ruby-jss 4.0.1 → 4.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: caf5f70df9ef7016f40e810f33b31d7c04b07a3a6986bede21313cf0a5553cac
-  data.tar.gz: 104b4e8f260a35b1206b1d537f9b3f12897792d9d7797e63b704b9dee568456c
+  metadata.gz: 891d497b1459d24035000f157551cd1d87cd5028d4229f3c4702173229c06138
+  data.tar.gz: 6b6cb140ab919684ffcdb51c09102b3bbe0cce9ae0fed225fc53f789dd057332
 SHA512:
-  metadata.gz: ef1677172d13ee5d43a241af7ba12c8dc14b1a5e72a1398b3656cca86b595e8984b8669fe3d35d88f23c793f7a9804bb811da06bda9a39cb783137ce2a4a507b
-  data.tar.gz: e8a310a351a58b2d125b863cd11b7c1516a16560aa5ffb2ab6003808265b797dc8edac74a9b7668420be67b31083d273cd6fc14f9a550d399a431f005816a524
+  metadata.gz: 99ebd2400e27522e6baffda8d0f1239a70e5dad3fbb240deb6078341fe012661d892154f866c5401495b0d9549faf6d852b5c7d8c45fcbbaf044ecfb6ca708c9
+  data.tar.gz: 06e95ad34b057d7d905268c234943647777f30a59929c8a48d0db7299240eea82643c54f11b9fc8221c90e357a753b3e50af4cb6c15c6d4e435fd16809560830

data/CHANGES.md

@@ -14,6 +14,13 @@ __Please update all installations of ruby-jss to at least v1.6.0.__
 
 Many many thanks to actae0n of Blacksun Hackers Club for reporting this issue and providing examples of how it could be exploited.
 
+--------
+## \[4.1.0] 2024-04-06
+
+### Changed
+
+  - ruby-jss now uses version 2.0 or higher of [Faraday](https://lostisland.github.io/faraday/#/). This required minor changes to how https connections are established.
+  
 --------
 ## \[4.0.0] 2024-02-05
 

data/lib/jamf/api/connection/classic_api.rb

@@ -61,7 +61,7 @@ module Jamf
       def c_get(rsrc, format = :json, raw_json: false)
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
 
-        validate_connected @c_cnx
+        validate_connected
         raise Jamf::InvalidDataError, 'format must be :json or :xml' unless Jamf::Connection::GET_FORMATS.include?(format)
 
         resp =
@@ -92,7 +92,7 @@ module Jamf
       # @return [String] the xml response from the server.
       #
       def c_post(rsrc, xml)
-        validate_connected @c_cnx
+        validate_connected
 
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
 
@@ -127,7 +127,7 @@ module Jamf
       # @return [String] the xml response from the server.
       #
       def c_put(rsrc, xml)
-        validate_connected @c_cnx
+        validate_connected
 
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
 
@@ -160,7 +160,7 @@ module Jamf
       # @return [String] the xml response from the server.
       #
       def c_delete(rsrc)
-        validate_connected @c_cnx
+        validate_connected
         raise MissingDataError, 'Missing :rsrc' if rsrc.nil?
 
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
@@ -195,23 +195,14 @@ module Jamf
       # @return [String] the xml response from the server.
       #
       def upload(rsrc, local_file)
-        validate_connected @c_cnx
+        validate_connected
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
 
-        # the upload file object for faraday
-        local_file = Pathname.new local_file
-        upfile = Faraday::UploadIO.new(
-          local_file.to_s,
-          'application/octet-stream',
-          local_file.basename.to_s
-        )
+        payload = {}
+        payload[:name] = Faraday::Multipart::FilePart.new(local_file.to_s, 'application/octet-stream')
+
+        resp = @c_cnx.post rsrc, payload
 
-        # send it and get the response
-        resp =
-          @c_cnx.post rsrc do |req|
-            req.headers['Content-Type'] = 'multipart/form-data'
-            req.body = { name: upfile }
-          end
         @last_http_response = resp
 
         unless resp.success?
@@ -228,7 +219,10 @@ module Jamf
       # create the faraday CAPI connection object
       def create_classic_connection
         Faraday.new(@c_base_url, ssl: ssl_options) do |cnx|
-          cnx.authorization :Bearer, @token.token
+          # use a proc for the token value, so its looked up on every request
+          # meaning we don't have to validate that the token is still valid before every request
+          # because the Token instance will (usually) refresh it automatically.
+          cnx.request :authorization, 'Bearer', -> { @token.token }
 
           cnx.options[:timeout] = @timeout
           cnx.options[:open_timeout] = @open_timeout
@@ -236,7 +230,7 @@ module Jamf
           cnx.request :multipart
           cnx.request :url_encoded
 
-          cnx.adapter Faraday::Adapter::NetHttp
+          cnx.adapter :net_http
         end
       end
 

data/lib/jamf/api/connection/connect.rb

@@ -264,18 +264,9 @@ module Jamf
 
       # raise exception if not connected, and make sure we're using
       # the current token
-      def validate_connected(subcnx)
+      def validate_connected
         using_dft = 'Jamf.cnx' if self == Jamf.cnx
         raise Jamf::InvalidConnectionError, "Connection '#{@name}' Not Connected. Use #{using_dft}.connect first." unless connected?
-
-        update_refreshed_token(subcnx)
-      end
-
-      # always use the current token, which by default will auto-refresh
-      def update_refreshed_token(subcnx)
-        return if subcnx.headers['Authorization'] == "Bearer #{@token.token}"
-
-        subcnx.authorization :Bearer, @token.token
       end
 
