tanker-core 2.29.1.beta.4 → 2.30.1.alpha.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 54d6b87442ef28205a41a9858a380f91d48a089a9c5d221c825d7388c86fef5d
-  data.tar.gz: 8bf8475978437cbfa21f1e906a0e2d017a45d2b0b949ec04b257b3bbdf72d5fc
+  metadata.gz: f965af6640e6603ed8c76ceb3b9af8c02a70ac767e7c4db364df13fca40caf08
+  data.tar.gz: 2cad737772cb42913f419eb7e619082acef770b3477b65dcc7f35293bffcc41d
 SHA512:
-  metadata.gz: cb677c3cd238b19056ab4e2c30a0d4c374e5b3455b2d99d9a7afc1b915cf31212e2f2d81f56353025b508c4f3913bc35b3c57fc4251b25c8112f94ecc89d975b
-  data.tar.gz: 86f90c342b860f7d63c7076de7fb52ae6ec135b7009e71dc31c4a53a077fa031853726bed1f30430bd92ffb4380333aa8e24e54c4d8372b47b82335c6aaf6913
+  metadata.gz: 20b15f5fba9ea29c1f94b23be2a8d629e9b965730f9587aa377bdcc81c1631492a5c9821fea634be2938122a05e820dfadec5af0e4097e8152d2359e7989d247
+  data.tar.gz: 7b168937a393fc0a2d300f06454533cb738048b09aba2e04e41a4b5280cce4362f114e6c92b164f9deb637efee4f14118ae4735051ec5e455c1b908a29c5900d

data/lib/tanker/admin/c_admin/c_app_update_options.rb

@@ -7,10 +7,9 @@ module Tanker
   class Admin
     class AppUpdateOptions < FFI::Struct
       def initialize(oidc_client_id: nil, oidc_client_provider: nil,
-                     session_certificates: nil, preverified_verification: nil,
-                     user_enrollment: nil)
+                     preverified_verification: nil, user_enrollment: nil)
         super()
-        self[:version] = 3
+        self[:version] = 4
         unless oidc_client_id.nil?
           @oidc_client_id = CTanker.new_cstring oidc_client_id
           self[:oidc_client_id] = @oidc_client_id
@@ -19,12 +18,6 @@ module Tanker
           @oidc_client_provider = CTanker.new_cstring oidc_client_provider
           self[:oidc_client_provider] = @oidc_client_provider
         end
-        unless session_certificates.nil?
-          boolptr = FFI::MemoryPointer.new(:bool, 1)
-          boolptr.put(:bool, 0, session_certificates)
-          @session_certificates = boolptr
-          self[:session_certificates] = @session_certificates
-        end
         unless preverified_verification.nil?
           boolptr = FFI::MemoryPointer.new(:bool, 1)
           boolptr.put(:bool, 0, preverified_verification)
@@ -42,7 +35,6 @@ module Tanker
       layout :version, :uint8,
              :oidc_client_id, :pointer,
              :oidc_client_provider, :pointer,
-             :session_certificates, :pointer,
              :preverified_verification, :pointer,
              :user_enrollment, :pointer
     end

data/lib/tanker/c_tanker/{c_backends.rb → c_datastore.rb}

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 require 'ffi'
-require 'tanker/core/verification'
-require 'tanker/c_tanker/c_string'
 
 module Tanker
   module CTanker
@@ -15,11 +13,5 @@ module Tanker
              :put_cache_values, :pointer,
              :find_cache_values, :pointer
     end
-
-    class CHttpOptions < FFI::Struct
-      layout :send_request, :pointer,
-             :cancel_request, :pointer,
-             :data, :pointer
-    end
   end
 end

