stitches 3.8.1 → 3.8.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +25 -25
- data/{CODEOWNERS → .github/CODEOWNERS} +1 -1
- data/{PULL_REQUEST_TEMPLATE.md → .github/PULL_REQUEST_TEMPLATE.md} +0 -0
- data/.ruby-version +1 -1
- data/.travis.yml +5 -2
- data/lib/stitches/api_key.rb +8 -12
- data/lib/stitches/valid_mime_type.rb +6 -5
- data/lib/stitches/version.rb +1 -1
- data/owners.json +1 -1
- data/spec/api_key_spec.rb +6 -4
- data/spec/valid_mime_type_spec.rb +4 -3
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ad83ebbf3aed8767a280f814d64be8819dd200586bd737de0cdb402516539476
|
4
|
+
data.tar.gz: fba83f42359be56a03517351dab3bb877bf9fc50d7acfb6de6c48117544472e3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5288beef3b5831fbade2a210b5b18c404ceae447833e35303c4cdc041888c0fbd8a71e2d343b10387316c5bfa2b13d04a3727c5b83fcf3114cf7b2c26a7a043b
|
7
|
+
data.tar.gz: 0fc6d6ba8044ba4df0fcd57826c6028926158a0201b96c27122e66d73070288a148bfee47d8352345f4e7840dd85531182ced2f933c39f1b10dc398e3c83d70d
|
data/.circleci/config.yml
CHANGED
@@ -5,7 +5,7 @@ version: 2
|
|
5
5
|
jobs:
|
6
6
|
release:
|
7
7
|
docker:
|
8
|
-
- image: circleci/ruby:2.
|
8
|
+
- image: circleci/ruby:2.7.0
|
9
9
|
steps:
|
10
10
|
- checkout
|
11
11
|
- run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
|
@@ -17,9 +17,9 @@ jobs:
|
|
17
17
|
- run:
|
18
18
|
name: Build/release gem to artifactory
|
19
19
|
command: bundle exec rake push_artifactory
|
20
|
-
ruby-2.
|
20
|
+
ruby-2.7.0-rails-6.0:
|
21
21
|
docker:
|
22
|
-
- image: circleci/ruby:2.
|
22
|
+
- image: circleci/ruby:2.7.0
|
23
23
|
environment:
|
24
24
|
BUNDLE_GEMFILE: Gemfile.rails-6.0
|
25
25
|
working_directory: "~/stitches"
|
@@ -35,13 +35,13 @@ jobs:
|
|
35
35
|
fi
|
36
36
|
- run:
|
37
37
|
name: Notify Pager Duty
|
38
|
-
command: bundle exec y-notify "#
|
38
|
+
command: bundle exec y-notify "#devex-alerts"
|
39
39
|
when: on_fail
|
40
40
|
- store_test_results:
|
41
41
|
path: "/tmp/test-results"
|
42
|
-
ruby-2.5
|
42
|
+
ruby-2.6.5-rails-6.0:
|
43
43
|
docker:
|
44
|
-
- image: circleci/ruby:2.5
|
44
|
+
- image: circleci/ruby:2.6.5
|
45
45
|
environment:
|
46
46
|
BUNDLE_GEMFILE: Gemfile.rails-6.0
|
47
47
|
working_directory: "~/stitches"
|
@@ -57,13 +57,13 @@ jobs:
|
|
57
57
|
fi
|
58
58
|
- run:
|
59
59
|
name: Notify Pager Duty
|
60
|
-
command: bundle exec y-notify "#
|
60
|
+
command: bundle exec y-notify "#devex-alerts"
|
61
61
|
when: on_fail
|
62
62
|
- store_test_results:
|
63
63
|
path: "/tmp/test-results"
|
64
|
-
ruby-2.
|
64
|
+
ruby-2.7.0-rails-5.2:
|
65
65
|
docker:
|
66
|
-
- image: circleci/ruby:2.
|
66
|
+
- image: circleci/ruby:2.7.0
|
67
67
|
environment:
|
68
68
|
BUNDLE_GEMFILE: Gemfile.rails-5.2
|
69
69
|
working_directory: "~/stitches"
|
@@ -79,13 +79,13 @@ jobs:
|
|
79
79
|
fi
|
80
80
|
- run:
|
81
81
|
name: Notify Pager Duty
|
82
|
-
command: bundle exec y-notify "#
|
82
|
+
command: bundle exec y-notify "#devex-alerts"
|
83
83
|
when: on_fail
|
84
84
|
- store_test_results:
|
85
85
|
path: "/tmp/test-results"
|
86
|
-
ruby-2.5
|
86
|
+
ruby-2.6.5-rails-5.2:
|
87
87
|
docker:
|
88
|
-
- image: circleci/ruby:2.5
|
88
|
+
- image: circleci/ruby:2.6.5
|
89
89
|
environment:
|
90
90
|
BUNDLE_GEMFILE: Gemfile.rails-5.2
|
91
91
|
working_directory: "~/stitches"
|
@@ -101,7 +101,7 @@ jobs:
|
|
101
101
|
fi
|
102
102
|
- run:
|
103
103
|
name: Notify Pager Duty
|
104
|
-
command: bundle exec y-notify "#
|
104
|
+
command: bundle exec y-notify "#devex-alerts"
|
105
105
|
when: on_fail
|
106
106
|
- store_test_results:
|
107
107
|
path: "/tmp/test-results"
|
@@ -112,31 +112,31 @@ workflows:
|
|
112
112
|
- release:
|
113
113
|
context: org-global
|
114
114
|
requires:
|
115
|
-
- ruby-2.
