rack-reverse-proxy 0.9.1 → 0.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 19ce368e32c93e8d11b28dd20f7c6ff5ac840988
-  data.tar.gz: 2c82dc8ff6c2dd5bd07767058af7e2c97b6b49d6
+  metadata.gz: ff26702f215fd146c4a043bc583a058f7102001b
+  data.tar.gz: c451349b33d1715e57ce4da1652bba7f4a7b9192
 SHA512:
-  metadata.gz: 484743f8df4f78ce6ea52fcda1ff2ca49abf9ad1f0ed0b89532db9ec2a6486c6ea1185fd658a657750f24515cc46335609c33bd4c2d07f03a68d14078ffbb7f6
-  data.tar.gz: ea395476254d838bd1a495937970f3005c0ae59260d0f07b009cfe97d4aabd97fb13b75e58e00b738dd5799bd116a526825fcd2c25efd008732d7293aeaee0c9
+  metadata.gz: 0916fd37a7f4f5c4a63d3a51d01ad07f60c6a687fa45db392f1816dcb63dd82608b466f6451b7a169f7c66b252dceb697e0e0bdd8c86cad4a7fa145ce9895a4a
+  data.tar.gz: fb4a7b6158ffb9ae52c6689d0e71f95fdcbb1b0a1e131e7d3e5c7c2677096121af205b04be922d1521a075a35ae5ab9ba8ae9875ffab3aece726763a3b27a50c

data/.document

@@ -0,0 +1,5 @@
+README.rdoc
+lib/**/*.rb
+bin/*
+features/**/*.feature
+LICENSE

data/.gitignore

@@ -0,0 +1,16 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log
+tests.lock

data/.rspec

@@ -0,0 +1 @@
+--color

data/.rubocop.yml

@@ -0,0 +1,21 @@
+Style/StringLiterals:
+  EnforcedStyle: double_quotes
+
+Metrics/LineLength:
+  Max: 100
+
+#begin ruby 1.8 support
+Style/HashSyntax:
+  EnforcedStyle: hash_rockets
+
+Style/Lambda:
+  Enabled: false
+
+Style/TrailingCommaInLiteral:
+  EnforcedStyleForMultiline: no_comma
+
+Style/TrailingCommaInArguments:
+  EnforcedStyleForMultiline: no_comma
+
+Style/EachWithObject:
+  Enabled: false

data/.travis.yml

@@ -0,0 +1,19 @@
+language: ruby
+rvm:
+  - 1.8.7
+  - 1.9.3
+  - 2.0.0
+  - 2.1
+  - 2.2
+  - jruby-18mode
+  - jruby-19mode
+  - rbx
+
+before_install:
+  - gem install bundler
+
+bundler_args: --without development
+
+script:
+  - bundle exec rspec
+  - script/rubocop

data/CHANGELOG.md

@@ -0,0 +1,18 @@
+# Changelog
+
+## 0.10.0
+
+- Feature: `options[:verify_mode]` to set SSL verification mode. - [Marv Cool](https://github.com/MrMarvin) [#24](https://github.com/waterlink/rack-reverse-proxy/pull/24) and [#25](https://github.com/waterlink/rack-reverse-proxy/pull/25)
+
+## 0.9.1
+
+- Enhancement: Remove `Status` key from response headers as per Rack protocol (see [rack/lint](https://github.com/rack/rack/blob/master/lib/rack/lint.rb#L639)) - [Jan Raasch](https://github.com/janraasch) [#7](https://github.com/waterlink/rack-reverse-proxy/pull/7)
+
+## 0.9.0
+
+- Bugfix: Timeout option matches the documentation - [Paul Hepworth](https://github.com/peppyheppy)
+- Ruby 1.8 compatibility - [anujdas](https://github.com/anujdas)
+- Bugfix: Omit port in host header for default ports (80, 443), so that it doesn't break some web servers, like "Apache Coyote" - [Peter Suschlik](https://github.com/splattael)
+- Bugfix: Don't drop source request's port in response's location header - [Eric Koslow](https://github.com/ekosz)
+- Bugfix: Capitalize headers correctly to prevent duplicate headers when used together with other proxies - [Eric Koslow](https://github.com/ekosz)
+- Bugfix: Normalize headers from HttpStreamingResponse in order not to break other middlewares - [Jan Raasch](https://github.com/janraasch)

