ssrfs-up 0.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,15 @@
1
+ =begin
2
+ #SSRF Forwarder
3
+
4
+ #This is an API that forwards request on behalf of other services.
5
+
6
+ The version of the OpenAPI document: 1.0.0-oas3-oas3-oas3
7
+ Contact: jheath@chanzuckerberg.com
8
+ Generated by: https://openapi-generator.tech
9
+ OpenAPI Generator version: 5.0.1
10
+
11
+ =end
12
+
13
+ module OpenapiClient
14
+ VERSION = '1.0.0'
15
+ end
data/lib/ssrfs-up.rb ADDED
@@ -0,0 +1,136 @@
1
+ require 'aws-sdk-lambda'
2
+ require 'uri'
3
+
4
+ # Common files
5
+ require 'openapi_client/lib/openapi_client/api_client'
6
+ require 'openapi_client/lib/openapi_client/api_error'
7
+ require 'openapi_client/lib/openapi_client/version'
8
+ require 'openapi_client/lib/openapi_client/configuration'
9
+
10
+ # Models
11
+ require 'openapi_client/lib/openapi_client/models/content_type'
12
+ require 'openapi_client/lib/openapi_client/models/method'
13
+ require 'openapi_client/lib/openapi_client/models/redirect'
14
+ require 'openapi_client/lib/openapi_client/models/request'
15
+ require 'openapi_client/lib/openapi_client/models/response'
16
+ require 'openapi_client/lib/openapi_client/models/response_error'
17
+ require 'openapi_client/lib/openapi_client/models/response_success'
18
+
19
+ # APIs
20
+ require 'openapi_client/lib/openapi_client/api/default_api'
21
+
22
+ module SSRFsUp
23
+ class << self
24
+ attr_accessor :config, :client
25
+
26
+ def configuration
27
+ @config ||= Configuration.new
28
+ end
29
+
30
+ def client
31
+ @client ||= Aws::Lambda::Client.new(region: configuration.region)
32
+ end
33
+
34
+ def configure
35
+ yield(configuration)
36
+ @client = Aws::Lambda::Client.new(region: configuration.region)
37
+ end
38
+
39
+ # These methods take a string like "www.google.com" or "https://google.com" and parse
40
+ # the respective parameters from the string to make the request. If only a hostname
41
+ # is provided, the default options are applied. A hash of options can also be
42
+ # supplied to configure the request.
43
+
44
+ # get makes a get request through the proxy.
45
+ def get(host, opts = {})
46
+ opts['method'] = 'GET'
47
+ invoke(host, opts)
48
+ end
49
+
50
+ # put makes a put request through the proxy.
51
+ def put(host, opts = {})
52
+ opts['method'] = 'PUT'
53
+ invoke(host, opts)
54
+ end
55
+
56
+ # post makes a post request through the proxy.
57
+ def post(host, opts = {})
58
+ opts['method'] = 'POST'
59
+ invoke(host, opts)
60
+ end
61
+
62
+ # patch makes a patch request through the proxy.
63
+ def patch(host, opts = {})
64
+ opts['method'] = 'PATCH'
65
+ invoke(host, opts)
66
+ end
67
+
68
+ # delete makes a delete request through the proxy.
69
+ def delete(host, opts = {})
70
+ opts['method'] = 'DELETE'
71
+ invoke(host, opts)
72
+ end
73
+
74
+ private
75
+
76
+ # parseAsUri takes an ambiguous string and sets the appropriate options based
77
+ # on if it can be parsed as URI object. If it can't, then the string is assumed
78
+ # to be a hostname only.
79
+ def parseAsUri(uri = '')
80
+ opts = { 'host' => uri }
81
+ u = URI(uri)
82
+ # if the scheme was present, we can parse most of the options from the URI.
83
+ # otherwise, we can assume the URI was an actual hostname
84
+ unless u.scheme.nil?
85
+ opts['secure'] = !(u.scheme == 'http')
86
+ opts['host'] = u.host
87
+ opts['path'] = u.path unless u.path == ''
88
+ opts['_query_params'] = CGI.parse(u.query) unless u.query.nil?
89
+ end
90
+ opts
91
+ end
92
+
93
+ # TODO: log errors to CloudWatch
94
+ def logError(e = nil)
95
+ puts e
96
+ end
97
+
98
+ # invoke invokes the lambda with the provided arguments. It handles all lambda
99
+ # related errors so developers should assume the data they receive back is straight
100
+ # from the server they are speaking to.
101
+ def invoke(host = nil, opts = {})
102
+ opts = opts.merge(parseAsUri(host))
103
+ resp = client.invoke({
104
+ function_name: configuration.func_name,
105
+ invocation_type: configuration.invoke_type,
106
+ log_type: configuration.log_type,
107
+ payload: payload(opts)
108
+ })
109
+ if resp['status_code'] == 200
110
+ JSON.parse(resp&.payload&.string)
111
+ else
112
+ { body: '', status_code: resp[status_code], status_text: '500 Error with proxy' }
113
+ end
114
+ rescue StandardError => e
115
+ logError(e)
116
+ { body: '', status_code: 500, status_text: e.to_s }
117
+ end
118
+
119
+ # payload builds an API client Request object with the proper defaults and
120
+ # returns its JSON serialization.
