sendgrid-ruby 6.1.4 → 6.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dee5a58da05e1ac621914725e55f8d8edd5fbe41998e63d96ae34a27b61e46c3
-  data.tar.gz: bcafe9bf1024882418c847d5fcc2118c587b4b1275e63033592eb6fc84ab6676
+  metadata.gz: 0a99cbab593becca226765be0e10692ded5477764699344b3b93ca619aa3290e
+  data.tar.gz: 2db29c6f0abeef43197c19fd384a2760e42f0ba952ed490a3ba60efbab3a1261
 SHA512:
-  metadata.gz: 5349c910cd270a5579f1aef22b860c9267210467115e17b15a873b2d2f9b2f826afa51272b8741035c9426da2bea72a81a0b1f127a3c1a1144afa775689f28c5
-  data.tar.gz: 1cd1328b16c887ac2f1c9b7f5676c07c2bc07b37b8d09419a97b341c1361735608638b27b5eae1acaf99eef1b15eec338014523824ac77abe00fb5cbdb792d9d
+  metadata.gz: 4c9853763d323eef8a89334648df9cb8f8a3ed30687fedd463cffaec72aa6f4ca6627280a7c7805f8040001370c96441810e32fcec5b1528961b114734c85664
+  data.tar.gz: f46c413bb546de8f57eaa1bc4cb85ef73a585a372a5df1417c7511d79797f9b42ddfb2a7797550e831182a597fe5bdeebd95ce794d9dd505a1434d5ad4e929f0

data/.codeclimate.yml

@@ -16,6 +16,6 @@ ratings:
   - "**.rb"
 exclude_paths:
 - examples/
+- gemfiles/
 - spec/
 - test/
-- gemfiles/

data/.gitignore

@@ -39,3 +39,5 @@ Gemfile.lock
 
 # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
 .rvmrc
+
+prism*

data/.rubocop.yml

@@ -0,0 +1,6 @@
+AllCops:
+  Exclude:
+    - examples/**/*
+    - gemfiles/**/*
+    - spec/**/*
+    - test/**/*

data/.travis.yml

@@ -1,25 +1,17 @@
 language: ruby
-rvm:
-  - ruby-head
-  - 2.7
-  - 2.6
-  - 2.5
-  - 2.4
-  - jruby-9.2
+env:
+  - version=ruby:2.7
+  - version=ruby:2.6
+  - version=ruby:2.5
+  - version=ruby:2.4
+  - version=jruby:9.2
+
 gemfile:
   - gemfiles/Sinatra_1.gemfile
   - gemfiles/Sinatra_2.gemfile
-before_script:
-  - mkdir prism
-  - mkdir prism/bin
-  - export PATH=$PATH:$PWD/prism/bin/
-  - "./test/prism.sh"
-install: make install
-script: make test
-matrix:
-  allow_failures:
-    - rvm: ruby-head
-  fast_finish: true
+
+script: make test-docker
+
 deploy:
   provider: rubygems
   api_key:
@@ -27,8 +19,7 @@ deploy:
   gem: sendgrid-ruby
   on:
     tags: true
-    rvm: '2.4'
-    condition: '$BUNDLE_GEMFILE == *"gemfiles/Sinatra_1.gemfile"'
+    condition: $version = ruby:2.4 && $BUNDLE_GEMFILE = *"gemfiles/Sinatra_1.gemfile"
 
 notifications:
   slack:

