stitches 4.2.0.RC1 → 4.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/stitches/api_client_access_wrapper.rb +6 -2
- data/lib/stitches/generator_files/db/migrate/add_disabled_at_to_api_clients.rb +1 -5
- data/lib/stitches/generator_files/db/migrate/add_enabled_to_api_clients.rb +1 -5
- data/lib/stitches/generator_files/db/migrate/create_api_clients.rb +1 -5
- data/lib/stitches/generator_files/db/migrate/enable_uuid_ossp_extension.rb +1 -5
- data/lib/stitches/version.rb +1 -1
- data/spec/api_key_middleware_spec.rb +12 -4
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 076cbbf3b2dfdd8b9b01d5c9f80cc091c223f14008fd7d45ceb2fff58bf454a0
|
4
|
+
data.tar.gz: a0d73979c10617fd6567aa7089236da49c7d2f1e1f58648931af5f5a0d7562b4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 46e0364ba7c84f2fe1ca66cac2b74236b173bd023b4573b41f0ed718c66828c1131075802e7cc388f427f7de81af6e9bc13c763429f68382ce6a8729d548e988
|
7
|
+
data.tar.gz: af3e5c6b23f9134ee842b300a65afcf13455d3842516696e3774e35a324d590271058f581db1451ecccbbf23c3c70f63ec2d12476c0306a1dfdf50825c7e5d55
|
@@ -33,7 +33,7 @@ module Stitches::ApiClientAccessWrapper
|
|
33
33
|
|
34
34
|
disabled_at = api_client.respond_to?(:disabled_at) ? api_client.disabled_at : nil
|
35
35
|
if disabled_at && disabled_at > configuration.disabled_key_leniency_in_seconds.seconds.ago
|
36
|
-
message = "Allowing disabled ApiClient: #{api_client.name} with key #{api_client
|
36
|
+
message = "Allowing disabled ApiClient: #{api_client.name} with key #{redact_key(api_client)} disabled at #{disabled_at}"
|
37
37
|
if disabled_at > configuration.disabled_key_leniency_error_log_threshold_in_seconds.seconds.ago
|
38
38
|
logger.warn(message)
|
39
39
|
else
|
@@ -41,11 +41,15 @@ module Stitches::ApiClientAccessWrapper
|
|
41
41
|
end
|
42
42
|
return api_client
|
43
43
|
else
|
44
|
-
logger.error("Rejecting disabled ApiClient: #{api_client.name} with key #{api_client
|
44
|
+
logger.error("Rejecting disabled ApiClient: #{api_client.name} with key #{redact_key(api_client)}")
|
45
45
|
end
|
46
46
|
nil
|
47
47
|
end
|
48
48
|
|
49
|
+
def self.redact_key(api_client)
|
50
|
+
"*****#{api_client.key.to_s[-8..-1]}"
|
51
|
+
end
|
52
|
+
|
49
53
|
def self.logger
|
50
54
|
if defined?(StitchFix::Logger::LogWriter)
|
51
55
|
StitchFix::Logger::LogWriter
|
@@ -1,8 +1,4 @@
|
|
1
|
-
<% if Rails::VERSION::MAJOR >= 5 %>
|
2
|
-
class AddEnabledToApiClients < ActiveRecord::Migration[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]
|
3
|
-
<% else %>
|
4
|
-
class AddEnabledToApiClients < ActiveRecord::Migration
|
5
|
-
<% end %>
|
1
|
+
class AddDisabledAtToApiClients < ActiveRecord::Migration<% if Rails::VERSION::MAJOR >= 5 %>[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]<% end %>
|
6
2
|
def change
|
7
3
|
add_column :api_clients, :disabled_at, "timestamp with time zone", null: true
|
8
4
|
end
|
@@ -1,8 +1,4 @@
|
|
1
|
-
<% if Rails::VERSION::MAJOR >= 5 %>
|
2
|
-
class AddEnabledToApiClients < ActiveRecord::Migration[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]
|
3
|
-
<% else %>
|
4
|
-
class AddEnabledToApiClients < ActiveRecord::Migration
|
5
|
-
<% end %>
|
1
|
+
class AddEnabledToApiClients < ActiveRecord::Migration<% if Rails::VERSION::MAJOR >= 5 %>[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]<% end %>
|
6
2
|
def change
|
7
3
|
add_column :api_clients, :enabled, :bool, null: false, default: true
|
8
4
|
remove_index :api_clients, [:name ] # existing one would be unique