data/Gemfile

@@ -0,0 +1,20 @@
+source "https://rubygems.org"
+
+gemspec
+
+ruby_version = RUBY_VERSION.to_f
+rubocop_platform = [:ruby_20, :ruby_21, :ruby_22]
+rubocop_platform = [:ruby_20, :ruby_21] if ruby_version < 2.0
+
+group :test do
+  gem "rspec"
+  gem "rack-test"
+  gem "webmock"
+  gem "rubocop", :platform => rubocop_platform
+
+  gem "addressable", "< 2.4" if ruby_version < 1.9
+end
+
+group :development, :test do
+  gem "simplecov"
+end

data/README.md

@@ -4,7 +4,7 @@
 This is a simple reverse proxy for Rack that pretty heavily rips off Rack Forwarder. It is not meant for production systems (although it may work), as the webserver fronting your app is generally much better at this sort of thing.
 
 ## Installation
-The gem is available on gemcutter.  Assuming you have a recent version of Rubygems you should just be able to install it via:
+The gem is available on rubygems.  Assuming you have a recent version of Rubygems you should just be able to install it via:
 
 ```
 gem install rack-reverse-proxy
@@ -17,9 +17,10 @@ gem "rack-reverse-proxy", require: "rack/reverse_proxy"
 ```
 
 ## Usage
-Matchers can be a regex or a string. If a regex is used, you can use the subcaptures in your forwarding url by denoting them with a `$`.
 
-Right now if more than one matcher matches any given route, it throws an exception for an ambiguous match.  This will probably change later. If no match is found, the call is forwarded to your application.
+Rules can be a regex or a string. If a regex is used, you can use the subcaptures in your forwarding url by denoting them with a `$`.
+
+Right now if more than one rule matches any given route, it throws an exception for an ambiguous match.  This will probably change later. If no match is found, the call is forwarded to your application.
 
 Below is an example for configuring the middleware:
 