data/lib/tanker/c_tanker/c_http.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'ffi'
+
+module Tanker
+  module CTanker
+    class CHttpRequest < FFI::Struct
+      layout :method, :string,
+             :url, :string,
+             :instance_id, :string,
+             :authorization, :string,
+             :body, :pointer,
+             :body_size, :int32
+    end
+
+    class CHttpResponse < FFI::Struct
+      def self.new_ok(status_code:, content_type:, body:)
+        new nil, status_code, content_type, body
+      end
+
+      def self.new_error(msg)
+        new msg, nil, nil, nil
+      end
+
+      def initialize(error_msg, status_code, content_type, body)
+        super()
+
+        if error_msg
+          @error_msg = CTanker.new_cstring(error_msg)
+          self[:error_msg] = @error_msg
+        else
+          @content_type = CTanker.new_cstring content_type
+          @body = FFI::MemoryPointer.from_string(body)
+
+          self[:error_msg] = nil
+          self[:content_type] = @content_type
+          self[:body] = @body
+          self[:body_size] = body.bytesize
+          self[:status_code] = status_code
+        end
+      end
+
+      layout :error_msg, :pointer,
+             :content_type, :pointer,
+             :body, :pointer,
+             :body_size, :int64,
+             :status_code, :int32
+    end
+
+    typedef :pointer, :http_request_handle
+
+    callback :http_send_request, [CHttpRequest, :pointer], :http_request_handle
+    callback :http_cancel_request, [CHttpRequest, :http_request_handle, :pointer], :void
+
+    class CHttpOptions < FFI::Struct
+      layout :send_request, :http_send_request,
+             :cancel_request, :http_cancel_request,
+             :data, :pointer
+
+      def initialize(send_request, cancel_request)
+        super()
+
+        self[:send_request] = send_request
+        self[:cancel_request] = cancel_request
+        self[:data] = nil
+      end
+    end
+  end
+end

data/lib/tanker/c_tanker/init.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'ffi'
+
+module FFI::Library
+  # Marking a function blocking releases the global Ruby lock.
+  # This is required for every function that could invoke a callback (including log handler) in another thread
+  def blocking_attach_function(func, args, returns = nil)
+    attach_function func, args, returns, blocking: true
+  end
+end
+
+module Tanker
+  module CTanker
+    extend FFI::Library
+    ffi_lib get_path('ctanker')
+  end
+
+  private_constant :CTanker
+end

data/lib/tanker/c_tanker.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'ffi'
+require_relative 'c_tanker/init'
 require_relative 'core/options'
 require_relative 'sharing_options'
 require_relative 'encryption_options'
@@ -12,19 +13,8 @@ require_relative 'c_tanker/c_verification_method'
 require_relative 'c_tanker/c_log_record'
 require_relative 'c_tanker/c_device_info'
 
-module FFI::Library
-  # Marking a function blocking releases the global Ruby lock.
-  # This is required for every function that could invoke a callback (including log handler) in another thread
-  def blocking_attach_function(func, args, returns = nil)
-    attach_function func, args, returns, blocking: true
-  end
-end
-
 module Tanker
   module CTanker
-    extend FFI::Library
-    ffi_lib get_path('ctanker')
-
     typedef :pointer, :session_pointer
     typedef :pointer, :enc_sess_pointer
     typedef :pointer, :stream_pointer
@@ -99,6 +89,8 @@ module Tanker
 
     blocking_attach_function :tanker_set_log_handler, [:log_handler_callback], :void
 
+    blocking_attach_function :tanker_http_handle_response, [CHttpRequest, CHttpResponse], :void
+
     blocking_attach_function :tanker_prehash_password, [:string], CFuture
 
