stormpath-sdk 0.1.0

data/lib/stormpath-sdk/ds/data_store.rb

@@ -0,0 +1,150 @@
+module Stormpath
+
+  module DataStore
+
+    class DataStore
+
+      include Stormpath::Http
+      include Stormpath::Resource
+      include Stormpath::Resource::Utils
+      include Stormpath::Util::Assert
+
+      DEFAULT_SERVER_HOST = "api.stormpath.com"
+
+      DEFAULT_API_VERSION = 1
+
+      def initialize(request_executor, *base_url)
+
+        assert_not_nil request_executor, "RequestExecutor cannot be null."
+        @base_url = get_base_url *base_url
+        @request_executor = request_executor
+        @resource_factory = ResourceFactory.new(self)
+      end
+
+      def instantiate(clazz, properties)
+
+        @resource_factory.instantiate(clazz, properties)
+      end
+
+      def get_resource(href, clazz)
+
+        q_href = href
+
+        if needs_to_be_fully_qualified q_href
+          q_href = qualify q_href
+        end
+
+        data = execute_request('get', q_href, nil)
+        @resource_factory.instantiate(clazz, data.to_hash)
+
+      end
+
+      def create parent_href, resource, return_type
+        save_resource parent_href, resource, return_type
+      end
+
+      def save resource, *clazz
+        assert_not_nil resource, "resource argument cannot be null."
+        assert_kind_of Resource, resource, "resource argument must be instance of Resource"
+
+        href = resource.get_href
+        assert_true href.length > 0, "save may only be called on objects that have already been persisted (i.e. they have an existing href)."
+
+        if needs_to_be_fully_qualified(href)
+          href = qualify(href)
+        end
+
+        clazz = (clazz.nil? or clazz.length == 0) ? to_class_from_instance(resource) : clazz[0]
+
+        return_value = save_resource href, resource, clazz
+
+        #ensure the caller's argument is updated with what is returned from the server:
+        resource.set_properties return_value.properties
+
+        return_value
+
+      end
+
+      def delete resource
+
+        assert_not_nil resource, "resource argument cannot be null."
+        assert_kind_of Resource, resource, "resource argument must be instance of Resource"
+
+        execute_request('delete', resource.get_href, nil)
+
+      end
+
+      protected
+
+      def needs_to_be_fully_qualified href
+        !href.downcase.start_with? 'http'
+      end
+
+      def qualify href
+
+        slash_added = ''
+
+        if !href.start_with? '/'
+          slash_added = '/'
+        end
+
+        @base_url + slash_added + href
+      end
+
+      private
+
+      def execute_request(http_method, href, body)
+
+        request = Request.new(http_method, href, nil, Hash.new, body)
+        apply_default_request_headers request
+        response = @request_executor.execute_request request
+
+        result = response.body.length > 0 ? MultiJson.load(response.body) : ''
+
+        if response.error?
+          error = Error.new result
+          raise ResourceError.new error
+        end
+
+        result
+      end
+
+      def apply_default_request_headers request
+
+        request.http_headers.store 'Accept', 'application/json'
+        request.http_headers.store 'User-Agent', 'Stormpath-RubySDK/' + Stormpath::VERSION
+
+        if !request.body.nil? and request.body.length > 0
+          request.http_headers.store 'Content-Type', 'application/json'
+        end
+      end
+
+      def save_resource href, resource, return_type
+
+        assert_not_nil resource, "resource argument cannot be null."
+        assert_not_nil return_type, "returnType class cannot be null."
+        assert_kind_of Resource, resource, "resource argument must be instance of Resource"
+
+        q_href = href
+
+        if needs_to_be_fully_qualified q_href
+          q_href = qualify q_href
+        end
+
+        response = execute_request('post', q_href, MultiJson.dump(resource.properties))
+        @resource_factory.instantiate(return_type, response.to_hash)
+
+      end
+
+      def get_base_url *base_url
+        (!base_url.empty? and !base_url[0].nil?) ?
+            base_url[0] :
+            "https://" + DEFAULT_SERVER_HOST + "/v" + DEFAULT_API_VERSION.to_s
+      end
+
+    end
+
+  end
+
+end
+