|
116
|
-
- ruby-2.5
|
117
|
-
- ruby-2.
|
118
|
-
- ruby-2.5
|
115
|
+
- ruby-2.7.0-rails-6.0
|
116
|
+
- ruby-2.6.5-rails-6.0
|
117
|
+
- ruby-2.7.0-rails-5.2
|
118
|
+
- ruby-2.6.5-rails-5.2
|
119
119
|
filters:
|
120
120
|
tags:
|
121
121
|
only: /^[0-9]+\.[0-9]+\.[0-9]+(\.?RC[-\.]?\d*)?$/
|
122
122
|
branches:
|
123
123
|
ignore: /.*/
|
124
|
-
- ruby-2.
|
124
|
+
- ruby-2.7.0-rails-6.0:
|
125
125
|
context: org-global
|
126
126
|
filters:
|
127
127
|
tags:
|
128
128
|
only: &1 /.*/
|
129
|
-
- ruby-2.5
|
129
|
+
- ruby-2.6.5-rails-6.0:
|
130
130
|
context: org-global
|
131
131
|
filters:
|
132
132
|
tags:
|
133
133
|
only: *1
|
134
|
-
- ruby-2.
|
134
|
+
- ruby-2.7.0-rails-5.2:
|
135
135
|
context: org-global
|
136
136
|
filters:
|
137
137
|
tags:
|
138
138
|
only: *1
|
139
|
-
- ruby-2.5
|
139
|
+
- ruby-2.6.5-rails-5.2:
|
140
140
|
context: org-global
|
141
141
|
filters:
|
142
142
|
tags:
|
@@ -150,11 +150,11 @@ workflows:
|
|
150
150
|
only:
|
151
151
|
- master
|
152
152
|
jobs:
|
153
|
-
- ruby-2.
|
153
|
+
- ruby-2.7.0-rails-6.0:
|
154
154
|
context: org-global
|
155
|
-
- ruby-2.5
|
155
|
+
- ruby-2.6.5-rails-6.0:
|
156
156
|
context: org-global
|
157
|
-
- ruby-2.
|
157
|
+
- ruby-2.7.0-rails-5.2:
|
158
158
|
context: org-global
|
159
|
-
- ruby-2.5
|
159
|
+
- ruby-2.6.5-rails-5.2:
|
160
160
|
context: org-global
|
File without changes
|
data/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
2.
|
1
|
+
2.7.0
|
data/.travis.yml
CHANGED
data/lib/stitches/api_key.rb
CHANGED
@@ -20,11 +20,6 @@ module Stitches
|
|
20
20
|
# ApiClient that it maps to.
|
21
21
|
class ApiKey < Stitches::AllowlistMiddleware
|
22
22
|
|
23
|
-
def initialize(app,options = {})
|
24
|
-
super(app,options)
|
25
|
-
@realm = rails_app_module
|
26
|
-
end
|
27
|
-
|
28
23
|
protected
|
29
24
|
|
30
25
|
def do_call(env)
|
@@ -45,13 +40,13 @@ module Stitches
|
|
45
40
|
env[@configuration.env_var_to_hold_api_client] = client
|
46
41
|
@app.call(env)
|
47
42
|
else
|
48
|
-
|
43
|
+
unauthorized_response("key invalid")
|
49
44
|
end
|
50
45
|
else
|
51
|
-
|
46
|
+
unauthorized_response("bad authorization type")
|
52
47
|
end
|
53
48
|
else
|
54
|
-
|
49
|
+
unauthorized_response("no authorization header")
|
55
50
|
end
|
56
51
|
end
|
57
52
|
|
@@ -68,10 +63,11 @@ module Stitches
|
|
68
63
|
parent.to_s
|
69
64
|
end
|
70
65
|
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
66
|
+
def unauthorized_response(reason)
|
67
|
+
status = 401
|
68
|
+
body = "Unauthorized - #{reason}"
|
69
|
+
header = { "WWW-Authenticate" => "#{@configuration.custom_http_auth_scheme} realm=#{rails_app_module}" }
|
70
|
+
Rack::Response.new(body, status, header).finish
|
75
71
|
end
|
76
72
|
|
77
73
|
end
|
@@ -16,16 +16,17 @@ module Stitches
|
|
16
16
|
if accept =~ %r{application/json} && accept =~ %r{version=\d+}
|
17
17
|
@app.call(env)
|
18
18
|
else
|
19
|
-
|
19
|
+
not_acceptable_response(accept)
|
20
20
|
end
|
21
21
|
end
|
22
22
|
|
23
23
|
private
|
24
24
|
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
25
|
+
def not_acceptable_response(accept_header)
|
26
|
+
status = 406
|
27
|
+
body = "Not Acceptable - '#{accept_header}' didn't have the right mime type or version number. We only accept application/json with a version"
