rest-client 1.5.0 → 1.5.1

data/README.rdoc

@@ -39,7 +39,7 @@ of specifying actions: get, put, post, delete.
         :group => 'those_guys'
       },
        :upload => {
-        :file => File.new(path)
+        :file => File.new(path, 'rb')
       }
     })
 
@@ -47,7 +47,7 @@ of specifying actions: get, put, post, delete.
 
 Yeah, that's right!  This does multipart sends for you!
 
-  RestClient.post '/data', :myfile => File.new("/path/to/image.jpg")
+  RestClient.post '/data', :myfile => File.new("/path/to/image.jpg", 'rb')
 
 This does two things for you:
 

data/Rakefile

@@ -25,11 +25,20 @@ Jeweler::RubyforgeTasks.new
 require 'spec/rake/spectask'
 
 desc "Run all specs"
-Spec::Rake::SpecTask.new('spec') do |t|
+task :spec => ["spec:unit", "spec:integration"]
+
+desc "Run unit specs"
+Spec::Rake::SpecTask.new('spec:unit') do |t|
   t.spec_opts = ['--colour --format progress --loadby mtime --reverse']
   t.spec_files = FileList['spec/*_spec.rb']
 end
 
+desc "Run integration specs"
+Spec::Rake::SpecTask.new('spec:integration') do |t|
+  t.spec_opts = ['--colour --format progress --loadby mtime --reverse']
+  t.spec_files = FileList['spec/integration/*_spec.rb']
+end
+
 desc "Print specdocs"
 Spec::Rake::SpecTask.new(:doc) do |t|
   t.spec_opts = ["--format", "specdoc", "--dry-run"]

data/VERSION

@@ -1 +1 @@
-1.5.0
+1.5.1

data/bin/restclient

@@ -77,7 +77,7 @@ if File.exists? ".irbrc"
 	ENV['IRBRC'] = ".irbrc"
 end
 
-if File.exists?(rcfile = "~/.restclientrc")
+if File.exists?( File.expand_path(rcfile = "~/.restclientrc") )
 	load(rcfile)
 end
 

data/history.md

@@ -1,3 +1,11 @@
+# 1.5.1
+
+- only converts headers keys which are Symbols
+- use CGI for cookie parsing instead of custom code
+- unescape user and password before using them (patch provided by Lars Gierth)
+- expand ~ in ~/.restclientrc (patch provided by Mike Fletcher)
+- ssl verification raise an exception when the ca certificate is incorrect (patch provided by Braintree)
+
 # 1.5.0
 
 - the response is now a String with the Response module a.k.a. the change in 1.4.0 was a mistake (Response.body is returning self for compatability)

data/lib/restclient/abstract_response.rb

@@ -1,3 +1,5 @@
+require 'cgi'
+
 module RestClient
 
   module AbstractResponse
@@ -22,15 +24,11 @@ module RestClient
 
     # Hash of cookies extracted from response headers
     def cookies
-      @cookies ||= (self.headers[:set_cookie] || []).inject({}) do |out, cookie_content|
-        # correctly parse comma-separated cookies containing HTTP dates (which also contain a comma)
-        cookie_content.split(/,\s*/).inject([""]) { |array, blob|
-          blob =~ /expires=.+?$/ ? array.push(blob) : array.last.concat(blob)
-          array
-        }.each do |cookie|
-          next if cookie.empty?
-          key, *val = cookie.split(";").first.split("=")
-          out[key] = val.join("=")
+      @cookies ||= (self.headers[:set_cookie] || {}).inject({}) do |out, cookie_content|
+        CGI::Cookie::parse(cookie_content).each do |key, cookie|
+          unless ['expires', 'path'].include? key
+            out[key] = cookie.value[0] || ''
+          end
         end
         out
       end
@@ -45,12 +43,12 @@ module RestClient
         unless [:get, :head].include? args[:method]
           raise Exceptions::EXCEPTIONS_MAP[code], self
         else
-          follow_redirection &block
+          follow_redirection(&block)
         end
       elsif code == 303
         args[:method] = :get
         args.delete :payload
-        follow_redirection &block
+        follow_redirection(&block)
       elsif Exceptions::EXCEPTIONS_MAP[code]
         raise Exceptions::EXCEPTIONS_MAP[code], self
       else

data/lib/restclient/exceptions.rb

@@ -134,8 +134,12 @@ module RestClient
     message = 'Server broke connection'
   end
 
-
-
+  class SSLCertificateNotVerified < Exception
+    def initialize(message)
+      super(nil)
+      self.message = message
+    end
+  end
 end
 