       # With a REST connection, there isn't any real "connection" to disconnect from

data/lib/jamf/api/connection/jamf_pro_api.rb

@@ -37,7 +37,10 @@ module Jamf
       #######################################################
       def create_jp_connection(parse_json: true)
         Faraday.new(@jp_base_url, ssl: ssl_options) do |cnx|
-          cnx.authorization :Bearer, @token.token
+          # use a proc for the token value, so its looked up on every request
+          # meaning we don't have to validate that the token is still valid before every request
+          # because the Token instance will (usually) refresh it automatically.
+          cnx.request :authorization, 'Bearer', -> { @token.token }
 
           cnx.options[:timeout] = @timeout
           cnx.options[:open_timeout] = @open_timeout
@@ -47,7 +50,7 @@ module Jamf
             cnx.response :json, parser_options: { symbolize_names: true }
           end
 
-          cnx.adapter Faraday::Adapter::NetHttp
+          cnx.adapter :net_http
         end
       end
 
@@ -57,7 +60,7 @@ module Jamf
       # @return [Hash] the result of the get
       #######################################################
       def jp_get(rsrc)
-        validate_connected @jp_cnx
+        validate_connected
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.get(rsrc) do |req|
           # Modify the request here if needed.
@@ -82,7 +85,7 @@ module Jamf
       # @return [String] the response body
       #######################################################
       def jp_post(rsrc, data)
-        validate_connected @jp_cnx
+        validate_connected
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.post(rsrc) do |req|
           req.body = data
@@ -105,7 +108,7 @@ module Jamf
       #
       #######################################################
       def jp_put(rsrc, data)
-        validate_connected @jp_cnx
+        validate_connected
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.put(rsrc) do |req|
           req.body = data
@@ -128,7 +131,7 @@ module Jamf
       #
       #######################################################
       def jp_patch(rsrc, data)
-        validate_connected @jp_cnx
+        validate_connected
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.patch(rsrc) do |req|
           req.body = data
@@ -149,7 +152,7 @@ module Jamf
       #
       #######################################################
       def jp_delete(rsrc)
-        validate_connected @jp_cnx
+        validate_connected
         rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.delete rsrc
         @last_http_response = resp

data/lib/jamf/api/connection/token.rb

@@ -534,11 +534,11 @@ module Jamf
           con.options[:timeout] = @timeout
           con.options[:open_timeout] = @timeout
           if token
-            con.authorization :Bearer, token
+            con.request :authorization, 'Bearer', token
           else
-            con.basic_auth @user, Base64.decode64(@pw)
+            con.request :authorization, :basic, @user, Base64.decode64(@pw)
           end
-          con.adapter Faraday::Adapter::NetHttp
+          con.adapter :net_http
         end # Faraday.new
       end # token_connection
 
@@ -551,7 +551,7 @@ module Jamf
           fcnx.request :url_encoded
           # activates the json response middleware, parsing all valid  response bodies with JSON.parse
           fcnx.response :json, parser_options: { symbolize_names: true }
-          fcnx.adapter Faraday::Adapter::NetHttp
+          fcnx.adapter  :net_http
         end
       end # token_connection
 

data/lib/jamf/api/connection.rb

@@ -22,8 +22,8 @@
 ###
 ###
 
-require 'faraday' # >= 0.17.0
-require 'faraday_middleware' # >= 0.13.0
+require 'faraday'
+require 'faraday/multipart'
 
 # The main module
 module Jamf

data/lib/jamf/version.rb

@@ -27,6 +27,6 @@
 module Jamf
 
   ### The version of ruby-jss
-  VERSION = '4.0.1'.freeze
+  VERSION = '4.1.0'.freeze
 
 end # module

metadata

@@ -1,16 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: ruby-jss
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.1.0
 platform: ruby
 authors:
 - Chris Lasell
 - Aurica Hayes
-- Kristoffer Landes
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-02-05 00:00:00.000000000 Z
+date: 2024-04-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: CFPropertyList
@@ -52,21 +51,24 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
-  name: faraday_middleware
+  name: faraday-multipart
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -74,6 +76,9 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.4
 - !ruby/object:Gem::Dependency
   name: concurrent-ruby
   requirement: !ruby/object:Gem::Requirement
@@ -920,11 +925,14 @@ files:
 homepage: http://pixaranimationstudios.github.io/ruby-jss/
 licenses:
 - Nonstandard
-metadata: {}
+metadata:
+  source_code_uri: https://github.com/PixarAnimationStudios/ruby-jss
+  changelog_uri: https://github.com/PixarAnimationStudios/ruby-jss/blob/master/CHANGES.md
+  wiki_uri: https://github.com/PixarAnimationStudios/ruby-jss/wiki
 post_install_message: 
 rdoc_options:
 - "--title"
-- JSS
+- Jamf
 - "--line-numbers"
 - "--main"
 - README.md