data/lib/stormpath-sdk/ds/resource_factory.rb

@@ -0,0 +1,22 @@
+module Stormpath
+
+  module DataStore
+
+    class ResourceFactory
+
+      def initialize(data_store)
+
+        @data_store = data_store
+      end
+
+      def instantiate(clazz, constructor_args)
+
+        clazz.new @data_store, constructor_args
+      end
+
+    end
+
+  end
+
+end
+

data/lib/stormpath-sdk/http/authc/sauthc1_signer.rb

@@ -0,0 +1,216 @@
+module Stormpath
+
+  module Http
+
+    module Authc
+
+      class Sauthc1Signer
+
+        include OpenSSL
+        include UUIDTools
+        include Stormpath::Util
+
+        DEFAULT_ALGORITHM = "SHA256"
+        HOST_HEADER = "Host"
+        AUTHORIZATION_HEADER = "Authorization"
+        STORMPATH_DATE_HEADER = "X-Stormpath-Date"
+        ID_TERMINATOR = "sauthc1_request"
+        ALGORITHM = "HMAC-SHA-256"
+        AUTHENTICATION_SCHEME = "SAuthc1"
+        SAUTHC1_ID = "sauthc1Id"
+        SAUTHC1_SIGNED_HEADERS = "sauthc1SignedHeaders"
+        SAUTHC1_SIGNATURE = "sauthc1Signature"
+        DATE_FORMAT = "%Y%m%d"
+        TIMESTAMP_FORMAT = "%Y%m%dT%H%M%SZ"
+        NL = "\n"
+
+        def sign_request request, api_key
+
+          time = Time.now
+          time_stamp = time.utc.strftime TIMESTAMP_FORMAT
+          date_stamp = time.utc.strftime DATE_FORMAT
+
+          nonce = UUID.random_create.to_s
+
+          uri = request.resource_uri
+
+          # SAuthc1 requires that we sign the Host header so we
+          # have to have it in the request by the time we sign.
+          host_header = uri.host
+          if !RequestUtils.default_port?(uri)
+
+            host_header << ":" << uri.port.to_s
+          end
+
+          request.http_headers.store HOST_HEADER, host_header
+
+          request.http_headers.store STORMPATH_DATE_HEADER, time_stamp
+
+          method = request.http_method
+          canonical_resource_path = canonicalize_resource_path uri.path
+          canonical_query_string = canonicalize_query_string request
+          canonical_headers_string = canonicalize_headers request
+          signed_headers_string = get_signed_headers request
+          request_payload_hash_hex = to_hex(hash_text(get_request_payload(request)))
+
+          canonical_request = method + NL +
+              canonical_resource_path + NL +
+              canonical_query_string + NL +
+              canonical_headers_string + NL +
+              signed_headers_string + NL +
+              request_payload_hash_hex
+
+          id = api_key.id + "/" + date_stamp + "/" + nonce + "/" + ID_TERMINATOR
+
+          canonical_request_hash_hex = to_hex(hash_text(canonical_request))
+
+          string_to_sign = ALGORITHM + NL +
+              time_stamp + NL +
+              id + NL +
+              canonical_request_hash_hex
+
+          # SAuthc1 uses a series of derived keys, formed by hashing different pieces of data
+          k_secret = to_utf8 AUTHENTICATION_SCHEME + api_key.secret
+          k_date = sign date_stamp, k_secret, DEFAULT_ALGORITHM
+          k_nonce = sign nonce, k_date, DEFAULT_ALGORITHM
+          k_signing = sign ID_TERMINATOR, k_nonce, DEFAULT_ALGORITHM
+
+          signature = sign to_utf8(string_to_sign), k_signing, DEFAULT_ALGORITHM
+          signature_hex = to_hex signature
+
+          authorization_header = AUTHENTICATION_SCHEME + " " +
+              create_name_value_pair(SAUTHC1_ID, id) + ", " +
+              create_name_value_pair(SAUTHC1_SIGNED_HEADERS, signed_headers_string) + ", " +
+              create_name_value_pair(SAUTHC1_SIGNATURE, signature_hex)
+
+          request.http_headers.store AUTHORIZATION_HEADER, authorization_header
+
+        end
+
+
+        def to_hex data
+
+          result = ''
+          data.each_byte { |val|
+
+            hex = val.to_s(16)
+
+            if hex.length == 1
+
+              result << '0'
+
+            elsif hex.length == 8
+
+              hex = hex[0..6]
+            end
+
+            result << hex
+
+          }
+
+          result
+
+        end
+
+        protected
+
+        def canonicalize_query_string request
+          request.to_s_query_string true
+        end
+
+        def hash_text text
+          Digest.digest DEFAULT_ALGORITHM, to_utf8(text)
+        end
+
+        def sign data, key, algorithm
+
+          digest_data = to_utf8 data
+
+          digest = Digest::Digest.new(algorithm)
+
+          HMAC.digest(digest, key, digest_data)
+
+        end
+
+        def to_utf8 str
+          #we ask for multi line UTF-8 text
+          str.scan(/./mu).join
+        end
+
+        def get_request_payload request
+          get_request_payload_without_query_params request
+        end
+
+        def get_request_payload_without_query_params request
+
+          result = ''
+
+          if !request.body.nil?
+            result = request.body
+          end
+
+          result
+
+        end
+
+        private
+
+        def create_name_value_pair name, value
+          name + '=' + value
+        end
+
+        def canonicalize_resource_path resource_path
+
+          if resource_path.nil? or resource_path.empty?
+            '/'
+          else
+            RequestUtils.encode_url resource_path, true, true
+          end
+        end
+
+
+        def canonicalize_headers request
+
+          sorted_headers = request.http_headers.keys.sort!
+
+          result = ''
+
+          sorted_headers.each do |header|
+
+            result << header.downcase << ':' << request.http_headers[header].to_s
+
+            result << NL
+          end
+
+          result
+
+        end
+
+        def get_signed_headers request
+
+          sorted_headers = request.http_headers.keys.sort!
+
+          result = ''
+          sorted_headers.each do |header|
+
+            if !result.empty?
+              result << ';' << header
+            else
+              result << header
+            end
+
+
+          end
+
+          result.downcase
+
+        end
+
+
+      end
+
+    end
+
+  end
+
+end

