zuora_connect 2.0.5c → 2.0.5d

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/app/models/zuora_connect/app_instance_base.rb +40 -8
  3. data/lib/zuora_connect/configuration.rb +1 -2
  4. data/lib/zuora_connect/controllers/helpers.rb +25 -33
  5. data/lib/zuora_connect/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b454c39eb3067e78ba49f731132d632415132f2b6e5a5494577f7e515d0c3242
4
- data.tar.gz: 9ede4f77763bb4583cd3fcf59221cac3e2746b7ef6e1a5ecbbfaf37f7700aa49
3
+ metadata.gz: c0ff8f546dd8038d10c402331ad6d5ec1f33f76b331a4a1d51907d68bf7d7d9a
4
+ data.tar.gz: ddac3bb5e57606df42cc0b1b9d0ce0a2952934a4bbec84626a87e236ac7ed2c8
5
5
  SHA512:
6
- metadata.gz: de9fbf453309f308425373a5c3d8e3bdcc79f2375385fe45d83338ec7317bfc45e951ecef56b3a6022fbcff5db2df41725ab934dc4bbee61690f715637421861
7
- data.tar.gz: 5bf32ef5cbacc60b236e41a4088cbf5862ecbcb95b548e525633078149ffcbb115172557b31fdc9ced6a7a07ac72eab87e6b77df269d4530bcd1fa47b2f717bb
6
+ metadata.gz: 12badcb6c2223cbd2345177f85c5155e31204c4072a1f9c9bfa5d84594032e42a162c39451a28462c755185a397ac0d9d41249420561734b9ca5f3661f025fdb
7
+ data.tar.gz: 4beea5d05e156bc8e999e0d5a50fcb8d8a094114443bfaeda17dead0a6a8c691e0879f8c93cc9809fecf316c784d4e0ba68ca5dcb08e83780773a06f85831b75
data/app/models/zuora_connect/app_instance_base.rb CHANGED
@@ -207,7 +207,7 @@ module ZuoraConnect
207
207
  def refresh(session: {}, session_fallback: false)
208
208
  refresh_count ||= 0
209
209
  #Check how app was deployed
210
- if !self.zuora_logins.present?
210
+ if !self['zuora_logins'].present?
211
211
  start = Time.now
212
212
  response = HTTParty.get(ZuoraConnect.configuration.url + "/api/#{self.api_version}/tools/tasks/#{self.id}.json",:body => {:access_token => self.access_token})
213
213
  response_time = Time.now - start
@@ -222,7 +222,7 @@ module ZuoraConnect
222
222
  raise ZuoraConnect::Exceptions::ConnectCommunicationError.new("Error Communicating with Connect", response.body, response.code)
223
223
  end
224
224
  else
225
- self.build_task(task_data: JSON.parse(self.zuora_logins), session: session)
225
+ self.build_task(task_data: self.zuora_logins, session: session)
226
226
  self.last_refresh = Time.now.to_i
227
227
  self.cache_app_instance
228
228
  self.reset_mark_for_refresh
@@ -250,7 +250,39 @@ module ZuoraConnect
250
250
  end
251
251
  end
252
252
 
253
- #### START Metrics Mathods ####
253
+ #### START KMS ENCRYPTION Methods ####
254
+ def zuora_logins=(val)
255
+ write_attribute(:zuora_logins, kms_encrypt(val.to_json))
256
+ end
257
+
258
+ def zuora_logins
259
+ return JSON.parse(kms_decrypt(super))
260
+ end
261
+
262
+ def kms_decrypt(value)
263
+ kms_client = Aws::KMS::Client.new({region: Rails.application.secrets.aws['AWS_REGION'], credentials: self.aws_auth_client}.delete_if { |k, v| v.blank? })
264
+ resp = kms_client.decrypt({ciphertext_blob: [value].pack("H*") })
265
+ return resp.plaintext
266
+ end
267
+
268
+ def kms_encrypt(value)
269
+ kms_client = Aws::KMS::Client.new({region: Rails.application.secrets.aws['AWS_REGION'], credentials: self.aws_auth_client}.delete_if {|k,v| v.blank? })
270
+ kms_key = ENV['AWS_KMS_ARN'] || Rails.application.secrets.aws['AWS_KMS_ARN']
271
+
272
+ resp = kms_client.encrypt({key_id: kms_key, plaintext: value})
273
+ return resp.ciphertext_blob.unpack('H*').first
274
+ end
275
+
276
+ def aws_auth_client
277
+ if Rails.env.to_s == 'development'
278
+ return Aws::Credentials.new(Rails.application.secrets.aws['AWS_ACCESS_KEY_ID'], Rails.application.secrets.aws['AWS_SECRET_ACCESS_KEY'])
279
+ else
280
+ return nil
281
+ end
282
+ end
283
+ #### END KMS ENCRYPTION Methods ####
284
+
285
+ #### START Metrics Methods ####
254
286
  def logitem(item: {}, reset: false)
255
287
  self.logitems = {} if self.logitems.class != Hash
256
288
  if item.class == Hash
@@ -334,9 +366,9 @@ module ZuoraConnect
334
366
  end
335
367
  return @data
336
368
  end
337
- #### END Task Mathods ####
369
+ #### END Task Methods ####
338
370
 
