workato-connector-sdk 1.3.1 → 1.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/workato/cli/multi_auth_selected_fallback.rb +1 -0
- data/lib/workato/cli/oauth2_command.rb +13 -14
- data/lib/workato/connector/sdk/action.rb +1 -1
- data/lib/workato/connector/sdk/dsl/csv_package.rb +3 -3
- data/lib/workato/connector/sdk/dsl/workato_package.rb +45 -16
- data/lib/workato/connector/sdk/errors.rb +2 -0
- data/lib/workato/connector/sdk/stream.rb +1 -1
- data/lib/workato/extension/array.rb +1 -1
- data/lib/workato/extension/enumerable.rb +0 -2
- data/lib/workato/extension/extra_chain_cert.rb +2 -2
- data/lib/workato/extension/metadata_fix_wrap_kw_args.rb +1 -0
- data/lib/workato/extension/string.rb +1 -2
- data/lib/workato/types/binary.rb +1 -0
- metadata +2 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3fe38da4979356285b7bd535a889ce87324c0c9e79af94ab64bbfbabff03f104
|
4
|
+
data.tar.gz: 12ae318a25eaf1fddc7c31f22f9870d4af28e736781ef32ff766c32ae14876d2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2737cef0c57c48dc215dba1f3077669935fceb940be5484469e3901f6d848bee8af5bc408595a14a330bc96e3e553f088c25323867dc8d43d1b95930275c79af
|
7
|
+
data.tar.gz: 066b30f5e052e1dbd91c697b3e978ec548f0ffc76db9298168758e4b60f8ada8f1a13c1a603e0603d347e22fcca2e945fa3eeaedaa74139cef07b09b98b7c9ea
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.3.
|
1
|
+
1.3.2
|
@@ -1,6 +1,7 @@
|
|
1
1
|
# typed: false
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
+
require 'thor'
|
4
5
|
require 'securerandom'
|
5
6
|
require 'workato/web/app'
|
6
7
|
require_relative './multi_auth_selected_fallback'
|
@@ -70,7 +71,7 @@ module Workato
|
|
70
71
|
end
|
71
72
|
|
72
73
|
def require_gems
|
73
|
-
require '
|
74
|
+
require 'rest-client'
|
74
75
|
require 'launchy'
|
75
76
|
require 'rack'
|
76
77
|
end
|
@@ -79,7 +80,7 @@ module Workato
|
|
79
80
|
@thread = Thread.start do
|
80
81
|
Rack::Handler::WEBrick.run(
|
81
82
|
Workato::Web::App.new,
|
82
|
-
{
|
83
|
+
**{
|
83
84
|
Port: port,
|
84
85
|
BindAddress: options[:ip] || DEFAULT_ADDRESS,
|
85
86
|
SSLEnable: https,
|
@@ -107,7 +108,7 @@ module Workato
|
|
107
108
|
unless connector.connection.authorization.oauth2?
|
108
109
|
raise 'Authorization type is not OAuth2. ' \
|
109
110
|
'For multi-auth connector ensure correct auth type was used. ' \
|
110
|
-
"Expected: 'oauth2', got: '#{connector.connection.authorization.type}'
|
111
|
+
"Expected: 'oauth2', got: '#{connector.connection.authorization.type}'"
|
111
112
|
end
|
112
113
|
rescue Workato::Connector::Sdk::InvalidMultiAuthDefinition => e
|
113
114
|
raise "#{e.message}. Please ensure:\n" \
|
@@ -116,16 +117,6 @@ module Workato
|
|
116
117
|
'See more: https://docs.workato.com/developing-connectors/sdk/guides/authentication/multi_auth.html'
|
117
118
|
end
|
118
119
|
|
119
|
-
def client
|
120
|
-
@client ||= OAuth2::Client.new(
|
121
|
-
connector.connection.authorization.client_id,
|
122
|
-
connector.connection.authorization.client_secret,
|
123
|
-
site: connector.connection.base_uri,
|
124
|
-
token_url: connector.connection.authorization.token_url,
|
125
|
-
redirect_uri: redirect_url
|
126
|
-
)
|
127
|
-
end
|
128
|
-
|
129
120
|
def authorize_url
|
130
121
|
return @authorize_url if defined?(@authorize_url)
|
131
122
|
|
@@ -193,7 +184,15 @@ module Workato
|
|
193
184
|
extra_settings ||= {}
|
194
185
|
extra_settings.merge(tokens)
|
195
186
|
else
|
196
|
-
|
187
|
+
response = RestClient.post(
|
188
|
+
connector.connection.authorization.token_url,
|
189
|
+
code: code,
|
190
|
+
grant_type: :authorization_code,
|
191
|
+
client_id: connector.connection.authorization.client_id,
|
192
|
+
client_secret: connector.connection.authorization.client_secret,
|
193
|
+
redirect_uri: redirect_url
|
194
|
+
)
|
195
|
+
JSON.parse(response.body).to_hash
|
197
196
|
end
|
198
197
|
end
|
199
198
|
|
@@ -117,7 +117,7 @@ module Workato
|
|
117
117
|
retry_on_response.each { |m| m.is_a?(::Integer) ? @retry_codes << m : @retry_matchers << m }
|
118
118
|
@retry_codes = RETRY_DEFAULT_CODES if @retry_codes.empty?
