reach-ruby 1.0.0

data/lib/reach-ruby/rest/api.rb

@@ -0,0 +1,50 @@
+###
+#  This code was generated by
+#  ___ ___   _   ___ _  _    _____ _   _    _  ___   ___      _   ___ ___      ___   _   ___     ___ ___ _  _ ___ ___    _ _____ ___  ___ 
+# | _ \ __| /_\ / __| || |__|_   _/_\ | |  | |/ | \ / / |    /_\ | _ ) __|___ / _ \ /_\ |_ _|__ / __| __| \| | __| _ \  /_\_   _/ _ \| _ \
+# |   / _| / _ \ (__| __ |___|| |/ _ \| |__| ' < \ V /| |__ / _ \| _ \__ \___| (_) / _ \ | |___| (_ | _|| .` | _||   / / _ \| || (_) |   /
+# |_|_\___/_/ \_\___|_||_|    |_/_/ \_\____|_|\_\ |_| |____/_/ \_\___/___/    \___/_/ \_\___|   \___|___|_|\_|___|_|_\/_/ \_\_| \___/|_|_\
+# 
+#  NOTE: This class is auto generated by OpenAPI Generator.
+#  https://openapi-generator.tech
+#  Do not edit the class manually.
+#
+# frozen_string_literal: true
+
+module Reach
+  module REST
+    class Api < Domain
+      ##
+      # Initialize the Api Domain
+      def initialize(reach)
+        super
+
+        @base_url = 'https://api.reach.talkylabs.com'
+        @host = 'api.reach.talkylabs.com'
+        @port = 443
+
+        # Versions
+        @messaging = nil
+        @authentix = nil
+      end
+
+      ##
+      # Version Messaging
+      def messaging
+        @messaging ||= Messaging.new self
+      end
+
+      ##
+      # Version Authentix
+      def authentix
+        @authentix ||= Authentix.new self
+      end      
+
+      ##
+      # Provide a user friendly representation
+      def to_s
+        '#<Reach::REST::Api>'
+      end
+    end
+  end
+end