339
- #### START Task Mathods ####
371
+ #### START Task Methods ####
340
372
  def build_task(task_data: {}, session: {})
341
373
  session = {} if session.blank?
342
374
  self.task_data = task_data
@@ -445,9 +477,9 @@ module ZuoraConnect
445
477
  raise
446
478
  end
447
479
  end
448
- #### END Task Mathods ####
480
+ #### END Task Methods ####
449
481
 
450
- #### START Connect OAUTH methods ####
482
+ #### START Connect OAUTH Methods ####
451
483
  def check_oauth_state(method)
452
484
  #Refresh token if already expired
453
485
  if self.oauth_expired?
@@ -505,7 +537,7 @@ module ZuoraConnect
505
537
  raise
506
538
  end
507
539
  end
508
- #### END Connect OAUTH methods ####
540
+ #### END Connect OAUTH Methods ####
509
541
 
510
542
  #### START AppInstance Temporary Persistance Methods ####
511
543
  def marked_for_refresh?
data/lib/zuora_connect/configuration.rb CHANGED
@@ -3,7 +3,7 @@ module ZuoraConnect
3
3
 
4
4
  attr_accessor :default_locale, :default_time_zone, :url, :mode, :delayed_job,:private_key, :additional_apartment_models
5
5
 
6
- attr_accessor :enable_metrics, :telegraf_endpoint, :telegraf_debug, :custom_prometheus_update_block, :silencer_resque_finish, :blpop_queue, :app_access_permissions
6
+ attr_accessor :enable_metrics, :telegraf_endpoint, :telegraf_debug, :custom_prometheus_update_block, :silencer_resque_finish, :blpop_queue
7
7
 
8
8
  attr_accessor :oauth_client_id, :oauth_client_secret, :oauth_client_redirect_uri
9
9
 
@@ -19,7 +19,6 @@ module ZuoraConnect
19
19
  @additional_apartment_models = []
20
20
  @silencer_resque_finish = true
21
21
  @blpop_queue = false
22
- @app_access_permissions = false
23
22
 
24
23
  # Setting the app name for telegraf write
25
24
  @enable_metrics = false
data/lib/zuora_connect/controllers/helpers.rb CHANGED
@@ -37,13 +37,16 @@ module ZuoraConnect
37
37
 
38
38
  if appinstances.size == 0
39
39
  render json: {"status": 401, "message": "Missing mapping or no deployment for '#{zuora_host}-#{zuora_entity_id}' ."}, status: :unauthorized
40
+ return
40
41
  elsif appinstances.size > 1
41
42
  render json: {"status": 401, "message": "More than one app instance binded to host and entity ids. Please indicate correct instance via 'zuora-instance-id' header"}, status: :unauthorized
43
+ return
42
44
  else
43
45
  @appinstance = appinstances.first
46
+ check_instance
44
47
  end
45
48
 
