ribbon-intercom 0.2.3 → 0.3.0

data/lib/ribbon/intercom/service/channel/stores/redis_store.rb

@@ -0,0 +1,186 @@
+require 'redis'
+require 'securerandom'
+require 'base64'
+
+module Ribbon::Intercom
+  class Service
+    module Channel::Stores
+      class RedisStore < Store
+        def initialize(params={})
+          if params[:url]
+            @_redis = Redis.new(url: params[:url])
+          elsif params[:redis]
+            @_redis = params[:redis]
+          else
+            raise Errors::InvalidStoreParamsError
+          end
+        end
+
+        def token_exists?(token)
+          @_redis.exists("channel:#{token}")
+        end
+
+        def lookup_channel(token)
+          if (data=_load_data(token))
+            Channel.new(self, data)
+          end
+        end
+
+        def persist(channel)
+          raise Errors::InvalidChannelError, channel.inspect unless channel.is_a?(Channel)
+
+          channel.tap { |channel|
+            data_hash = {}
+            [:name, :token, :secret_hash_crt, :secret_hash_prv].each { |key|
+              value = channel.send(key)
+              data_hash[key] = value if value
+            }
+
+            # Save channel data as hash
+            @_redis.mapped_hmset(_key_name(channel), data_hash)
+
+            # Associate permissions set to its channel
+            channel.permissions.each { |p|
+              @_redis.sadd(_key_name(channel, 'permissions'), p)
+            }
+
+            # Save signing keys
+            key_hash = Hash[
+              channel.signing_keys.map { |key_id, data|
+                [key_id, Base64.strict_encode64(Marshal.dump(data))]
+              }
+            ]
+
+            @_redis.mapped_hmset(_key_name(channel, 'signing_keys'), key_hash) unless key_hash.empty?
+          }
+        end
+
+        def delete(channel)
+          raise Errors::InvalidChannelError, channel.inspect unless channel.is_a?(Channel)
+
+          @_redis.del(_key_name(channel))
+          @_redis.del(_key_name(channel, 'permissions'))
+          nil
+        end
+
+        def with_lock(channel, ttl=1000)
+          Mutex.new(@_redis, _key_name(channel, 'lock')).synchronize(ttl) { |validity|
+            start_time = Mutex.time_in_ms
+            channel.refresh(_load_data(channel.token))
+            yield validity - (Mutex.time_in_ms - start_time)
+          }
+        end
+
+        private
+
+        def _load_data(token)
+          if token_exists?(token) && (channel_data = @_redis.hgetall(_key_name(token)))
+            permissions = @_redis.smembers(_key_name(token, 'permissions'))
+
+            signing_keys = Hash[
+              @_redis.hgetall(_key_name(token, 'signing_keys')).map { |key_id, data|
+                [key_id.to_i, Marshal.load(Base64.strict_decode64(data))]
+              }
+            ]
+
+            Utils.symbolize_keys(
+              channel_data.merge(
+                may: permissions,
+                signing_keys: signing_keys
+              )
+            )
+          end
+        end
+
+        ##
+        # A redis mutex inspired by <https://github.com/leandromoreira/redlock-rb>
+        class Mutex
+          class LockUnobtainableError < StandardError; end
+
+          ##
+          # Lua script to send to Redis when releasing a lock.
+          # See: http://redis.io/commands/set
+          UNLOCK_SCRIPT = <<-LUA
+            if redis.call("get",KEYS[1]) == ARGV[1] then
+              return redis.call("del",KEYS[1])
+            else
+              return 0
+            end
+          LUA
+
+          DEFAULT_RETRY_COUNT = 3
+          DEFAULT_RETRY_DELAY = 200
+          CLOCK_DRIFT_FACTOR  = 0.01
+
+          class << self
+            def time_in_ms
+              (Time.now.to_f * 1000).to_i
+            end
+          end # Class Methods
+
+          attr_reader :redis
+          attr_reader :name
+          attr_reader :retry_count
+          attr_reader :retry_delay
+
+          def initialize(redis, name, opts={})
+            @redis = redis
+            @name = name
+            @retry_count = opts[:retry_count] || DEFAULT_RETRY_COUNT
+            @retry_delay = opts[:retry_delay] || DEFAULT_RETRY_DELAY
+          end
+
+          def synchronize(ttl)
+            retry_count.times {
+              start_time = self.class.time_in_ms
+
+              if (handle=lock(ttl))
+                begin
+                  time_elapsed = (self.class.time_in_ms - start_time).to_i
+                  return yield(ttl - time_elapsed - _drift(ttl))
+                ensure
+                  unlock(handle)
+                end
+              else
+                sleep(rand(retry_delay).to_f / 1000)
+              end
+            }
+
+            raise LockUnobtainableError, name
+          end
+
+          ##
+          # Acquire a lock (non-blocking).
+          def lock(ttl=1000)
+            handle = SecureRandom.uuid
+            redis.set(name, handle, nx: true, px: ttl) && handle
+          end
+
+          ##
+          # Release a lock.
+          def unlock(handle)
+            redis.eval(UNLOCK_SCRIPT, [name], [handle])
+          rescue
+            # Do nothing, unlocking is best effort.
+          end
+
+          private
+
+          ##
+          # Approximate clock drift.
+          def _drift(ttl)
+            # Add 2 milliseconds to the drift to account for Redis expires
+            # precision, which is 1 millisecond, plus 1 millisecond min drift
+            # for small TTLs.
+            (ttl * CLOCK_DRIFT_FACTOR).to_i + 2
+          end
+        end # Mutex
+
+        def _key_name(channel_or_token, *sub_names)
+          token = channel_or_token.is_a?(Channel) ? channel_or_token.token : channel_or_token
+          ['channel', token, *sub_names].join(':')
+        end
+      end # RedisStore
+    end # Channel::Stores
+  end # Service
+end # Ribbon::Intercom

