
 GEM
   remote: https://rubygems.org/
   specs:
-    power_assert (2.0.1)
-    rack (2.2.4)
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
+    power_assert (2.0.3)
+    rack (3.0.8)
+    rack-test (2.1.0)
+      rack (>= 1.3)
     rake (13.0.6)
-    test-unit (3.5.3)
+    test-unit (3.6.1)
       power_assert
 
 PLATFORMS
-  ruby
+  arm64-darwin-22
 
 DEPENDENCIES
   rack-proxy!
@@ -25,4 +25,4 @@ DEPENDENCIES
   test-unit
 
 BUNDLED WITH
-   2.3.21
+   2.4.17

data/README.md

@@ -6,7 +6,7 @@ Installation
 Add the following to your `Gemfile`:
 
 ```
-gem 'rack-proxy', '~> 0.7.5'
+gem 'rack-proxy', '~> 0.7.7'
 ```
 
 Or install:
@@ -136,7 +136,7 @@ Test with `require 'rack_proxy_examples/example_service_proxy'`
 # 1. rails new test_app
 # 2. cd test_app
 # 3. install Rack-Proxy in `Gemfile`
-#    a. `gem 'rack-proxy', '~> 0.7.5'`
+#    a. `gem 'rack-proxy', '~> 0.7.7'`
 # 4. install gem: `bundle install`
 # 5. create `config/initializers/proxy.rb` adding this line `require 'rack_proxy_examples/example_service_proxy'`
 # 6. run: `SERVICE_URL=http://guides.rubyonrails.org rails server`
@@ -297,6 +297,35 @@ Add some domain name like `debug.your_app.com` into your local `/etc/hosts` file
 
 Next start the proxy and your app. And now you can access to your Spring application through SSL connection via `https://debug.your_app.com` URI in a browser.
 
+### Using SSL/TLS certificates with HTTP connection
+This may be helpful, when third-party API has authentication by client TLS certificates and you need to proxy your requests and sign them with certificate.
+
+Just specify Rack::Proxy SSL options and your request will use TLS HTTP connection:
+```ruby
+# config.ru
+. . .
+
+cert_raw = File.read('./certs/rootCA.crt')
+key_raw = File.read('./certs/key.pem')
+
+cert = OpenSSL::X509::Certificate.new(cert_raw)
+key = OpenSSL::PKey.read(key_raw)
+
+use TLSProxy, cert: cert, key: key, use_ssl: true, verify_mode: OpenSSL::SSL::VERIFY_PEER, ssl_version: 'TLSv1_2'
+```
+
+And rewrite host for example:
+```ruby
+# tls_proxy.rb
+class TLSProxy < Rack::Proxy
+  attr_accessor :original_request, :query_params
+
+  def rewrite_env(env)
+    env["HTTP_HOST"] = "client-tls-auth-api.com:443"
+    env
+  end
+end
+```
 
 WARNING
 ----

data/lib/rack/http_streaming_response.rb

@@ -10,7 +10,7 @@ module Rack
       304 => true
     }.freeze
 
-    attr_accessor :use_ssl, :verify_mode, :read_timeout, :ssl_version
+    attr_accessor :use_ssl, :verify_mode, :read_timeout, :ssl_version, :cert, :key
 
     def initialize(request, host, port = nil)
       @request, @host, @port = request, host, port
@@ -58,7 +58,9 @@ module Rack
         http.use_ssl = use_ssl
         http.verify_mode = verify_mode
         http.read_timeout = read_timeout
-        http.ssl_version = ssl_version if use_ssl
+        http.ssl_version = ssl_version if ssl_version
+        http.cert = cert if cert
+        http.key = key if key
         http.start
       end
     end

data/lib/rack/proxy.rb

@@ -5,7 +5,7 @@ module Rack
 
   # Subclass and bring your own #rewrite_request and #rewrite_response
   class Proxy
-    VERSION = "0.7.5".freeze
+    VERSION = "0.7.7".freeze
 
     HOP_BY_HOP_HEADERS = {
       'connection' => true,
@@ -73,6 +73,9 @@ module Rack
       @backend = opts[:backend] ? URI(opts[:backend]) : nil
       @read_timeout = opts.fetch(:read_timeout, 60)
       @ssl_version = opts[:ssl_version]
+      @cert = opts[:cert]
+      @key = opts[:key]
+      @verify_mode = opts[:verify_mode]
 
       @username = opts[:username]
       @password = opts[:password]
@@ -123,8 +126,7 @@ module Rack
       target_request.basic_auth(@username, @password) if @username && @password
 
       backend = env.delete('rack.backend') || @backend || source_request
-      use_ssl = backend.scheme == "https"
-      ssl_verify_none = (env.delete('rack.ssl_verify_none') || @ssl_verify_none) == true
+      use_ssl = backend.scheme == "https" || @cert
       read_timeout = env.delete('http.read_timeout') || @read_timeout
 
       # Create the response
@@ -133,14 +135,18 @@ module Rack
         target_response = HttpStreamingResponse.new(target_request, backend.host, backend.port)
         target_response.use_ssl = use_ssl
         target_response.read_timeout = read_timeout
-        target_response.verify_mode = OpenSSL::SSL::VERIFY_NONE if use_ssl && ssl_verify_none
         target_response.ssl_version = @ssl_version if @ssl_version
+        target_response.verify_mode = (@verify_mode || OpenSSL::SSL::VERIFY_NONE) if use_ssl
+        target_response.cert = @cert if @cert
+        target_response.key = @key if @key
       else
         http = Net::HTTP.new(backend.host, backend.port)
         http.use_ssl = use_ssl if use_ssl
         http.read_timeout = read_timeout
-        http.verify_mode = OpenSSL::SSL::VERIFY_NONE if use_ssl && ssl_verify_none
         http.ssl_version = @ssl_version if @ssl_version
+        http.verify_mode = (@verify_mode || OpenSSL::SSL::VERIFY_NONE if use_ssl) if use_ssl
+        http.cert = @cert if @cert
+        http.key = @key if @key
 
         target_response = http.start do
           http.request(target_request)

data/lib/rack_proxy_examples/example_service_proxy.rb

@@ -5,7 +5,7 @@
 # 1. rails new test_app
 # 2. cd test_app
 # 3. install Rack-Proxy in `Gemfile`
-#    a. `gem 'rack-proxy', '~> 0.7.5'`
+#    a. `gem 'rack-proxy', '~> 0.7.7'`
 # 4. install gem: `bundle install`
 # 5. create `config/initializers/proxy.rb` adding this line `require 'rack_proxy_examples/example_service_proxy'`
 # 6. run: `SERVICE_URL=http://guides.rubyonrails.org rails server`

data/rack-proxy.gemspec

@@ -12,6 +12,7 @@ Gem::Specification.new do |s|
   s.homepage    = "https://github.com/ncr/rack-proxy"
   s.summary     = %q{A request/response rewriting HTTP proxy. A Rack app.}
   s.description = %q{A Rack app that provides request/response rewriting proxy capabilities with streaming.}
+  s.required_ruby_version = '>= 2.6'
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-proxy
 version: !ruby/object:Gem::Version
-  version: 0.7.5
+  version: 0.7.7
 platform: ruby
 authors:
 - Jacek Becela
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-01-17 00:00:00.000000000 Z
+date: 2023-09-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -93,14 +93,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.2.3
 signing_key:
 specification_version: 4
 summary: A request/response rewriting HTTP proxy. A Rack app.