RubyGems - spikard - Versions diffs - 0.3.6 → 0.5.0 - Mend

spikard 0.3.6 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (113) hide show

checksums.yaml +4 -4
data/README.md +21 -6
data/ext/spikard_rb/Cargo.toml +2 -2
data/lib/spikard/app.rb +33 -14
data/lib/spikard/testing.rb +47 -12
data/lib/spikard/version.rb +1 -1
data/vendor/crates/spikard-bindings-shared/Cargo.toml +63 -0
data/vendor/crates/spikard-bindings-shared/examples/config_extraction.rs +132 -0
data/vendor/crates/spikard-bindings-shared/src/config_extractor.rs +752 -0
data/vendor/crates/spikard-bindings-shared/src/conversion_traits.rs +194 -0
data/vendor/crates/spikard-bindings-shared/src/di_traits.rs +246 -0
data/vendor/crates/spikard-bindings-shared/src/error_response.rs +401 -0
data/vendor/crates/spikard-bindings-shared/src/handler_base.rs +238 -0
data/vendor/crates/spikard-bindings-shared/src/lib.rs +24 -0
data/vendor/crates/spikard-bindings-shared/src/lifecycle_base.rs +292 -0
data/vendor/crates/spikard-bindings-shared/src/lifecycle_executor.rs +616 -0
data/vendor/crates/spikard-bindings-shared/src/response_builder.rs +305 -0
data/vendor/crates/spikard-bindings-shared/src/test_client_base.rs +248 -0
data/vendor/crates/spikard-bindings-shared/src/validation_helpers.rs +351 -0
data/vendor/crates/spikard-bindings-shared/tests/comprehensive_coverage.rs +454 -0
data/vendor/crates/spikard-bindings-shared/tests/error_response_edge_cases.rs +383 -0
data/vendor/crates/spikard-bindings-shared/tests/handler_base_integration.rs +280 -0
data/vendor/crates/spikard-core/Cargo.toml +4 -4
data/vendor/crates/spikard-core/src/debug.rs +64 -0
data/vendor/crates/spikard-core/src/di/container.rs +3 -27
data/vendor/crates/spikard-core/src/di/factory.rs +1 -5
data/vendor/crates/spikard-core/src/di/graph.rs +8 -47
data/vendor/crates/spikard-core/src/di/mod.rs +1 -1
data/vendor/crates/spikard-core/src/di/resolved.rs +1 -7
data/vendor/crates/spikard-core/src/di/value.rs +2 -4
data/vendor/crates/spikard-core/src/errors.rs +30 -0
data/vendor/crates/spikard-core/src/http.rs +262 -0
data/vendor/crates/spikard-core/src/lib.rs +1 -1
data/vendor/crates/spikard-core/src/lifecycle.rs +764 -0
data/vendor/crates/spikard-core/src/metadata.rs +389 -0
data/vendor/crates/spikard-core/src/parameters.rs +1962 -159
data/vendor/crates/spikard-core/src/problem.rs +34 -0
data/vendor/crates/spikard-core/src/request_data.rs +966 -1
data/vendor/crates/spikard-core/src/router.rs +263 -2
data/vendor/crates/spikard-core/src/validation/error_mapper.rs +688 -0
data/vendor/crates/spikard-core/src/{validation.rs → validation/mod.rs} +26 -268
data/vendor/crates/spikard-http/Cargo.toml +12 -16
data/vendor/crates/spikard-http/examples/sse-notifications.rs +148 -0
data/vendor/crates/spikard-http/examples/websocket-chat.rs +92 -0
data/vendor/crates/spikard-http/src/auth.rs +65 -16
data/vendor/crates/spikard-http/src/background.rs +1614 -3
data/vendor/crates/spikard-http/src/cors.rs +515 -0
data/vendor/crates/spikard-http/src/debug.rs +65 -0
data/vendor/crates/spikard-http/src/di_handler.rs +1322 -77
data/vendor/crates/spikard-http/src/handler_response.rs +711 -0
data/vendor/crates/spikard-http/src/handler_trait.rs +607 -5
data/vendor/crates/spikard-http/src/handler_trait_tests.rs +6 -0
data/vendor/crates/spikard-http/src/lib.rs +33 -28
data/vendor/crates/spikard-http/src/lifecycle/adapter.rs +81 -0
data/vendor/crates/spikard-http/src/lifecycle.rs +765 -0
data/vendor/crates/spikard-http/src/middleware/mod.rs +372 -117
data/vendor/crates/spikard-http/src/middleware/multipart.rs +836 -10
data/vendor/crates/spikard-http/src/middleware/urlencoded.rs +409 -43
data/vendor/crates/spikard-http/src/middleware/validation.rs +513 -65
data/vendor/crates/spikard-http/src/openapi/parameter_extraction.rs +345 -0
