RubyGems - smart_proxy_container_gateway - Versions diffs - 3.3.0 → 3.3.1 - Mend

smart_proxy_container_gateway 3.3.0 → 3.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/smart_proxy_container_gateway/container_gateway_api.rb +26 -30
data/lib/smart_proxy_container_gateway/version.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1965b68bd7795a23fafce6976458a33bf58f8ef67ccab714ab52edcd69558e4e
-  data.tar.gz: f025588bd31da08bbf6fc2bfd9b58924a4d99d86571b689f6bbfdfc2a7e458dd
+  metadata.gz: b85cb8971300559f91cbae183a96bfa821c0bd90151c2b7c765561d9e1f84adc
+  data.tar.gz: 988f40bafe8e1aaf13042faf2bd5505bfc416e7e4160f94419ba7b271878bdfe
 SHA512:
-  metadata.gz: 8592a29f188ccc45ee9db74cf72579b5c63957ed4a9a64e015c7f3627bd2ee0fdf23e80efad608b690313fe5a4db28f2db0d5660a0a0a894736e500d1aa5bc78
-  data.tar.gz: eedefbd87696d56163aef9da0b6af8b4061bea74626054d4bf1c78b7d70425a61939db451a6081b79efdb42b17e248f1a8eaf037b5c882026bff7f5a79d87e62
+  metadata.gz: 4c249cf8162619a123d179234182ff19b7f724393600738c421acd2b0627b0b370fb01f38cd0b57304c3d50765015df40170eae42617e5c29d56c457a25ec531
+  data.tar.gz: ff795672ab091823d36af4085ca328775ec8ce2f1f5d954d0760c7ba4540b4842ab0dfcdf9d741d53ec534a7603711f5da78ac65e7b8a423a5b5f44c54d2980c

data/lib/smart_proxy_container_gateway/container_gateway_api.rb CHANGED Viewed

@@ -119,7 +119,7 @@ module Proxy
       get '/v2/_catalog/?' do
         catalog = []
         if auth_header.present?
-          if auth_header.unauthorized_token?
+          if auth_header.unauthenticated_token? || auth_header.unauthorized_token?
             catalog = container_gateway_main.catalog.select_map(::Sequel[:repositories][:name])
           elsif auth_header.valid_user_token?
             catalog = container_gateway_main.catalog(auth_header.user).select_map(::Sequel[:repositories][:name])
@@ -150,42 +150,33 @@ module Proxy
           request.params['account'] ||= username if username.present?
         end
-        unless auth_header.present? && auth_header.basic_auth?
-          return { token: AuthorizationHeader::UNAUTHORIZED_TOKEN, issued_at: Time.now.rfc3339,
-                   expires_in: 1.year.seconds.to_i }.to_json
-        end
         token_response = ForemanApi.new.fetch_token(auth_header.raw_header, request.params)
-        if token_response.code.to_i != 200
-          halt token_response.code.to_i, token_response.body
-        else
-          # This returned token should follow OAuth2 spec. We need some minor conversion
-          # to store the token with the expires_at time (using rfc3339).
-          token_response_body = JSON.parse(token_response.body)
+        halt token_response.code.to_i, token_response.body unless token_response.code.to_i == 200
-          if token_response_body['token'].nil?
-            halt 502, "Recieved malformed token response"
-          end
+        token_response_body = JSON.parse(token_response.body)
+        halt 502, "Recieved malformed token response" if token_response_body['token'].nil?
+        # Check for unauthorized tokens and respond with 401
+        halt 401, "unauthorized" if token_response_body['token'] == AuthorizationHeader::UNAUTHORIZED_TOKEN
+        # Skip storing the token if it is unauthenticated
+        unless token_response_body['token'] == AuthorizationHeader::UNAUTHENTICATED_TOKEN
           # "issued_at" is an optional field. Per OAuth2 we assume time of token response as
           # the issue time if the field is ommitted.
           token_issue_time = (token_response_body["issued_at"] || token_response["Date"])&.to_time
-          if token_issue_time.nil?
-            halt 502, "Recieved malformed token response"
-          end
+          halt 502, "Recieved malformed token response" if token_issue_time.nil?
+          # This returned token should follow OAuth2 spec. We need some minor conversion
+          # to store the token with the expires_at time (using rfc3339).
           # 'expires_in' is an optional field. If not provided, assume 60 seconds per OAuth2 spec
           expires_in = token_response_body.fetch("expires_in", 60)
           expires_at = token_issue_time + expires_in.seconds
-          if request.params['account'].present?
-            container_gateway_main.insert_token(
-              request.params['account'],
-              token_response_body['token'],
-              expires_at.rfc3339
-            )
-          else
-            halt 401, "unauthorized"
-          end
+          container_gateway_main.insert_token(
+            request.params['account'],
+            token_response_body['token'],
+            expires_at.rfc3339
+          )
           repo_response = ForemanApi.new.fetch_user_repositories(auth_header.raw_header, request.params)
           if repo_response.code.to_i != 200
@@ -194,10 +185,10 @@ module Proxy
             container_gateway_main.update_user_repositories(request.params['account'],
                                                             JSON.parse(repo_response.body)['repositories'])
           end
-          # Return the original token response from Katello
-          return token_response.body
         end
+        # Return the original token response from Katello
+        return token_response.body
       end
       get '/users/?' do
@@ -320,6 +311,7 @@ module Proxy
         inject_attr :database_impl, :database
         inject_attr :container_gateway_main_impl, :container_gateway_main
         UNAUTHORIZED_TOKEN = 'unauthorized'.freeze
+        UNAUTHENTICATED_TOKEN = 'unauthenticated'.freeze
         def initialize(value)
           @value = value || ''
@@ -345,6 +337,10 @@ module Proxy
           @value.split(' ')[1] == UNAUTHORIZED_TOKEN
         end
+        def unauthenticated_token?
+          @value.split(' ')[1] == UNAUTHENTICATED_TOKEN
+        end
         def token_auth?
           @value.split(' ')[0] == 'Bearer'
         end

data/lib/smart_proxy_container_gateway/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Proxy
   module ContainerGateway
-    VERSION = '3.3.0'.freeze
+    VERSION = '3.3.1'.freeze
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_container_gateway
 version: !ruby/object:Gem::Version
-  version: 3.3.0
+  version: 3.3.1
 platform: ruby
 authors:
 - Ian Ballou
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-04-04 00:00:00.000000000 Z
+date: 2025-04-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -116,7 +116,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.21
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: Pulp 3 container registry support for Foreman/Katello Smart-Proxy