Class: Aspera::Api::Node
Overview
Provides additional functions using node API with gen4 extensions (access keys)
Direct Known Subclasses
Constant Summary collapse
- ACCESS_LEVELS =
permissions
%w[delete list mkdir preview read rename write].freeze
- MATCH_EXEC_PREFIX =
prefix for ruby code for filter (deprecated)
'exec:'
- MATCH_TYPES =
[String, Proc, Regexp, NilClass].freeze
- HEADER_X_ASPERA_ACCESS_KEY =
'X-Aspera-AccessKey'
- PATH_SEPARATOR =
'/'
- TS_FIELDS_TO_COPY =
%w[remote_host remote_user ssh_port fasp_port wss_enabled wss_port].freeze
- SCOPE_USER =
'user:all'
- SCOPE_ADMIN =
'admin:all'
- SCOPE_PREFIX =
'node.'
- SCOPE_SEPARATOR =
':'
- SIGNATURE_DELIMITER =
'==SIGNATURE=='
- BEARER_TOKEN_VALIDITY_DEFAULT =
86400
- BEARER_TOKEN_SCOPE_DEFAULT =
SCOPE_USER
Constants inherited from Rest
Rest::ENTITY_NOT_FOUND, Rest::JSON_DECODE
Class Attribute Summary collapse
-
.use_standard_ports ⇒ Object
Returns the value of attribute use_standard_ports.
Instance Attribute Summary collapse
-
#app_info ⇒ Object
readonly
Returns the value of attribute app_info.
Attributes inherited from Rest
Class Method Summary collapse
- .bearer_headers(bearer_auth, access_key: nil) ⇒ Object
-
.bearer_token(access_key:, payload:, private_key:) ⇒ Object
Create an Aspera Node bearer token.
- .decode_bearer_token(token) ⇒ Object
- .decode_scope(scope) ⇒ Object
-
.file_matcher(match_expression) ⇒ Object
For access keys: provide expression to match entry in folder.
- .file_matcher_from_argument(options) ⇒ Object
-
.token_scope(access_key, scope) ⇒ Object
node API scopes.
Instance Method Summary collapse
-
#add_tspec_info(tspec) ⇒ Object
update transfer spec with special additional tags.
- #find_files(top_file_id, test_block) ⇒ Object
-
#initialize(app_info: nil, add_tspec: nil, **rest_args) ⇒ Node
constructor
A new instance of Node.
- #node_id_to_node(node_id) ⇒ Object
-
#process_folder_tree(state:, top_file_id:, top_file_path: '/', &block) ⇒ Object
Recursively browse in a folder (with non-recursive method) sub folders are processed if the processing method returns true.
- #refreshed_transfer_token ⇒ Object
-
#resolve_api_fid(top_file_id, path) ⇒ Hash
Navigate the path from given file id.
-
#transfer_spec_gen4(file_id, direction, ts_merge = nil) ⇒ Object
Create transfer spec for gen4.
Methods inherited from Rest
array_params, array_params?, basic_token, build_uri, #call, #cancel, #create, decode_query, #delete, io_http_session, #lookup_by_name, #oauth, #oauth_token, #params, #read, remote_certificate_chain, set_parameters, start_http_session, #update, user_agent
Constructor Details
#initialize(app_info: nil, add_tspec: nil, **rest_args) ⇒ Node
Returns a new instance of Node.
131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 |
# File 'lib/aspera/api/node.rb', line 131 def initialize(app_info: nil, add_tspec: nil, **rest_args) # init Rest super(**rest_args) @app_info = app_info # this is added to transfer spec, for instance to add tags (COS) @add_tspec = add_tspec if !@app_info.nil? REQUIRED_APP_INFO_FIELDS.each do |field| Aspera.assert(@app_info.key?(field)){"app_info lacks field #{field}"} end REQUIRED_APP_API_METHODS.each do |method| Aspera.assert(@app_info[:api].respond_to?(method)){"#{@app_info[:api].class} lacks method #{method}"} end end end |
Class Attribute Details
.use_standard_ports ⇒ Object
Returns the value of attribute use_standard_ports.
