Class: SecureEscrow::Middleware::Presenter

Inherits:
Object
  • Object
show all
Includes:
SecureEscrow::MiddlewareConstants
Defined in:
lib/secure_escrow/middleware.rb

Constant Summary

Constants included from SecureEscrow::MiddlewareConstants

SecureEscrow::MiddlewareConstants::BAD_NONCE, SecureEscrow::MiddlewareConstants::CONTENT_TYPE, SecureEscrow::MiddlewareConstants::COOKIE_SEPARATOR, SecureEscrow::MiddlewareConstants::DATA_KEY, SecureEscrow::MiddlewareConstants::ESCROW_MATCH, SecureEscrow::MiddlewareConstants::EXPIRE_COOKIE, SecureEscrow::MiddlewareConstants::GET, SecureEscrow::MiddlewareConstants::HTTPS, SecureEscrow::MiddlewareConstants::HTTP_COOKIE, SecureEscrow::MiddlewareConstants::HTTP_X_FORWARDED_PROTO, SecureEscrow::MiddlewareConstants::JSON_CONTENT, SecureEscrow::MiddlewareConstants::LCASE_HTTPS, SecureEscrow::MiddlewareConstants::LOCATION, SecureEscrow::MiddlewareConstants::NONCE, SecureEscrow::MiddlewareConstants::ON, SecureEscrow::MiddlewareConstants::POST, SecureEscrow::MiddlewareConstants::QUERY_STRING, SecureEscrow::MiddlewareConstants::RACK_URL_SCHEME, SecureEscrow::MiddlewareConstants::RAILS_ROUTES, SecureEscrow::MiddlewareConstants::REDIRECT_CODES, SecureEscrow::MiddlewareConstants::REQUEST_METHOD, SecureEscrow::MiddlewareConstants::REQUEST_PATH, SecureEscrow::MiddlewareConstants::RESPONSE, SecureEscrow::MiddlewareConstants::TTL

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(next_app, rails_app, config, env) ⇒ Presenter

Returns a new instance of Presenter.



65
66
67
68
69
70
71
 
# File 'lib/secure_escrow/middleware.rb', line 65

def initialize next_app, rails_app, config, env
  @next_app   = next_app
  @rails_app  = rails_app
  @config     = config
  @store      = config[:store]
  @env        = env
end

Instance Attribute Details

#configObject (readonly)

Returns the value of attribute config.



63
64
65
 
# File 'lib/secure_escrow/middleware.rb', line 63

def config
  @config
end

#envObject (readonly)

Returns the value of attribute env.



63
64
65
 
# File 'lib/secure_escrow/middleware.rb', line 63

def env
  @env
end

#next_appObject (readonly)

Returns the value of attribute next_app.



63
64
65
 
# File 'lib/secure_escrow/middleware.rb', line 63

def next_app
  @next_app
end

#rails_appObject (readonly)

Returns the value of attribute rails_app.



63
64
65
 
# File 'lib/secure_escrow/middleware.rb', line 63

def rails_app
  @rails_app
end

#storeObject (readonly)

Returns the value of attribute store.



63
64
65
 
# File 'lib/secure_escrow/middleware.rb', line 63

def store
  @store
end

Instance Method Details

#call_resultObject 



197
198
199
 
# File 'lib/secure_escrow/middleware.rb', line 197

def call_result
  @call_result ||= next_app.call env
end

#escrow_idObject 



152
153
154
 
# File 'lib/secure_escrow/middleware.rb', line 152

def escrow_id
  @escrow_id ||= (escrow_id_and_nonce || [])[0]
end

#escrow_key(id) ⇒ Object 



160
161
162
 
# File 'lib/secure_escrow/middleware.rb', line 160

def escrow_key id
  "escrow:#{id}"
end

#escrow_nonceObject 



156
157
158
 
# File 'lib/secure_escrow/middleware.rb', line 156

def escrow_nonce
  @escrow_nonce ||= (escrow_id_and_nonce || [])[1]
end

#generate_id_and_nonceObject 



193
194
195
 
# File 'lib/secure_escrow/middleware.rb', line 193

def generate_id_and_nonce
  [ UUID.generate, SecureRandom.hex(4) ]
end

#redirect_to_location(token = nil) ⇒ Object 



201
202
203
204
205
206
207
208
209
210
211
212
213
214
 
# File 'lib/secure_escrow/middleware.rb', line 201

def redirect_to_location token = nil
  redirect_to_options = {
    protocol: rails_config[:insecure_domain_protocol] || request.protocol,
    host:     rails_config[:insecure_domain_name]     || request.host,
    port:     rails_config[:insecure_domain_port]     || request.port,
  }