data/CHANGELOG.md

@@ -1,6 +1,51 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+[2020-07-22] Version 6.3.3
+--------------------------
+**Library - Chore**
+- [PR #431](https://github.com/sendgrid/sendgrid-ruby/pull/431): migrate to new default sendgrid-oai branch. Thanks to [@eshanholtz](https://github.com/eshanholtz)!
+- [PR #366](https://github.com/sendgrid/sendgrid-ruby/pull/366): add Rubocop configuration file. Thanks to [@RolandBurrows](https://github.com/RolandBurrows)!
+
+**Library - Test**
+- [PR #429](https://github.com/sendgrid/sendgrid-ruby/pull/429): fix the license test and actually run the test scripts. Thanks to [@childish-sambino](https://github.com/childish-sambino)!
+
+**Library - Docs**
+- [PR #273](https://github.com/sendgrid/sendgrid-ruby/pull/273): Create a Use Cases Directory and Associated Files. Thanks to [@alanunruh](https://github.com/alanunruh)!
+
+
+[2020-07-08] Version 6.3.2
+--------------------------
+**Library - Test**
+- [PR #368](https://github.com/sendgrid/sendgrid-ruby/pull/368): add Simplecov Local Enhancements. Thanks to [@RolandBurrows](https://github.com/RolandBurrows)!
+
+
+[2020-06-25] Version 6.3.1
+--------------------------
+
+
+[2020-06-24] Version 6.3.0
+--------------------------
+**Library - Feature**
+- [PR #428](https://github.com/sendgrid/sendgrid-ruby/pull/428): adds rack middleware to make request verification easier in rack apps. Thanks to [@philnash](https://github.com/philnash)!
+- [PR #425](https://github.com/sendgrid/sendgrid-ruby/pull/425): verify signature from event webhook. Thanks to [@eshanholtz](https://github.com/eshanholtz)!
+
+**Library - Fix**
+- [PR #427](https://github.com/sendgrid/sendgrid-ruby/pull/427): drop the starkbank dependency. Thanks to [@childish-sambino](https://github.com/childish-sambino)!
+
+
+[2020-05-13] Version 6.2.1
+--------------------------
+**Library - Fix**
+- [PR #421](https://github.com/sendgrid/sendgrid-ruby/pull/421): migrate to common prism setup. Thanks to [@childish-sambino](https://github.com/childish-sambino)!
+
+
+[2020-04-29] Version 6.2.0
+--------------------------
+**Library - Feature**
+- [PR #417](https://github.com/sendgrid/sendgrid-ruby/pull/417): add support for Twilio Email. Thanks to [@childish-sambino](https://github.com/childish-sambino)!
+
+
 [2020-04-15] Version 6.1.4
 --------------------------
 **Library - Fix**

data/CONTRIBUTING.md

@@ -47,7 +47,7 @@ Before you decide to create a new issue, please try the following:
 
 ### Please use our Bug Report Template
 
-In order to make the process easier, we've included a [sample bug report template](https://github.com/sendgrid/sendgrid-ruby/blob/master/ISSUE_TEMPLATE.md) (borrowed from [Ghost](https://github.com/TryGhost/Ghost/)). The template uses [GitHub flavored markdown](https://help.github.com/articles/github-flavored-markdown/) for formatting.
+In order to make the process easier, we've included a [sample bug report template](ISSUE_TEMPLATE.md).
 
 <a name="improvements-to-the-codebase"></a>
 ## Improvements to the Codebase
@@ -124,20 +124,13 @@ Tests for the mail send and Web API v3 endpoints.
 
 The Web API v3 client is `sendgrid-ruby.rb`
 
-<a name="testing"></a>
 ## Testing
 
-All PRs require passing tests before the PR will be reviewed.
+All PRs require passing tests before the PR will be reviewed. All test files are in the [`tests`](https://github.com/sendgrid/sendgrid-ruby/tree/master/test) directory. For the purposes of contributing to this repo, please update the [`test_sendgrid-ruby.rb`](https://github.com/sendgrid/sendgrid-ruby/blob/master/test/test_sendgrid-ruby.rb) file with unit tests as you modify the code.
 
-All test files are in the [`tests`](https://github.com/sendgrid/sendgrid-ruby/tree/master/test) directory.
+The integration tests require a Twilio SendGrid mock API in order to execute. We've simplified setting this up using Docker to run the tests. You will just need [Docker Desktop](https://docs.docker.com/get-docker/) and `make`.
 
-For the purposes of contributing to this repo, please update the [`test_sendgrid-ruby.rb`](https://github.com/sendgrid/sendgrid-ruby/blob/master/test/test_sendgrid-ruby.rb) file with unit tests as you modify the code.
-
-To run the tests:
-
-```bash
-rake
-```
+Once these are available, simply execute the Docker test target to run all tests: `make test-docker`. This command can also be used to open an interactive shell into the container where this library is installed. To start a *bash* shell for example, use this command: `command=bash make test-docker`.
 