|
119
119
|
@retry_methods = (retry_on_request.presence || RETRY_DEFAULT_METHODS).map(&:to_s).map(&:downcase)
|
120
|
-
@retries_left =
|
120
|
+
@retries_left = ((max_retries.is_a?(::Integer) && max_retries) || MAX_RETRIES).clamp(0, MAX_RETRIES)
|
121
121
|
end
|
122
122
|
|
123
123
|
sig { params(exception: RequestFailedError).returns(T::Boolean) }
|
@@ -6,7 +6,7 @@ require 'csv'
|
|
6
6
|
module Workato
|
7
7
|
module Connector
|
8
8
|
module Sdk
|
9
|
-
CsvError = Class.new(Sdk::
|
9
|
+
CsvError = Class.new(Sdk::Error)
|
10
10
|
|
11
11
|
CsvFormatError = Class.new(CsvError)
|
12
12
|
|
@@ -89,7 +89,7 @@ module Workato
|
|
89
89
|
rescue CSV::MalformedCSVError => e
|
90
90
|
raise CsvFormatError, e
|
91
91
|
rescue ArgumentError => e
|
92
|
-
raise Sdk::
|
92
|
+
raise Sdk::ArgumentError, e.message
|
93
93
|
end
|
94
94
|
|
95
95
|
sig do
|
@@ -112,7 +112,7 @@ module Workato
|
|
112
112
|
|
113
113
|
::CSV.generate(str || String.new, **options, &blk)
|
114
114
|
rescue ArgumentError => e
|
115
|
-
raise Sdk::
|
115
|
+
raise Sdk::ArgumentError, e.message
|
116
116
|
end
|
117
117
|
|
118
118
|
private
|
@@ -10,14 +10,28 @@ using Workato::Extension::HashWithIndifferentAccess
|
|
10
10
|
module Workato
|
11
11
|
module Connector
|
12
12
|
module Sdk
|
13
|
+
JSONParsingError = Class.new(Error)
|
14
|
+
|
13
15
|
module Dsl
|
14
16
|
class WorkatoPackage
|
15
|
-
|
16
|
-
private_constant :
|
17
|
+
JWT_RSA_ALGORITHMS = %w[RS256 RS384 RS512].freeze
|
18
|
+
private_constant :JWT_RSA_ALGORITHMS
|
17
19
|
|
18
20
|
JWT_RSA_KEY_MIN_LENGTH = 2048
|
19
21
|
private_constant :JWT_RSA_KEY_MIN_LENGTH
|
20
22
|
|
23
|
+
JWT_HMAC_ALGORITHMS = %w[HS256].freeze
|
24
|
+
private_constant :JWT_HMAC_ALGORITHMS
|
25
|
+
|
26
|
+
JWT_ECDSA_ALGORITHMS = %w[ES256 ES384 ES512].freeze
|
27
|
+
private_constant :JWT_ECDSA_ALGORITHMS
|
28
|
+
|
29
|
+
JWT_ECDSA_KEY_LENGTH_MAPPING = { 'ES256' => 256, 'ES384' => 384, 'ES512' => 521 }.freeze
|
30
|
+
private_constant :JWT_ECDSA_KEY_LENGTH_MAPPING
|
31
|
+
|
32
|
+
JWT_ALGORITHMS = (JWT_RSA_ALGORITHMS + JWT_HMAC_ALGORITHMS + JWT_ECDSA_ALGORITHMS).freeze
|
33
|
+
private_constant :JWT_ALGORITHMS
|
34
|
+
|
21
35
|
VERIFY_RCA_ALGORITHMS = %w[SHA SHA1 SHA224 SHA256 SHA384 SHA512].freeze
|
22
36
|
private_constant :VERIFY_RCA_ALGORITHMS
|
23
37
|
|
@@ -39,37 +53,52 @@ module Workato
|
|
39
53
|
def jwt_encode(payload, key, algorithm, header_fields = {})
|
40
54
|
algorithm = algorithm.to_s.upcase
|
41
55
|
unless JWT_ALGORITHMS.include?(algorithm)
|
42
|
-
raise
|
56
|
+
raise Sdk::ArgumentError,
|
57
|
+
"Unsupported signing method. Supports only #{JWT_ALGORITHMS.join(', ')}. Got: '#{algorithm}'"
|
43
58
|
end
|
44
59
|
|
45
|
-
|
46
|
-
|
47
|
-
|
60
|
+
if JWT_RSA_ALGORITHMS.include?(algorithm)
|
61
|
+
key = OpenSSL::PKey::RSA.new(key)
|
62
|
+
if key.n.num_bits < JWT_RSA_KEY_MIN_LENGTH
|
63
|
+
raise Sdk::ArgumentError,
|
64
|
+
"A RSA key of size #{JWT_RSA_KEY_MIN_LENGTH} bits or larger MUST be used with JWT"