121
+ def payload(opts = {})
122
+ OpenapiClient::Request.new(opts).to_hash.to_json
123
+ end
124
+
125
+ class Configuration
126
+ attr_accessor :func_name, :invoke_type, :log_type, :region
127
+
128
+ def initialize
129
+ @func_name = 'testproxy'
130
+ @invoke_type = 'RequestResponse'
131
+ @log_type = 'None'
132
+ @region = 'us-west-2'
133
+ end
134
+ end
135
+ end
136
+ end
metadata ADDED
@@ -0,0 +1,117 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: ssrfs-up
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.9
5
+ platform: ruby
6
+ authors:
7
+ - Jake Heath
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2021-03-10 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: aws-sdk-lambda
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1'
20
+ - - ">="
21
+ - !ruby/object:Gem::Version
22
+ version: '1'
23
+ type: :runtime
24
+ prerelease: false
25
+ version_requirements: !ruby/object:Gem::Requirement
26
+ requirements:
27
+ - - "~>"
28
+ - !ruby/object:Gem::Version
29
+ version: '1'
30
+ - - ">="
31
+ - !ruby/object:Gem::Version
32
+ version: '1'
33
+ - !ruby/object:Gem::Dependency
34
+ name: typhoeus
35
+ requirement: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - "~>"
38
+ - !ruby/object:Gem::Version
39
+ version: '1.0'
40
+ - - ">="
41
+ - !ruby/object:Gem::Version
42
+ version: 1.0.1
43
+ type: :runtime
44
+ prerelease: false
45
+ version_requirements: !ruby/object:Gem::Requirement
46
+ requirements:
47
+ - - "~>"
48
+ - !ruby/object:Gem::Version
49
+ version: '1.0'
50
+ - - ">="
51
+ - !ruby/object:Gem::Version
52
+ version: 1.0.1
53
+ - !ruby/object:Gem::Dependency
54
+ name: rspec
55
+ requirement: !ruby/object:Gem::Requirement
56
+ requirements:
57
+ - - "~>"
58
+ - !ruby/object:Gem::Version
59
+ version: '3.6'
60
+ - - ">="
61
+ - !ruby/object:Gem::Version
62
+ version: 3.6.0
63
+ type: :development
64
+ prerelease: false
65
+ version_requirements: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - "~>"
68
+ - !ruby/object:Gem::Version
69
+ version: '3.6'
70
+ - - ">="
71
+ - !ruby/object:Gem::Version
72
+ version: 3.6.0
73
+ description: A gem that simplifies connecting to out AWS Lambda used to proxy requests.
74
+ Make your third-party requests secure by default. For additional docs, see https://github.com/chanzuckerberg/ssrf-proxy
75
+ email: jheath@chanzuckerberg.com
76
+ executables: []
77
+ extensions: []
78
+ extra_rdoc_files: []
79
+ files:
80
+ - lib/openapi_client/lib/openapi_client.rb
81
+ - lib/openapi_client/lib/openapi_client/api/default_api.rb
82
+ - lib/openapi_client/lib/openapi_client/api_client.rb
83
+ - lib/openapi_client/lib/openapi_client/api_error.rb
84
+ - lib/openapi_client/lib/openapi_client/configuration.rb
85
+ - lib/openapi_client/lib/openapi_client/models/content_type.rb
86
+ - lib/openapi_client/lib/openapi_client/models/method.rb
87
+ - lib/openapi_client/lib/openapi_client/models/redirect.rb
88
+ - lib/openapi_client/lib/openapi_client/models/request.rb
89
+ - lib/openapi_client/lib/openapi_client/models/response.rb
90
+ - lib/openapi_client/lib/openapi_client/models/response_error.rb
91
+ - lib/openapi_client/lib/openapi_client/models/response_success.rb
92
+ - lib/openapi_client/lib/openapi_client/version.rb
93
+ - lib/ssrfs-up.rb
94
+ homepage: https://github.com/chanzuckerberg/SSRFs-Up/
95
+ licenses:
96
+ - MIT
97
+ metadata: {}
98
+ post_install_message:
99
+ rdoc_options: []
100
+ require_paths:
101
+ - lib
102
+ required_ruby_version: !ruby/object:Gem::Requirement
103
+ requirements:
104
+ - - ">="
105
+ - !ruby/object:Gem::Version
106
+ version: '0'
107
+ required_rubygems_version: !ruby/object:Gem::Requirement
108
+ requirements:
109
+ - - ">="
110
+ - !ruby/object:Gem::Version
111
+ version: '0'
112
+ requirements: []
113
+ rubygems_version: 3.1.4
114
+ signing_key:
115
+ specification_version: 4
116
+ summary: Proxy all requests to avoid SSRF.
117
+ test_files: []