  if token && !homogenous_host_names?
    redirect_to_options.merge!(DATA_KEY => token)
  end

  routes.url_for(
    recognize_path.merge(redirect_to_options))
end

#redirect_to_response!Object 



127
128
129
130
131
 
# File 'lib/secure_escrow/middleware.rb', line 127

def redirect_to_response!
  status, header, response = call_result
  rewrite_location_header! header
  [ status, header, response ]
end

#response_is_redirect?Boolean

Returns:

  • (Boolean) 


80
81
82
83
 
# File 'lib/secure_escrow/middleware.rb', line 80

def response_is_redirect?
  status, header, response = call_result
  REDIRECT_CODES.include? status
end

#serve_response_from_application!Object 



148
149
150
 
# File 'lib/secure_escrow/middleware.rb', line 148

def serve_response_from_application!
  call_result
end

#serve_response_from_escrow!Object 



93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
# File 'lib/secure_escrow/middleware.rb', line 93

def serve_response_from_escrow!
  key = escrow_key escrow_id
  value = JSON.parse(store.get key)

  if escrow_nonce == value[NONCE]
    # Destroy the stored value
    store.del key

    status, headers, body = value[RESPONSE]

    if headers[CONTENT_TYPE] && JSON_CONTENT.match(headers[CONTENT_TYPE])
      original_body = ""

      body.each do |chunk|
        original_body += chunk
      end

      body = [
        "<html><body><script id=\"response\" type=\"text/x-escrow-json\">%s</script></body></html>" %
        { status: status, body: original_body }.to_json
      ]
      headers[CONTENT_TYPE] = "text/html; charset=utf-8"
      status = 200
    end

    expire_cookie_token!(headers)

    [ status, headers, body ]
  else
    # HTTP Status Code 403 - Forbidden
    return [ 403, {}, [ BAD_NONCE ] ]
  end
end

#serve_response_from_escrow?Boolean

Returns:

  • (Boolean) 


73
74
75
76
77
78
 
# File 'lib/secure_escrow/middleware.rb', line 73

def serve_response_from_escrow?
  return false unless GET == env[REQUEST_METHOD]
  return false unless escrow_id

  store.exists escrow_key(escrow_id)
end

#store_in_escrow(status, header, response) ⇒ Object

Take a Rack status, header, and response Serialize the response to a string Serialize the structure as JSON Generate a unique id for the data Generate a nonce for the data Store in Redis



170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
 
# File 'lib/secure_escrow/middleware.rb', line 170

def store_in_escrow status, header, response
  id, nonce = generate_id_and_nonce

  response_body = []
  response.each { |content| response_body.push(content) }
  response.close if response.respond_to? :close

  rewrite_location_header! header

  value = {
    NONCE    => nonce,
    RESPONSE => [ status, header, [ response_body.join ] ]
  }

  # Serialze the nonce and Rack response triplet,
  # store in Redis, and set TTL
  key = escrow_key id

  store.setex key, TTL, value.to_json

  [ id, nonce ]
end

#store_response_in_escrow?Boolean

Returns:

  • (Boolean) 


85
86
87
88
89
90
91
 
# File 'lib/secure_escrow/middleware.rb', line 85

def store_response_in_escrow?
  return false unless POST == env[REQUEST_METHOD] && https?
  recognized = recognize_path
  config[:allow_non_escrow_routes] ?
    recognized :
    recognized && recognized[:escrow]
end

#store_response_in_escrow_and_redirect!Object 



133
134
135
136
137
138
139
140
141
142
143
144
145
146
 
# File 'lib/secure_escrow/middleware.rb', line 133

def store_response_in_escrow_and_redirect!
  status, header, response = call_result
  id, nonce = store_in_escrow status, header, response
  token = "#{id}.#{nonce}"

  response_headers = {
    LOCATION      => redirect_to_location(token),
    CONTENT_TYPE  => header[CONTENT_TYPE]
  }
  set_cookie_token!(response_headers, token) if homogenous_host_names?

  # HTTP Status Code 303 - See Other
  return [ 303, response_headers, [ "Escrowed at #{token}" ] ]
end