data/vendor/crates/spikard-http/src/openapi/schema_conversion.rs +1055 -0
data/vendor/crates/spikard-http/src/openapi/spec_generation.rs +473 -3
data/vendor/crates/spikard-http/src/query_parser.rs +455 -31
data/vendor/crates/spikard-http/src/response.rs +321 -0
data/vendor/crates/spikard-http/src/server/handler.rs +1572 -9
data/vendor/crates/spikard-http/src/server/lifecycle_execution.rs +136 -0
data/vendor/crates/spikard-http/src/server/mod.rs +875 -178
data/vendor/crates/spikard-http/src/server/request_extraction.rs +674 -23
data/vendor/crates/spikard-http/src/server/routing_factory.rs +599 -0
data/vendor/crates/spikard-http/src/sse.rs +983 -21
data/vendor/crates/spikard-http/src/testing/form.rs +38 -0
data/vendor/crates/spikard-http/src/testing/test_client.rs +0 -2
data/vendor/crates/spikard-http/src/testing.rs +7 -7
data/vendor/crates/spikard-http/src/websocket.rs +1055 -4
data/vendor/crates/spikard-http/tests/background_behavior.rs +832 -0
data/vendor/crates/spikard-http/tests/common/handlers.rs +309 -0
data/vendor/crates/spikard-http/tests/common/mod.rs +26 -0
data/vendor/crates/spikard-http/tests/di_integration.rs +192 -0
data/vendor/crates/spikard-http/tests/doc_snippets.rs +5 -0
data/vendor/crates/spikard-http/tests/lifecycle_execution.rs +1093 -0
data/vendor/crates/spikard-http/tests/multipart_behavior.rs +656 -0
data/vendor/crates/spikard-http/tests/server_config_builder.rs +314 -0
data/vendor/crates/spikard-http/tests/sse_behavior.rs +620 -0
data/vendor/crates/spikard-http/tests/websocket_behavior.rs +663 -0
data/vendor/crates/spikard-rb/Cargo.toml +10 -4
data/vendor/crates/spikard-rb/build.rs +196 -5
data/vendor/crates/spikard-rb/src/config/mod.rs +5 -0
data/vendor/crates/spikard-rb/src/{config.rs → config/server_config.rs} +100 -109
data/vendor/crates/spikard-rb/src/conversion.rs +121 -20
data/vendor/crates/spikard-rb/src/di/builder.rs +100 -0
data/vendor/crates/spikard-rb/src/{di.rs → di/mod.rs} +12 -46
data/vendor/crates/spikard-rb/src/handler.rs +100 -107
data/vendor/crates/spikard-rb/src/integration/mod.rs +3 -0
data/vendor/crates/spikard-rb/src/lib.rs +467 -1428
data/vendor/crates/spikard-rb/src/lifecycle.rs +1 -0
data/vendor/crates/spikard-rb/src/metadata/mod.rs +5 -0
data/vendor/crates/spikard-rb/src/metadata/route_extraction.rs +447 -0
data/vendor/crates/spikard-rb/src/runtime/mod.rs +5 -0
data/vendor/crates/spikard-rb/src/runtime/server_runner.rs +324 -0
data/vendor/crates/spikard-rb/src/server.rs +47 -22
data/vendor/crates/spikard-rb/src/{test_client.rs → testing/client.rs} +187 -40
data/vendor/crates/spikard-rb/src/testing/mod.rs +7 -0
data/vendor/crates/spikard-rb/src/testing/websocket.rs +635 -0
data/vendor/crates/spikard-rb/src/websocket.rs +178 -37
metadata +46 -13
data/vendor/crates/spikard-http/src/parameters.rs +0 -1
data/vendor/crates/spikard-http/src/problem.rs +0 -1
data/vendor/crates/spikard-http/src/router.rs +0 -1
data/vendor/crates/spikard-http/src/schema_registry.rs +0 -1
data/vendor/crates/spikard-http/src/type_hints.rs +0 -1
data/vendor/crates/spikard-http/src/validation.rs +0 -1
data/vendor/crates/spikard-rb/src/test_websocket.rs +0 -221
/data/vendor/crates/spikard-rb/src/{test_sse.rs → testing/sse.rs} +0 -0

data/vendor/crates/spikard-http/src/auth.rs CHANGED Viewed

@@ -43,6 +43,13 @@ pub struct Claims {
 /// Validates JWT tokens from the Authorization header (Bearer scheme).
 /// On success, the validated claims are available to downstream handlers.
 /// On failure, returns 401 Unauthorized with RFC 9457 Problem Details.
+///
+/// Coverage: Tested via integration tests (`auth_integration.rs`)
+///
+/// # Errors
+/// Returns an error response when the Authorization header is missing, malformed,
+/// the token is invalid, or configuration is incorrect.
