xsr 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 931719af15817041f1826a036bd4315cd05ce1df
-  data.tar.gz: 26c3470bb7deb98cdce115aad6dc55afdfe31d7f
+  metadata.gz: f9e3370abd455ea33763b68734c67f393baabda3
+  data.tar.gz: 9c67710ee1481d692ace115a269483b7f66c141c
 SHA512:
-  metadata.gz: 674f547fdd8f62a5921ff148023e80d58aac8d58f0c414045512ea688a36ea1065d7f4f7c4b39f1298374bd2c0f56f6d43ac01130c4036ed67c47893144d36ff
-  data.tar.gz: dea4adc7133a5ba9adc51ea096c6262ea2c6a195fde4a6e72205ef05e9991646e632c00aa719c569781a4ae16dc85c6175409e5d014a9c1513fcdc8787a3e6bc
+  metadata.gz: c4caf181848332499d1ccbc4284171fb8de9393c5fb4ba5f48b45d9e683cad1944a34aa514ffa2b1ff46a72837a786e5ebe4547e5232b5a326cee4ce0d5d8627
+  data.tar.gz: a5cb61cad99572cdf0cfffdb65a299d3cf37365ace9e93f4be880971193d4acffcacbb7179a4919d67ee5f9f5639fbfc2fdb2b3ec854b9e9c773bffd6ec236b6

data/README.md

@@ -97,6 +97,12 @@ resp.success?
 #=> Response status code is 2xx
 
 resp.bad_request?
+#=> Response status code is 400
+
+resp.unauthorized?
+#=> Response status code is 401
+
+resp.forbidden?
 #=> Response status code is 403
 
 resp.not_found?
@@ -112,6 +118,21 @@ resp.http_response
 #-> Call http_response to get full Net::HTTPResponse object
 ```
 
+### SSL considerations
+By default, XSR verifies the SSL certificate for the requested server. 
+
+To use a custom CA Root certificate set ```ca_file```
+```
+client = XSR::Client.new(ca_file: '/path/to/my_custom.pem')
+client.get('https://api.something.io/get')
+```
+
+In case you want to skip this verfication, set ```skip_cert_check```:
+```
+client = XSR::Client.new(skip_cert_check: true)
+client.get('https://api.something.io/get')
+```
+
 ##What's next?
 I'm not planning to add more features right now, but feel free to fork this repo and add any extra functionality you consider that should be included. Please, submit a PR with proposed changes or fixes.
 Just keep in mind a minimalist paradigm (https://youtu.be/tXVr2E1vfmk).

data/lib/xsr/client.rb

@@ -3,10 +3,14 @@ module XSR
   class Client
     attr_accessor :base_url
     attr_accessor :default_header
+    attr_accessor :skip_cert_check
+    attr_accessor :ca_file
 
     def initialize(options = {})
       @base_url = options[:base_url]
       @base_header = options[:header]
+      @skip_cert_check = options[:skip_cert_check]
+      @ca_file = options[:ca_file]
     end
 
     def post(path, options = {})
@@ -46,7 +50,12 @@ module XSR
 
       if uri.scheme == 'https' # Requires SSL?
         http_session.use_ssl = true
-        http_session.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        if @skip_cert_check || options[:skip_cert_check]
+          http_session.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        else
+          http_session.ca_file = @ca_file || options[:ca_file]
+          http_session.verify_mode = OpenSSL::SSL::VERIFY_PEER
+        end
       end
 
       XSR::Response.new http_session.start { |http| http.request(req) }

data/makefile

@@ -3,3 +3,7 @@
 test:
 	@echo Running tests... && \
 	RUBYLIB=./lib cutest test/*_test.rb
+
+console:
+	@echo Running console... && \
+	RUBYLIB=./lib irb -r xsr

data/test/client_ssl_test.rb

@@ -0,0 +1,36 @@
+require 'xsr'
+require_relative 'helper'
+
+# Tests for SSL requests
+module ClientSSLTest
+  prepare do
+    @client = XSR::Client.new(base_url: 'https://httpbin.org')
+  end
+
+  test 'https request' do
+    resp = @client.get('/get')
+
+    assert resp.http_response.instance_of?(Net::HTTPOK)
+  end
+
+  test 'https request skipping certificate verification' do
+    resp = @client.get('/get', skip_cert_check: true)
+
+    assert resp.http_response.instance_of?(Net::HTTPOK)
+  end
+
+  test 'client skip certificate verification' do
+    client = XSR::Client.new(base_url: 'https://httpbin.org', skip_cert_check: true)
+    resp = client.get('/get')
+
+    assert resp.http_response.instance_of?(Net::HTTPOK)
+  end
+
+  test 'set custom invalid ca pem' do
+    @client.ca_file = 'does_not_exist.pem'
+    
+    assert_raise(OpenSSL::SSL::SSLError) do
+      @client.get('/get')
+    end
+  end
+end

data/test/client_test.rb

@@ -52,7 +52,7 @@ module ClientTest
 
   test 'default headers are passed to request' do
     h = { 'Some-Header' => 'some_value' }
-    resp = XSR::Client.new(header: h).get('https://httpbin.org/headers')
+    resp = XSR::Client.new(header: h).get('http://httpbin.org/headers')
 
     assert resp.http_response.instance_of?(Net::HTTPOK)
 
@@ -69,10 +69,4 @@ module ClientTest
     argument = MultiJson.load(resp.http_response.body)['args']['some_arg']
     assert_equal argument, 'some_value'
   end
-
-  test 'https request' do
-    resp = XSR::Client.new.get('https://httpbin.org/get')
-
-    assert resp.http_response.instance_of?(Net::HTTPOK)
-  end
 end

data/xsr.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name        = 'xsr'
-  s.version     = '1.3.0'
+  s.version     = '1.4.0'
   s.summary     = 'XSR: eXtremely Simple REST Client'
   s.description = 'A very simple library to talk to a REST/JSON API'
   s.authors     = ['matiasow']

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: xsr
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.0
 platform: ruby
 authors:
 - matiasow
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-21 00:00:00.000000000 Z
+date: 2015-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: multi_json
@@ -65,6 +65,7 @@ files:
 - lib/xsr/client.rb
 - lib/xsr/response.rb
 - makefile
+- test/client_ssl_test.rb
 - test/client_test.rb
 - test/helper.rb
 - test/response_test.rb