workato-connector-sdk 0.1.1 → 0.4.0

data/lib/workato/cli/push_command.rb

@@ -3,6 +3,7 @@
 require 'uri'
 require 'ruby-progressbar'
 require 'zip'
+require 'fileutils'
 
 module Workato
   module CLI
@@ -19,6 +20,7 @@ module Workato
         'live-eu' => 'https://app.eu.workato.com'
       }.freeze
 
+      API_USER_PATH = '/api/users/me'
       API_IMPORT_PATH = '/api/packages/import'
       API_PACKAGE_PATH = '/api/packages'
       IMPORT_IN_PROGRESS = 'in_progress'
@@ -30,38 +32,33 @@ module Workato
       AWAIT_IMPORT_SLEEP_INTERVAL = 15 # seconds
       AWAIT_IMPORT_TIMEOUT_INTERVAL = 120 # seconds
 
-      def initialize(folder:, options:)
-        @folder_id = folder
+      def initialize(options:)
         @options = options
         @api_base_url = ENVIRONMENTS.fetch(options[:environment])
         @api_email = options[:api_email] || ENV[WORKATO_API_EMAIL_ENV]
         @api_token = options[:api_token] || ENV[WORKATO_API_TOKEN_ENV]
+        @folder_id = options[:folder]
       end
 
       def call
-        zip_file = build_package
+        zip_file_path = build_package
         say_status :success, 'Build package' if verbose?
 
-        import_id = import_package(zip_file)
+        import_id = import_package(zip_file_path)
         say_status :success, 'Upload package' if verbose?
         say_status :waiting, 'Process package' if verbose?
 
         result = await_import(import_id)
-        if result.fetch('status') == 'failed'
-          say result.fetch('error').gsub("#{PACKAGE_ENTRY_NAME}.json: ", '')
-        else
-          say "Connector was successfully uploaded to #{api_base_url}"
-        end
-      rescue StandardError => e
-        say e.message
+        raise human_friendly_error(result) if result.fetch('status') == 'failed'
+
+        say "Connector was successfully uploaded to #{api_base_url}"
       ensure
-        zip_file&.close(true)
+        FileUtils.rm_f(zip_file_path) if zip_file_path
       end
 
       private
 
       attr_reader :options,
-                  :folder_id,
                   :api_token,
                   :api_email,
                   :api_base_url
@@ -78,16 +75,13 @@ module Workato
       end
 
       def build_package
-        zip_file = Tempfile.new(['connector', '.zip'])
-
-        ::Zip::OutputStream.open(zip_file.path) { |_| 'no-op' }
-        ::Zip::File.open(zip_file.path, ::Zip::File::CREATE) do |archive|
-          add_connector(archive)
-          add_manifest(archive)
-          add_logo(archive)
+        ::Dir::Tmpname.create(['connector', '.zip']) do |path|
+          ::Zip::File.open(path, ::Zip::File::CREATE) do |archive|
+            add_connector(archive)
+            add_manifest(archive)
+            add_logo(archive)
+          end
         end
-
-        zip_file
       end
 
       def add_connector(archive)
@@ -110,11 +104,11 @@ module Workato
         end
       end
 
-      def import_package(zip_file)
+      def import_package(zip_file_path)
         url = "#{api_base_url}#{API_IMPORT_PATH}/#{folder_id}"
         response = RestClient.post(
           url,
-          File.open(zip_file.path),
+          File.open(zip_file_path),
           auth_headers.merge(
             'Content-Type' => 'application/zip'
           )
@@ -197,7 +191,25 @@ module Workato
         }
       end
 
+      def folder_id
+        @folder_id ||=
+          begin
+            url = "#{api_base_url}#{API_USER_PATH}"
+            response = RestClient.get(url, auth_headers)
+
+            json = JSON.parse(response.body)
+            json.fetch('root_folder_id').tap do |folder_id|
+              say_status :success, "Fetch root folder ID: #{folder_id}" if verbose?
+            end
+          end
+      end
+
+      def human_friendly_error(result)
+        result.fetch('error').gsub("#{PACKAGE_ENTRY_NAME}.json: ", '')
+      end
+
       private_constant :IMPORT_IN_PROGRESS,
+                       :API_USER_PATH,
                        :API_IMPORT_PATH,
                        :API_PACKAGE_PATH,
                        :PACKAGE_ENTRY_NAME,

data/lib/workato/connector/sdk/action.rb

@@ -14,6 +14,8 @@ module Workato
         RETRY_DELAY = 5.seconds
         MAX_RETRIES = 3
 
