RubyGems - smart_proxy_container_gateway - Versions diffs - 1.0.8 → 1.1.0 - Mend

smart_proxy_container_gateway 1.0.8 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/lib/smart_proxy_container_gateway/container_gateway.rb +2 -1
data/lib/smart_proxy_container_gateway/container_gateway_api.rb +32 -6
data/lib/smart_proxy_container_gateway/container_gateway_main.rb +2 -1
data/lib/smart_proxy_container_gateway/version.rb +1 -1
data/settings.d/container_gateway.yml.example +2 -0
metadata +17 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 95ed3584f3ef8379b2abbaef70031e5add4d0f0a364acbc8d938284329c45aff
-  data.tar.gz: bd7eb01e1ad8d4cb58ffd0c9a356cef25d5004db93c66f14f58bc8fb0051cb90
+  metadata.gz: 3097422461fc20a387c9a5e31056e18655a6682549b5092266aa22df9e0a3b9d
+  data.tar.gz: be74c6e1bb3afa76b20353c695bcc92288c7e9a55e8e1c751151b000d135e10e
 SHA512:
-  metadata.gz: 512516a03a9eaaa34f39dc9e8fdf0260efbcbbc2077971c4f0dfc8872e32310bcf14bf180d73be481c6ebcb6ad94fba753f6cc4d206e528c27a463bbb28c8899
-  data.tar.gz: 774fa2b2bc4ea74808a0d50668675f88a3d962b343ffd056c4f66fb597bdbb124e019e5bff7e26d52f12f2015eaa170683aebc0b30cb4f6647e6f3156cc21611
+  metadata.gz: b2f693ef460c40d1ec59bd546e26745070eed87a0c95736971283b8199d1376940381ce90c48b998b585a50699c2e25053b01d261220fbdd4a22e16e2f9dd2fe
+  data.tar.gz: 9bf944ba3f5e48148e38a07366c18c62b716b5d59a5582c2b8f78307ea15a770bdc9e939b55a6abe9950c1d985cb59db7068bab73f8fce07c6ae9a18f06ee761

data/lib/smart_proxy_container_gateway/container_gateway.rb CHANGED Viewed

@@ -7,7 +7,8 @@ module Proxy
       default_settings :pulp_endpoint => "https://#{`hostname`.strip}",
                        :katello_registry_path => '/v2/',
-                       :sqlite_db_path => '/var/lib/foreman-proxy/smart_proxy_container_gateway.db'
+                       :sqlite_db_path => '/var/lib/foreman-proxy/smart_proxy_container_gateway.db',
+                       :sqlite_timeout => 30_000
       # Load defaults that copy values from SETTINGS. This is done as
       # programmable settings since SETTINGS isn't initialized during plugin

data/lib/smart_proxy_container_gateway/container_gateway_api.rb CHANGED Viewed

@@ -1,3 +1,7 @@
+require 'active_support'
+require 'active_support/core_ext/integer'
+require 'active_support/core_ext/string'
+require 'active_support/time_with_zone'
 require 'sinatra'
 require 'smart_proxy_container_gateway/container_gateway'
 require 'smart_proxy_container_gateway/container_gateway_main'
@@ -100,18 +104,38 @@ module Proxy
         response.headers['Docker-Distribution-API-Version'] = 'registry/2.0'
         unless auth_header.present? && auth_header.basic_auth?
-          one_year = (60 * 60 * 24 * 365)
-          return { token: AuthorizationHeader::UNAUTHORIZED_TOKEN, issued_at: Time.now.iso8601,
-                   expires_at: (Time.now + one_year).iso8601 }.to_json
+          return { token: AuthorizationHeader::UNAUTHORIZED_TOKEN, issued_at: Time.now.rfc3339,
+                   expires_in: 1.year.seconds.to_i }.to_json
         end
         token_response = ForemanApi.new.fetch_token(auth_header.raw_header, request.params)
         if token_response.code.to_i != 200
           halt token_response.code.to_i, token_response.body
         else
+          # This returned token should follow OAuth2 spec. We need some minor conversion
+          # to store the token with the expires_at time (using rfc3339).
           token_response_body = JSON.parse(token_response.body)
-          ContainerGateway.insert_token(request.params['account'], token_response_body['token'],
-                                        token_response_body['expires_at'])
+          if token_response_body['token'].nil?
+            halt 502, "Recieved malformed token response"
+          end
+          # "issued_at" is an optional field. Per OAuth2 we assume time of token response as
+          # the issue time if the field is ommitted.
+          token_issue_time = (token_response_body["issued_at"] || token_response["Date"])&.to_time
+          if token_issue_time.nil?
+            halt 502, "Recieved malformed token response"
+          end
+          # 'expires_in' is an optional field. If not provided, assume 60 seconds per OAuth2 spec
+          expires_in = token_response_body.fetch("expires_in", 60)
+          expires_at = token_issue_time + expires_in.seconds
+          ContainerGateway.insert_token(
+            request.params['account'],
+            token_response_body['token'],
+            expires_at.rfc3339
+          )
           repo_response = ForemanApi.new.fetch_user_repositories(auth_header.raw_header, request.params)
           if repo_response.code.to_i != 200
@@ -120,7 +144,9 @@ module Proxy
             ContainerGateway.update_user_repositories(request.params['account'],
                                                       JSON.parse(repo_response.body)['repositories'])
           end
-          return token_response_body.to_json
+          # Return the original token response from Katello
+          return token_response.body
         end
       end

data/lib/smart_proxy_container_gateway/container_gateway_main.rb CHANGED Viewed

@@ -174,7 +174,8 @@ module Proxy
       def initialize_db
         file_path = Proxy::ContainerGateway::Plugin.settings.sqlite_db_path
-        conn = Sequel.connect("sqlite://#{file_path}")
+        sqlite_timeout = Proxy::ContainerGateway::Plugin.settings.sqlite_timeout
+        conn = Sequel.connect("sqlite://#{file_path}", timeout: sqlite_timeout)
         container_gateway_path = $LOAD_PATH.detect { |path| path.include? 'smart_proxy_container_gateway' }
         begin
           Sequel::Migrator.check_current(conn, "#{container_gateway_path}/smart_proxy_container_gateway/sequel_migrations")

data/lib/smart_proxy_container_gateway/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Proxy
   module ContainerGateway
-    VERSION = '1.0.8'.freeze
+    VERSION = '1.1.0'.freeze
   end
 end

data/settings.d/container_gateway.yml.example CHANGED Viewed

@@ -6,3 +6,5 @@
 :pulp_client_ssl_key: 'RSA private key for the Pulp certificate'
 :katello_registry_path: 'Katello container registry suffix, e.g., /v2/'
 :sqlite_db_path: '/var/lib/foreman-proxy/smart_proxy_container_gateway.db'
+# Database busy timeout in milliseconds
+:sqlite_timeout: 30000

metadata CHANGED Viewed

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_container_gateway
 version: !ruby/object:Gem::Version
-  version: 1.0.8
+  version: 1.1.0
 platform: ruby
 authors:
 - Ian Ballou
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-08-02 00:00:00.000000000 Z
+date: 2023-11-06 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: sequel
   requirement: !ruby/object:Gem::Requirement
@@ -72,7 +86,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - "~>"
     - !ruby/object:Gem::Version
-      version: '2.5'
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="