syntropy 0.29.0 → 0.31.0

data/lib/syntropy/request/request_info.rb

@@ -0,0 +1,255 @@
+# frozen_string_literal: true
+
+require 'uri'
+require 'escape_utils'
+
+module Syntropy
+  module RequestInfoMethods
+    def host
+      @headers['host'] || @headers[':authority']
+    end
+    alias_method :authority, :host
+
+    def connection
+      @headers['connection']
+    end
+
+    def upgrade_protocol
+      connection == 'upgrade' && @headers['upgrade']&.downcase
+    end
+
+    def websocket_version
+      headers['sec-websocket-version'].to_i
+    end
+
+    def protocol
+      @protocol ||= @adapter.protocol
+    end
+
+    def method
+      @method ||= @headers[':method'].downcase
+    end
+
+    def scheme
+      @scheme ||= @headers[':scheme']
+    end
+
+    def content_type
+      ct = @headers['content-type']
+      return nil if !ct
+
+      m = ct.match(/^([^;]+)/)
+      return nil if !m
+
+      m[1].strip
+    end
+
+    # Rewrites the request path by replacing the given src with the given
+    # replacement.
+    #
+    # @param src [String, Regexp] src pattern
+    # @param replacement [String] replacement
+    # @return [Syntropy::Request] self
+    def rewrite!(src, replacement)
+      @headers[':path'] = @headers[':path']
+        .gsub(src, replacement)
+        .gsub('//', '/')
+      @path = nil
+      @uri = nil
+      @full_uri = nil
+      self
+    end
+
+    def uri
+      @uri ||= URI.parse(@headers[':path'] || '')
+    end
+
+    def full_uri
+      @full_uri = "#{scheme}://#{host}#{uri}"
+    end
+
+    def path
+      @path ||= uri.path
+    end
+
+    def query_string
+      @query_string ||= uri.query
+    end
+
+    def query
+      return @query if @query
+
+      @query = (q = uri.query) ? parse_query(q) : {}
+    end
+
+    QUERY_KV_REGEXP = /([^=]+)(?:=(.*))?/
+
+    def parse_query(query)
+      query.split('&').each_with_object({}) do |kv, h|
+        k, v = kv.match(QUERY_KV_REGEXP)[1..2]
+        h[k] = v ? URI.decode_www_form_component(v) : true
+      end
+    end
+
+    def request_id
+      @headers['x-request-id']
+    end
+
+    def forwarded_for
+      @headers['x-forwarded-for']
+    end
+
+    # TODO: should return encodings in client's order of preference (and take
+    # into account q weights)
+    def accept_encoding
+      encoding = @headers['accept-encoding']
+      return [] unless encoding
+
+      encoding.split(',').map { |i| i.strip }
+    end
+
+    def cookies
+      @cookies ||= parse_cookies(headers['cookie'])
+    end
+
+    COOKIE_RE = /^([^=]+)=(.*)$/.freeze
+    SEMICOLON = ';'
+
+    def parse_cookies(cookies)
+      return {} unless cookies
+
+      cookies.split(SEMICOLON).each_with_object({}) do |c, h|
+        raise BadRequestError, 'Invalid cookie format' unless c.strip =~ COOKIE_RE
+
+        key, value = Regexp.last_match[1..2]
+        h[key] = EscapeUtils.unescape_uri(value)
+      end
+    end
+
+    # Reads the request body and returns form data.
+    #
+    # @return [Hash] form data
+    def get_form_data
+      body = read
+      if !body || body.empty?
+        raise Syntropy::Error.new('Missing form data', HTTP::BAD_REQUEST)
+      end
+
+      Syntropy::Request.parse_form_data(body, headers)
+    rescue Syntropy::BadRequestError
+      raise Syntropy::Error.new('Invalid form data', HTTP::BAD_REQUEST)
+    end
+
+    def browser?
+      user_agent = headers['user-agent']
