Merge branch 'master' into rails5m

* master:
  Log errors captured by the JSON api
  Properly handle routing errors
  Pass through non-JSON api errors
  Broaden error detail environments
  Port the public exceptions injection
  Add wrapping of `ActiveRecord::RecordNotFound`
  Move class method and add module access control
  Fix 🐛 with message format
  Copy helpful comments about original source
  don't store a reference to the User class

Author: csexton

lib/kracken.rb

@@ -9,6 +9,7 @@
 require "kracken/credential_authenticator"
 require "kracken/authenticator"
 require "kracken/registration"
+require "kracken/railtie" if defined?(Rails)
 
 module Kracken
   mattr_accessor :config

lib/kracken/config.rb

@@ -3,12 +3,16 @@ class Config
     attr_accessor :app_id, :app_secret
     attr_writer :provider_url, :user_class
 
+    def initialize
+      @user_class = nil
+    end
+
     def provider_url
       @provider_url ||= PROVIDER_URL
     end
 
     def user_class
-      @user_class ||= ::User
+      @user_class || ::User
     end
   end
 end

lib/kracken/controllers/json_api_compatible.rb

@@ -2,7 +2,6 @@ module Kracken
   module Controllers
     module JsonApiCompatible
 
-
       module MungeAndMirror
         # Wraps the data root in an Array, if it is not already an Array. This
         # will not wrap the value if the resource root is not present.
@@ -122,7 +121,29 @@ def resource_type
       end
       include VirtualAttributes
 
+      def self.included(base)
+        base.instance_exec do
+          extend Macros
+
+          before_action :munge_chained_param_ids!
+          skip_before_action :verify_authenticity_token
+
+          if defined?(::ActiveRecord)
+            rescue_from ::ActiveRecord::RecordNotFound do |error|
+              # In order to use named captures we need to use an inline regex
+              # on the LHS.
+              #
+              # Source: http://rubular.com/r/NoQ4SZMav4
+              /Couldn't find( all)? (?<resource>\w+) with 'id'.?( \()?(?<ids>[,\s\w]+)\)?/ =~ error.message
+              resource = resource.underscore.pluralize
+              raise ResourceNotFound.new(resource, ids.strip)
+            end
+          end
+        end
+      end
+
     # Common Actions Necessary in JSON API controllers
+    module_function
 
       # Wrap a block in an Active Record transaction
       #

lib/kracken/controllers/token_authenticatable.rb

@@ -13,6 +13,10 @@ def self.included(base)
         end
       end
 
+      # Customize the `authenticate_or_request_with_http_token` process:
+      # http://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token/ControllerMethods.html#method-i-request_http_token_authentication
+      #
+      # Modified from https://github.com/rails/rails/blob/60d0aec7/actionpack/lib/action_controller/metal/http_authentication.rb#L490-L499
       if Rails::VERSION::MAJOR >= 5
         def request_http_token_authentication(realm = 'Application', message = nil)
           headers["WWW-Authenticate"] = %(Token realm="#{realm.gsub(/"/, "")}")

lib/kracken/error.rb

@@ -17,7 +17,7 @@ def initialize(resource, missing_ids)
       @missing_ids = Array(missing_ids)
       @resource    = resource
       super(
-        "Couldn't find #{resource} with id(s): #{missing_ids.join(', ')}"
+        "Couldn't find #{@resource} with id(s): #{@missing_ids.join(', ')}"
       )
     end
   end

lib/kracken/json_api/public_exceptions.rb

@@ -1,16 +1,67 @@
 module Kracken
   module JsonApi
+    # Error logging methods used by `ActionDispatch::DebugExceptions`
+    # https://github.com/rails/rails/blob/v4.2.6/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb
+    module ErrorLogging
+      def log_error(env, wrapper)
+        logger = logger(env)
+        return unless logger
+
+        exception = wrapper.exception
+
+        trace = wrapper.application_trace
+        trace = wrapper.framework_trace if trace.empty?
+
+        ActiveSupport::Deprecation.silence do
+          message = "\n#{exception.class} (#{exception.message}):\n"
+          message << exception.annoted_source_code.to_s if exception.respond_to?(:annoted_source_code)
+          message << "  " << trace.join("\n  ")
+          logger.fatal("#{message}\n\n")
+        end
+      end
+
+      def logger(env)
+        env['action_dispatch.logger'] || stderr_logger
+      end
+
+      def stderr_logger
+        @stderr_logger ||= ActiveSupport::Logger.new($stderr)
+      end
+    end
+
     class PublicExceptions
-      attr_reader :app
+      include ErrorLogging
+
       def initialize(app)
         @app = app
       end
 
       def call(env)
-        app.call(env)
+        if JsonApi.has_path?(JsonApi::Request.new(env))
+          capture_error(env)
+        else
+          @app.call(env)
+        end
+      end
+
+      # Use similar logic to how `ActionDispatch::DebugExceptions` captures
+      # routing errors.
+      # https://github.com/rails/rails/blob/v4.2.6/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb
+      def capture_error(env)
+        _, headers, body = response = @app.call(env)
+
+        if headers['X-Cascade'] == 'pass'
+          body.close if body.respond_to?(:close)
+          raise ActionController::RoutingError,
+                "No route matches [#{env['REQUEST_METHOD']}] " \
+                "#{env['PATH_INFO'].inspect}"
+        end
+
+        response
       rescue Exception => exception
-        raise exception unless JsonApi.has_path?(JsonApi::Request.new(env))
-        render_json_error(ExceptionWrapper.new(env, exception))
+        wrapper = ExceptionWrapper.new(env, exception)
+        log_error(env, wrapper)
+        render_json_error(wrapper)
       end
 
       if Rails.env.production?
@@ -27,8 +78,8 @@ def additional_details(error)
 
       def show_error_details?(wrapper)
         wrapper.is_details_exception? ||
-          ( Rails.application.config.consider_all_requests_local &&
-            wrapper.status_code == 500)
+          Rails.application.config.consider_all_requests_local ||
+          (Rails.env.test? && wrapper.status_code == 500)
       end
 
       def error_as_json(wrapper)

lib/kracken/railtie.rb

@@ -0,0 +1,11 @@
+require "kracken/json_api"
+
+module Kracken
+  # Railtie to hook into Rails.
+  class Railtie < ::Rails::Railtie
+    initializer "kracken.json_api.public_exceptions" do |app|
+      app.middleware.insert_after ActionDispatch::DebugExceptions,
+                                  ::Kracken::JsonApi::PublicExceptions
+    end
+  end
+end