weak_headers 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +20 -0
- data/CHANGELOG.md +2 -0
- data/Gemfile +8 -0
- data/LICENSE.txt +22 -0
- data/README.md +51 -0
- data/Rakefile +1 -0
- data/lib/weak_headers.rb +45 -0
- data/lib/weak_headers/base_validator.rb +90 -0
- data/lib/weak_headers/controller.rb +14 -0
- data/lib/weak_headers/optional_validator.rb +4 -0
- data/lib/weak_headers/requires_validator.rb +4 -0
- data/lib/weak_headers/validation_error.rb +4 -0
- data/lib/weak_headers/validator.rb +38 -0
- data/lib/weak_headers/version.rb +3 -0
- data/spec/spec_helper.rb +19 -0
- data/weak_headers.gemspec +22 -0
- metadata +103 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: daf203e00553108f3d69b3c136d10da5bddd5350
|
4
|
+
data.tar.gz: db00cc1e2285b879f26e9957153472406312048c
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: e7f55552553450a498e87baf4bbd8ccf494831acad5b81c7fcc6e5aaa80385df5901eabba3090b6ee084fded12e85fa984bffaecb9590b3b0297f30e929c2c73
|
7
|
+
data.tar.gz: 95fe13d9c138fdaeefdd3abf92ea8e291da8bf64c7ee8b3eb33c871244f4a934b6c7e86157097b2d726e313951d36b59c924e4d17bbf0da995480cd8c0a0916a
|
data/.gitignore
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
*.gem
|
2
|
+
*.rbc
|
3
|
+
.bundle/
|
4
|
+
.config
|
5
|
+
.yardoc
|
6
|
+
Gemfile.lock
|
7
|
+
InstalledFiles
|
8
|
+
_yardoc
|
9
|
+
coverage
|
10
|
+
lib/bundler/man
|
11
|
+
log/*.log
|
12
|
+
pkg
|
13
|
+
pkg/
|
14
|
+
rdoc
|
15
|
+
spec/dummy/.sass-cache
|
16
|
+
spec/dummy/db/*.sqlite3
|
17
|
+
spec/dummy/log/*.log
|
18
|
+
spec/dummy/tmp/
|
19
|
+
spec/reports
|
20
|
+
tmp
|
data/CHANGELOG.md
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2015 Tadayuki Onishi
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
# WeakHeaders
|
2
|
+
Validates `request.headers` in your controller.
|
3
|
+
|
4
|
+
## Notice
|
5
|
+
I'm sorry, it is not yet written test.
|
6
|
+
I'll add test as soon as possible.
|
7
|
+
|
8
|
+
## Installation
|
9
|
+
```ruby
|
10
|
+
gem "weak_headers"
|
11
|
+
```
|
12
|
+
|
13
|
+
## Usage
|
14
|
+
```ruby
|
15
|
+
class ApplicationController < ActionController::Base
|
16
|
+
protect_from_forgery
|
17
|
+
|
18
|
+
rescue_from WeakHeaders::ValidationError do |e|
|
19
|
+
render json: { message: e.message }, status: 400
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
# WeakHeaders provides `validates_headers` class method to define validations.
|
24
|
+
class AuthController < ApplicationController
|
25
|
+
validates_header :create do
|
26
|
+
requires 'X-App-Client-Id', except: ["token", "123456"]
|
27
|
+
optional :'X-App-Id', only: '1'
|
28
|
+
requires 'X-App-Client-Secret' do |value|
|
29
|
+
value =~ /\A\w{64}\z/
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def create
|
34
|
+
auth = Application.authenticate(uid: request.headers['X-App-Client-Id'], secret: request.headers['X-App-Client-Secret'])
|
35
|
+
render json: { token: auth.token }
|
36
|
+
end
|
37
|
+
end
|
38
|
+
```
|
39
|
+
|
40
|
+
### Available validators
|
41
|
+
- requires
|
42
|
+
- optional
|
43
|
+
|
44
|
+
### Available options
|
45
|
+
- only
|
46
|
+
- except
|
47
|
+
- handler
|
48
|
+
|
49
|
+
## Inspired By
|
50
|
+
- [weak_parameters](https://github.com/r7kamura/weak_parameters)
|
51
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require 'bundler/gem_tasks'
|
data/lib/weak_headers.rb
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
require 'action_controller'
|
2
|
+
require 'active_support/hash_with_indifferent_access'
|
3
|
+
|
4
|
+
require 'weak_headers/base_validator'
|
5
|
+
require 'weak_headers/optional_validator'
|
6
|
+
require 'weak_headers/requires_validator'
|
7
|
+
require 'weak_headers/controller'
|
8
|
+
require 'weak_headers/validation_error'
|
9
|
+
require 'weak_headers/validator'
|
10
|
+
require 'weak_headers/version'
