ssrfs-up 0.0.12 → 0.0.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/openapi_client/lib/openapi_client.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/api/default_api.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/api_client.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/api_error.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/configuration.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/content_type.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/method.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/redirect.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/request.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/response.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/response_error.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/models/response_success.rb +1 -1
- data/lib/openapi_client/lib/openapi_client/version.rb +1 -1
- data/lib/ssrfs-up.rb +46 -26
- data/lib/ssrfs-up/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ed38c43272a326e05f87796045f0c9e79debdda9d9ff065afbb61411f647fe9c
|
|
4
|
+
data.tar.gz: f5512226009f01dcf116ef1aa8a9a82d286459b52c28287fe4f886e740e16613
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0afab3d60b6690dda4cc7bd5dbc74e0da1906a848532b71bc37b7bdcd56e7e1d91bdaf1d7d76309831c18570e13460cff3197bcf146c9d83516338fc0f443753
|
|
7
|
+
data.tar.gz: 7c2ff1b829f59d23b7012f054377c2b04591133dda7d4603dd11334b6ff769c40175ac80988546277f3641ad1ce3c0bc71611a9eefc9bc78f15c05ce15916e94
|
data/lib/ssrfs-up.rb
CHANGED
|
@@ -20,13 +20,16 @@ require 'openapi_client/lib/openapi_client/models/response_success'
|
|
|
20
20
|
|
|
21
21
|
# APIs
|
|
22
22
|
require 'openapi_client/lib/openapi_client/api/default_api'
|
|
23
|
-
|
|
23
|
+
##
|
|
24
|
+
# This module contains the AWS lambda client and helper methods to easily
|
|
25
|
+
# make requests to it. All methods take a hostname or URI and a hash or options
|
|
26
|
+
# for the request.
|
|
24
27
|
module SSRFsUp
|
|
25
28
|
class Configuration
|
|
26
29
|
attr_accessor :func_name, :invoke_type, :log_type, :region, :test
|
|
27
30
|
|
|
28
31
|
def initialize
|
|
29
|
-
@func_name = 'sec-czi-sec-ssrfs-up'
|
|
32
|
+
@func_name = 'arn:aws:lambda:us-west-2:871040364337:function:sec-czi-sec-ssrfs-up:sec-czi-sec-ssrfs-up'
|
|
30
33
|
@invoke_type = 'RequestResponse'
|
|
31
34
|
@log_type = 'None'
|
|
32
35
|
@region = 'us-west-2'
|
|
@@ -37,62 +40,64 @@ module SSRFsUp
|
|
|
37
40
|
class << self
|
|
38
41
|
attr_accessor :config, :client
|
|
39
42
|
|
|
40
|
-
def configuration
|
|
41
|
-
@config ||= Configuration.new
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
def client
|
|
45
|
-
@client ||= Aws::Lambda::Client.new(region: configuration.region)
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
def configure
|
|
49
|
-
yield(configuration)
|
|
50
|
-
@client = Aws::Lambda::Client.new({ region: configuration.region, stub_responses: configuration.test })
|
|
51
|
-
end
|
|
52
|
-
|
|
53
43
|
# These methods take a string like "www.google.com" or "https://google.com" and parse
|
|
54
44
|
# the respective parameters from the string to make the request. If only a hostname
|
|
55
45
|
# is provided, the default options are applied. A hash of options can also be
|
|
56
|
-
# supplied to configure the request.
|
|
46
|
+
# supplied to configure the request. The set of options can be found at
|
|
47
|
+
# https://github.com/chanzuckerberg/SSRFs-Up/blob/0e18fd30bee3f2b99ff4bc512cb967b83e8d9dcb/openapi.yaml#L97-L119
|
|
48
|
+
def do(method, host, opts = {})
|
|
49
|
+
case method.downcase
|
|
50
|
+
when 'get'
|
|
51
|
+
get(host, opts)
|
|
52
|
+
when 'put'
|
|
53
|
+
put(host, opts)
|
|
54
|
+
when 'post'
|
|
55
|
+
post(host, opts)
|
|
56
|
+
when 'patch'
|
|
57
|
+
patch(host, opts)
|
|
58
|
+
when 'delete'
|
|
59
|
+
delete(host, opts)