+        MAX_REINVOKES = 5
+
         def initialize(action:, connection: {}, methods: {}, settings: {}, object_definitions: nil)
           super(
             operation: action,
@@ -26,10 +28,32 @@ module Workato
           initialize_retry
         end
 
-        def execute(settings = nil, input = {}, extended_input_schema = [], extended_output_schema = [], &block)
+        def execute(settings = nil, input = {}, extended_input_schema = [], extended_output_schema = [], continue = {},
+                    &block)
           raise InvalidDefinitionError, "'execute' block is required for action" unless block || action[:execute]
 
-          super(settings, input, extended_input_schema, extended_output_schema, &(block || action[:execute]))
+          loop do
+            if @reinvokes_remaining&.zero?
+              raise "Max number of reinvokes on SDK Gem reached. Current limit is #{reinvoke_limit}"
+            end
+
+            reinvoke_sleep if @reinvoke_after
+
+            @reinvoke_after = nil
+
+            result = super(
+              settings,
+              input,
+              extended_input_schema,
+              extended_output_schema,
+              continue,
+              &(block || action[:execute])
+            )
+
+            break result unless @reinvoke_after
+
+            continue = @reinvoke_after[:continue]
+          end
         rescue RequestError => e
           raise e unless retry?(e)
 
@@ -37,12 +61,28 @@ module Workato
           sleep(RETRY_DELAY) && retry
         end
 
+        def invoke(input = {})
+          extended_schema = extended_schema(nil, input)
+          config_schema = Schema.new(schema: config_fields_schema)
+          input_schema = Schema.new(schema: extended_schema[:input])
+          output_schema = Schema.new(schema: extended_schema[:output])
+
+          input = apply_input_schema(input, config_schema + input_schema)
+          output = execute(nil, input, input_schema, output_schema)
+          apply_output_schema(output, output_schema)
+        end
+
         def checkpoint!(continue:, temp_output: nil)
-          raise NotImplementedError
+          # no-op
         end
 
         def reinvoke_after(seconds:, continue:, temp_output: nil)
-          raise NotImplementedError
+          @reinvokes_remaining = (@reinvokes_remaining ? @reinvokes_remaining - 1 : reinvoke_limit)
+          @reinvoke_after = {
+            seconds: seconds,
+            continue: continue,
+            temp_output: temp_output
+          }
         end
 
         private
@@ -81,6 +121,14 @@ module Workato
           @retry_methods.include?(exception.method.to_s.downcase)
         end
 
+        def reinvoke_sleep
+          sleep((ENV['WAIT_REINVOKE_AFTER'].presence || @reinvoke_after[:seconds]).to_f)
+        end
+
+        def reinvoke_limit
+          @reinvoke_limit ||= (ENV['MAX_REINVOKES'].presence || MAX_REINVOKES).to_i
+        end
+
         alias action operation
       end
     end

