Class: Figo::HTTPS

Inherits:

Net::HTTP::Persistent

Object
Net::HTTP::Persistent
Figo::HTTPS

show all

Defined in:: lib/helpers/https.rb

Overview

HTTPS class with certificate authentication and enhanced error handling.

Instance Method Summary collapse

#initialize(name = nil, proxy = nil, fingerprints) ⇒ HTTPS constructor

Overwrite ‘initialize` method from `Net::HTTP::Persistent`.
#request(uri, req = nil, &block) ⇒ Object

Overwrite ‘request` method from `Net::HTTP::Persistent`.

Constructor Details

#initialize(name = nil, proxy = nil, fingerprints) ⇒ `HTTPS`

Overwrite ‘initialize` method from `Net::HTTP::Persistent`.

Verify fingerprints of server SSL/TLS certificates.

# File 'lib/helpers/https.rb', line 8

def initialize(name = nil, proxy = nil, fingerprints)
  super(name: name, proxy: proxy)

  # Attribute ca_file must be set, otherwise verify_callback would never be called.
  @ca_file = "lib/cacert.pem"
  @verify_callback = proc do |preverify_ok, store_context|
    if preverify_ok and store_context.error == 0
      certificate = OpenSSL::X509::Certificate.new(store_context.chain[0])
      fingerprint = Digest::SHA256.hexdigest(certificate.to_der).upcase.scan(/../).join(":")
      fingerprints.include?(fingerprint)
    else
      false
    end
  end
end

Instance Method Details

#request(uri, req = nil, &block) ⇒ `Object`

Overwrite ‘request` method from `Net::HTTP::Persistent`.

Raise error when a REST API error is returned.

# File 'lib/helpers/https.rb', line 27

def request(uri, req = nil, &block)
  response = super(uri, req, &block)

  # Evaluate HTTP response.
  case response
    when Net::HTTPSuccess
      return response
    when Net::HTTPBadRequest
      hash = JSON.parse(response.body)
      raise Error.new(hash["error"], hash["error"]["description"])
    when Net::HTTPUnauthorized
      raise Error.new("unauthorized", "Missing, invalid or expired access token.")
    when Net::HTTPForbidden
      raise Error.new("forbidden", "Insufficient permission.")
    when Net::HTTPNotFound
      return nil
    when Net::HTTPMethodNotAllowed
      raise Error.new("method_not_allowed", "Unexpected request method.")
    when Net::HTTPServiceUnavailable
      raise Error.new("service_unavailable", "Exceeded rate limit.")
    else
      raise Error.new("internal_server_error", "We are very sorry, but something went wrong.")
  end
end