|
28
|
+
header = { "WWW-Authenticate" => accept_header }
|
29
|
+
Rack::Response.new(body, status, header).finish
|
29
30
|
end
|
30
31
|
|
31
32
|
end
|
data/lib/stitches/version.rb
CHANGED
data/owners.json
CHANGED
data/spec/api_key_spec.rb
CHANGED
@@ -34,16 +34,19 @@ describe Stitches::ApiKey do
|
|
34
34
|
|
35
35
|
shared_examples "an unauthorized response" do
|
36
36
|
it "returns a 401" do
|
37
|
-
|
37
|
+
status, _headers, _body = @response
|
38
|
+
expect(status).to eq(401)
|
38
39
|
end
|
39
40
|
it "sets the proper header" do
|
40
|
-
|
41
|
+
_status, headers, _body = @response
|
42
|
+
expect(headers["WWW-Authenticate"]).to eq("MyAwesomeInternalScheme realm=MyApp")
|
41
43
|
end
|
42
44
|
it "stops the call chain preventing anything from happening" do
|
43
45
|
expect(app).not_to have_received(:call)
|
44
46
|
end
|
45
47
|
it "sends a reasonable message" do
|
46
|
-
|
48
|
+
_status, _headers, body = @response
|
49
|
+
expect(body).to eq([expected_body])
|
47
50
|
end
|
48
51
|
end
|
49
52
|
|
@@ -166,7 +169,6 @@ describe Stitches::ApiKey do
|
|
166
169
|
context "unauthorized responses" do
|
167
170
|
before do
|
168
171
|
@response = middleware.call(env)
|
169
|
-
@response.finish
|
170
172
|
end
|
171
173
|
context "invalid key" do
|
172
174
|
let(:env) {
|
@@ -11,13 +11,15 @@ describe Stitches::ValidMimeType do
|
|
11
11
|
|
12
12
|
shared_examples "an unacceptable response" do
|
13
13
|
it "returns a 406" do
|
14
|
-
|
14
|
+
status, _headers, _body = @response
|
15
|
+
expect(status).to eq(406)
|
15
16
|
end
|
16
17
|
it "stops the call chain preventing anything from happening" do
|
17
18
|
expect(app).not_to have_received(:call)
|
18
19
|
end
|
19
20
|
it "sends a reasonable message" do
|
20
|
-
|
21
|
+
_status, _headers, body = @response
|
22
|
+
expect(body.first).to match(/didn't have the right mime type or version number. We only accept application\/json/)
|
21
23
|
end
|
22
24
|
end
|
23
25
|
|
@@ -133,7 +135,6 @@ describe Stitches::ValidMimeType do
|
|
133
135
|
context "unacceptable responses" do
|
134
136
|
before do
|
135
137
|
@response = middleware.call(env)
|
136
|
-
@response.finish
|
137
138
|
end
|
138
139
|
context "no header" do
|
139
140
|
let(:env) {
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: stitches
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.8.
|
4
|
+
version: 3.8.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Stitch Fix Engineering
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2020-01-17 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rails
|
@@ -95,11 +95,12 @@ extensions: []
|
|
95
95
|
extra_rdoc_files: []
|
96
96
|
files:
|
97
97
|
- ".circleci/config.yml"
|
98
|
+
- ".github/CODEOWNERS"
|
99
|
+
- ".github/PULL_REQUEST_TEMPLATE.md"
|
98
100
|
- ".gitignore"
|
99
101
|
- ".ruby-gemset"
|
100
102
|
- ".ruby-version"
|
101
103
|
- ".travis.yml"
|
102
|
-
- CODEOWNERS
|
103
104
|
- CODE_OF_CONDUCT.md
|
104
105
|
- CONTRIBUTING.md
|
105
106
|
- Gemfile
|
@@ -109,7 +110,6 @@ files:
|
|
109
110
|
- Gemfile.rails-5.2
|
110
111
|
- Gemfile.rails-6.0
|
111
112
|
- LICENSE.txt
|
112
|
-
- PULL_REQUEST_TEMPLATE.md
|
113
113
|
- README.md
|
114
114
|
- Rakefile
|
115
115
|
- build-matrix.json
|