|
11
|
+
|
12
|
+
# Provides `validates_header` DSL to controllers to validate request headers.
|
13
|
+
#
|
14
|
+
# Examples
|
15
|
+
#
|
16
|
+
# class AuthController < ApplicationController
|
17
|
+
# rescue_from WeakHeaders::ValidationError do |exception|
|
18
|
+
# render text: exception.message, status: 400
|
19
|
+
# end
|
20
|
+
#
|
21
|
+
# validates_header :create do
|
22
|
+
# requires 'X-Test-Token'
|
23
|
+
# optional 'X-Test-Id'
|
24
|
+
# end
|
25
|
+
#
|
26
|
+
# def create
|
27
|
+
# respond_with Auth.authenticate(token: request.headers['X-Test-Token'])
|
28
|
+
# end
|
29
|
+
# end
|
30
|
+
#
|
31
|
+
module WeakHeaders
|
32
|
+
def self.stats
|
33
|
+
@stats ||= ActiveSupport::HashWithIndifferentAccess.new do |hash, key|
|
34
|
+
hash[key] = ActiveSupport::HashWithIndifferentAccess.new
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
class Railties < ::Rails::Railtie
|
39
|
+
initializer 'weak_headers' do
|
40
|
+
ActiveSupport.on_load :action_controller do
|
41
|
+
ActionController::Base.extend WeakHeaders::Controller
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
@@ -0,0 +1,90 @@
|
|
1
|
+
module WeakHeaders
|
2
|
+
class BaseValidator
|
3
|
+
def initialize(controller, key, options = {}, &block)
|
4
|
+
@controller = controller
|
5
|
+
@key = key.to_s
|
6
|
+
@options = options
|
7
|
+
@block = block
|
8
|
+
end
|
9
|
+
|
10
|
+
def validate
|
11
|
+
handle_failure unless valid?
|
12
|
+
end
|
13
|
+
|
14
|
+
def type
|
15
|
+
self.class.name.split("::").last.sub(/Validator\z/, '').underscore.to_sym
|
16
|
+
end
|
17
|
+
|
18
|
+
private
|
19
|
+
|
20
|
+
def valid?
|
21
|
+
case
|
22
|
+
when requires? && blank?
|
23
|
+
false
|
24
|
+
when present? && exceptional?
|
25
|
+
false
|
26
|
+
when requires? && @block && !@block.call(value)
|
27
|
+
false
|
28
|
+
when optional? && present? && @block && !@block.call(value)
|
29
|
+
false
|
30
|
+
else
|
31
|
+
true
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
def headers
|
36
|
+
@controller.request.headers
|
37
|
+
end
|
38
|
+
|
39
|
+
def value
|
40
|
+
headers[@key]
|
41
|
+
end
|
42
|
+
|
43
|
+
def handle_failure
|
44
|
+
if has_handler?
|
45
|
+
@controller.send(@options[:handler])
|
46
|
+
else
|
47
|
+
raise_error
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def blank?
|
52
|
+
headers.nil? || headers[@key].blank?
|
53
|
+
end
|
54
|
+
|
55
|
+
def present?
|
56
|
+
!blank?
|
57
|
+
end
|
58
|
+
|
59
|
+
def requires?
|
60
|
+
type == :requires
|
61
|
+
end
|
62
|
+
|
63
|
+
def optional?
|
64
|
+
type == :optional
|
65
|
+
end
|
66
|
+
|
67
|
+
def exceptional?
|
68
|
+
case
|
69
|
+
when @options[:only].try(:exclude?, value)
|
70
|
+
true
|
71
|
+
when @options[:except].try(:include?, value)
|
72
|
+
true
|
73
|
+
else
|
74
|
+
false
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
def raise_error
|
79
|
+
raise WeakHeaders::ValidationError, error_message
|
80
|
+
end
|
81
|
+
|
82
|
+
def error_message
|
83
|
+
"request.headers[#{@key.inspect}] must be a valid value"
|
84
|
+
end
|
85
|
+
|
86
|
+
def has_handler?
|
87
|
+
!!@options[:handler]
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
module WeakHeaders
|
2
|
+
module Controller
|
3
|
+
def validates_header(action_name = nil, &block)
|
4
|
+
filter_option = {}
|
5
|
+
filter_option.merge!(only: action_name) unless action_name.nil?