|
|
60
|
+
end
|
|
61
|
+
end
|
|
57
62
|
|
|
58
|
-
#
|
|
63
|
+
# convenience method for making a GET request with do.
|
|
59
64
|
def get(host, opts = {})
|
|
60
65
|
opts['method'] = 'GET'
|
|
61
66
|
invoke(host, opts)
|
|
62
67
|
end
|
|
63
68
|
|
|
64
|
-
#
|
|
69
|
+
# convenience method for making a PUT request with do.
|
|
65
70
|
def put(host, opts = {})
|
|
66
71
|
opts['method'] = 'PUT'
|
|
67
72
|
invoke(host, opts)
|
|
68
73
|
end
|
|
69
74
|
|
|
70
|
-
#
|
|
75
|
+
# convenience method for making a POST request with do.
|
|
71
76
|
def post(host, opts = {})
|
|
72
77
|
opts['method'] = 'POST'
|
|
73
78
|
invoke(host, opts)
|
|
74
79
|
end
|
|
75
80
|
|
|
76
|
-
#
|
|
81
|
+
# convenience method for making a patch request with do.
|
|
77
82
|
def patch(host, opts = {})
|
|
78
83
|
opts['method'] = 'PATCH'
|
|
79
84
|
invoke(host, opts)
|
|
80
85
|
end
|
|
81
86
|
|
|
82
|
-
#
|
|
87
|
+
# convenience method for making a DELETE request with do.
|
|
83
88
|
def delete(host, opts = {})
|
|
84
89
|
opts['method'] = 'DELETE'
|
|
85
90
|
invoke(host, opts)
|
|
86
91
|
end
|
|
87
92
|
|
|
88
|
-
#
|
|
93
|
+
# takes an ambiguous string or URI and sets the appropriate options based
|
|
89
94
|
# on if it can be parsed as URI object. If it can't, then the string is assumed
|
|
90
95
|
# to be a hostname only.
|
|
91
96
|
def parseAsUri(uri = '')
|
|
92
97
|
uri = uri.to_s
|
|
93
|
-
|
|
94
|
-
opts = { 'host' => splits[0] }
|
|
98
|
+
opts = { 'host' => uri.split('/')[0].split('?')[0].split('#')[0] }
|
|
95
99
|
u = URI(uri)
|
|
100
|
+
|
|
96
101
|
# if the scheme was present, we can parse most of the options from the URI.
|
|
97
102
|
# otherwise, we can assume the URI was an actual hostname
|
|
98
103
|
unless u.scheme.nil?
|
|
@@ -104,13 +109,28 @@ module SSRFsUp
|
|
|
104
109
|
opts
|
|
105
110
|
end
|
|
106
111
|
|
|
112
|
+
# converts a hash of options to a valid OpenapiClient Request so that it
|
|
113
|
+
# can be properly consumed by the lambda.
|
|
107
114
|
def toOpenAPIClient(opts = {})
|
|
108
115
|
OpenapiClient::Request.new(opts).to_hash
|
|
109
116
|
end
|
|
110
117
|
|
|
111
|
-
|
|
118
|
+
# configures the SSRFsUp module and recreates the AWS Lambda Client from
|
|
119
|
+
# the updated configuration.
|
|
120
|
+
def configure
|
|
121
|
+
yield(configuration)
|
|
122
|
+
@client = Aws::Lambda::Client.new({ region: configuration.region, stub_responses: configuration.test })
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
def configuration
|
|
126
|
+
@config ||= Configuration.new
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
def client
|
|
130
|
+
@client ||= Aws::Lambda::Client.new(region: configuration.region)
|
|
131
|
+
end
|
|
112
132
|
|
|
113
|
-
#
|
|
133
|
+
# invokes the lambda with the provided arguments. It handles all lambda
|
|
114
134
|
# related errors so developers should assume the data they receive back is straight
|
|
115
135
|
# from the server they are speaking to.
|
|
116
136
|
def invoke(host = nil, opts = {})
|
data/lib/ssrfs-up/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ssrfs-up
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.17
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jake Heath
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-04-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-lambda
|
|
@@ -155,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
155
155
|
- !ruby/object:Gem::Version
|
|
156
156
|
version: '0'
|
|
157
157
|
requirements: []
|
|
158
|
-
rubygems_version: 3.1.
|
|
158
|
+
rubygems_version: 3.1.6
|
|
159
159
|
signing_key:
|
|
160
160
|
specification_version: 4
|
|
161
161
|
summary: Proxy all requests to avoid SSRF.
|