data/lib/ribbon/intercom/service/{channel_stores/base.rb → channel/stores/store.rb}

@@ -1,9 +1,9 @@
 module Ribbon::Intercom
   class Service
-    module ChannelStores
-      class Base
+    module Channel::Stores
+      class Store
         def open_channel(params={})
-          raise NotImplementedError
+          Channel.new(self, params)
         end
 
         def token_exists?(token)
@@ -17,7 +17,15 @@ module Ribbon::Intercom
         def persist(channel)
           raise NotImplementedError
         end
-      end # Base
-    end # ChannelStores
+
+        def delete(channel)
+          raise NotImplementedError
+        end
+
+        def with_lock(channel, &block)
+          raise NotImplementedError
+        end
+      end # Store
+    end # Channel::Stores
   end # Service
 end # Ribbon::Intercom

data/lib/ribbon/intercom/service/channel/stores.rb

@@ -0,0 +1,9 @@
+module Ribbon::Intercom
+  class Service::Channel
+    module Stores
+      autoload(:Store, 'ribbon/intercom/service/channel/stores/store')
+      autoload(:RedisStore, 'ribbon/intercom/service/channel/stores/redis_store')
+      autoload(:MockStore, 'ribbon/intercom/service/channel/stores/mock_store')
+    end # Stores
+  end # Service::Channel
+end # Ribbon::Intercom

data/lib/ribbon/intercom/service/channel.rb

@@ -4,11 +4,14 @@ require 'bcrypt'
 module Ribbon::Intercom
   class Service
     class Channel
+      autoload(:Stores, 'ribbon/intercom/service/channel/stores')
+
       include BCrypt
 
       attr_reader :name
       attr_reader :store
       attr_reader :token
+      attr_reader :signing_keys
       attr_reader :secret_hash_crt
       attr_reader :secret_hash_prv
 
@@ -16,10 +19,18 @@ module Ribbon::Intercom
         @store = store
         @name = params[:name] or raise Errors::ChannelNameMissingError
         @token = params[:token]
+        refresh(params)
+      end
+
+      ##
+      # Refreshes the channel. To be called by the store after obtaining a lock.
+      def refresh(params={})
         @secret_hash_crt = params[:secret_hash_crt]
         @secret_hash_prv = params[:secret_hash_prv]
+        @signing_keys = params[:signing_keys] || {}
 
-        may(*((params[:may] || []) | [:rotate_secret]))
+        @_allowed_to = nil
+        may(*params.fetch(:may, []))
       end
 
       def rotate_secret
@@ -33,10 +44,23 @@ module Ribbon::Intercom
         rotate_secret.tap { save }
       end
 