40 41 42 |
# File 'lib/aspera/api/node.rb', line 40 def use_standard_ports @use_standard_ports end |
Instance Attribute Details
#app_info ⇒ Object (readonly)
Returns the value of attribute app_info.
124 125 126 |
# File 'lib/aspera/api/node.rb', line 124 def app_info @app_info end |
Class Method Details
.bearer_headers(bearer_auth, access_key: nil) ⇒ Object
105 106 107 108 109 110 111 112 113 114 115 |
# File 'lib/aspera/api/node.rb', line 105 def bearer_headers(bearer_auth, access_key: nil) # if username is not provided, use the access key from the token if access_key.nil? access_key = Node.decode_scope(Node.decode_bearer_token(OAuth::Factory.bearer_extract(bearer_auth))['scope'])[:access_key] Aspera.assert(!access_key.nil?) end return { Node::HEADER_X_ASPERA_ACCESS_KEY => access_key, 'Authorization' => bearer_auth } end |
.bearer_token(access_key:, payload:, private_key:) ⇒ Object
Create an Aspera Node bearer token
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
# File 'lib/aspera/api/node.rb', line 78 def bearer_token(access_key:, payload:, private_key:) Aspera.assert_type(payload, Hash) Aspera.assert(payload.key?('user_id')) Aspera.assert_type(payload['user_id'], String) Aspera.assert(!payload['user_id'].empty?) Aspera.assert_type(private_key, OpenSSL::PKey::RSA) # manage convenience parameters expiration_sec = payload['_validity'] || BEARER_TOKEN_VALIDITY_DEFAULT payload.delete('_validity') scope = payload['_scope'] || BEARER_TOKEN_SCOPE_DEFAULT payload.delete('_scope') payload['scope'] ||= token_scope(access_key, scope) payload['auth_type'] ||= 'access_key' payload['expires_at'] ||= (Time.now + expiration_sec).utc.strftime('%FT%TZ') payload_json = JSON.generate(payload) return Base64.strict_encode64(Zlib::Deflate.deflate([ payload_json, SIGNATURE_DELIMITER, Base64.strict_encode64(private_key.sign(OpenSSL::Digest.new('sha512'), payload_json)).scan(/.{1,60}/).join("\n"), '' ].join("\n"))) end |
.decode_bearer_token(token) ⇒ Object
101 102 103 |
# File 'lib/aspera/api/node.rb', line 101 def decode_bearer_token(token) return JSON.parse(Zlib::Inflate.inflate(Base64.decode64(token)).partition(SIGNATURE_DELIMITER).first) end |
.decode_scope(scope) ⇒ Object
68 69 70 71 72 73 |
# File 'lib/aspera/api/node.rb', line 68 def decode_scope(scope) items = scope.split(SCOPE_SEPARATOR, 2) Aspera.assert(items.length.eql?(2)){"invalid scope: #{scope}"} Aspera.assert(items[0].start_with?(SCOPE_PREFIX)){"invalid scope: #{scope}"} return {access_key: items[0][SCOPE_PREFIX.length..-1], scope: items[1]} end |
.file_matcher(match_expression) ⇒ Object
For access keys: provide expression to match entry in folder
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'lib/aspera/api/node.rb', line 43 def file_matcher(match_expression) case match_expression when Proc then return match_expression when Regexp then return ->(f){f['name'].match?(match_expression)} when String if match_expression.start_with?(MATCH_EXEC_PREFIX) code = "->(f){#{match_expression[MATCH_EXEC_PREFIX.length..-1]}}" Log.log.warn{"Use of prefix #{MATCH_EXEC_PREFIX} is deprecated (4.15), instead use: @ruby:'#{code}'"} return Environment.secure_eval(code, __FILE__, __LINE__) end return lambda{|f|File.fnmatch(match_expression, f['name'], File::FNM_DOTMATCH)} when NilClass then return ->(_){true} else Aspera.error_unexpected_value(match_expression.class.name, exception_class: Cli::BadArgument) end end |
.file_matcher_from_argument(options) ⇒ Object
59 60 61 |
# File 'lib/aspera/api/node.rb', line 59 def file_matcher_from_argument() return file_matcher(.get_next_argument('filter', type: MATCH_TYPES, mandatory: false)) end |
.token_scope(access_key, scope) ⇒ Object
node API scopes
64 65 66 |