data/lib/stormpath-sdk/http/http_client_request_executor.rb

@@ -0,0 +1,69 @@
+module Stormpath
+
+  module Http
+
+    class HttpClientRequestExecutor
+
+      include Stormpath::Http::Authc
+      include Stormpath::Util::Assert
+
+      def initialize(api_key)
+        @signer = Sauthc1Signer.new
+        @api_key = api_key
+        @http_client = HTTPClient.new
+
+      end
+
+      def execute_request(request)
+
+        assert_not_nil request, "Request argument cannot be null."
+
+        @signer.sign_request request, @api_key
+
+        domain = request.href
+
+        method = @http_client.method(request.http_method.downcase)
+
+        if request.body.nil?
+
+          response = method.call domain, request.query_string, request.http_headers
+
+        else
+
+          add_query_string domain, request.query_string
+
+          response = method.call domain, request.body, request.http_headers
+
+        end
+
+        Response.new response.http_header.status_code,
+                     response.http_header.body_type,
+                     response.content,
+                     response.http_header.body_size
+
+      end
+
+      private
+
+      def add_query_string href, query_string
+
+        query_string.each do |key, value|
+
+          if href.include? '?'
+
+            href << '&' << key.to_s << '=' << value.to_s
+
+          else
+            href << '?' << key.to_s << '=' << value.to_s
+          end
+
+        end
+
+      end
+
+    end
+
+  end
+
+end
+