+      def sign(data)
+        key_id, key = _signing_key
+        "\x01" + [key_id].pack('N') + Utils::Signer.new(key).sign(data)
+      end
+
+      def verify(signed_data)
+        key_id = signed_data.slice(1, 4).unpack('N').first
+
+        if (key=_retrieve_signing_key(key_id))
+          Utils::Signer.new(key).verify(signed_data[5..-1])
+        end
+      end
+
       def may(*args)
         (@_allowed_to ||= Hash.new(false)).merge!(
           Hash[
-            args.map { |perm| [perm.to_sym, true] }
+            args.map { |perm| [perm.to_s, true] }
           ]
         ).keys.to_set
       end
@@ -45,8 +69,8 @@ module Ribbon::Intercom
         may(*args).tap { save }
       end
 
-      def may?(*args)
-        args.all? { |perm| @_allowed_to[perm.to_sym] }
+      def may?(*perms)
+        perms.all? { |perm| _may?(perm) }
       end
 
       def permissions
@@ -65,6 +89,10 @@ module Ribbon::Intercom
         @__secret_prv ||= _to_bcrypt_pw(secret_hash_prv)
       end
 
+      def with_lock(&block)
+        store.with_lock(self, &block)
+      end
+
       def save
         # Loop until unique
         unless token
@@ -75,6 +103,10 @@ module Ribbon::Intercom
         store.persist(self)
       end
 
+      def close
+        store.delete(self)
+      end
+
       def ==(other)
         other.is_a?(Channel) &&
           name == other.name &&
@@ -87,6 +119,13 @@ module Ribbon::Intercom
 
       private
 
+      def _may?(required_perm)
+        permissions.any? { |perm|
+          regex = /\A#{Regexp.escape(perm).gsub('\*', '.*')}\z/
+          regex.match(required_perm)
+        }
+      end
+
       def _to_bcrypt_pw(pw)
         Password.new(pw) if pw && !pw.empty?
       end
@@ -96,6 +135,69 @@ module Ribbon::Intercom
         raise Errors::ChannelTokenMissingError unless token
         raise Errors::ChannelSecretMissingError unless secret_hash_crt
       end
+
+      def _latest_signing_key_id
+        ((signing_keys || {}).sort_by { |k, v| v[:timestamp] }.last || []).first
+      end
+
+      def _retrieve_signing_key(key_id)
+        (data=_retrieve_signing_key_data(key_id)) && data[:key]
+      end
+
+      def _retrieve_signing_key_data(key_id)
+        if key_id && (data=signing_keys[key_id])
+          data.merge(key_id: key_id)
+        else
+          {}
+        end
+      end
+
+      ##
+      # Returns whether the key is expired. Optionally, an offset may be specified
+      # to expire the key earlier or later.
+      def _signing_key_expired?(key_id)
+        _signing_key_ttl(key_id) <= 0
+      end
+
+      def _signing_key_ttl(key_id, ttl=3600)
+        timestamp = _retrieve_signing_key_data(key_id)[:timestamp]
+        (timestamp && (ttl - (Time.now.to_i - timestamp))).to_i
+      end
+
+      ##
+      # Retrieve the latest signing key or generate a new one if the latest has
+      # expired (older than 1 hour).
+      def _signing_key
+        latest_id = _latest_signing_key_id
+
+        # Refresh the key if the current key has less than 5 minutes to live.
+        if _signing_key_ttl(latest_id) < 300
+          with_lock {
+            latest_id = _latest_signing_key_id
+
+            if _signing_key_ttl(latest_id) < 300
+              latest_id = _add_signing_key
+              _delete_expired_signing_keys
+              save # Need to persist changes to signing keys.
+            end
+          }
+        end
+
+        [latest_id, _retrieve_signing_key(latest_id)]
+      end
+
+      def _add_signing_key
+        (_latest_signing_key_id.to_i + 1).tap { |key_id|
+          signing_keys[key_id] = {
+            key: Utils::Signer.random_key,
+            timestamp: Time.now.to_i
+          }
+        }
+      end
+
+      def _delete_expired_signing_keys
+        signing_keys.reject! { |key_id| _signing_key_expired?(key_id) }
+      end
     end # Service
   end # Channel
 end # Ribbon::Intercom