 <a name="style-guidelines-and-naming-conventions"></a>
 ## Style Guidelines & Naming Conventions

data/Dockerfile

@@ -0,0 +1,14 @@
+ARG version=ruby:latest
+FROM $version
+
+# Needed for jruby
+RUN apt-get update \
+    && apt-get install -y make git
+
+COPY prism/prism/nginx/cert.crt /usr/local/share/ca-certificates/cert.crt
+RUN update-ca-certificates
+
+WORKDIR /app
+COPY . .
+
+RUN make install

data/Gemfile

@@ -3,4 +3,3 @@ source 'http://rubygems.org'
 gemspec
 
 gem 'ruby_http_client'
-

data/Makefile

@@ -1,7 +1,14 @@
-.PHONY: install test
+.PHONY: install test test-integ test-docker
 
 install:
 	gem install bundler:2.1.2; bundle install
 
 test:
-	bundle exec rake spec
+	bundle exec rake
+
+test-integ: test
+
+version ?= ruby:latest
+test-docker:
+	curl -s https://raw.githubusercontent.com/sendgrid/sendgrid-oai/main/prism/prism.sh -o prism.sh
+	version=$(version) bash ./prism.sh

data/README.md

@@ -205,7 +205,6 @@ We encourage contribution to our libraries (you might even score some nifty swag
 
 - [Feature Request](https://github.com/sendgrid/sendgrid-ruby/tree/master/CONTRIBUTING.md#feature_request)
 - [Bug Reports](https://github.com/sendgrid/sendgrid-ruby/tree/master/CONTRIBUTING.md#submit_a_bug_report)
-- [Sign the CLA to Create a Pull Request](https://github.com/sendgrid/sendgrid-ruby/tree/master/CONTRIBUTING.md#cla)
 - [Improvements to the Codebase](https://github.com/sendgrid/sendgrid-ruby/tree/master/CONTRIBUTING.md#improvements_to_the_codebase)
 - [Review Pull Requests](https://github.com/sendgrid/sendgrid-ruby/blob/master/CONTRIBUTING.md#code-reviews)
 

data/examples/helpers/eventwebhook/example.rb

@@ -0,0 +1,16 @@
+require 'sengrid-ruby'
+include SendGrid
+
+def is_valid_signature(request)
+  public_key = 'base64-encoded public key'
+
+  event_webhook = SendGrid::EventWebhook.new
+  ec_public_key = event_webhook.convert_public_key_to_ecdsa(public_key)
+
+  event_webhook.verify_signature(
+      ec_public_key,
+      request.body.read,
+      request.env[SendGrid::EventWebhookHeader::SIGNATURE],
+      request.env[SendGrid::EventWebhookHeader::TIMESTAMP]
+  )
+end

data/lib/rack/sendgrid_webhook_verification.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Rack
+  # Middleware that verifies webhooks from SendGrid using the EventWebhook
+  # verifier.
+  #
+  # The middleware takes a public key with which to set up the request
+  # validator and any number of paths. When a path matches the incoming request
+  # path, the request will be verified using the signature and timestamp of the
+  # request.
+  #
+  # Example:
+  #
+  # require 'rack'
+  # use Rack::SendGridWebhookVerification, ENV['PUBLIC_KEY'], /\/emails/
+  #
+  # The above appends this middleware to the stack, using a public key saved in
+  # the ENV and only against paths that match /\/emails/. If the request
+  # validates then it gets passed on to the action as normal. If the request
+  # doesn't validate then the middleware responds immediately with a 403 status.
+  class SendGridWebhookVerification
+    def initialize(app, public_key, *paths)
+      @app = app
+      @public_key = public_key
+      @path_regex = Regexp.union(paths)
+    end
+
+    def call(env)
+      return @app.call(env) unless env['PATH_INFO'].match(@path_regex)
+      request = Rack::Request.new(env)
+
+      event_webhook = SendGrid::EventWebhook.new
+      ec_public_key = event_webhook.convert_public_key_to_ecdsa(@public_key)
+      verified = event_webhook.verify_signature(
+        ec_public_key,
+        request.body.read,
+        request.env[SendGrid::EventWebhookHeader::SIGNATURE],
+        request.env[SendGrid::EventWebhookHeader::TIMESTAMP]
+      )
+
+      if verified
+        return @app.call(env)
+      else
+        return [
+          403,
+          { 'Content-Type' => 'text/plain' },
+          ['SendGrid Request Verification Failed.']
+        ]
+      end
+    end
+  end
+end