|
6
|
+
|
7
|
+
before_filter filter_option do
|
8
|
+
validator = WeakHeaders::Validator.new(self, &block)
|
9
|
+
WeakHeaders.stats[params[:controller]][params[:action]] = validator
|
10
|
+
WeakHeaders.stats[params[:controller]][params[:action]].validate
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
module WeakHeaders
|
2
|
+
class Validator
|
3
|
+
def initialize(controller, &block)
|
4
|
+
@controller = controller
|
5
|
+
instance_eval(&block)
|
6
|
+
end
|
7
|
+
|
8
|
+
def validate
|
9
|
+
validators.each(&:validate)
|
10
|
+
end
|
11
|
+
|
12
|
+
def validators
|
13
|
+
@validators ||= []
|
14
|
+
end
|
15
|
+
|
16
|
+
private
|
17
|
+
|
18
|
+
def with_validators(&block)
|
19
|
+
old_validators = @validators
|
20
|
+
|
21
|
+
begin
|
22
|
+
@validators = []
|
23
|
+
block.call
|
24
|
+
@validators
|
25
|
+
ensure
|
26
|
+
@validators = old_validators
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def requires(key, options = {}, &block)
|
31
|
+
validators << WeakHeaders::RequiresValidator.new(@controller, key, options, &block)
|
32
|
+
end
|
33
|
+
|
34
|
+
def optional(key, options = {}, &block)
|
35
|
+
validators << WeakHeaders::OptionalValidator.new(@controller, key, options, &block)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'bundler/setup'
|
2
|
+
require 'rails/all'
|
3
|
+
require 'rspec/rails'
|
4
|
+
|
5
|
+
require 'weak_headers'
|
6
|
+
|
7
|
+
RSpec.configure do |config|
|
8
|
+
# If you"re not using ActiveRecord, or you"d prefer not to run each of your
|
9
|
+
# examples within a transaction, remove the following line or assign false
|
10
|
+
# instead of true.
|
11
|
+
config.use_transactional_fixtures = true
|
12
|
+
|
13
|
+
# If true, the base class of anonymous controllers will be inferred
|
14
|
+
# automatically. This will be the default behavior in future versions of
|
15
|
+
# rspec-rails.
|
16
|
+
config.infer_base_class_for_anonymous_controllers = false
|
17
|
+
|
18
|
+
config.treat_symbols_as_metadata_keys_with_true_values = true
|
19
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
$:.push File.expand_path("../lib", __FILE__)
|
2
|
+
|
3
|
+
require 'weak_headers/version'
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = 'weak_headers'
|
7
|
+
spec.version = WeakHeaders::VERSION
|
8
|
+
spec.authors = ['Tadayuki Onishi']
|
9
|
+
spec.email = ['tt.tanishi100@gmail.com']
|
10
|
+
spec.summary = 'Add a validation headers filter to your controller.'
|
11
|
+
spec.homepage = 'https://github.com/kenchan0103/weak_headers'
|
12
|
+
spec.license = 'MIT'
|
13
|
+
|
14
|
+
spec.files = `git ls-files`.split($/)
|
15
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
16
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
17
|
+
spec.require_paths = ['lib']
|
18
|
+
|
19
|
+
spec.add_dependency 'rails', '>= 3.2.11'
|
20
|
+
spec.add_development_dependency 'bundler', '~> 1.10'
|
21
|
+
spec.add_development_dependency 'rake'
|
22
|
+
end
|
metadata
ADDED
@@ -0,0 +1,103 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: weak_headers
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Tadayuki Onishi
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-09-20 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: rails
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 3.2.11
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 3.2.11
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: bundler
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.10'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '1.10'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rake
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
description:
|
56
|
+
email:
|
57
|
+
- tt.tanishi100@gmail.com
|
58
|
+
executables: []
|
59
|
+
extensions: []
|
60
|
+
extra_rdoc_files: []
|
61
|
+
files:
|
62
|
+
- ".gitignore"
|
63
|
+
- CHANGELOG.md
|
64
|
+
- Gemfile
|
65
|
+
- LICENSE.txt
|
66
|
+
- README.md
|
67
|
+
- Rakefile
|
68
|
+
- lib/weak_headers.rb
|
69
|
+
- lib/weak_headers/base_validator.rb
|
70
|
+
- lib/weak_headers/controller.rb
|
71
|
+
- lib/weak_headers/optional_validator.rb
|
72
|
+
- lib/weak_headers/requires_validator.rb
|
73
|
+
- lib/weak_headers/validation_error.rb
|
74
|
+
- lib/weak_headers/validator.rb
|
75
|
+
- lib/weak_headers/version.rb
|
76
|
+
- spec/spec_helper.rb
|
77
|
+
- weak_headers.gemspec
|
78
|
+
homepage: https://github.com/kenchan0103/weak_headers
|
79
|
+
licenses:
|
80
|
+
- MIT
|
81
|
+
metadata: {}
|
82
|
+
post_install_message:
|
83
|
+
rdoc_options: []
|
84
|
+
require_paths:
|
85
|
+
- lib
|
86
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
92
|
+
requirements:
|
93
|
+
- - ">="
|
94
|
+
- !ruby/object:Gem::Version
|
95
|
+
version: '0'
|
96
|
+
requirements: []
|
97
|
+
rubyforge_project:
|
98
|
+
rubygems_version: 2.4.8
|
99
|
+
signing_key:
|
100
|
+
specification_version: 4
|
101
|
+
summary: Add a validation headers filter to your controller.
|
102
|
+
test_files:
|
103
|
+
- spec/spec_helper.rb
|