+      user_agent && user_agent =~ /^Mozilla\//
+    end
+
+    # Returns true if the accept header includes the given MIME type
+    #
+    # @param mime_type [String] MIME type
+    # @return [bool]
+    def accept?(mime_type)
+      accept = headers['accept']
+      return nil if !accept
+
+      @accept_parts ||= parse_accept_parts(accept)
+      @accept_parts.include?(mime_type)
+    end
+
+    def auth_bearer_token
+      auth = headers['authorization']
+      if (m = auth.match(/Bearer\s+([^\w]+)/))
+        return m[1]
+      end
+
+      nil
+    end
+
+    private
+
+    def parse_accept_parts(accept)
+      accept.split(',').map { it.match(/^\s*([^\s;]+)/)[1] }
+    end
+  end
+
+  module RequestInfoClassMethods
+    def parse_form_data(body, headers)
+      case (content_type = headers['content-type'])
+      when /^multipart\/form\-data; boundary=([^\s]+)/
+        boundary = "--#{Regexp.last_match(1)}"
+        parse_multipart_form_data(body, boundary)
+      when /^application\/x-www-form-urlencoded/
+        parse_urlencoded_form_data(body)
+      else
+        raise BadRequestError, "Unsupported form data content type: #{content_type}"
+      end
+    end
+
+    def parse_multipart_form_data(body, boundary)
+      parts = body.split(boundary)
+      raise BadRequestError, 'Invalid form data' if parts.size < 2
+      parts.each_with_object({}) do |p, h|
+        next if p.empty? || p == "--\r\n"
+
+        # remove post-boundary \r\n
+        p.slice!(0, 2)
+        parse_multipart_form_data_part(p, h)
+      end
+    end
+
+    def parse_multipart_form_data_part(part, hash)
+      body, headers = parse_multipart_form_data_part_headers(part)
+      disposition = headers['content-disposition'] || ''
+
+      name = (disposition =~ /name="([^"]+)"/) ? Regexp.last_match(1) : nil
+      filename = (disposition =~ /filename="([^"]+)"/) ? Regexp.last_match(1) : nil
+
+      if filename
+        hash[name] = { filename: filename, content_type: headers['content-type'], data: body }
+      else
+        hash[name] = body
+      end
+    end
+
+    def parse_multipart_form_data_part_headers(part)
+      headers = {}
+      while true
+        idx = part.index("\r\n")
+        break unless idx
+
+        header = part[0, idx]
+        part.slice!(0, idx + 2)
+        break if header.empty?
+
+        next unless header =~ /^([^\:]+)\:\s?(.+)$/
+
+        headers[Regexp.last_match(1).downcase] = Regexp.last_match(2)
+      end
+      # remove trailing \r\n
+      part.slice!(part.size - 2, 2)
+      [part, headers]
+    end
+
+    PARAMETER_RE = /^([^=]+)(?:=(.*))?$/.freeze
+    MAX_PARAMETER_NAME_SIZE = 256
+    MAX_PARAMETER_VALUE_SIZE = 2**20 # 1MB
+
+    def parse_urlencoded_form_data(body)
+      return {} unless body
+
+      body.force_encoding(Encoding::UTF_8) unless body.encoding == Encoding::UTF_8
+      body.split('&').each_with_object({}) do |i, m|
+        raise BadRequestError, 'Invalid parameter format' unless i =~ PARAMETER_RE
+
+        k = Regexp.last_match(1)
+        raise BadRequestError, 'Invalid parameter size' if k.size > MAX_PARAMETER_NAME_SIZE
+
+        v = Regexp.last_match(2)
+        raise BadRequestError, 'Invalid parameter size' if v && v.size > MAX_PARAMETER_VALUE_SIZE
+
+        m[EscapeUtils.unescape_uri(k)] = v ? EscapeUtils.unescape_uri(v) : true
+      end
+    end
+  end
+end