 # backwards compatibility

data/lib/restclient/request.rb

@@ -1,5 +1,6 @@
 require 'tempfile'
 require 'mime/types'
+require 'cgi'
 
 module RestClient
   # This class is used internally by RestClient to send the request, but you can also
@@ -27,7 +28,7 @@ module RestClient
                 :ssl_client_key, :ssl_ca_file, :processed_headers, :args
 
     def self.execute(args, &block)
-      new(args).execute &block
+      new(args).execute(&block)
     end
 
     def initialize args
@@ -84,8 +85,8 @@ module RestClient
 
     def parse_url_with_auth(url)
       uri = parse_url(url)
-      @user = uri.user if uri.user
-      @password = uri.password if uri.password
+      @user = CGI.unescape(uri.user) if uri.user
+      @password = CGI.unescape(uri.password) if uri.password
       uri
     end
 
@@ -115,6 +116,13 @@ module RestClient
         net.verify_mode = OpenSSL::SSL::VERIFY_NONE
       elsif @verify_ssl.is_a? Integer
         net.verify_mode = @verify_ssl
+        net.verify_callback = lambda do |preverify_ok, ssl_context|
+          if (!preverify_ok) || ssl_context.error != 0
+            err_msg = "SSL Verification failed -- Preverify: #{preverify_ok}, Error: #{ssl_context.error_string} (#{ssl_context.error})"
+            raise SSLCertificateNotVerified.new(err_msg)
+          end
+          true
+        end
       end
       net.cert = @ssl_client_cert if @ssl_client_cert
       net.key = @ssl_client_key if @ssl_client_key
@@ -182,7 +190,7 @@ module RestClient
       if block_given?
         block.call response, &block
       else
-        response.return! &block
+        response.return!(&block)
       end
 
     end
@@ -219,20 +227,22 @@ module RestClient
     # Return a hash of headers whose keys are capitalized strings
     def stringify_headers headers
       headers.inject({}) do |result, (key, value)|
-        target_key = key.to_s.split(/_/).map{|w| w.capitalize}.join('-')
-        if 'CONTENT-TYPE' == target_key.upcase
+        if key.is_a? Symbol
+          key = key.to_s.split(/_/).map{|w| w.capitalize}.join('-')
+        end
+        if 'CONTENT-TYPE' == key.upcase
           target_value = value.to_s
-          result[target_key] = MIME::Types.type_for_extension target_value
-        elsif 'ACCEPT' == target_key.upcase
+          result[key] = MIME::Types.type_for_extension target_value
+        elsif 'ACCEPT' == key.upcase
           # Accept can be composed of several comma-separated values
           if value.is_a? Array
             target_values = value
           else
             target_values = value.to_s.split ','
           end
-          result[target_key] = target_values.map{ |ext| MIME::Types.type_for_extension(ext.to_s.strip)}.join(', ')
+          result[key] = target_values.map{ |ext| MIME::Types.type_for_extension(ext.to_s.strip)}.join(', ')
         else
-          result[target_key] = value.to_s
+          result[key] = value.to_s
         end
         result
       end

data/lib/restclient/response.rb

@@ -6,7 +6,7 @@ module RestClient
 
     include AbstractResponse
 
-    attr_accessor :body, :net_http_res, :args
+    attr_accessor :args, :body, :net_http_res
 
     def body
       self

data/spec/abstract_response_spec.rb

@@ -51,6 +51,11 @@ describe RestClient::AbstractResponse do
     @response.cookies.should == { 'session_id' => '1' }
   end
 
+  it "extract strange cookies" do
+    @net_http_res.should_receive(:to_hash).and_return('set-cookie' => ['session_id=ZJ/HQVH6YE+rVkTpn0zvTQ==; path=/'])
+    @response.cookies.should == { 'session_id' => 'ZJ/HQVH6YE rVkTpn0zvTQ==' }
+  end
+
   it "can access the net http result directly" do
     @response.net_http_res.should == @net_http_res
   end

data/spec/integration/certs/equifax.crt

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
+MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
+dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
+BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
+cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
+AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
+ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
+IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
+MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
+A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
+7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
+1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
+-----END CERTIFICATE-----