data/lib/reach-ruby/rest/client.rb

@@ -0,0 +1,130 @@
+###
+#  This code was generated by
+#  ___ ___   _   ___ _  _    _____ _   _    _  ___   ___      _   ___ ___      ___   _   ___     ___ ___ _  _ ___ ___    _ _____ ___  ___ 
+# | _ \ __| /_\ / __| || |__|_   _/_\ | |  | |/ | \ / / |    /_\ | _ ) __|___ / _ \ /_\ |_ _|__ / __| __| \| | __| _ \  /_\_   _/ _ \| _ \
+# |   / _| / _ \ (__| __ |___|| |/ _ \| |__| ' < \ V /| |__ / _ \| _ \__ \___| (_) / _ \ | |___| (_ | _|| .` | _||   / / _ \| || (_) |   /
+# |_|_\___/_/ \_\___|_||_|    |_/_/ \_\____|_|\_\ |_| |____/_/ \_\___/___/    \___/_/ \_\___|   \___|___|_|\_|___|_|_\/_/ \_\_| \___/|_|_\
+# 
+#  NOTE: This class is auto generated by OpenAPI Generator.
+#  https://openapi-generator.tech
+#  Do not edit the class manually.
+#
+# frozen_string_literal: true
+
+module Reach
+  module REST
+    ##
+    # A client for accessing the Reach API.
+    class Client
+
+      attr_accessor :http_client, :username, :password, :auth_token, :logger, :user_agent_extensions
+
+      ##
+      # Initializes the Reach Client
+      def initialize(username=nil, password=nil, http_client=nil, logger=nil, user_agent_extensions=nil)
+        @username = username || Reach.username
+        @password = password || Reach.auth_token
+        @auth_token = @password
+        @auth = [@username, @password]
+        @http_client = http_client || Reach.http_client || Reach::HTTP::Client.new
+        @logger = logger || Reach.logger
+        @user_agent_extensions = user_agent_extensions || []
+
+        # Domains
+        @api = nil
+      end
+
+      ##
+      # Makes a request to the Reach API using the configured http client
+      # Authentication information is automatically added if none is provided
+      def request(host, port, method, uri, params={}, data={}, headers={}, auth=nil, timeout=nil)
+        auth ||= @auth
+
+        ruby_config = RbConfig::CONFIG
+        headers['User-Agent'] = "reach-ruby/#{Reach::VERSION} (#{ruby_config["host_os"]} #{ruby_config["host_cpu"]}) Ruby/#{RUBY_VERSION}"
+        headers['Accept-Charset'] = 'utf-8'
+
+        user_agent_extensions.each { |extension| headers['User-Agent'] += " #{extension}" }
+
+        if method == 'POST' && !headers['Content-Type']
+          headers['Content-Type'] = 'application/x-www-form-urlencoded'
+        end
+
+        unless headers['Accept']
+          headers['Accept'] = 'application/json'
+        end
+
+        uri = build_uri(uri)
+
+        if @logger
+          @logger.debug("--BEGIN REACH API Request--")
+          @logger.debug("Request Method: <#{method}>")
+
+          headers.each do |key, value|
+            unless key.downcase == 'authorization' || key.downcase == 'apikey' || key.downcase == 'apiuser'
+              @logger.debug("#{key}:#{value}")
+            end
+          end
+
+          url = URI(uri)
+          @logger.debug("Host:#{url.host}")
+          @logger.debug("Path:#{url.path}")
+          @logger.debug("Query:#{url.query}")
+          @logger.debug("Request Params:#{params}")
+        end
+
+        response = @http_client.request(
+          host,
+          port,
+          method,
+          uri,
+          params,
+          data,
+          headers,
+          auth,
+          timeout
+        )
+
+        if @logger
+          @logger.debug("Response Status Code:#{response.status_code}")
+          @logger.debug("Response Headers:#{response.headers}")
+          @logger.debug("--END REACH API REQUEST--")
+        end
+
+        response
+      end
+
+      ##
+      # Build the final request uri
+      def build_uri(uri)
+        parsed_url = URI(uri)
+        parsed_url.to_s
+      end
+
+      ##
+      # Access the Api Reach Domain
+      def api
+        @api ||= Api.new self
+      end
+
+      ##
+      # Acess the Messaging api version
+      def messaging
+        self.api.messaging
+      end
+
+      ##
+      # Acess the Authentix api version
+      def authentix
+        self.api.authentix
+      end
+
+      ##
+      # Provide a user friendly representation
+      def to_s
+        "#<Reach::REST::Client #{@username}>"
+      end
+    end
+
+  end
+end

data/lib/reach-ruby/rest.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+Dir[File.join(__dir__, 'framework/rest/*.rb')].sort.each do |file|
+  require file
+end
+
+Dir[File.join(__dir__, 'rest/*.rb')].sort.each do |file|
+  require file
+end
+
+Dir[File.join(__dir__, 'rest/**/*.rb')].sort.each do |file|
+  require file
+end