data/lib/syntropy/request/response.rb

@@ -0,0 +1,206 @@
+# frozen_string_literal: true
+
+require 'time'
+require 'digest/sha1'
+
+require_relative '../http/status'
+require_relative '../mime_types'
+
+module Syntropy
+  module StaticFileCaching
+    class << self
+      def file_stat_to_etag(stat)
+        "#{stat.mtime.to_i.to_s(36)}#{stat.size.to_s(36)}"
+      end
+
+      def file_stat_to_last_modified(stat)
+        stat.mtime.httpdate
+      end
+    end
+  end
+
+  module ResponseMethods
+    WEBSOCKET_GUID = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11'
+
+    def upgrade_to_websocket(custom_headers = nil)
+      key = "#{headers['sec-websocket-key']}#{WEBSOCKET_GUID}"
+      upgrade_headers = {
+        'Sec-WebSocket-Accept' => Digest::SHA1.base64digest(key)
+      }
+      upgrade_headers.merge!(custom_headers) if custom_headers
+      upgrade('websocket', upgrade_headers)
+
+      adapter.websocket_connection(self)
+    end
+
+    def redirect(url, status = HTTP::FOUND)
+      respond(nil, ':status' => status, 'Location' => url)
+    end
+
+    def redirect_to_https(status = HTTP::MOVED_PERMANENTLY)
+      secure_uri = "https://#{host}#{uri}"
+      redirect(secure_uri, status)
+    end
+
+    def redirect_to_host(new_host, status = HTTP::FOUND)
+      secure_uri = "//#{new_host}#{uri}"
+      redirect(secure_uri, status)
+    end
+
+    def serve_file(path, opts = {})
+      full_path = file_full_path(path, opts)
+      stat = File.stat(full_path)
+      etag = StaticFileCaching.file_stat_to_etag(stat)
+      last_modified = StaticFileCaching.file_stat_to_last_modified(stat)
+
+      if validate_static_file_cache(etag, last_modified)
+        return respond(nil, {
+          ':status' => HTTP::NOT_MODIFIED,
+          'etag' => etag
+        })
+      end
+
+      mime_type = MimeTypes[File.extname(path)]
+      opts[:stat] = stat
+      (opts[:headers] ||= {})['Content-Type'] ||= mime_type if mime_type
+
+      respond_with_static_file(full_path, etag, last_modified, opts)
+    rescue Errno::ENOENT
+      respond(nil, ':status' => HTTP::NOT_FOUND)
+    end
+
+    def validate_static_file_cache(etag, last_modified)
+      if (none_match = headers['if-none-match'])
+        return true if none_match == etag
+      end
+      if (modified_since = headers['if-modified-since'])
+        return true if modified_since == last_modified
+      end
+
+      false
+    end
+
+    def file_full_path(path, opts)
+      if (base_path = opts[:base_path])
+        File.join(opts[:base_path], path)
+      else
+        path
+      end
+    end
+
+    def serve_io(io, opts)
+      respond(io.read, opts[:headers] || {})
+    end
+
+    def respond_with_static_file(path, etag, last_modified, opts)
+      cache_headers = (etag || last_modified) ? {
+        'etag' => etag,
+        'last-modified' => last_modified
+      } : {}
+
+      adapter.respond_with_static_file(self, path, opts, cache_headers)
+    end
+
+    def set_response_headers(headers)
+      adapter.set_response_headers(headers)
+    end
+
+    def set_cookie(*)
+      adapter.set_cookie(*)
+    end
+
+    def upgrade(protocol, custom_headers = nil, &block)
+      upgrade_headers = {
+        ':status' => HTTP::SWITCHING_PROTOCOLS,
+        'Upgrade' => protocol,
+        'Connection' => 'upgrade'
+      }
+      upgrade_headers.merge!(custom_headers) if custom_headers
+
+      respond(nil, upgrade_headers)
+      adapter.with_stream(&block)
+    end
+
+    # Responds according to the given map. The given map defines the responses
+    # for each method. The value for each method is either an array containing
+    # the body and header values to use as response, or a proc returning such an
+    # array. For example:
+    #
+    #     req.respond_by_http_method(
+    #       'head'  => [nil, headers],
+    #       'get'   => -> { [IO.read(fn), headers] }
+    #     )
+    #
+    # If the request's method is not included in the given map, an exception is
+    # raised.
+    #
+    # @param map [Hash] hash mapping HTTP methods to responses
+    # @return [void]
+    def respond_by_http_method(map)
+      value = map[self.method]
+      raise Syntropy::Error.method_not_allowed if !value
+
+      value = value.() if value.is_a?(Proc)
+      (body, headers) = value
+      respond(body, headers)
+    end
+
+    # Responds to GET requests with the given body and headers. Otherwise raises
+    # an exception.
+    #
+    # @param body [String, nil] response body
+    # @param headers [Hash] response headers
+    # @return [void]
+    def respond_on_get(body, headers = {})
+      case self.method
+      when 'head'
+        respond(nil, headers)
+      when 'get'
+        respond(body, headers)
+      else
+        raise Syntropy::Error.method_not_allowed
+      end
+    end
+
+    # Responds to POST requests with the given body and headers. Otherwise
+    # raises an exception.
+    #
+    # @param body [String, nil] response body
+    # @param headers [Hash] response headers
+    # @return [void]
+    def respond_on_post(body, headers = {})
+      case self.method
+      when 'head'
+        respond(nil, headers)
+      when 'post'
+        respond(body, headers)
+      else
+      raise Syntropy::Error.method_not_allowed
+      end
+    end
+
+    def respond_html(html, **headers)
+      respond(
+        html,
+        'Content-Type' => 'text/html; charset=utf-8',
+        **headers
+      )
+    end
+
+    def respond_json(obj, **headers)
+      respond(
+        JSON.dump(obj),
+        'Content-Type' => 'application/json; charset=utf-8',
+        **headers
+      )
+    end
+
+    def json_pretty_response(obj, **headers)
+      respond(
+        JSON.pretty_generate(obj),
+        'Content-Type' => 'application/json; charset=utf-8',
+        **headers
+      )
+    end
+  end
+end