+#[cfg(not(tarpaulin_include))]
 pub async fn jwt_auth_middleware(
     config: JwtConfig,
     headers: HeaderMap,
@@ -107,20 +114,18 @@ pub async fn jwt_auth_middleware(
         let detail = match e.kind() {
             jsonwebtoken::errors::ErrorKind::ExpiredSignature => "Token has expired".to_string(),
             jsonwebtoken::errors::ErrorKind::InvalidToken => "Token is invalid".to_string(),
-            jsonwebtoken::errors::ErrorKind::InvalidSignature => "Token signature is invalid".to_string(),
-            jsonwebtoken::errors::ErrorKind::Base64(_) => "Token signature is invalid".to_string(),
-            jsonwebtoken::errors::ErrorKind::InvalidAudience => "Token audience is invalid".to_string(),
-            jsonwebtoken::errors::ErrorKind::InvalidIssuer => {
-                if let Some(ref expected_iss) = config.issuer {
-                    format!("Token issuer is invalid, expected '{}'", expected_iss)
-                } else {
-                    "Token issuer is invalid".to_string()
-                }
+            jsonwebtoken::errors::ErrorKind::InvalidSignature | jsonwebtoken::errors::ErrorKind::Base64(_) => {
+                "Token signature is invalid".to_string()
             }
+            jsonwebtoken::errors::ErrorKind::InvalidAudience => "Token audience is invalid".to_string(),
+            jsonwebtoken::errors::ErrorKind::InvalidIssuer => config.issuer.as_ref().map_or_else(
+                || "Token issuer is invalid".to_string(),
+                |expected_iss| format!("Token issuer is invalid, expected '{expected_iss}'"),
+            ),
             jsonwebtoken::errors::ErrorKind::ImmatureSignature => {
                 "JWT not valid yet, not before claim is in the future".to_string()
             }
-            _ => format!("Token validation failed: {}", e),
+            _ => format!("Token validation failed: {e}"),
         };
         let problem =
@@ -146,7 +151,7 @@ fn parse_algorithm(alg: &str) -> Result<Algorithm, String> {
         "PS256" => Ok(Algorithm::PS256),
         "PS384" => Ok(Algorithm::PS384),
         "PS512" => Ok(Algorithm::PS512),
-        _ => Err(format!("Unsupported algorithm: {}", alg)),
+        _ => Err(format!("Unsupported algorithm: {alg}")),
     }
 }
@@ -156,6 +161,12 @@ fn parse_algorithm(alg: &str) -> Result<Algorithm, String> {
 /// Checks header first, then query parameter as fallback.
 /// On success, the request proceeds to the next handler.
 /// On failure, returns 401 Unauthorized with RFC 9457 Problem Details.
+///
+/// Coverage: Tested via integration tests (`auth_integration.rs`)
+///
+/// # Errors
+/// Returns an error response when the API key is missing or invalid.
+#[cfg(not(tarpaulin_include))]
 pub async fn api_key_auth_middleware(
     config: ApiKeyConfig,
     headers: HeaderMap,
@@ -168,11 +179,7 @@ pub async fn api_key_auth_middleware(
     let api_key_from_header = headers.get(&config.header_name).and_then(|v| v.to_str().ok());
-    let api_key = if let Some(key) = api_key_from_header {
-        Some(key)
-    } else {
-        extract_api_key_from_query(&uri)
-    };
+    let api_key = api_key_from_header.map_or_else(|| extract_api_key_from_query(&uri), Some);
     let api_key = api_key.ok_or_else(|| {
         let problem =
@@ -244,4 +251,46 @@ mod tests {
         assert!(json.contains("user123"));
         assert!(json.contains("1234567890"));
     }
+    #[test]
+    fn test_extract_api_key_from_query_api_key() {
+        let uri: axum::http::Uri = "/api/endpoint?api_key=secret123".parse().unwrap();
+        let result = extract_api_key_from_query(&uri);
+        assert_eq!(result, Some("secret123"));
+    }
+    #[test]
+    fn test_extract_api_key_from_query_api_key_camel_case() {
+        let uri: axum::http::Uri = "/api/endpoint?apiKey=mykey456".parse().unwrap();
+        let result = extract_api_key_from_query(&uri);
+        assert_eq!(result, Some("mykey456"));
+    }
+    #[test]
+    fn test_extract_api_key_from_query_key() {
+        let uri: axum::http::Uri = "/api/endpoint?key=testkey789".parse().unwrap();
+        let result = extract_api_key_from_query(&uri);
+        assert_eq!(result, Some("testkey789"));
+    }
+    #[test]
+    fn test_extract_api_key_from_query_no_key() {
+        let uri: axum::http::Uri = "/api/endpoint?foo=bar&baz=qux".parse().unwrap();
+        let result = extract_api_key_from_query(&uri);
+        assert_eq!(result, None);
+    }
+    #[test]
+    fn test_extract_api_key_from_query_empty_string() {
+        let uri: axum::http::Uri = "/api/endpoint".parse().unwrap();
+        let result = extract_api_key_from_query(&uri);
+        assert_eq!(result, None);
+    }
+    #[test]
+    fn test_extract_api_key_from_query_multiple_params() {
+        let uri: axum::http::Uri = "/api/endpoint?foo=bar&api_key=found&baz=qux".parse().unwrap();
+        let result = extract_api_key_from_query(&uri);
+        assert_eq!(result, Some("found"));
+    }
 }