data/lib/reach-ruby/security/request_validator.rb

@@ -0,0 +1,149 @@
+# frozen_string_literal: true
+
+module Reach
+  module Security
+    class RequestValidator
+      ##
+      # Initialize a Request Validator. auth_token will either be grabbed from the global Reach object or you can
+      # pass it in here.
+      #
+      # @param [String] auth_token Your account auth token, used to sign requests
+      def initialize(auth_token = nil)
+        @auth_token = auth_token || Reach.auth_token
+        raise ArgumentError, 'Auth token is required' if @auth_token.nil?
+      end
+
+      ##
+      # Validates that after hashing a request with Reach's request-signing algorithm, the hash matches the signature parameter
+      #
+      # @param [String] url The url sent to your server, including any query parameters
+      # @param [String, Hash, #to_unsafe_h] params In most cases, this is the POST parameters as a hash. If you received
+      #   a bodySHA256 parameter in the query string, this parameter can instead be the POST body as a string to
+      #   validate JSON or other text-based payloads that aren't x-www-form-urlencoded.
+      # @param [String] signature The expected signature, from the X-Reach-Signature header of the request
+      #
+      # @return [Boolean] whether or not the computed signature matches the signature parameter
+      def validate(url, params, signature)
+        parsed_url = URI(url)
+        url_with_port = add_port(parsed_url)
+        url_without_port = remove_port(parsed_url)
+
+        valid_body = true # default succeed, since body not always provided
+        params_hash = body_or_hash(params)
+        unless params_hash.is_a? Enumerable
+          body_hash = URI.decode_www_form(parsed_url.query || '').to_h['bodySHA256']
+          params_hash = build_hash_for(params)
+          valid_body = !(params_hash.nil? || body_hash.nil?) && secure_compare(params_hash, body_hash)
+          params_hash = {}
+        end
+
+        # Check signature of the url with and without port numbers
+        # since signature generation on the back end is inconsistent
+        valid_signature_with_port = secure_compare(build_signature_for(url_with_port, params_hash), signature)
+        valid_signature_without_port = secure_compare(build_signature_for(url_without_port, params_hash), signature)
+
+        valid_body && (valid_signature_with_port || valid_signature_without_port)
+      end
+
+      ##
+      # Build a SHA256 hash for a body string
+      #
+      # @param [String] body String to hash
+      #
+      # @return [String] A hex-encoded SHA256 of the body string
+      def build_hash_for(body)
+        hasher = OpenSSL::Digest.new('sha256')
+        hasher.hexdigest(body)
+      end
+
+      ##
+      # Build a SHA1-HMAC signature for a url and parameter hash
+      #
+      # @param [String] url The request url, including any query parameters
+      # @param [#join] params The POST parameters
+      #
+      # @return [String] A base64 encoded SHA1-HMAC
+      def build_signature_for(url, params)
+        data = url + params.sort.join
+        digest = OpenSSL::Digest.new('sha1')
+        Base64.strict_encode64(OpenSSL::HMAC.digest(digest, @auth_token, data))
+      end
+
+      private
+
+      # Compares two strings in constant time to avoid timing attacks.
+      # Borrowed from ActiveSupport::MessageVerifier.
+      # https://github.com/rails/rails/blob/master/activesupport/lib/active_support/message_verifier.rb
+      def secure_compare(a, b)
+        return false unless a.bytesize == b.bytesize
+
+        l = a.unpack("C#{a.bytesize}")
+
+        res = 0
+        b.each_byte { |byte| res |= byte ^ l.shift }
+        res.zero?
+      end
+
+      # `ActionController::Parameters` no longer, as of Rails 5, inherits
+      # from `Hash` so the `sort` method, used above in `build_signature_for`
+      # is deprecated.
+      #
+      # `to_unsafe_h` was introduced in Rails 4.2.1, before then it is still
+      # possible to sort on an ActionController::Parameters object.
+      #
+      # We use `to_unsafe_h` as `to_h` returns a hash of the permitted
+      # parameters only and we need all the parameters to create the signature.
+      def body_or_hash(params_or_body)
+        if params_or_body.respond_to?(:to_unsafe_h)
+          params_or_body.to_unsafe_h
+        else
+          params_or_body
+        end
+      end
+
+      ##
+      # Adds the standard port to the url if it doesn't already have one
+      #
+      # @param [URI] parsed_url The parsed request url
+      #
+      # @return [String] The URL with a port number
+      def add_port(parsed_url)
+        if parsed_url.port.nil? || parsed_url.port == parsed_url.default_port
+          build_url_with_port_for(parsed_url)
+        else
+          parsed_url.to_s
+        end
+      end
+
+      ##
+      # Removes the port from the url
+      #
+      # @param [URI] parsed_url The parsed request url
+      #
+      # @return [String] The URL without a port number
+      def remove_port(parsed_url)
+        parsed_url.port = nil
+        parsed_url.to_s
+      end
+
+      ##
+      # Builds the url from its component pieces, with the standard port
+      #
+      # @param [URI] parsed_url The parsed request url
+      #
+      # @return [String] The URL with the standard port number
+      def build_url_with_port_for(parsed_url)
+        url = ''
+
+        url += parsed_url.scheme ? "#{parsed_url.scheme}://" : ''
+        url += parsed_url.userinfo ? "#{parsed_url.userinfo}@" : ''
+        url += parsed_url.host ? "#{parsed_url.host}:#{parsed_url.port}" : ''
+        url += parsed_url.path
+        url += parsed_url.query ? "?#{parsed_url.query}" : ''
+        url += parsed_url.fragment ? "##{parsed_url.fragment}" : ''
+
+        url
+      end
+    end
+  end
+end