|
65
|
+
end
|
66
|
+
elsif JWT_ECDSA_ALGORITHMS.include?(algorithm)
|
67
|
+
key = OpenSSL::PKey::EC.new(key)
|
68
|
+
if key.group.order.num_bits != JWT_ECDSA_KEY_LENGTH_MAPPING[algorithm]
|
69
|
+
raise Sdk::ArgumentError,
|
70
|
+
"An ECDSA key of size #{JWT_ECDSA_KEY_LENGTH_MAPPING[algorithm]} bits MUST be used with JWT"
|
71
|
+
end
|
48
72
|
end
|
49
73
|
|
50
74
|
header_fields = HashWithIndifferentAccess.wrap(header_fields).except(:typ, :alg)
|
51
|
-
::JWT.encode(payload,
|
75
|
+
::JWT.encode(payload, key, algorithm, header_fields)
|
76
|
+
rescue JWT::IncorrectAlgorithm
|
77
|
+
raise Sdk::ArgumentError, 'Mismatched algorithm and key'
|
78
|
+
rescue OpenSSL::PKey::PKeyError
|
79
|
+
raise Sdk::ArgumentError, 'Invalid key'
|
52
80
|
end
|
53
81
|
|
54
82
|
def verify_rsa(payload, certificate, signature, algorithm = 'SHA256')
|
55
83
|
algorithm = algorithm.to_s.upcase
|
56
84
|
unless VERIFY_RCA_ALGORITHMS.include?(algorithm)
|
57
|
-
raise
|
85
|
+
raise Sdk::ArgumentError,
|
86
|
+
"Unsupported signing method. Supports only #{VERIFY_RCA_ALGORITHMS.join(', ')}. Got: '#{algorithm}'"
|
58
87
|
end
|
59
88
|
|
60
89
|
cert = OpenSSL::X509::Certificate.new(certificate)
|
61
90
|
digest = OpenSSL::Digest.new(algorithm)
|
62
91
|
cert.public_key.verify(digest, signature, payload)
|
63
92
|
rescue OpenSSL::PKey::PKeyError
|
64
|
-
raise 'An error occurred during signature verification. Check arguments'
|
93
|
+
raise Sdk::ArgumentError, 'An error occurred during signature verification. Check arguments'
|
65
94
|
rescue OpenSSL::X509::CertificateError
|
66
|
-
raise 'Invalid certificate format'
|
95
|
+
raise Sdk::ArgumentError, 'Invalid certificate format'
|
67
96
|
end
|
68
97
|
|
69
98
|
def parse_yaml(yaml)
|
70
99
|
::Psych.safe_load(yaml)
|
71
|
-
rescue ::Psych::
|
72
|
-
raise e
|
100
|
+
rescue ::Psych::Exception => e
|
101
|
+
raise Sdk::ArgumentError, "YAML Parsing error. #{e}"
|
73
102
|
end
|
74
103
|
|
75
104
|
def render_yaml(obj)
|
@@ -79,7 +108,7 @@ module Workato
|
|
79
108
|
def parse_json(source)
|
80
109
|
JSON.parse(source)
|
81
110
|
rescue JSON::ParserError => e
|
82
|
-
raise
|
111
|
+
raise JSONParsingError, e
|
83
112
|
end
|
84
113
|
|
85
114
|
def uuid
|
@@ -88,7 +117,7 @@ module Workato
|
|
88
117
|
|
89
118
|
def random_bytes(len)
|
90
119
|
unless (len.is_a? ::Integer) && (len <= RANDOM_SIZE)
|
91
|
-
raise "The requested length or random bytes sequence should be <= #{RANDOM_SIZE}"
|
120
|
+
raise Sdk::ArgumentError, "The requested length or random bytes sequence should be <= #{RANDOM_SIZE}"
|
92
121
|
end
|
93
122
|
|
94
123
|
Types::Binary.new(::OpenSSL::Random.random_bytes(len))
|
@@ -97,7 +126,7 @@ module Workato
|
|
97
126
|
def aes_cbc_encrypt(string, key, init_vector = nil)
|
98
127
|
key_size = key.bytesize * 8
|
99
128
|
unless ALLOWED_KEY_SIZES.include?(key_size)
|
100
|
-
raise 'Incorrect key size for AES'
|
129
|
+