data/lib/syntropy/request/validation.rb

@@ -0,0 +1,146 @@
+# frozen_string_literal: true
+
+require 'uri'
+require 'escape_utils'
+
+module Syntropy
+  module RequestValidationMethods
+
+    # Checks the request's HTTP method against the given accepted values. If not
+    # included in the accepted values, raises an exception. Otherwise, returns
+    # the request's HTTP method.
+    #
+    # @param accepted [Array<String>] list of accepted HTTP methods
+    # @return [String] request's HTTP method
+    def validate_http_method(*accepted)
+      return method if accepted.include?(method)
+
+      raise Syntropy::Error.method_not_allowed
+    end
+
+    def validate_content_type(*accepted)
+      ct = content_type
+      return ct if accepted.include?(ct)
+
+      raise Syntropy::InvalidRequestContentTypeError
+    end
+
+    # Validates and optionally converts request parameter value for the given
+    # parameter name against the given clauses. If no clauses are given,
+    # verifies the parameter value is not nil. A clause can be a class, such as
+    # String, Integer, etc, in which case the value is converted into the
+    # corresponding value. A clause can also be a range, for verifying the value
+    # is within the range. A clause can also be an array of two or more clauses,
+    # at least one of which should match the value. If the validation fails, an
+    # exception is raised. Example:
+    #
+    #     height = req.validate_param(:height, Integer, 1..100)
+    #
+    # @param name [Symbol] parameter name
+    # @clauses [Array] one or more validation clauses
+    # @return [any] validated parameter value
+    def validate_param(name, *clauses)
+      validate(query[name], *clauses)
+    end
+
+    # Validates and optionally converts a value against the given clauses. If no
+    # clauses are given, verifies the parameter value is not nil. A clause can
+    # be a class, such as String, Integer, etc, in which case the value is
+    # converted into the corresponding value. A clause can also be a range, for
+    # verifying the value is within the range. A clause can also be an array of
+    # two or more clauses, at least one of which should match the value. If the
+    # validation fails, an exception is raised.
+    #
+    # @param value [any] value
+    # @clauses [Array] one or more validation clauses
+    # @return [any] validated value
+    def validate(value, *clauses, message: 'Validation error')
+      raise Syntropy::ValidationError, message if clauses.empty? && !value
+
+      clauses.each do |c|
+        valid = param_is_valid?(value, c)
+        raise(Syntropy::ValidationError, message) if !valid
+
+        value = param_convert(value, c)
+      end
+      value
+    end
+
+    # Validates request cache information. If the request cache information
+    # matches the given etag or last_modified values, responds with a 304 Not
+    # Modified status. Otherwise, yields to the given block for a normal
+    # response, and sets cache control headers according to the given arguments.
+    #
+    # @param cache_control [String] value for Cache-Control header
+    # @param etag [String, nil] Etag header value
+    # @param last_modified [String, nil] Last-Modified header value
+    # @return [void]
+    def validate_cache(cache_control: 'public', etag: nil, last_modified: nil)
+      validated = false
+      if (client_etag = headers['if-none-match'])
+        validated = true if client_etag == etag
+      end
+      if (client_mtime = headers['if-modified-since'])
+        validated = true if client_mtime == last_modified
+      end
+      if validated
+        respond(nil, ':status' => HTTP::NOT_MODIFIED)
+      else
+        cache_headers = {
+          'Cache-Control' => cache_control
+        }
+        cache_headers['Etag'] = etag if etag
+        cache_headers['Last-Modified'] = last_modified if last_modified
+        set_response_headers(cache_headers)
+        yield
+      end
+    end
+
+    private
+
+    BOOL_REGEXP = /^(t|f|true|false|on|off|1|0|yes|no)$/
+    BOOL_TRUE_REGEXP = /^(t|true|on|1|yes)$/
+    INTEGER_REGEXP = /^[+-]?[0-9]+$/
+    FLOAT_REGEXP = /^[+-]?[0-9]+(\.[0-9]+)?$/
+
+    # Returns true the given value matches the given condition.
+    #
+    # @param value [any] value
+    # @param cond [any] condition
+    # @return [bool]
+    def param_is_valid?(value, cond)
+      return cond.any? { |c| param_is_valid?(value, c) } if cond.is_a?(Array)
+
+      if value
+        if cond == :bool
+          return value =~ BOOL_REGEXP
+        elsif cond == Integer
+          return value =~ INTEGER_REGEXP
+        elsif cond == Float
+          return value =~ FLOAT_REGEXP
+        end
+      end
+
+      cond === value
+    end
+
+    # Converts the given value according to the given class.
+    #
+    # @param value [any] value
+    # @param klass [Class] class
+    # @return [any] converted value
+    def param_convert(value, klass)
+      if klass == :bool
+        value =~ BOOL_TRUE_REGEXP ? true : false
+      elsif klass == Integer
+        value.to_i
+      elsif klass == Float
+        value.to_f
+      elsif klass == Symbol
+        value.to_sym
+      else
+        value
+      end
+    end
+  end
+end