@@ -43,12 +44,37 @@ end
 run app
 ```
 
-reverse_proxy_options sets global options for all reverse proxies. Available options are:
+`reverse_proxy_options` sets global options for all reverse proxies. Available options are:
+
 * `:preserve_host` Set to false to omit Host headers
 * `:username` username for basic auth
 * `:password` password for basic auth
 * `:matching` is a global only option, if set to :first the first matched url will be requested (no ambigous error). Default: :all.
 * `:timeout` seconds to timout the requests
+* `:force_ssl` redirects to ssl version, if not already using it (requires `:replace_response_host`). Default: false.
+* `:verify_mode` the `OpenSSL::SSL` verify mode passed to Net::HTTP. Default: `OpenSSL::SSL::VERIFY_PEER`.
+
+### Sample usage in a Ruby on Rails app
+
+Rails 3 or less:
+
+```ruby
+# config/application.rb
+config.middleware.insert_before(Rack::Lock, Rack::ReverseProxy) do
+  reverse_proxy_options preserve_host: true
+  reverse_proxy '/wiki', 'http://wiki.example.com/'
+end
+```
+
+Rails 4+ or if you use `config.threadsafe`, you'll need to `insert_before(Rack::Runtime, Rack::ReverseProxy)` as `Rack::Lock` does not exist when `config.allow_concurrency == true`:
+
+```ruby
+# config/application.rb
+config.middleware.insert_before(Rack::Runtime, Rack::ReverseProxy) do
+  reverse_proxy_options preserve_host: true
+  reverse_proxy '/wiki', 'http://wiki.example.com/'
+end
+```
 
 ## Note on Patches/Pull Requests
 * Fork the project.

data/Rakefile

@@ -0,0 +1,10 @@
+require "rubygems"
+require "rake"
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec) do |spec|
+  spec.pattern = "spec/**/*_spec.rb"
+end
+
+task :default => :spec

data/lib/rack/reverse_proxy.rb

@@ -1,131 +1,6 @@
-require 'net/http'
-require 'net/https'
-require "rack-proxy"
-require "rack/reverse_proxy_matcher"
-require "rack/exception"
-require "rack/reverse_proxy/http_streaming_response"
+require "rack_reverse_proxy"
 
+# Re-opening Rack module only to define ReverseProxy constant
 module Rack
-  class ReverseProxy
-    include NewRelic::Agent::Instrumentation::ControllerInstrumentation if defined? NewRelic
-
-    def initialize(app = nil, &b)
-      @app = app || lambda {|env| [404, [], []] }
-      @matchers = []
-      @global_options = {:preserve_host => true, :x_forwarded_host => true, :matching => :all, :replace_response_host => false}
-      instance_eval(&b) if block_given?
-    end
-
-    def call(env)
-      rackreq = Rack::Request.new(env)
-      matcher = get_matcher(rackreq.fullpath, Proxy.extract_http_request_headers(rackreq.env), rackreq)
-      return @app.call(env) if matcher.nil?
-
-      if @global_options[:newrelic_instrumentation]
-        action_name = "#{rackreq.path.gsub(/\/\d+/,'/:id').gsub(/^\//,'')}/#{rackreq.request_method}" # Rack::ReverseProxy/foo/bar#GET
-        perform_action_with_newrelic_trace(:name => action_name, :request => rackreq) do
-          proxy(env, rackreq, matcher)
-        end
-      else
-        proxy(env, rackreq, matcher)
-      end
-    end
-
-    private
-
-    def proxy(env, source_request, matcher)
-      uri = matcher.get_uri(source_request.fullpath,env)
-      if uri.nil?
-        return @app.call(env)
-      end
-      options = @global_options.dup.merge(matcher.options)
-
-      # Initialize request
-      target_request = Net::HTTP.const_get(source_request.request_method.capitalize).new(uri.request_uri)
-
-      # Setup headers
-      target_request_headers = Proxy.extract_http_request_headers(source_request.env)
-
-      if options[:preserve_host]
-        if uri.port == uri.default_port
-          target_request_headers['HOST'] = uri.host
-        else
-          target_request_headers['HOST'] = "#{uri.host}:#{uri.port}"
-        end
-      end
-
-      if options[:x_forwarded_host]
-        target_request_headers['X-Forwarded-Host'] = source_request.host
-        target_request_headers['X-Forwarded-Port'] = "#{source_request.port}"
-      end
-
-      target_request.initialize_http_header(target_request_headers)
-
-      # Basic auth
-      target_request.basic_auth options[:username], options[:password] if options[:username] and options[:password]
-
-      # Setup body
-      if target_request.request_body_permitted? && source_request.body
-        source_request.body.rewind
-        target_request.body_stream    = source_request.body
-      end
-
-      target_request.content_length = source_request.content_length || 0
-      target_request.content_type   = source_request.content_type if source_request.content_type
-
-      # Create a streaming response (the actual network communication is deferred, a.k.a. streamed)
-      target_response = HttpStreamingResponse.new(target_request, uri.host, uri.port)
-
-      # pass the timeout configuration through
-      target_response.set_read_timeout(options[:timeout]) if options[:timeout].to_i > 0
-
-      target_response.use_ssl = "https" == uri.scheme
-
-      # Let rack set the transfer-encoding header
-      response_headers = Rack::Utils::HeaderHash.new Proxy.normalize_headers(format_headers(target_response.headers))