data/lib/sendgrid-ruby.rb

@@ -1,5 +1,8 @@
-require_relative 'sendgrid/client'
+require_relative 'sendgrid/base_interface'
+require_relative 'sendgrid/sendgrid'
+require_relative 'sendgrid/twilio_email'
 require_relative 'sendgrid/version'
+require_relative 'sendgrid/helpers/eventwebhook/eventwebhook'
 require_relative 'sendgrid/helpers/ip_management/ip_management'
 require_relative 'sendgrid/helpers/mail/asm'
 require_relative 'sendgrid/helpers/mail/attachment'
@@ -27,3 +30,4 @@ require_relative 'sendgrid/helpers/stats/email_stats'
 require_relative 'sendgrid/helpers/stats/stats_response'
 require_relative 'sendgrid/helpers/stats/metrics'
 require_relative 'sendgrid/helpers/permissions/scope'
+require_relative 'rack/sendgrid_webhook_verification'

data/lib/sendgrid/base_interface.rb

@@ -0,0 +1,36 @@
+require 'ruby_http_client'
+require_relative 'version'
+
+# Initialize the HTTP client
+class BaseInterface
+  attr_accessor :client
+  attr_reader :request_headers, :host, :version, :impersonate_subuser
+  # * *Args* :
+  #   - +auth+ -> authorization header value
+  #   - +host+ -> the base URL for the API
+  #   - +request_headers+ -> any headers that you want to be globally applied
+  #   - +version+ -> the version of the API you wish to access,
+  #                  currently only "v3" is supported
+  #   - +impersonate_subuser+ -> the subuser to impersonate, will be passed
+  #                              in the "On-Behalf-Of" header
+  #
+  def initialize(auth:, host:, request_headers: nil, version: nil, impersonate_subuser: nil)
+    @auth = auth
+    @host = host
+    @version = version ? version : 'v3'
+    @impersonate_subuser = impersonate_subuser
+    @user_agent = "sendgrid/#{SendGrid::VERSION};ruby"
+    @request_headers = JSON.parse('
+        {
+          "Authorization": "' + @auth + '",
+          "Accept": "application/json",
+          "User-Agent": "' + @user_agent + '"
+        }
+    ')
+    @request_headers['On-Behalf-Of'] = @impersonate_subuser if @impersonate_subuser
+
+    @request_headers = @request_headers.merge(request_headers) if request_headers
+    @client = SendGrid::Client.new(host: "#{@host}/#{@version}",
+                                   request_headers: @request_headers)
+  end
+end