|
@@ -1,8 +1,4 @@
|
|
1
|
-
<% if Rails::VERSION::MAJOR >= 5 %>
|
2
|
-
class CreateApiClients < ActiveRecord::Migration[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]
|
3
|
-
<% else %>
|
4
|
-
class CreateApiClients < ActiveRecord::Migration
|
5
|
-
<% end %>
|
1
|
+
class CreateApiClients < ActiveRecord::Migration<% if Rails::VERSION::MAJOR >= 5 %>[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]<% end %>
|
6
2
|
def change
|
7
3
|
create_table :api_clients do |t|
|
8
4
|
t.string :name, null: false
|
@@ -1,8 +1,4 @@
|
|
1
|
-
<% if Rails::VERSION::MAJOR >= 5 %>
|
2
|
-
class EnableUuidOsspExtension < ActiveRecord::Migration[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]
|
3
|
-
<% else %>
|
4
|
-
class EnableUuidOsspExtension < ActiveRecord::Migration
|
5
|
-
<% end %>
|
1
|
+
class EnableUuidOsspExtension < ActiveRecord::Migration<% if Rails::VERSION::MAJOR >= 5 %>[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]<% end %>
|
6
2
|
def change
|
7
3
|
enable_extension 'uuid-ossp'
|
8
4
|
end
|
data/lib/stitches/version.rb
CHANGED
@@ -102,10 +102,11 @@ RSpec.describe "/api/hellos", type: :request do
|
|
102
102
|
context "when disabled_at is set to a time older than three days ago" do
|
103
103
|
let(:disabled_at) { 4.day.ago }
|
104
104
|
|
105
|
-
it "
|
105
|
+
it "does not allow the call" do
|
106
106
|
execute_call
|
107
107
|
|
108
108
|
expect_unauthorized
|
109
|
+
|
109
110
|
end
|
110
111
|
end
|
111
112
|
|
@@ -162,7 +163,9 @@ RSpec.describe "/api/hellos", type: :request do
|
|
162
163
|
|
163
164
|
it "logs error about the disabled key to the Rails.logger" do
|
164
165
|
allow(Rails.logger).to receive(:warn)
|
165
|
-
allow(Rails.logger).to receive(:error)
|
166
|
+
allow(Rails.logger).to receive(:error) do |message1|
|
167
|
+
expect(message1).not_to include uuid
|
168
|
+
end
|
166
169
|
|
167
170
|
execute_call
|
168
171
|
|
@@ -210,7 +213,10 @@ RSpec.describe "/api/hellos", type: :request do
|
|
210
213
|
let(:disabled_at) { 101.seconds.ago }
|
211
214
|
|
212
215
|
it "forbids the call" do
|
213
|
-
allow(Rails.logger).to receive(:error)
|
216
|
+
allow(Rails.logger).to receive(:error) do |message1|
|
217
|
+
expect(message1).not_to include uuid
|
218
|
+
end
|
219
|
+
|
214
220
|
execute_call
|
215
221
|
|
216
222
|
expect_unauthorized
|
@@ -235,7 +241,9 @@ RSpec.describe "/api/hellos", type: :request do
|
|
235
241
|
let(:disabled_at) { 25.seconds.ago }
|
236
242
|
|
237
243
|
it "allows the call" do
|
238
|
-
allow(Rails.logger).to receive(:warn)
|
244
|
+
allow(Rails.logger).to receive(:warn) do |message1|
|
245
|
+
expect(message1).not_to include uuid
|
246
|
+
end
|
239
247
|
|
240
248
|
execute_call
|
241
249
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: stitches
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.2.
|
4
|
+
version: 4.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Stitch Fix Engineering
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date: 2021-
|
14
|
+
date: 2021-09-20 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rails
|
@@ -289,9 +289,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
289
289
|
version: '0'
|
290
290
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
291
291
|
requirements:
|
292
|
-
- - "
|
292
|
+
- - ">="
|
293
293
|
- !ruby/object:Gem::Version
|
294
|
-
version:
|
294
|
+
version: '0'
|
295
295
|
requirements: []
|
296
296
|
rubygems_version: 3.2.20
|
297
297
|
signing_key:
|