loafle/openapi-generator
3
0
Fork 0
forked from loafle/openapi-generator-original
Code Pull Requests Activity

Problem: faraday ruby client does not respect TLS settings (#3527)

Browse Source 
Solution: pass in tls settings to the faraday client
This commit is contained in:
Dennis Kliban
2019-08-02 00:20:16 -04:00
committed by William Cheng
parent dff3386594
commit 4c1133be3f
3 changed files with 313 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/RubyClientCodegen.java
View File

@@ -236,10 +236,11 @@ public class RubyClientCodegen extends AbstractRubyCodegen {
if (TYPHOEUS.equals(getLibrary())) {
supportingFiles.add(new SupportingFile("api_client.mustache", gemFolder, "api_client.rb"));
supportingFiles.add(new SupportingFile("configuration.mustache", gemFolder, "configuration.rb"));
supportingFiles.add(new SupportingFile("Gemfile.lock.mustache", "", "Gemfile.lock"));
} else if (FARADAY.equals(getLibrary())) {
supportingFiles.add(new SupportingFile("faraday_api_client.mustache", gemFolder, "api_client.rb"));
additionalProperties.put("isFaraday", Boolean.TRUE);
supportingFiles.add(new SupportingFile("faraday_configuration.mustache", gemFolder, "configuration.rb"));
} else {
throw new RuntimeException("Invalid HTTP library " + getLibrary() + ". Only faraday, typhoeus are supported.");
}

20
modules/openapi-generator/src/main/resources/ruby-client/faraday_api_client.mustache vendored
View File

@@ -38,7 +38,15 @@ module {{moduleName}}
# @return [Array<(Object, Integer, Hash)>] an array of 3 elements:
# the data deserialized from response body (could be nil), response status code and response headers.
def call_api(http_method, path, opts = {})
connection = Faraday.new(:url => config.base_url) do |conn|
ssl_options = {
:ca_file => @config.ssl_ca_file,
:verify => @config.ssl_verify,
:verify => @config.ssl_verify_mode,
:client_cert => @config.ssl_client_cert,
:client_key => @config.ssl_client_key
}
connection = Faraday.new(:url => config.base_url, :ssl => ssl_options) do |conn|
conn.basic_auth(config.username, config.password)
if opts[:header_params]["Content-Type"] == "multipart/form-data"
conn.request :multipart
@@ -46,6 +54,7 @@ module {{moduleName}}
end
conn.adapter(Faraday.default_adapter)
end
begin
response = connection.public_send(http_method.to_sym.downcase) do |req|
build_request(http_method, path, req, opts)
@@ -98,8 +107,7 @@ module {{moduleName}}
update_params_for_auth! header_params, query_params, opts[:auth_names]
# set ssl_verifyhosts option based on @config.verify_ssl_host (true/false)
_verify_ssl_host = @config.verify_ssl_host ? 2 : 0
req_opts = {
:method => http_method,
@@ -107,15 +115,9 @@ module {{moduleName}}
:params => query_params,
:params_encoding => @config.params_encoding,
:timeout => @config.timeout,
:ssl_verifypeer => @config.verify_ssl,
:ssl_verifyhost => _verify_ssl_host,
:sslcert => @config.cert_file,
:sslkey => @config.key_file,
:verbose => @config.debugging
}
# set custom cert, if provided
req_opts[:cainfo] = @config.ssl_ca_cert if @config.ssl_ca_cert
if [:post, :patch, :put, :delete].include?(http_method)
req_body = build_request_body(header_params, form_params, opts[:body])

300
modules/openapi-generator/src/main/resources/ruby-client/faraday_configuration.mustache vendored Normal file
View File

