ssrfs-up 0.0.12 → 0.0.17
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/openapi_client/lib/openapi_client.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/api/default_api.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/api_client.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/api_error.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/configuration.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/content_type.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/method.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/redirect.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/request.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/response.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/response_error.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/response_success.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/version.rb +1 -1
- data/lib/ssrfs-up.rb +46 -26
- data/lib/ssrfs-up/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ed38c43272a326e05f87796045f0c9e79debdda9d9ff065afbb61411f647fe9c
|
|
4
|
+
data.tar.gz: f5512226009f01dcf116ef1aa8a9a82d286459b52c28287fe4f886e740e16613
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0afab3d60b6690dda4cc7bd5dbc74e0da1906a848532b71bc37b7bdcd56e7e1d91bdaf1d7d76309831c18570e13460cff3197bcf146c9d83516338fc0f443753
|
|
7
|
+
data.tar.gz: 7c2ff1b829f59d23b7012f054377c2b04591133dda7d4603dd11334b6ff769c40175ac80988546277f3641ad1ce3c0bc71611a9eefc9bc78f15c05ce15916e94
|
data/lib/ssrfs-up.rb
CHANGED
|
@@ -20,13 +20,16 @@ require 'openapi_client/lib/openapi_client/models/response_success'
|
|
|
20
20
|
|
|
21
21
|
# APIs
|
|
22
22
|
require 'openapi_client/lib/openapi_client/api/default_api'
|
|
23
|
-
|
|
23
|
+
##
|
|
24
|
+
# This module contains the AWS lambda client and helper methods to easily
|
|
25
|
+
# make requests to it. All methods take a hostname or URI and a hash or options
|
|
26
|
+
# for the request.
|
|
24
27
|
module SSRFsUp
|
|
25
28
|
class Configuration
|
|
26
29
|
attr_accessor :func_name, :invoke_type, :log_type, :region, :test
|
|
27
30
|
|
|
28
31
|
def initialize
|
|
29
|
-
@func_name = 'sec-czi-sec-ssrfs-up'
|
|
32
|
+
@func_name = 'arn:aws:lambda:us-west-2:871040364337:function:sec-czi-sec-ssrfs-up:sec-czi-sec-ssrfs-up'
|
|
30
33
|
@invoke_type = 'RequestResponse'
|
|
31
34
|
@log_type = 'None'
|
|
32
35
|
@region = 'us-west-2'
|
|
@@ -37,62 +40,64 @@ module SSRFsUp
|
|
|
37
40
|
class << self
|
|
38
41
|
attr_accessor :config, :client
|
|
39
42
|
|
|
40
|
-
def configuration
|
|
41
|
-
@config ||= Configuration.new
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
def client
|
|
45
|
-
@client ||= Aws::Lambda::Client.new(region: configuration.region)
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
def configure
|
|
49
|
-
yield(configuration)
|
|
50
|
-
@client = Aws::Lambda::Client.new({ region: configuration.region, stub_responses: configuration.test })
|
|
51
|
-
end
|
|
52
|
-
|
|
53
43
|
# These methods take a string like "www.google.com" or "https://google.com" and parse
|
|
54
44
|
# the respective parameters from the string to make the request. If only a hostname
|
|
55
45
|
# is provided, the default options are applied. A hash of options can also be
|
|
56
|
-
# supplied to configure the request.
|
|
46
|
+
# supplied to configure the request. The set of options can be found at
|
|
47
|
+
# https://github.com/chanzuckerberg/SSRFs-Up/blob/0e18fd30bee3f2b99ff4bc512cb967b83e8d9dcb/openapi.yaml#L97-L119
|
|
48
|
+
def do(method, host, opts = {})
|
|
49
|
+
case method.downcase
|
|
50
|
+
when 'get'
|
|
51
|
+
get(host, opts)
|
|
52
|
+
when 'put'
|
|
53
|
+
put(host, opts)
|
|
54
|
+
when 'post'
|
|
55
|
+
post(host, opts)
|
|
56
|
+
when 'patch'
|
|
57
|
+
patch(host, opts)
|
|
58
|
+
when 'delete'
|
|
59
|
+
delete(host, opts)