46
- elsif params['test'].blank? || request.headers.fetch("Authorization", "").include?("Basic ")
49
+ elsif request.headers.fetch("Authorization", "").include?("Basic ")
47
50
  authenticate_or_request_with_http_basic do |username, password|
48
51
  @appinstance = ZuoraConnect::AppInstance.where(:token => password).first
49
52
  @appinstance ||= ZuoraConnect::AppInstance.where(:api_token => password).first
@@ -51,17 +54,7 @@ module ZuoraConnect
51
54
  check_instance
52
55
  end
53
56
  else
54
- response.set_header('WWW-Authenticate', "Basic realm=\"Application\"")
55
- case params['test']
56
- when "1"
57
- render json: {"status": 401, "message": "Access Denied"}, status: :unauthorized
58
- when "2"
59
- render html: "HTTP Basic: Access denied.\n", status: :unauthorized
60
-
61
- when "3"
62
- render plain: "Access Denied", status: :unauthorized
63
- end
64
- #check_instance
57
+ check_instance
65
58
  end
66
59
 
67
60
  if @appinstance.present?
@@ -69,10 +62,28 @@ module ZuoraConnect
69
62
  end
70
63
  end
71
64
 
65
+ #API ONLY
66
+ def check_instance
67
+ if defined?(@appinstance) && @appinstance.present?
68
+ if @appinstance.new_session_for_api_requests(:params => params)
69
+ @appinstance.new_session(:session => @appinstance.data_lookup(:session => session))
70
+ end
71
+ Thread.current[:appinstance] = @appinstance
72
+ PaperTrail.whodunnit = "API User" if defined?(PaperTrail)
73
+ ElasticAPM.set_user("API User") if defined?(ElasticAPM) && ElasticAPM.running?
74
+ return true
75
+ else
76
+ response.set_header('WWW-Authenticate', "Basic realm=\"Application\"")
77
+ render json: {"status": 401, "message": "Access Denied"}, status: :unauthorized
78
+ return false
79
+ end
80
+ end
81
+
72
82
  def authenticate_connect_app_request
73
83
  ElasticAPM.set_tag(:trace_id, request.uuid) if defined?(ElasticAPM) && ElasticAPM.running?
74
84
  Thread.current[:appinstance] = nil
75
85
  start_time = Time.now
86
+
76
87
  if ZuoraConnect.configuration.mode == "Production"
77
88
  if request.headers['ZuoraCurrentEntity'].present?
78
89
 
@@ -227,10 +238,9 @@ module ZuoraConnect
227
238
  "tenant_ids": client_describe["accessibleEntities"].map{|e| e['entityId'] }.push(client_describe["tenantId"]).uniq,
228
239
  }
229
240
 
230
- @appinstance = ZuoraConnect::AppInstance.new(:id => next_id, :zuora_logins => task_data.to_json, :oauth_expires_at => Time.now + 1000.years)
241
+ @appinstance = ZuoraConnect::AppInstance.new(:id => next_id, :zuora_logins => task_data, :oauth_expires_at => Time.now + 1000.years)
231
242
  @appinstance.save(:validate => false)
232
- @appinstance.apartment_switch
233
-
243
+ @appinstance.refresh
234
244
  session["appInstance"] = @appinstance.id
235
245
  rescue => ex
236
246
  ZuoraConnect.logger.error(ex)
@@ -367,24 +377,6 @@ module ZuoraConnect
367
377
  end
368
378
  session["#{@appinstance.id}::admin"] = ZuoraConnect.configuration.dev_mode_admin
369
379
  end
370
-
371
- #API ONLY
372
- def check_instance
373
- if defined?(@appinstance) && @appinstance.present?
374
- if @appinstance.new_session_for_api_requests(:params => params)
375
- @appinstance.new_session(:session => @appinstance.data_lookup(:session => session))
376
- end
377
- Thread.current[:appinstance] = @appinstance
378
- PaperTrail.whodunnit = "API User" if defined?(PaperTrail)
379
- ElasticAPM.set_user("API User") if defined?(ElasticAPM) && ElasticAPM.running?
380
- return true
381
- else
382
- response.set_header('WWW-Authenticate', "Basic realm=\"Application\"")
383
- #render json: {"status": 401, "message": "Access Denied"}, status: :unauthorized
384
- render html: "HTTP Basic: Access denied.\n", status: :unauthorized
385
- render plain: "Access Denied", status: :unauthorized
386
- end
387
- end
388
380
  end
389
381
  end
390
382
  end
data/lib/zuora_connect/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ZuoraConnect
2
- VERSION = "2.0.5c"
2
+ VERSION = "2.0.5d"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: zuora_connect
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.5c
4
+ version: 2.0.5d
5
5
  platform: ruby
6
6
  authors:
7
7
  - Connect Team