data/lib/workato/connector/sdk/connection.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+require_relative './block_invocation_refinements'
+
+module Workato
+  module Connector
+    module Sdk
+      class Connection
+        using BlockInvocationRefinements
+
+        attr_reader :source
+
+        def initialize(connection: {}, methods: {}, settings: {})
+          @methods_source = methods.with_indifferent_access
+          @source = connection.with_indifferent_access
+          @settings = settings
+        end
+
+        def authorization
+          @authorization ||= Authorization.new(
+            connection: source,
+            methods: methods_source,
+            settings: @settings
+          )
+        end
+
+        def base_uri(settings = {})
+          source[:base_uri]&.call(settings.with_indifferent_access)
+        end
+
+        private
+
+        attr_reader :methods_source
+
+        class Authorization
+          attr_reader :source
+
+          def initialize(connection: {}, methods: {}, settings: {})
+            @connection_source = connection.with_indifferent_access
+            @source = (connection[:authorization] || {}).with_indifferent_access
+            @methods_source = methods.with_indifferent_access
+            @settings = settings
+          end
+
+          def token_url?
+            source[:token_url].present?
+          end
+
+          def acquire?
+            source[:acquire].present?
+          end
+
+          def refresh?
+            source[:refresh].present?
+          end
+
+          def type
+            source[:type]
+          end
+
+          def refresh_on
+            Array.wrap(source[:refresh_on]).compact
+          end
+
+          def detect_on
+            Array.wrap(source[:detect_on]).compact
+          end
+
+          def client_id(settings = {})
+            client_id = source[:client_id]
+
+            if client_id.is_a?(Proc)
+              Dsl::WithDsl.execute(settings.with_indifferent_access, &client_id)
+            else
+              client_id
+            end
+          end
+
+          def client_secret(settings = {})
+            client_secret_source = source[:client_secret]
+
+            if client_secret_source.is_a?(Proc)
+              Dsl::WithDsl.execute(settings.with_indifferent_access, &client_secret_source)
+            else
+              client_secret_source
+            end
+          end
+
+          def authorization_url(settings = {})
+            source[:authorization_url]&.call(settings.with_indifferent_access)
+          end
+
+          def token_url(settings = {})
+            source[:token_url]&.call(settings.with_indifferent_access)
+          end
+
+          def acquire(settings = {}, oauth2_code = nil, redirect_url = nil)
+            acquire_proc = source[:acquire]
+            raise InvalidDefinitionError, "Expect 'acquire' block" unless acquire_proc
+
+            Workato::Connector::Sdk::Operation.new(
+              connection: Connection.new(
+                connection: connection_source.merge(
+                  authorization: source.merge(
+                    apply: nil
+                  )
+                ),
+                methods: methods_source,
+                settings: @settings
+              ),
+              methods: methods_source,
+              settings: @settings
+            ).execute(settings, { auth_code: oauth2_code, redirect_url: redirect_url }) do |connection, input|
+              instance_exec(connection, input[:auth_code], input[:redirect_url], &acquire_proc)
+            end
+          end
+
+          def refresh(settings = {}, refresh_token = nil)
+            refresh_proc = source[:refresh]
+            raise InvalidDefinitionError, "Expect 'refresh' block" unless refresh_proc
+
+            Workato::Connector::Sdk::Operation.new(
+              connection: Connection.new(
+                methods: methods_source,
+                settings: @settings
+              ),
+              methods: methods_source,
+              settings: @settings
+            ).execute(settings, { refresh_token: refresh_token }) do |connection, input|
+              instance_exec(connection, input[:refresh_token], &refresh_proc)
+            end
+          end
+
+          private
+
+          attr_reader :connection_source,
+                      :methods_source
+        end
+
+        private_constant :Authorization
+      end
+    end
+  end
+end

data/lib/workato/connector/sdk/connector.rb

@@ -24,9 +24,9 @@ module Workato
         def actions
           @actions ||= ActionsProxy.new(
             actions: source[:actions].presence || {},
-            object_definitions: object_definitions,
             methods: methods_source,
-            connection: connection_source,
+            object_definitions: object_definitions,
+            connection: connection,
             settings: settings
           )
         end
@@ -34,7 +34,7 @@ module Workato
         def methods
           @methods ||= MethodsProxy.new(
             methods: methods_source,
-            connection: connection_source,
+            connection: connection,
             settings: settings
           )
         end
@@ -45,7 +45,7 @@ module Workato
               execute: source[:test]
             },
             methods: methods_source,
-            connection: connection_source,
+            connection: connection,
             settings: send(:settings)
           ).execute(settings)
         end
@@ -53,9 +53,9 @@ module Workato
         def triggers
           @triggers ||= TriggersProxy.new(
             triggers: source[:triggers].presence || {},
-            object_definitions: object_definitions,
             methods: methods_source,
-            connection: connection_source,
+            connection: connection,
+            object_definitions: object_definitions,
             settings: settings
           )
         end
@@ -64,7 +64,7 @@ module Workato
           @object_definitions ||= ObjectDefinitions.new(
             object_definitions: source[:object_definitions].presence || {},
             methods: methods_source,
-            connection: connection_source,
+            connection: connection,
             settings: settings
           )
         end
@@ -72,6 +72,14 @@ module Workato
         def pick_lists
           @pick_lists ||= PickListsProxy.new(
             pick_lists: source[:pick_lists].presence || {},
+            methods: methods_source,
+            connection: connection,
+            settings: settings
+          )
+        end
+
+        def connection
+          @connection ||= Connection.new(
             methods: methods_source,
             connection: connection_source,
             settings: settings
@@ -107,7 +115,7 @@ module Workato
 
         def define_action_methods(actions)
           actions.each do |action, definition|
-            define_singleton_method(action) do
+            define_singleton_method(action) do |input_ = nil|
               @actions ||= {}
               @actions[action] ||= Action.new(
                 action: definition,
@@ -116,6 +124,9 @@ module Workato
                 connection: connection,
                 settings: settings
               )
+              return @actions[action] if input_.nil?
+
+              @actions[action].invoke(input_)
             end
           end
         end
@@ -213,7 +224,7 @@ module Workato
 