data/lib/reach-ruby/util/configuration.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Reach
+  module Util
+    class Configuration
+      attr_accessor :username, :auth_token, :http_client, :logger
+
+      def username=(value)
+        @username = value
+      end
+
+      def auth_token=(value)
+        @auth_token = value
+      end
+
+      def http_client=(value)
+        @http_client = value
+      end
+
+      def logger=(value)
+        @logger = value
+      end
+    end
+  end
+end

data/lib/reach-ruby/version.rb

@@ -0,0 +1,3 @@
+module Reach
+    VERSION = '1.0.0'
+end

data/lib/reach-ruby.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'net/https'
+require 'cgi'
+require 'openssl'
+require 'base64'
+require 'forwardable'
+require 'time'
+require 'json'
+
+require 'reach-ruby/version' unless defined?(Reach::VERSION)
+require 'rack/reach_webhook_authentication' if defined?(Rack) && defined?(Rack::MediaType)
+
+require 'reach-ruby/security/request_validator'
+require 'reach-ruby/util/configuration'
+
+Dir[File.join(__dir__, 'reach-ruby/framework/*.rb')].sort.each do |file|
+  require file
+end
+
+module Reach
+  extend SingleForwardable
+
+  autoload :HTTP, File.join(__dir__, 'reach-ruby', 'http.rb')
+  autoload :REST, File.join(__dir__, 'reach-ruby', 'rest.rb')
+
+  def_delegators :configuration, :username, :auth_token, :http_client, :logger
+
+  ##
+  # Pre-configure with ApiUser and ApiKey so that you don't need to
+  # pass them to various initializers each time.
+  def self.configure(&block)
+    yield configuration
+  end
+
+  ##
+  # Returns an existing or instantiates a new configuration object.
+  def self.configuration
+    @configuration ||= Util::Configuration.new
+  end
+
+  private_class_method :configuration
+end

data/reach-ruby.gemspec

@@ -0,0 +1,38 @@
+# coding: utf-8
+
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'reach-ruby/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'reach-ruby'
+  spec.version       = Reach::VERSION
+  spec.authors       = ['Reach API Team']
+  spec.summary       = 'The official library for communicating with the Reach REST API'
+  spec.description   = 'The official library for communicating with the Reach REST API'
+  spec.homepage      = 'https://github.com/talkylabs/reach-ruby'
+  spec.license       = 'MIT'
+  spec.metadata      = { 'yard.run' => 'yri' } # use "yard" to build full HTML docs
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match?(%r{^(spec)/}) }
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+  spec.required_ruby_version = '>= 2.0.0'
+  spec.extra_rdoc_files = ['README.md', 'LICENSE']
+  spec.rdoc_options = ['--line-numbers', '--inline-source', '--title', 'reach-ruby', '--main', 'README.md']
+
+  spec.add_dependency('nokogiri', '>= 1.6', '< 2.0')
+  spec.add_dependency('faraday', '>= 0.9', '< 3.0')
+  # Workaround for RBX <= 2.2.1, should be fixed in next version
+  spec.add_dependency('rubysl') if defined?(RUBY_ENGINE) && RUBY_ENGINE == 'rbx'
+
+  spec.add_development_dependency 'bundler', '>= 1.5', '< 3.0'
+  spec.add_development_dependency 'equivalent-xml', '~> 0.6'
+  spec.add_development_dependency 'fakeweb', '~> 1.3'
+  spec.add_development_dependency 'rack', '~> 2.0'
+  spec.add_development_dependency 'rake', '~> 13.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_development_dependency 'yard', '~> 0.9.9'
+  spec.add_development_dependency 'logger', '~> 1.4.2'
+end

data/sonar-project.properties

@@ -0,0 +1,13 @@
+sonar.projectKey=talkylabs_reach-ruby
+sonar.projectName=reach-ruby
+sonar.organization=talkylabs
+
+sonar.sources=lib/reach-ruby
+# Exclude any auto-generated source code
+sonar.exclusions=lib/reach-ruby/rest/**/*
+sonar.tests=spec/
+# Exclude any auto-generated integration tests
+sonar.test.exclusions=spec/integration/**/*.spec.rb
+
+# For Code Coverage analysis
+sonar.ruby.coverage.reportPaths=coverage/coverage.json