raise Sdk::ArgumentError, 'Incorrect key size for AES'
|
101
130
|
end
|
102
131
|
|
103
132
|
cipher = ::OpenSSL::Cipher.new("AES-#{key_size}-CBC")
|
@@ -110,7 +139,7 @@ module Workato
|
|
110
139
|
def aes_cbc_decrypt(string, key, init_vector = nil)
|
111
140
|
key_size = key.bytesize * 8
|
112
141
|
unless ALLOWED_KEY_SIZES.include?(key_size)
|
113
|
-
raise 'Incorrect key size for AES'
|
142
|
+
raise Sdk::ArgumentError, 'Incorrect key size for AES'
|
114
143
|
end
|
115
144
|
|
116
145
|
cipher = ::OpenSSL::Cipher.new("AES-#{key_size}-CBC")
|
@@ -212,7 +212,7 @@ module Workato
|
|
212
212
|
attr_reader :input
|
213
213
|
|
214
214
|
class Chunk < T::Struct
|
215
|
-
const :data, T.untyped
|
215
|
+
const :data, T.untyped # rubocop:disable Sorbet/ForbidUntypedStructProps
|
216
216
|
const :from, Integer
|
217
217
|
const :eof, T::Boolean
|
218
218
|
const :next_from, T.nilable(Integer)
|
@@ -12,10 +12,10 @@ module Workato
|
|
12
12
|
attr_accessor :extra_chain_cert
|
13
13
|
|
14
14
|
def self.included(base)
|
15
|
-
ssl_ivnames = base.const_get('SSL_IVNAMES', false)
|
15
|
+
ssl_ivnames = base.const_get('SSL_IVNAMES', false) # rubocop:disable Sorbet/ConstantsFromStrings
|
16
16
|
ssl_ivnames << :@extra_chain_cert unless ssl_ivnames.include?(:@extra_chain_cert)
|
17
17
|
|
18
|
-
ssl_attributes = base.const_get('SSL_ATTRIBUTES', false)
|
18
|
+
ssl_attributes = base.const_get('SSL_ATTRIBUTES', false) # rubocop:disable Sorbet/ConstantsFromStrings
|
19
19
|
ssl_attributes << :extra_chain_cert unless ssl_attributes.include?(:extra_chain_cert)
|
20
20
|
end
|
21
21
|
end
|
@@ -45,8 +45,7 @@ module Workato
|
|
45
45
|
end
|
46
46
|
|
47
47
|
def strip_tags
|
48
|
-
|
49
|
-
@html_full_sanitizer.sanitize(self)
|
48
|
+
Rails::Html::Sanitizer.full_sanitizer.new.sanitize(self)
|
50
49
|
end
|
51
50
|
|
52
51
|
def to_time(form = :local, format: nil)
|
data/lib/workato/types/binary.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: workato-connector-sdk
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.3.
|
4
|
+
version: 1.3.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Pavel Abolmasov
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-02-
|
11
|
+
date: 2023-02-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -164,20 +164,6 @@ dependencies:
|
|
164
164
|
- - '='
|
165
165
|
- !ruby/object:Gem::Version
|
166
166
|
version: 1.13.10
|
167
|
-
- !ruby/object:Gem::Dependency
|
168
|
-
name: oauth2
|
169
|
-
requirement: !ruby/object:Gem::Requirement
|
170
|
-
requirements:
|
171
|
-
- - "~>"
|
172
|
-
- !ruby/object:Gem::Version
|
173
|
-
version: '1.0'
|
174
|
-
type: :runtime
|
175
|
-
prerelease: false
|
176
|
-
version_requirements: !ruby/object:Gem::Requirement
|
177
|
-
requirements:
|
178
|
-
- - "~>"
|
179
|
-
- !ruby/object:Gem::Version
|
180
|
-
version: '1.0'
|
181
167
|
- !ruby/object:Gem::Dependency
|
182
168
|
name: rack
|
183
169
|
requirement: !ruby/object:Gem::Requirement
|