# File 'lib/aspera/api/node.rb', line 64 def token_scope(access_key, scope) return [SCOPE_PREFIX, access_key, SCOPE_SEPARATOR, scope].join('') end |
Instance Method Details
#add_tspec_info(tspec) ⇒ Object
update transfer spec with special additional tags
148 149 150 151 |
# File 'lib/aspera/api/node.rb', line 148 def add_tspec_info(tspec) tspec.deep_merge!(@add_tspec) unless @add_tspec.nil? return tspec end |
#find_files(top_file_id, test_block) ⇒ Object
262 263 264 265 266 267 268 269 270 271 |
# File 'lib/aspera/api/node.rb', line 262 def find_files(top_file_id, test_block) Log.log.debug{"find_files: file id=#{top_file_id}"} find_state = {found: [], test_block: test_block} process_folder_tree(state: find_state, top_file_id: top_file_id) do |entry, path, state| state[:found].push(entry.merge({'path' => path})) if state[:test_block].call(entry) # test all files deeply true end return find_state[:found] end |
#node_id_to_node(node_id) ⇒ Object
154 155 156 157 158 159 160 161 162 163 164 |
# File 'lib/aspera/api/node.rb', line 154 def node_id_to_node(node_id) if !@app_info.nil? return self if node_id.eql?(@app_info[:node_info]['id']) return @app_info[:api].node_api_from( node_id: node_id, workspace_id: @app_info[:workspace_id], workspace_name: @app_info[:workspace_name]) end Log.log.warn{"cannot resolve link with node id #{node_id}"} return nil end |
#process_folder_tree(state:, top_file_id:, top_file_path: '/', &block) ⇒ Object
Recursively browse in a folder (with non-recursive method) sub folders are processed if the processing method returns true
172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 |
# File 'lib/aspera/api/node.rb', line 172 def process_folder_tree(state:, top_file_id:, top_file_path: '/', &block) Aspera.assert(!top_file_path.nil?){'top_file_path not set'} Aspera.assert(block){'Missing block'} # start at top folder folders_to_explore = [{id: top_file_id, path: top_file_path}] Log.log.debug{Log.dump(:folders_to_explore, folders_to_explore)} until folders_to_explore.empty? current_item = folders_to_explore.shift Log.log.debug{"searching #{current_item[:path]}".bg_green} # get folder content folder_contents = begin read("files/#{current_item[:id]}/files")[:data] rescue StandardError => e Log.log.warn{"#{current_item[:path]}: #{e.class} #{e.}"} [] end Log.log.debug{Log.dump(:folder_contents, folder_contents)} folder_contents.each do |entry| relative_path = File.join(current_item[:path], entry['name']) Log.log.debug{"process_folder_tree checking #{relative_path}"} # continue only if method returns true next unless yield(entry, relative_path, state) # entry type is file, folder or link case entry['type'] when 'folder' folders_to_explore.push({id: entry['id'], path: relative_path}) when 'link' node_id_to_node(entry['target_node_id'])&.process_folder_tree( state: state, top_file_id: entry['target_id'], top_file_path: relative_path, &block) end end end end |
#refreshed_transfer_token ⇒ Object
273 274 275 |
# File 'lib/aspera/api/node.rb', line 273 def refreshed_transfer_token return oauth_token(force_refresh: true) end |
#resolve_api_fid(top_file_id, path) ⇒ Hash
Navigate the path from given file id
214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 |
# File 'lib/aspera/api/node.rb', line 214 def resolve_api_fid(top_file_id, path) Aspera.assert_type(top_file_id, String) process_last_link = path.end_with?(PATH_SEPARATOR) path_elements = path.split(PATH_SEPARATOR).reject(&:empty?) return {api: self, file_id: top_file_id} if path_elements.empty? resolve_state = {path: path_elements, result: nil} process_folder_tree(state: resolve_state, top_file_id: top_file_id) do |entry, _path, state| # this block is called recursively for each entry in folder # stop digging here if not in right path next false unless entry['name'].eql?