Module: Gem::GemcutterUtilities

Includes:
Text
Included in:
Commands::OwnerCommand, Commands::PushCommand, Commands::SigninCommand, Commands::YankCommand
Defined in:
lib/rubygems/gemcutter_utilities.rb

Overview

Utility methods for using the RubyGems API.

Constant Summary collapse

ERROR_CODE = 
1
API_SCOPES = 
%i[index_rubygems push_rubygem yank_rubygem add_owner remove_owner access_webhooks show_dashboard].freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Text

#clean_text, #format_text, #levenshtein_distance, #min3, #truncate_text

Instance Attribute Details

#hostObject

The host to connect to either from the RUBYGEMS_HOST environment variable or from the user’s configuration



58
59
60
61
62
63
64
65
66
67
68
69
70
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 58

def host
  configured_host = Gem.host unless
    Gem.configuration.disable_default_gem_server

  @host ||=
    begin
      env_rubygems_host = ENV['RUBYGEMS_HOST']
      env_rubygems_host = nil if
        env_rubygems_host and env_rubygems_host.empty?

      env_rubygems_host || configured_host
    end
end

#scope=(value) ⇒ Object (writeonly)

Sets the attribute scope

Parameters:

  • value

    the value to set the attribute scope to.



16
17
18
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 16

def scope=(value)
  @scope = value
end

Instance Method Details

#add_key_optionObject

Add the –key option



21
22
23
24
25
26
27
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 21

def add_key_option
  add_option('-k', '--key KEYNAME', Symbol,
             'Use the given API key',
             "from #{Gem.configuration.credentials_path}") do |value,options|
    options[:key] = value
  end
end

#add_otp_optionObject

Add the –otp option



32
33
34
35
36
37
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 32

def add_otp_option
  add_option('--otp CODE',
             'Digit code for multifactor authentication') do |value, options|
    options[:otp] = value
  end
end

#api_keyObject

The API key from the command options or from the user’s configuration.



42
43
44
45
46
47
48
49
50
51
52
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 42

def api_key
  if ENV["GEM_HOST_API_KEY"]
    ENV["GEM_HOST_API_KEY"]
  elsif options[:key]
    verify_api_key options[:key]
  elsif Gem.configuration.api_keys.key?(host)
    Gem.configuration.api_keys[host]
  else
    Gem.configuration.rubygems_api_key
  end
end

#mfa_unauthorized?(response) ⇒ Boolean

Returns:

  • (Boolean) 


112
113
114
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 112

def mfa_unauthorized?(response)
  response.kind_of?(Net::HTTPUnauthorized) && response.body.start_with?('You have enabled multifactor authentication')
end

#rubygems_api_request(method, path, host = nil, allowed_push_host = nil, scope: nil, &block) ⇒ Object

Creates an RubyGems API to host and path with the given HTTP method.

If allowed_push_host metadata is present, then it will only allow that host.



77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 77

def rubygems_api_request(method, path, host = nil, allowed_push_host = nil, scope: nil, &block)
  require 'net/http'

  self.host = host if host
  unless self.host
    alert_error "You must specify a gem server"
    terminate_interaction(ERROR_CODE)
  end

  if allowed_push_host
    allowed_host_uri = URI.parse(allowed_push_host)
    host_uri         = URI.parse(self.host)

    unless (host_uri.scheme == allowed_host_uri.scheme) && (host_uri.host == allowed_host_uri.host)
      alert_error "#{self.host.inspect} is not allowed by the gemspec, which only allows #{allowed_push_host.inspect}"
      terminate_interaction(ERROR_CODE)
    end
  end

  uri = URI.parse "#{self.host}/#{path}"
  response = request_with_otp(method, uri, &block)

  if mfa_unauthorized?(response)
    ask_otp
    response = request_with_otp(method, uri, &block)
  end

  if api_key_forbidden?(response)
    update_scope(scope)
    request_with_otp(method, uri, &block)
  else
    response
  end
end

#set_api_key(host, key) ⇒ Object

Returns true when the user has enabled multifactor authentication from response text and no otp provided by options.



213
214
215
216
217
218
219
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 213

def set_api_key(host, key)
  if host == Gem::DEFAULT_HOST
    Gem.configuration.rubygems_api_key = key
  else
    Gem.configuration.set_api_key host, key
  end
end

#sign_in(sign_in_host = nil, scope: nil) ⇒ Object

Signs in with the RubyGems API at sign_in_host and sets the rubygems API key.



142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 142

def ( = nil, scope: nil)
   ||= self.host
  return if api_key

  pretty_host = pretty_host()

  say "Enter your #{pretty_host} credentials."
  say "Don't have an account yet? " +
      "Create one at #{}/sign_up"

  email = ask "   Email: "
  password = ask_for_password "Password: "
  say "\n"

  key_name     = get_key_name(scope)
  scope_params = get_scope_params(scope)

  response = rubygems_api_request(:post, "api/v1/api_key",
                                  , scope: scope) do |request|
    request.basic_auth email, password
    request["OTP"] = options[:otp] if options[:otp]
    request.body = URI.encode_www_form({ name: key_name }.merge(scope_params))
  end

  with_response response do |resp|
    say "Signed in with API key: #{key_name}."
    set_api_key host, resp.body
  end
end

#update_scope(scope) ⇒ Object 



116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 116

def update_scope(scope)
          = self.host
  pretty_host         = pretty_host()
  update_scope_params = { scope => true }

  say "The existing key doesn't have access of #{scope} on #{pretty_host}. Please sign in to update access."

  email    = ask "   Email: "
  password = ask_for_password "Password: "

  response = rubygems_api_request(:put, "api/v1/api_key",
                                  , scope: scope) do |request|
    request.basic_auth email, password
    request["OTP"] = options[:otp] if options[:otp]
    request.body = URI.encode_www_form({:api_key => api_key }.merge(update_scope_params))
  end

  with_response response do |resp|
    say "Added #{scope} scope to the existing API key"
  end
end

#verify_api_key(key) ⇒ Object

Retrieves the pre-configured API key key or terminates interaction with an error.



176
177
178
179
180
181
182
183
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 176

def verify_api_key(key)
  if Gem.configuration.api_keys.key? key
    Gem.configuration.api_keys[key]
  else
    alert_error "No such API key. Please add it to your configuration (done automatically on initial `gem push`)."
    terminate_interaction(ERROR_CODE)
  end
end

#with_response(response, error_prefix = nil) ⇒ Object

If response is an HTTP Success (2XX) response, yields the response if a block was given or shows the response body to the user.

If the response was not successful, shows an error to the user including the error_prefix and the response body.



192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
 
# File 'lib/rubygems/gemcutter_utilities.rb', line 192

def with_response(response, error_prefix = nil)
  case response
  when Net::HTTPSuccess then
    if block_given?
      yield response
    else
      say clean_text(response.body)
    end
  else
    message = response.body
    message = "#{error_prefix}: #{message}" if error_prefix

    say clean_text(message)
    terminate_interaction(ERROR_CODE)
  end
end