         def define_trigger_methods(triggers)
           triggers.each do |trigger, definition|
-            define_singleton_method(trigger) do
+            define_singleton_method(trigger) do |input_ = nil, payload = {}, headers = {}, params = {}|
               @triggers[trigger] ||= Trigger.new(
                 trigger: definition,
                 object_definitions: object_definitions,
@@ -221,6 +232,10 @@ module Workato
                 connection: connection,
                 settings: settings
               )
+
+              return @triggers[trigger] if input_.nil?
+
+              @triggers[trigger].invoke(input_, payload, headers, params)
             end
           end
         end

data/lib/workato/connector/sdk/dsl/aws.rb

@@ -0,0 +1,225 @@
+# frozen_string_literal: true
+
+module Workato
+  module Connector
+    module Sdk
+      module Dsl
+        module AWS
+          TEMP_CREDENTIALS_REFRESH_TIMEOUT = 60 # seconds
+
+          DUMMY_AWS_IAM_EXTERNAL_ID = 'dummy-aws-iam-external-id'
+          DUMMY_AWS_WORKATO_ACCOUNT_ID = 'dummy-aws-workato-account-id'
+
+          AMAZON_ROLE_CLIENT_ID = ENV['AMAZON_ROLE_CLIENT_ID']
+          AMAZON_ROLE_CLIENT_KEY = ENV['AMAZON_ROLE_CLIENT_KEY']
+          AMAZON_ROLE_CLIENT_SECRET = ENV['AMAZON_ROLE_CLIENT_SECRET']
+
+          WWW_FORM_CONTENT_TYPE = 'application/x-www-form-urlencoded; charset=utf-8'
+
+          def aws
+            AWS
+          end
+
+          class << self
+            def generate_signature(connection:,
+                                   service:,
+                                   region:,
+                                   host: "#{service}.#{region}.amazonaws.com",
+                                   path: '/',
+                                   method: 'GET',
+                                   params: {},
+                                   headers: {},
+                                   payload: '')
+
+              credentials = if connection[:aws_assume_role].present?
+                              role_based_auth(settings: connection)
+                            else
+                              {
+                                access_key_id: connection[:aws_api_key],
+                                secret_access_key: connection[:aws_secret_key]
+                              }
+                            end
+
+              url, headers = create_signature(
+                credentials: credentials,
+                service: service,
+                host: host,
+                region: region,
+                method: method,
+                path: path,
+                params: params,
+                headers: (headers || {}).with_indifferent_access,
+                payload: payload
+              )
+
+              {
+                url: url,
+                headers: headers
+              }.with_indifferent_access
+            end
+
+            def iam_external_id
+              settings[:aws_external_id] || DUMMY_AWS_IAM_EXTERNAL_ID
+            end
+
+            def workato_account_id
+              settings[:aws_workato_account_id] || AMAZON_ROLE_CLIENT_ID || DUMMY_AWS_WORKATO_ACCOUNT_ID
+            end
+
+            private
+
+            def on_settings_updated
+              Workato::Connector::Sdk::Operation.on_settings_updated
+            end
+
+            def role_based_auth(settings:)
+              settings[:aws_external_id] ||= iam_external_id
+              temp_credentials = settings[:temp_credentials] || {}
+
+              # Refresh temp token that will expire within 60 seconds.
+              expiration = temp_credentials[:expiration]&.to_time(:utc)
+              if !expiration || expiration <= TEMP_CREDENTIALS_REFRESH_TIMEOUT.seconds.from_now
+                temp_credentials = refresh_temp_credentials(settings)
+              end
+              {
+                access_key_id: temp_credentials[:api_key],
+                secret_access_key: temp_credentials[:secret_key],
+                session_token: temp_credentials[:session_token]
+              }
+            end
+
+            def refresh_temp_credentials(settings)
+              sts_credentials = {
+                access_key_id: amazon_role_client_key(settings),
+                secret_access_key: amazon_role_client_secret(settings)
+              }
+
+              sts_params = {
+                'Version' => '2011-06-15',
+                'Action' => 'AssumeRole',
+                'RoleSessionName' => 'workato',
+                'RoleArn' => settings[:aws_assume_role],
+                'ExternalId' => settings[:aws_external_id].presence
+              }.compact
+
+              sts_auth_url, sts_auth_headers = create_signature(
+                credentials: sts_credentials,
+                params: sts_params,
+                service: 'sts',
+                host: 'sts.amazonaws.com',
+                region: 'us-east-1',
+                headers: {
+                  'Accept' => 'application/xml',
+                  'Content-Type' => WWW_FORM_CONTENT_TYPE