data/lib/sendgrid/helpers/eventwebhook/eventwebhook.rb

@@ -0,0 +1,52 @@
+require 'base64'
+require 'digest'
+require 'openssl'
+
+module SendGrid
+  # This class allows you to use the Event Webhook feature. Read the docs for
+  # more details: https://sendgrid.com/docs/for-developers/tracking-events/event
+  class EventWebhook
+    # * *Args* :
+    #   - +public_key+ -> verification key under Mail Settings
+    #
+    def convert_public_key_to_ecdsa(public_key)
+      verify_engine
+      OpenSSL::PKey::EC.new(Base64.decode64(public_key))
+    end
+
+    # * *Args* :
+    #   - +public_key+ -> elliptic curve public key
+    #   - +payload+ -> event payload in the request body
+    #   - +signature+ -> signature value obtained from the 'X-Twilio-Email-Event-Webhook-Signature' header
+    #   - +timestamp+ -> timestamp value obtained from the 'X-Twilio-Email-Event-Webhook-Timestamp' header
+    def verify_signature(public_key, payload, signature, timestamp)
+      verify_engine
+      timestamped_playload = "#{timestamp}#{payload}"
+      payload_digest = Digest::SHA256.digest(timestamped_playload)
+      decoded_signature = Base64.decode64(signature)
+      public_key.dsa_verify_asn1(payload_digest, decoded_signature)
+    rescue
+      false
+    end
+
+    def verify_engine
+      # JRuby does not fully support ECDSA: https://github.com/jruby/jruby-openssl/issues/193
+      if RUBY_PLATFORM == "java"
+        raise NotSupportedError, "Event Webhook verification is not supported by JRuby"
+      end
+    end
+
+    class Error < ::RuntimeError
+    end
+
+    class NotSupportedError < Error
+    end
+  end
+
+  # This class lists headers that get posted to the webhook. Read the docs for
+  # more details: https://sendgrid.com/docs/for-developers/tracking-events/event
+  class EventWebhookHeader
+    SIGNATURE = "HTTP_X_TWILIO_EMAIL_EVENT_WEBHOOK_SIGNATURE"
+    TIMESTAMP = "HTTP_X_TWILIO_EMAIL_EVENT_WEBHOOK_TIMESTAMP"
+  end
+end

data/lib/sendgrid/sendgrid.rb

@@ -0,0 +1,20 @@
+# Quickly and easily access the Twilio SendGrid API.
+module SendGrid
+  class API < BaseInterface
+    # * *Args* :
+    #   - +api_key+ -> your Twilio SendGrid API key
+    #   - +host+ -> the base URL for the API
+    #   - +request_headers+ -> any headers that you want to be globally applied
+    #   - +version+ -> the version of the API you wish to access,
+    #                  currently only "v3" is supported
+    #   - +impersonate_subuser+ -> the subuser to impersonate, will be passed
+    #                              in the "On-Behalf-Of" header
+    #
+    def initialize(api_key:, host: nil, request_headers: nil, version: nil, impersonate_subuser: nil)
+      auth = "Bearer #{api_key}"
+      host = 'https://api.sendgrid.com' unless host
+
+      super(auth: auth, host: host, request_headers: request_headers, version: version, impersonate_subuser: impersonate_subuser)
+    end
+  end
+end

data/lib/sendgrid/twilio_email.rb

@@ -0,0 +1,21 @@
+# Quickly and easily access the Twilio Email API.
+module TwilioEmail
+  class API < BaseInterface
+    # * *Args* :
+    #   - +username+ -> your Twilio Email API key SID or Account SID
+    #   - +password+ -> your Twilio Email API key secret or Account Auth Token
+    #   - +host+ -> the base URL for the API
+    #   - +request_headers+ -> any headers that you want to be globally applied
+    #   - +version+ -> the version of the API you wish to access,
+    #                  currently only "v3" is supported
+    #   - +impersonate_subuser+ -> the subuser to impersonate, will be passed
+    #                              in the "On-Behalf-Of" header
+    #
+    def initialize(username:, password:, host: nil, request_headers: nil, version: nil, impersonate_subuser: nil)
+      auth = "Basic #{Base64.strict_encode64("#{username}:#{password}")}"
+      host = 'https://email.twilio.com' unless host
+
+      super(auth: auth, host: host, request_headers: request_headers, version: version, impersonate_subuser: impersonate_subuser)
+    end
+  end
+end

data/lib/sendgrid/version.rb

@@ -1,3 +1,3 @@
 module SendGrid
-  VERSION = '6.1.4'
+  VERSION = '6.3.3'
 end

data/sendgrid-ruby.gemspec

@@ -27,4 +27,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'faker'
   spec.add_development_dependency 'rubocop'
   spec.add_development_dependency 'minitest', '~> 5.9'
+  spec.add_development_dependency 'rack'
+  spec.add_development_dependency 'simplecov'
 end