|
|
60
|
+
end
|
|
61
|
+
end
|
|
57
62
|
|
|
58
|
-
#
|
|
63
|
+
# convenience method for making a GET request with do.
|
|
59
64
|
def get(host, opts = {})
|
|
60
65
|
opts['method'] = 'GET'
|
|
61
66
|
invoke(host, opts)
|
|
62
67
|
end
|
|
63
68
|
|
|
64
|
-
#
|
|
69
|
+
# convenience method for making a PUT request with do.
|
|
65
70
|
def put(host, opts = {})
|
|
66
71
|
opts['method'] = 'PUT'
|
|
67
72
|
invoke(host, opts)
|
|
68
73
|
end
|
|
69
74
|
|
|
70
|
-
#
|
|
75
|
+
# convenience method for making a POST request with do.
|
|
71
76
|
def post(host, opts = {})
|
|
72
77
|
opts['method'] = 'POST'
|
|
73
78
|
invoke(host, opts)
|
|
74
79
|
end
|
|
75
80
|
|
|
76
|
-
#
|
|
81
|
+
# convenience method for making a patch request with do.
|
|
77
82
|
def patch(host, opts = {})
|
|
78
83
|
opts['method'] = 'PATCH'
|
|
79
84
|
invoke(host, opts)
|
|
80
85
|
end
|
|
81
86
|
|
|
82
|
-
#
|
|
87
|
+
# convenience method for making a DELETE request with do.
|
|
83
88
|
def delete(host, opts = {})
|
|
84
89
|
opts['method'] = 'DELETE'
|
|
85
90
|
invoke(host, opts)
|
|
86
91
|
end
|
|
87
92
|
|
|
88
|
-
#
|
|
93
|
+
# takes an ambiguous string or URI and sets the appropriate options based
|
|
89
94
|
# on if it can be parsed as URI object. If it can't, then the string is assumed
|
|
90
95
|
# to be a hostname only.
|
|
91
96
|
def parseAsUri(uri = '')
|
|
92
97
|
uri = uri.to_s
|
|
93
|
-
|
|
94
|
-
opts = { 'host' => splits[0] }
|
|
98
|
+
opts = { 'host' => uri.split('/')[0].split('?')[0].split('#')[0] }
|
|
95
99
|
u = URI(uri)
|
|
100
|
+
|
|
96
101
|
# if the scheme was present, we can parse most of the options from the URI.
|
|
97
102
|
# otherwise, we can assume the URI was an actual hostname
|
|
98
103
|
unless u.scheme.nil?
|
|
@@ -104,13 +109,28 @@ module SSRFsUp
|
|
|
104
109
|
opts
|
|
105
110
|
end
|
|
106
111
|
|
|
112
|
+
# converts a hash of options to a valid OpenapiClient Request so that it
|
|
113
|
+
# can be properly consumed by the lambda.
|
|
107
114
|
def toOpenAPIClient(opts = {})
|
|
108
115
|
OpenapiClient::Request.new(opts).to_hash
|
|
109
116
|
end
|
|
110
117
|
|
|
111
|
-
|
|
118
|
+
# configures the SSRFsUp module and recreates the AWS Lambda Client from
|
|
119
|
+
# the updated configuration.
|
|
120
|
+
def configure
|
|
121
|
+
yield(configuration)
|
|
122
|
+
@client = Aws::Lambda::Client.new({ region: configuration.region, stub_responses: configuration.test })
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
def configuration
|
|
126
|
+
@config ||= Configuration.new
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
def client
|
|
130
|
+
@client ||= Aws::Lambda::Client.new(region: configuration.region)
|
|
131
|
+
end
|
|
112
132
|
|
|
113
|
-
#
|
|
133
|
+
# invokes the lambda with the provided arguments. It handles all lambda
|
|
114
134
|
# related errors so developers should assume the data they receive back is straight
|
|
115
135
|
# from the server they are speaking to.
|
|
116
136
|
def invoke(host = nil, opts = {})
|
data/lib/ssrfs-up/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ssrfs-up
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.17
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jake Heath
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-04-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-lambda
|
|
@@ -155,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
155
155
|
- !ruby/object:Gem::Version
|
|
156
156
|
version: '0'
|
|
157
157
|
requirements: []
|
|
158
|
-
rubygems_version: 3.1.
|
|
158
|
+
rubygems_version: 3.1.6
|
|
159
159
|
signing_key:
|
|
160
160
|
specification_version: 4
|
|
161
161
|
summary: Proxy all requests to avoid SSRF.
|