     blocking_attach_function :tanker_free_buffer, [:pointer], :void

data/lib/tanker/core/http.rb

@@ -0,0 +1,155 @@
+# frozen_string_literal: true
+
+require 'faraday'
+
+module Tanker
+  module Http
+    class HttpRequest
+      @@mutex = Mutex.new # rubocop:disable Style/ClassVars I have no idea why you don't like class vars
+      @@current_request_id = 0 # rubocop:disable Style/ClassVars
+      # Hash(id => request)
+      @@running_requests = {} # rubocop:disable Style/ClassVars
+
+      attr_reader :id
+      attr_reader :method
+      attr_reader :url
+      attr_reader :instance_id
+      attr_reader :authorization
+      attr_reader :body
+      attr_reader :crequest
+
+      def self.method_str_to_symbol(method)
+        case method
+        when 'GET' then :get
+        when 'POST' then :post
+        when 'PATCH' then :patch
+        when 'PUT' then :put
+        when 'DELETE' then :delete
+        else raise "unknown HTTP method #{method}"
+        end
+      end
+
+      def initialize(crequest:)
+        @@mutex.synchronize do
+          @@current_request_id += 1 # rubocop:disable Style/ClassVars
+          @id = @@current_request_id
+          @@running_requests[@id] = self
+        end
+
+        @method = self.class.method_str_to_symbol crequest[:method]
+        @url = crequest[:url]
+        @instance_id = crequest[:instance_id]
+        @authorization = crequest[:authorization]
+        @body = crequest[:body].read_string_length(crequest[:body_size])
+
+        # Keep the crequest because we need its address to answer to Tanker
+        @crequest = crequest
+      end
+
+      # Since Ruby's HTTP libraries are not asynchronous, they do not support cancelation either.
+      # When a request is canceled, we let it run until the end, and then we discard its result.
+      def self.cancel(id)
+        @@mutex.synchronize do
+          @@running_requests.delete id
+        end
+      end
+
+      def complete_if_not_canceled(&block)
+        @@mutex.synchronize do
+          unless @@running_requests.delete @id
+            # Request has been canceled, don't call Tanker back
+            return
+          end
+
+          block.call
+        end
+      end
+    end
+
+    module ThreadPool
+      THREAD_POOL_SIZE = 4
+
+      def self.thread_loop
+        loop do
+          work = @queue.pop
+          work.call
+        end
+      end
+
+      def self.push(proc)
+        @queue << proc
+      end
+
+      # Queue is a concurrent queue in Ruby
+      @queue = Queue.new
+      @http_thread_pool = THREAD_POOL_SIZE.times do
+        Thread.new do
+          thread_loop
+        end
+      end
+    end
+
+    class Client
+      attr_reader :tanker_http_options
+
+      def initialize(sdk_type, sdk_version)
+        @sdk_type = sdk_type
+        @sdk_version = sdk_version
+
+        # This could be a proc, but for some reason, ffi gives the wrong type
+        # for crequest if we don't specify it explicitly here
+        @c_send_request = FFI::Function.new(:pointer, [CTanker::CHttpRequest.by_ref, :pointer]) do |crequest, cdata|
+          next send_request crequest, cdata
+        rescue Exception => e # rubocop:disable Lint/RescueException I do want to rescue all exceptions
+          cresponse = CTanker::CHttpResponse.new_error e.message
+          CTanker.tanker_http_handle_response(crequest, cresponse)
+        end
+        @c_cancel_request = proc do |crequest, request_id, cdata|
+          cancel_request crequest, request_id, cdata
+        rescue Exception => e # rubocop:disable Lint/RescueException I do want to rescue all exceptions
+          # This is not recoverable and won't be logged by FFI, let's do our best and log it here just before we crash
+          puts "fatal error when canceling HTTP request:\n#{e.full_message}"
+          raise
+        end
+
+        @tanker_http_options = CTanker::CHttpOptions.new @c_send_request, @c_cancel_request
+      end
+
+      def process_request(request)
+        fresponse = Faraday.run_request(request.method, request.url, request.body, {
+          'X-Tanker-SdkType' => @sdk_type,
+          'X-Tanker-SdkVersion' => @sdk_version,
+          'Authorization' => request.authorization,
+          'X-Tanker-Instanceid' => request.instance_id
+        }.compact)
+
+        request.complete_if_not_canceled do
+          cresponse = CTanker::CHttpResponse.new_ok status_code: fresponse.status,
+                                                    content_type: fresponse.headers['content-type'],
+                                                    body: fresponse.body
+          CTanker.tanker_http_handle_response(request.crequest, cresponse)
+        end
+      rescue Exception => e # rubocop:disable Lint/RescueException I do want to rescue all exceptions
+        # NOTE: when debugging, you might want to uncomment this to print a full backtrace
+        # puts "HTTP request error:\n#{e.full_message}"
+        cresponse = CTanker::CHttpResponse.new_error e.message
+        CTanker.tanker_http_handle_response(request.crequest, cresponse)
+      end
+
+      def send_request(crequest, _cdata)
+        request = HttpRequest.new crequest: crequest
+        ThreadPool.push(proc do
+          process_request request
+        end)
+        FFI::Pointer.new :void, request.id
+      end
+
+      def cancel_request(_crequest, prequest_id, _cdata)
+        request_id = prequest_id.to_i
+        HttpRequest.cancel(request_id)
+      end
+    end
+  end
+
+  private_constant :Http
+end

data/lib/tanker/core/init.rb

@@ -31,6 +31,9 @@ module Tanker
       # Do not spam the console of our users.
       self.class.set_log_handler { |_| } unless self.class.test_and_set_log_handler == 1 # rubocop:disable Lint/EmptyBlock
 
+      @http_client = Http::Client.new options.sdk_type, VERSION
+      options[:http_options] = @http_client.tanker_http_options
+
       @ctanker = CTanker.tanker_create(options).get
       @freed = false
       ctanker_addr = @ctanker.address

data/lib/tanker/core/options.rb

@@ -2,7 +2,8 @@
 
 require 'ffi'
 require 'tanker/c_tanker/c_string'
-require 'tanker/c_tanker/c_backends'
+require 'tanker/c_tanker/c_datastore'
+require 'tanker/c_tanker/c_http'
 
 module Tanker
   # Options that can be given when opening a Tanker session
@@ -20,22 +21,25 @@ module Tanker
     SDK_TYPE = 'client-ruby'
     SDK_VERSION = CTanker.new_cstring Core::VERSION
 