data/lib/syntropy/request.rb

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+
+require_relative './request/request_info'
+require_relative './request/validation'
+require_relative './request/response'
+require_relative './http/status'
+
+module Syntropy
+  class Request
+    include RequestInfoMethods
+    include RequestValidationMethods
+    include ResponseMethods
+
+    extend RequestInfoClassMethods
+
+    attr_reader :headers, :adapter, :start_stamp, :route_params
+    attr_accessor :route
+
+    def initialize(headers, adapter)
+      @headers  = headers
+      @adapter  = adapter
+      @start_stamp = ::Process.clock_gettime(::Process::CLOCK_MONOTONIC)
+      @route = nil
+      @route_params = {}
+      @ctx = nil
+    end
+
+    # Returns the request context
+    def ctx
+      @ctx ||= {}
+    end
+
+    def next_chunk
+      @adapter.get_body_chunk(self)
+    end
+
+    def each_chunk
+      while (chunk = @adapter.get_body_chunk(self))
+        yield chunk
+      end
+    end
+
+    def read
+      @adapter.get_body(self)
+    end
+    alias_method :body, :read
+
+    def complete?
+      @adapter.complete?(self)
+    end
+
+    EMPTY_HEADERS = {}.freeze
+
+    def respond(body, headers = EMPTY_HEADERS)
+      @adapter.respond(self, body, headers)
+      @headers_sent = true
+    end
+
+    def send_headers(headers = EMPTY_HEADERS, empty_response = false)
+      return if @headers_sent
+
+      @headers_sent = true
+      @adapter.send_headers(self, headers, empty_response: empty_response)
+    end
+
+    def send_chunk(body, done: false)
+      send_headers({}) unless @headers_sent
+
+      @adapter.send_chunk(self, body, done: done)
+    end
+    alias_method :<<, :send_chunk
+
+    def finish
+      send_headers({}) unless @headers_sent
+
+      @adapter.finish(self)
+    end
+
+    def headers_sent?
+      @headers_sent
+    end
+
+    def rx_incr(count)
+      headers[':rx'] ? headers[':rx'] += count : headers[':rx'] = count
+    end
+
+    def tx_incr(count)
+      headers[':tx'] ? headers[':tx'] += count : headers[':tx'] = count
+    end
+
+    def transfer_counts
+      [headers[':rx'], headers[':tx']]
+    end
+
+    def total_transfer
+      (headers[':rx'] || 0) + (headers[':tx'] || 0)
+    end
+  end
+end

data/lib/syntropy/routing_tree.rb

@@ -260,7 +260,8 @@ module Syntropy
     # @param dir [String] directory path
     # @return [Array<String>] array of file entries
     def file_search(dir)
-      Dir[File.join(dir.gsub(/[\[\]]/) { "\\#{it}"}, '*')]
+      spec = File.join(dir.gsub(/[\[\]]/) { "\\#{it}"}, '{*,.*}')
+      Dir[spec].reject { it =~ /\/\.$/ }
     end
 
     # Computes a route entry and/or target for the given file path.