@@ -0,0 +1,300 @@
=begin
{{> api_info}}
=end
module {{moduleName}}
class Configuration
# Defines url scheme
attr_accessor :scheme
# Defines url host
attr_accessor :host
# Defines url base path
attr_accessor :base_path
# Defines API keys used with API Key authentications.
#
# @return [Hash] key: parameter name, value: parameter value (API key)
#
# @example parameter name is "api_key", API key is "xxx" (e.g. "api_key=xxx" in query string)
# config.api_key['api_key'] = 'xxx'
attr_accessor :api_key
# Defines API key prefixes used with API Key authentications.
#
# @return [Hash] key: parameter name, value: API key prefix
#
# @example parameter name is "Authorization", API key prefix is "Token" (e.g. "Authorization: Token xxx" in headers)
# config.api_key_prefix['api_key'] = 'Token'
attr_accessor :api_key_prefix
# Defines the username used with HTTP basic authentication.
#
# @return [String]
attr_accessor :username
# Defines the password used with HTTP basic authentication.
#
# @return [String]
attr_accessor :password
# Defines the access token (Bearer) used with OAuth2.
attr_accessor :access_token
# Set this to enable/disable debugging. When enabled (set to true), HTTP request/response
# details will be logged with `logger.debug` (see the `logger` attribute).
# Default to false.
#
# @return [true, false]
attr_accessor :debugging
# Defines the logger used for debugging.
# Default to `Rails.logger` (when in Rails) or logging to STDOUT.
#
# @return [#debug]
attr_accessor :logger
# Defines the temporary folder to store downloaded files
# (for API endpoints that have file response).
# Default to use `Tempfile`.
#
# @return [String]
attr_accessor :temp_folder_path
# The time limit for HTTP request in seconds.
# Default to 0 (never times out).
attr_accessor :timeout
# Set this to false to skip client side validation in the operation.
# Default to true.
# @return [true, false]
attr_accessor :client_side_validation
# Set this to false to skip client side validation in the operation.
# Default to true.
# @return [true, false]
attr_accessor :client_side_validation
### TLS/SSL setting
# Set this to false to skip verifying SSL certificate when calling API from https server.
# Default to true.
#
# @note Do NOT set it to false in production code, otherwise you would face multiple types of cryptographic attacks.
#
# @return [true, false]
attr_accessor :ssl_verify
### TLS/SSL setting
# Any `OpenSSL::SSL::` constant (see https://ruby-doc.org/stdlib-2.5.1/libdoc/openssl/rdoc/OpenSSL/SSL.html)
#
# @note Do NOT set it to false in production code, otherwise you would face multiple types of cryptographic attacks.
#
attr_accessor :ssl_verify_mode
### TLS/SSL setting
# Set this to customize the certificate file to verify the peer.
#
# @return [String] the path to the certificate file
attr_accessor :ssl_ca_file
### TLS/SSL setting
# Client certificate file (for client certificate)
attr_accessor :ssl_client_cert
### TLS/SSL setting
# Client private key file (for client certificate)
attr_accessor :ssl_client_key
# Set this to customize parameters encoding of array parameter with multi collectionFormat.
# Default to nil.
#
# @see The params_encoding option of Ethon. Related source code:
# https://github.com/typhoeus/ethon/blob/master/lib/ethon/easy/queryable.rb#L96
attr_accessor :params_encoding
attr_accessor :inject_format
attr_accessor :force_ending_format
def initialize
@scheme = 'http'
@host = 'localhost'
@base_path = ''
@api_key = {}
@api_key_prefix = {}
@params_encoding = nil
@timeout = 0
@client_side_validation = true
@ssl_verify = true
