Module: Dropbox
- Defined in:
- lib/dropbox_sdk.rb
Overview
:nodoc:
Constant Summary collapse
- API_SERVER =
"api.dropbox.com"
- API_CONTENT_SERVER =
"api-content.dropbox.com"
- WEB_SERVER =
"www.dropbox.com"
- API_VERSION =
1
- SDK_VERSION =
"1.6.3"
- TRUSTED_CERT_FILE =
File.join(File.dirname(__FILE__), 'trusted-certs.crt')
Class Method Summary collapse
- .clean_params(params) ⇒ Object
-
.do_http(uri, request) ⇒ Object
:nodoc:.
- .make_query_string(params) ⇒ Object
-
.parse_response(response, raw = false) ⇒ Object
Parse response.
-
.safe_string_equals(a, b) ⇒ Object
A string comparison function that is resistant to timing attacks.
- .verify_ssl_certificate(preverify_ok, ssl_context) ⇒ Object
Class Method Details
.clean_params(params) ⇒ Object
21 22 23 24 25 26 27 |
# File 'lib/dropbox_sdk.rb', line 21 def self.clean_params(params) r = {} params.each do |k,v| r[k] = v.to_s if not v.nil? end r end |
.do_http(uri, request) ⇒ Object
:nodoc:
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/dropbox_sdk.rb', line 43 def self.do_http(uri, request) # :nodoc: http = Net::HTTP.new(uri.host, uri.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_PEER http.ca_file = Dropbox::TRUSTED_CERT_FILE if RUBY_VERSION >= '1.9' # SSL protocol and ciphersuite settings are supported strating with version 1.9 http.ssl_version = 'TLSv1' http.ciphers = 'ECDHE-RSA-AES256-GCM-SHA384:'\ 'ECDHE-RSA-AES256-SHA384:'\ 'ECDHE-RSA-AES256-SHA:'\ 'ECDHE-RSA-AES128-GCM-SHA256:'\ 'ECDHE-RSA-AES128-SHA256:'\ 'ECDHE-RSA-AES128-SHA:'\ 'ECDHE-RSA-RC4-SHA:'\ 'DHE-RSA-AES256-GCM-SHA384:'\ 'DHE-RSA-AES256-SHA256:'\ 'DHE-RSA-AES256-SHA:'\ 'DHE-RSA-AES128-GCM-SHA256:'\ 'DHE-RSA-AES128-SHA256:'\ 'DHE-RSA-AES128-SHA:'\ 'AES256-GCM-SHA384:'\ 'AES256-SHA256:'\ 'AES256-SHA:'\ 'AES128-GCM-SHA256:'\ 'AES128-SHA256:'\ 'AES128-SHA' end # Important security note! # Some Ruby versions (e.g. the one that ships with OS X) do not raise an exception if certificate validation fails. # We therefore have to add a custom callback to ensure that invalid certs are not accepted # See https://www.braintreepayments.com/braintrust/sslsocket-verify_mode-doesnt-verify # You can comment out this code in case your Ruby version is not vulnerable http.verify_callback = proc do |preverify_ok, ssl_context| Dropbox::verify_ssl_certificate(preverify_ok, ssl_context) end #We use this to better understand how developers are using our SDKs. request['User-Agent'] = "OfficialDropboxRubySDK/#{Dropbox::SDK_VERSION}" begin http.request(request) rescue OpenSSL::SSL::SSLError => e raise DropboxError.new("SSL error connecting to Dropbox. " + "There may be a problem with the set of certificates in \"#{Dropbox::TRUSTED_CERT_FILE}\". #{e}") end end |
.make_query_string(params) ⇒ Object
29 30 31 32 33 |
# File 'lib/dropbox_sdk.rb', line 29 def self.make_query_string(params) clean_params(params).collect {|k,v| CGI.escape(k) + "=" + CGI.escape(v) }.join("&") end |
.parse_response(response, raw = false) ⇒ Object
Parse response. You probably shouldn’t be calling this directly. This takes responses from the server and parses them. It also checks for errors and raises exceptions with the appropriate messages.
97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 |
# File 'lib/dropbox_sdk.rb', line 97 def self.parse_response(response, raw=false) # :nodoc: if response.kind_of?(Net::HTTPServerError) raise DropboxError.new("Dropbox Server Error: #{response} - #{response.body}", response) elsif response.kind_of?(Net::HTTPUnauthorized) raise DropboxAuthError.new("User is not authenticated.", response) elsif not response.kind_of?(Net::HTTPSuccess) begin d = JSON.parse(response.body) rescue raise DropboxError.new("Dropbox Server Error: body=#{response.body}", response) end if d['user_error'] and d['error'] raise DropboxError.new(d['error'], response, d['user_error']) #user_error is translated elsif d['error'] raise DropboxError.new(d['error'], response) else raise DropboxError.new(response.body, response) end end return response.body if raw begin return JSON.parse(response.body) rescue JSON::ParserError raise DropboxError.new("Unable to parse JSON response: #{response.body}", response) end end |
.safe_string_equals(a, b) ⇒ Object
A string comparison function that is resistant to timing attacks. If you’re comparing a string you got from the outside world with a string that is supposed to be a secret, use this function to check equality.
129 130 131 132 133 134 135 |
# File 'lib/dropbox_sdk.rb', line 129 def self.safe_string_equals(a, b) if a.length != b.length false else a.chars.zip(b.chars).map {|ac,bc| ac == bc}.all? end end |
.verify_ssl_certificate(preverify_ok, ssl_context) ⇒ Object
35 36 37 38 39 40 41 |
# File 'lib/dropbox_sdk.rb', line 35 def self.verify_ssl_certificate(preverify_ok, ssl_context) if preverify_ok != true || ssl_context.error != 0 err_msg = "SSL Verification failed -- Preverify: #{preverify_ok}, Error: #{ssl_context.error_string} (#{ssl_context.error})" raise OpenSSL::SSL::SSLError.new(err_msg) end true end |