(state[:path].first) # ok it matches, so we remove the match state[:path].shift case entry['type'] when 'file' # file must be terminal raise "#{entry['name']} is a file, expecting folder to find: #{state[:path]}" unless state[:path].empty? # it's terminal, we found it state[:result] = {api: self, file_id: entry['id']} next false when 'folder' if state[:path].empty? # we found it state[:result] = {api: self, file_id: entry['id']} next false end when 'link' if state[:path].empty? if process_last_link # we found it other_node = node_id_to_node(entry['target_node_id']) raise 'cannot resolve link' if other_node.nil? state[:result] = {api: other_node, file_id: entry['target_id']} else # we found it but we do not process the link state[:result] = {api: self, file_id: entry['id']} end next false end else Log.log.warn{"Unknown element type: #{entry['type']}"} end # continue to dig folder next true end raise "entry not found: #{resolve_state[:path]}" if resolve_state[:result].nil? return resolve_state[:result] end |
#transfer_spec_gen4(file_id, direction, ts_merge = nil) ⇒ Object
Create transfer spec for gen4
278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 |
# File 'lib/aspera/api/node.rb', line 278 def transfer_spec_gen4(file_id, direction, ts_merge=nil) ak_name = nil ak_token = nil case auth_params[:type] when :basic ak_name = auth_params[:username] Aspera.assert(auth_params[:password]){'no secret in node object'} ak_token = Rest.basic_token(auth_params[:username], auth_params[:password]) when :oauth2 ak_name = params[:headers][HEADER_X_ASPERA_ACCESS_KEY] # TODO: token_generation_lambda = lambda{|do_refresh|oauth_token(force_refresh: do_refresh)} # get bearer token, possibly use cache ak_token = oauth_token(force_refresh: false) else Aspera.error_unexpected_value(auth_params[:type]) end transfer_spec = { 'direction' => direction, 'token' => ak_token, 'tags' => { Transfer::Spec::TAG_RESERVED => { 'node' => { 'access_key' => ak_name, 'file_id' => file_id } # node } # aspera } # tags } # add specials tags (cos) add_tspec_info(transfer_spec) transfer_spec.deep_merge!(ts_merge) unless ts_merge.nil? # add application specific tags (AoC) app_info[:api].(transfer_spec: transfer_spec, app_info: app_info) unless app_info.nil? # add remote host info if self.class.use_standard_ports # get default TCP/UDP ports and transfer user transfer_spec.merge!(Transfer::Spec::AK_TSPEC_BASE) # by default: same address as node API transfer_spec['remote_host'] = URI.parse(base_url).host # AoC allows specification of other url if !@app_info.nil? && !@app_info[:node_info]['transfer_url'].nil? && !@app_info[:node_info]['transfer_url'].empty? transfer_spec['remote_host'] = @app_info[:node_info]['transfer_url'] end info = read('info')[:data] # get the transfer user from info on access key transfer_spec['remote_user'] = info['transfer_user'] if info['transfer_user'] # get settings from name.value array to hash key.value settings = info['settings']&.each_with_object({}){|i, h|h[i['name']] = i['value']} # check WSS ports %w[wss_enabled wss_port].each do |i| transfer_spec[i] = settings[i] if settings.key?(i) end if settings.is_a?(Hash) else # retrieve values from API (and keep a copy/cache) @std_t_spec_cache ||= create( 'files/download_setup', {transfer_requests: [{ transfer_request: {paths: [{'source' => '/'}] } }] } )[:data]['transfer_specs'].first['transfer_spec'] # copy some parts TS_FIELDS_TO_COPY.each {|i| transfer_spec[i] = @std_t_spec_cache[i] if @std_t_spec_cache.key?(i)} end Log.log.warn{"Expected transfer user: #{Transfer::Spec::ACCESS_KEY_TRANSFER_USER}, but have #{transfer_spec['remote_user']}"} \ unless transfer_spec['remote_user'].eql?(Transfer::Spec::ACCESS_KEY_TRANSFER_USER) return transfer_spec end |