+                }
+              )
+
+              request_temp_credentials(url: sts_auth_url, headers: sts_auth_headers).tap do |temp_credentials|
+                update_settings(settings, temp_credentials)
+              end
+            rescue StandardError => e
+              raise e if settings[:aws_external_id].blank?
+
+              settings[:aws_external_id] = nil
+              retry
+            end
+
+            def update_settings(settings, temp_credentials)
+              settings.merge!(temp_credentials: temp_credentials)
+              Workato::Connector::Sdk::Operation.on_settings_updated&.call(
+                'Refresh AWS temporary credentials',
+                settings
+              )
+            end
+
+            def request_temp_credentials(url:, headers:)
+              response = RestClient::Request.execute(
+                url: url,
+                headers: headers,
+                method: :get
+              )
+              response = Workato::Connector::Sdk::Xml.parse_xml_to_hash(response.body)
+
+              temp_credentials = response.dig('AssumeRoleResponse', 0, 'AssumeRoleResult', 0, 'Credentials', 0)
+              {
+                session_token: temp_credentials.dig('SessionToken', 0, 'content!'),
+                api_key: temp_credentials.dig('AccessKeyId', 0, 'content!'),
+                secret_key: temp_credentials.dig('SecretAccessKey', 0, 'content!'),
+                expiration: temp_credentials.dig('Expiration', 0, 'content!')
+              }
+            end
+
+            def create_signature(credentials:,
+                                 service:,
+                                 host:,
+                                 region:,
+                                 path: '/',
+                                 method: 'GET',
+                                 params: {},
+                                 headers: {},
+                                 payload: '')
+              url = URI::HTTPS.build(host: host, path: path, query: params.presence.to_param&.gsub('+', '%20')).to_s
+              signer_options = {
+                service: service,
+                region: region,
+                access_key_id: amazon_role_client_key(credentials),
+                secret_access_key: amazon_role_client_secret(credentials),
+                session_token: credentials[:session_token]
+              }
+
+              apply_service_specific_options(service, headers, signer_options, payload)
+
+              signer = Aws::Sigv4::Signer.new(signer_options)
+              signature = signer.sign_request(http_method: method, url: url, headers: headers, body: payload)
+
+              headers_with_sig = merge_headers_with_sig_headers(headers, signature.headers)
+              headers_with_sig = headers_with_sig.transform_keys { |key| key.gsub(/\b[a-z]/, &:upcase) }
+              [url, headers_with_sig]
+            end
+
+            def apply_service_specific_options(service, headers, signer_options, payload)
+              accept_headers = headers.key?('Accept') || headers.key?('accept')
+              content_type = headers.key?('content-type') || headers.key?('Content-Type')
+
+              case service
+              when 'ec2'
+                signer_options[:apply_checksum_header] = false
+
+                headers.except!('Accept', 'Content-Type')
+              when 's3'
+                signer_options[:uri_escape_path] = false
+
+                headers['Accept'] = 'application/xml' unless accept_headers
+                headers['Content-Type'] = WWW_FORM_CONTENT_TYPE unless content_type
+                headers['X-Amz-Content-SHA256'] = 'UNSIGNED-PAYLOAD' if payload.blank?
+              when 'monitoring'
+                signer_options[:apply_checksum_header] = false
+
+                headers['Accept'] = 'application/json' unless accept_headers
+                headers['Content-Type'] = WWW_FORM_CONTENT_TYPE unless content_type
+              when 'lambda'
+                signer_options[:apply_checksum_header] = false
+
+                headers['Content-Type'] = WWW_FORM_CONTENT_TYPE unless content_type
+              end
+            end
+
+            def merge_headers_with_sig_headers(headers, sig_headers)
+              headers_keys = headers.transform_keys { |key| key.to_s.downcase }
+              sig_headers_to_merge = sig_headers.reject { |key| headers_keys.include?(key.downcase) }
+              headers.merge(sig_headers_to_merge)
+            end
+
+            def amazon_role_client_key(settings)
+              settings[:access_key_id] || AMAZON_ROLE_CLIENT_KEY
+            end
+
+            def amazon_role_client_secret(settings)
+              settings[:secret_access_key] || AMAZON_ROLE_CLIENT_SECRET
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/workato/connector/sdk/dsl/error.rb

@@ -6,7 +6,7 @@ module Workato
       module Dsl
         module Error
           def error(message)
-            raise message
+            raise Sdk::RuntimeError, message
           end
         end
       end