@ssl_verify_mode = nil
@ssl_ca_file = nil
@ssl_client_cert = nil
@ssl_client_key = nil
@debugging = false
@inject_format = false
@force_ending_format = false
@logger = defined?(Rails) ? Rails.logger : Logger.new(STDOUT)
yield(self) if block_given?
end
# The default Configuration object.
def self.default
@@default ||= Configuration.new
end
def configure
yield(self) if block_given?
end
def scheme=(scheme)
# remove :// from scheme
@scheme = scheme.sub(/:\/\//, '')
end
def host=(host)
# remove http(s):// and anything after a slash
@host = host.sub(/https?:\/\//, '').split('/').first
end
def base_path=(base_path)
# Add leading and trailing slashes to base_path
@base_path = "/#{base_path}".gsub(/\/+/, '/')
@base_path = '' if @base_path == '/'
end
def base_url
"#{scheme}://#{[host, base_path].join('/').gsub(/\/+/, '/')}".sub(/\/+\z/, '')
end
# Gets API key (with prefix if set).
# @param [String] param_name the parameter name of API key auth
def api_key_with_prefix(param_name)
if @api_key_prefix[param_name]
"#{@api_key_prefix[param_name]} #{@api_key[param_name]}"
else
@api_key[param_name]
end
end
# Gets Basic Auth token string
def basic_auth_token
'Basic ' + ["#{username}:#{password}"].pack('m').delete("\r\n")
end
# Returns Auth Settings hash for api client.
def auth_settings
{
{{#authMethods}}
{{#isApiKey}}
'{{name}}' =>
{
type: 'api_key',
in: {{#isKeyInHeader}}'header'{{/isKeyInHeader}}{{#isKeyInQuery}}'query'{{/isKeyInQuery}},
key: '{{keyParamName}}',
value: api_key_with_prefix('{{keyParamName}}')
},
{{/isApiKey}}
{{#isBasic}}
{{^isBasicBearer}}
'{{name}}' =>
{
type: 'basic',
in: 'header',
key: 'Authorization',
value: basic_auth_token
},
{{/isBasicBearer}}
{{#isBasicBearer}}
'{{name}}' =>
{
type: 'bearer',
in: 'header',
{{#bearerFormat}}
format: '{{{.}}}',
{{/bearerFormat}}
key: 'Authorization',
value: "Bearer #{access_token}"
},
{{/isBasicBearer}}
{{/isBasic}}
{{#isOAuth}}
'{{name}}' =>
{
type: 'oauth2',
in: 'header',
key: 'Authorization',
value: "Bearer #{access_token}"
},
{{/isOAuth}}
{{/authMethods}}
}
end
# Returns an array of Server setting
def server_settings
[
{{#servers}}
{
url: "{{{url}}}",
description: "{{{description}}}{{^description}}No descriptoin provided{{/description}}",
{{#variables}}
{{#-first}}
variables: {
{{/-first}}
{{{name}}}: {
description: "{{{description}}}{{^description}}No descriptoin provided{{/description}}",
default_value: "{{{defaultValue}}}",
{{#enumValues}}
{{#-first}}
enum_values: [
{{/-first}}
"{{{.}}}"{{^-last}},{{/-last}}
{{#-last}}
]
{{/-last}}
{{/enumValues}}
}{{^-last}},{{/-last}}
{{#-last}}
}
{{/-last}}
{{/variables}}
}{{^-last}},{{/-last}}
{{/servers}}
]
end
# Returns URL based on server settings
#
# @param index array index of the server settings
# @param variables hash of variable and the corresponding value
def server_url(index, variables = {})
servers = server_settings
# check array index out of bound
if (index < 0 || index >= servers.size)
fail ArgumentError, "Invalid index #{index} when selecting the server. Must be less than #{servers.size}"
end
server = servers[index]
url = server[:url]
# go through variable and assign a value
server[:variables].each do |name, variable|
if variables.key?(name)
if (server[:variables][name][:enum_values].include? variables[name])
url.gsub! "{" + name.to_s + "}", variables[name]
else
fail ArgumentError, "The variable `#{name}` in the server URL has invalid value #{variables[name]}. Must be #{server[:variables][name][:enum_values]}."
end
else
# use default value
url.gsub! "{" + name.to_s + "}", server[:variables][name][:default_value]
end
end
url
end
end
end