-      response_headers.delete('Transfer-Encoding')
-      response_headers.delete('Status')
-
-      # Replace the location header with the proxy domain
-      if response_headers['Location'] && options[:replace_response_host]
-        response_location = URI(response_headers['location'])
-        response_location.host = source_request.host
-        response_location.port = source_request.port
-        response_headers['Location'] = response_location.to_s
-      end
-
-      [target_response.status, response_headers, target_response.body]
-    end
-
-    def get_matcher(path, headers, rackreq)
-      matches = @matchers.select do |matcher|
-        matcher.match?(path, headers, rackreq)
-      end
-
-      if matches.length < 1
-        nil
-      elsif matches.length > 1 && @global_options[:matching] != :first
-        raise AmbiguousProxyMatch.new(path, matches)
-      else
-        matches.first
-      end
-    end
-
-    def reverse_proxy_options(options)
-      @global_options=options
-    end
-
-    def reverse_proxy(matcher, url=nil, opts={})
-      raise GenericProxyURI.new(url) if matcher.is_a?(String) && url.is_a?(String) && URI(url).class == URI::Generic
-      @matchers << ReverseProxyMatcher.new(matcher,url,opts)
-    end
-
-    def format_headers(headers)
-      headers.reduce({}) do |acc, (key, val)|
-        formated_key = key.split('-').map(&:capitalize).join('-')
-        acc[formated_key] = Array(val)
-	acc
-      end
-    end
-  end
+  ReverseProxy = RackReverseProxy::Middleware
 end

data/lib/rack_reverse_proxy.rb

@@ -0,0 +1,8 @@
+require "rack_reverse_proxy/version"
+require "rack_reverse_proxy/errors"
+require "rack_reverse_proxy/rule"
+require "rack_reverse_proxy/middleware"
+
+# A Reverse Proxy for Rack
+module RackReverseProxy
+end

data/lib/rack_reverse_proxy/errors.rb

@@ -0,0 +1,36 @@
+module RackReverseProxy
+  module Errors
+    # GenericURI indicates that url is too generic
+    class GenericURI < Exception
+      attr_reader :url
+
+      def intialize(url)
+        @url = url
+      end
+
+      def to_s
+        %(Your URL "#{@url}" is too generic. Did you mean "http://#{@url}"?)
+      end
+    end
+
+    # AmbiguousMatch indicates that path matched more than one endpoint
+    class AmbiguousMatch < Exception
+      attr_reader :path, :matches
+
+      def initialize(path, matches)
+        @path = path
+        @matches = matches
+      end
+
+      def to_s
+        %(Path "#{path}" matched multiple endpoints: #{formatted_matches})
+      end
+
+      private
+
+      def formatted_matches
+        matches.map(&:to_s).join(", ")
+      end
+    end
+  end
+end

data/lib/rack_reverse_proxy/middleware.rb

@@ -0,0 +1,40 @@
+require "net/http"
+require "net/https"
+require "rack-proxy"
+require "rack_reverse_proxy/roundtrip"
+
+module RackReverseProxy
+  # Rack middleware for handling reverse proxying
+  class Middleware
+    include NewRelic::Agent::Instrumentation::ControllerInstrumentation if defined? NewRelic
+
+    def initialize(app = nil, &b)
+      @app = app || lambda { |_| [404, [], []] }
+      @rules = []
+      @global_options = {
+        :preserve_host => true,
+        :x_forwarded_host => true,
+        :matching => :all,
+        :replace_response_host => false
+      }
+      instance_eval(&b) if block_given?
+    end
+
+    def call(env)
+      RoundTrip.new(@app, env, @global_options, @rules).call
+    end
+
+    private
+
+    def reverse_proxy_options(options)
+      @global_options = options
+    end
+
+    def reverse_proxy(rule, url = nil, opts = {})
+      if rule.is_a?(String) && url.is_a?(String) && URI(url).class == URI::Generic
+        raise Errors::GenericURI.new, url
+      end
+      @rules << Rule.new(rule, url, opts)
+    end
+  end
+end

data/lib/rack_reverse_proxy/response_builder.rb

@@ -0,0 +1,60 @@
+module RackReverseProxy
+  # ResponseBuilder knows target response building process
+  class ResponseBuilder
+    def initialize(target_request, uri, options)
+      @target_request = target_request
+      @uri = uri
+      @options = options
+    end
+
+    def fetch
+      setup_response
+      target_response
+    end
+
+    private
+
+    def setup_response
+      set_read_timeout
+      handle_https
+      handle_verify_mode
+    end
+
+    def set_read_timeout
+      return unless read_timeout?
+      target_response.read_timeout = options[:timeout]
+    end
+
+    def read_timeout?
+      options[:timeout].to_i > 0
+    end
+
+    def handle_https
+      return unless https?
+      target_response.use_ssl = true
+    end
+
+    def https?
+      "https" == uri.scheme
+    end
+
+    def handle_verify_mode
+      return unless verify_mode?
+      target_response.verify_mode = options[:verify_mode]
+    end
+
+    def verify_mode?
+      options.key?(:verify_mode)
+    end
+
+    def target_response
+      @_target_response ||= Rack::HttpStreamingResponse.new(
+        target_request,
+        uri.host,
+        uri.port
+      )
+    end
+
+    attr_reader :target_request, :uri, :options
+  end
+end