data/spec/integration/certs/verisign.crt

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+-----END CERTIFICATE-----

data/spec/integration/request_spec.rb

@@ -0,0 +1,25 @@
+require File.dirname(__FILE__) + '/../base'
+
+describe RestClient::Request do
+  describe "ssl verification" do
+    it "is successful with the correct ca_file" do
+      request = RestClient::Request.new(
+        :method => :get,
+        :url => 'https://www.google.com',
+        :verify_ssl => OpenSSL::SSL::VERIFY_PEER,
+        :ssl_ca_file => File.join(File.dirname(__FILE__), "certs", "verisign.crt")
+      )
+      expect { request.execute }.to_not raise_error
+    end
+
+    it "is unsuccessful with an incorrect ca_file" do
+      request = RestClient::Request.new(
+        :method => :get,
+        :url => 'https://www.google.com',
+        :verify_ssl => OpenSSL::SSL::VERIFY_PEER,
+        :ssl_ca_file => File.join(File.dirname(__FILE__), "certs", "equifax.crt")
+      )
+      expect { request.execute }.to raise_error(RestClient::SSLCertificateNotVerified)
+    end
+  end
+end

data/spec/request_spec.rb

@@ -86,6 +86,13 @@ describe RestClient::Request do
       @request.password.should == 'pass1'
     end
 
+    it "extracts with escaping the username and password when parsing http://user:password@example.com/" do
+      URI.stub!(:parse).and_return(mock('uri', :user => 'joe%20', :password => 'pass1'))
+      @request.parse_url_with_auth('http://joe%20:pass1@example.com/resource')
+      @request.user.should == 'joe '
+      @request.password.should == 'pass1'
+    end
+
     it "doesn't overwrite user and password (which may have already been set by the Resource constructor) if there is no user/password in the url" do
       URI.stub!(:parse).and_return(mock('uri', :user => nil, :password => nil))
       @request = RestClient::Request.new(:method => 'get', :url => 'example.com', :user => 'beth', :password => 'pass2')
@@ -98,8 +105,8 @@ describe RestClient::Request do
   it "correctly formats cookies provided to the constructor" do
     URI.stub!(:parse).and_return(mock('uri', :user => nil, :password => nil))
     @request = RestClient::Request.new(:method => 'get', :url => 'example.com', :cookies => {:session_id => '1', :user_id => "someone" })
-    @request.should_receive(:default_headers).and_return({'foo' => 'bar'})
-    headers = @request.make_headers({}).should == { 'Foo' => 'bar', 'Cookie' => 'session_id=1;user_id=someone'}
+    @request.should_receive(:default_headers).and_return({'Foo' => 'bar'})
+    @request.make_headers({}).should == { 'Foo' => 'bar', 'Cookie' => 'session_id=1;user_id=someone'}
   end
 
   it "determines the Net::HTTP class to instantiate by the method name" do
@@ -152,6 +159,13 @@ describe RestClient::Request do
       headers['Accept'].should == 'application/json'
     end
 
+    it "only convert symbols in header" do
+      @request.should_receive(:default_headers).and_return({})
+      headers = @request.make_headers({:foo_bar => 'value', "bar_bar" => 'value'})
+      headers['Foo-Bar'].should == 'value'
+      headers['bar_bar'].should == 'value'
+    end
+
     it "converts header values to strings" do
       @request.make_headers('A' => 1)['A'].should == '1'
     end
@@ -398,6 +412,7 @@ describe RestClient::Request do
                                           :payload => 'payload',
                                           :verify_ssl => mode )
       @net.should_receive(:verify_mode=).with(mode)
+      @net.should_receive(:verify_callback=)
       @http.stub!(:request)
       @request.stub!(:process_result)
       @request.stub!(:response_log)

metadata

@@ -1,12 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: rest-client
 version: !ruby/object:Gem::Version 
+  hash: 1
   prerelease: false
   segments: 
   - 1
   - 5
-  - 0
-  version: 1.5.0
+  - 1
+  version: 1.5.1
 platform: ruby
 authors: 
 - Adam Wiggins
@@ -22,9 +23,11 @@ dependencies:
   name: mime-types
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 47
         segments: 
         - 1
         - 16
@@ -66,6 +69,9 @@ files:
 - spec/resource_spec.rb
 - spec/response_spec.rb
 - spec/restclient_spec.rb
+- spec/integration/certs/equifax.crt
+- spec/integration/certs/verisign.crt
+- spec/integration/request_spec.rb
 - history.md
 has_rdoc: true
 homepage: http://github.com/archiloque/rest-client
@@ -77,23 +83,27 @@ rdoc_options:
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 requirements: []
 
 rubyforge_project: rest-client
-rubygems_version: 1.3.6
+rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
 summary: Simple REST client for Ruby, inspired by microframework syntax for specifying actions.
@@ -108,3 +118,4 @@ test_files:
 - spec/resource_spec.rb
 - spec/response_spec.rb
 - spec/restclient_spec.rb
+- spec/integration/request_spec.rb