+    attr_reader :sdk_type
+
     def initialize(app_id:, url: nil, sdk_type: SDK_TYPE, persistent_path: nil, cache_path: nil)
       super()
 
       # NOTE: Instance variables are required to keep the CStrings alive
-      @app_id = CTanker.new_cstring app_id
-      @url = CTanker.new_cstring url
-      @persistent_path = CTanker.new_cstring persistent_path
-      @cache_path = CTanker.new_cstring cache_path
-      @sdk_type = CTanker.new_cstring sdk_type
+      @c_app_id = CTanker.new_cstring app_id
+      @c_url = CTanker.new_cstring url
+      @c_persistent_path = CTanker.new_cstring persistent_path
+      @c_cache_path = CTanker.new_cstring cache_path
+      @sdk_type = sdk_type
+      @c_sdk_type = CTanker.new_cstring sdk_type
 
       self[:version] = 4
-      self[:app_id] = @app_id
-      self[:url] = @url
-      self[:persistent_path] = @persistent_path
-      self[:cache_path] = @cache_path
-      self[:sdk_type] = @sdk_type
+      self[:app_id] = @c_app_id
+      self[:url] = @c_url
+      self[:persistent_path] = @c_persistent_path
+      self[:cache_path] = @c_cache_path
+      self[:sdk_type] = @c_sdk_type
       self[:sdk_version] = SDK_VERSION
     end
   end

data/lib/tanker/core/stream.rb

@@ -166,7 +166,7 @@ module Tanker
         buffer.put_bytes(0, rbbuf)
         CTanker.tanker_stream_read_operation_finish(operation, rbbuf.size)
       end
-    rescue StandardError => e
+    rescue Exception => e # rubocop:disable Lint/RescueException I do want to rescue all exceptions
       @mutex.synchronize do
         return if @closed
 
@@ -227,7 +227,7 @@ module Tanker
 
           @write.write(ffibuf.read_string(nb_read))
         end
-      rescue StandardError => e
+      rescue Exception => e # rubocop:disable Lint/RescueException I do want to rescue all exceptions
         @error = @substream.error || e
       ensure
         @write.close

data/lib/tanker/core/version.rb

@@ -2,7 +2,7 @@
 
 module Tanker
   class Core
-    VERSION = '2.29.1.beta.4'
+    VERSION = '2.30.1.alpha.1'
 
     def self.native_version
       CTanker.tanker_version_string

data/lib/tanker/core.rb

@@ -5,6 +5,7 @@ require 'set'
 require_relative 'core/version'
 require_relative 'c_tanker'
 require_relative 'error'
+require_relative 'core/http'
 require_relative 'core/session'
 require_relative 'core/verification'
 require_relative 'core/encryption'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tanker-core
 version: !ruby/object:Gem::Version
-  version: 2.29.1.beta.4
+  version: 2.30.1.alpha.1
 platform: ruby
 authors:
 - Tanker team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-19 00:00:00.000000000 Z
+date: 2022-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -140,20 +140,23 @@ files:
 - lib/tanker/admin/c_admin/c_app_descriptor.rb
 - lib/tanker/admin/c_admin/c_app_update_options.rb
 - lib/tanker/c_tanker.rb
-- lib/tanker/c_tanker/c_backends.rb
+- lib/tanker/c_tanker/c_datastore.rb
 - lib/tanker/c_tanker/c_device_info.rb
 - lib/tanker/c_tanker/c_future.rb
+- lib/tanker/c_tanker/c_http.rb
 - lib/tanker/c_tanker/c_lib.rb
 - lib/tanker/c_tanker/c_log_record.rb
 - lib/tanker/c_tanker/c_string.rb
 - lib/tanker/c_tanker/c_tanker_error.rb
 - lib/tanker/c_tanker/c_verification.rb
 - lib/tanker/c_tanker/c_verification_method.rb
+- lib/tanker/c_tanker/init.rb
 - lib/tanker/core.rb
 - lib/tanker/core/attach_result.rb
 - lib/tanker/core/encryption.rb
 - lib/tanker/core/encryption_session.rb
 - lib/tanker/core/group.rb
+- lib/tanker/core/http.rb
 - lib/tanker/core/init.rb
 - lib/tanker/core/log_record.rb
 - lib/tanker/core/options.rb