authbox 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e141dfb9225bbe2ab57222f2a20c8ccffc55470a
+  data.tar.gz: b344c19419a40d1dc730b638c35c19fd79ad8ec9
+SHA512:
+  metadata.gz: df7933e149fe281b4be2b2044c9cb3e5f3555d10471da2bd9561c3e3fa2d7a600bfabde2ce6ccb0ada9ab18b16f7d022c7408720e6b534f24a9d7d30a1437f32
+  data.tar.gz: cfc3346953eede700e6f5ed4f5764ac24982b5e893eb22cd09e0e7b8f919594df2ccccafda980e2081c6003e189f80e7b5a80e955c338d510722e7eb5c690e5d

data/lib/authbox.rb

@@ -0,0 +1,196 @@
+require 'active_support/concern'
+require 'digest'
+require 'json'
+require 'net/http'
+require 'securerandom'
+require 'thread'
+require 'thread/pool'
+require 'uri'
+
+##
+# This module adds support for Authbox to your Rails controller. We recommend
+# you add it to +app/controllers/application_controller.rb+ like this:
+#
+#   require 'authbox'
+#
+#   class ApplicationController < ActionController::Base
+#    include Authbox
+#   end
+#
+# Once this is included in your controller, you'll need to add your credentials.
+# Add them to config/application.rb like this:
+#
+#   config.authbox = {
+#     :api_key => 'yourApiKey',
+#     :secret_key => 'yourSecret'
+#   }
+#
+# That's it! Authbox can start logging basic metadata immediately.
+#
+# To get the most out of Authbox you should tell us who your users are. You do
+# this by overriding the authbox_get_request_data() method on the controller.
+# Here's how you would tell Authbox about your users while using Devise:
+#
+#   class ApplicationController < ActionController::Base
+#     include Authbox
+#
+#     def authbox_get_request_data
+#       return {
+#         '$user' => {
+#           '$creationTime' => current_user.created_at,
+#           '$userIDs' => [
+#             {'$type' => '$email', '$key' => current_user.email}
+#           ]
+#         }
+#       }
+#     end
+#   end
+
+module Authbox
+  extend ActiveSupport::Concern
+
+  ##
+  # Report a custom action to Authbox.
+  # If this is not called during a request, an $unknown action
+  # will be logged. See the documentation for what information
+  # you can pass here in the features hash.
+  def authbox_log(features={})
+    return authbox_request(features, true)
+  end
+
+  ##
+  # Override me to inject a custom HTTP POST library
+  def authbox_post_form(uri, body)
+    req = Net::HTTP::Post.new(uri.path, initheader = {'Content-Type' =>'application/json'})
+    req.body = body.to_json
+
+    return Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
+      begin
+        http.request(req)
+      rescue => e
+        logger.warn 'AUTHBOX: HTTP request error: #{e}'
+      end
+    end
+  end
+
+  ##
+  # Override me to return additional data for the request
+  # (like the user)
+  def authbox_get_request_data
+    return {}
+  end
+
+  private
+
+  def self.authbox_pool
+    if @authbox_pool.nil?
+      @authbox_pool = Thread.pool(Rails.configuration.authbox[:threads] || 5)
+    end
+    return @authbox_pool
+  end
+
+  def authbox_get_cookie(cookie_type)
+    sha256 = Digest::SHA256.new
+    return sha256.hexdigest(
+      'authbox:' + cookie_type + ':' + Rails.configuration.authbox[:api_key]
+    )
+  end
+
+  def authbox_get_endpoint
+    return Rails.configuration.authbox[:endpoint] || 'https://api.authbox.io/api'
+  end
+
+  def authbox_request(features, async)
+    if @authbox_requested
+      logger.warn 'authbox_log() already called'
+      return
+    end
+
+    @authbox_requested = true
+
+    cookie_name = authbox_get_cookie('local_machine_id')
+
+    if cookies[cookie_name].blank?
+      local_machine_id = SecureRandom.hex(32)
+      @authbox_insert_pixel = true
+    else
+      local_machine_id = cookies[cookie_name]
+    end
+
+    cookies[cookie_name] = {
+      :value => local_machine_id,
+      :expires => 2.years.from_now,
+      :httponly => true,
+      :domain => :all
+    }
+
+    if cookies[authbox_get_cookie('did_get_pixel')].blank?
+      @authbox_insert_pixel = true
+    end
+
+    remote_ip = request.remote_ip
+
+    body = {
+      '$actionName' => '$unknown',
+      '$localMachineID' => local_machine_id,
+      '$userAgent' => request.user_agent,
+      '$ipAddress' => remote_ip,
+      '$apiKey' => Rails.configuration.authbox[:api_key],
+      '$secretKey' => Rails.configuration.authbox[:secret_key]
+    }
+
+    body.merge!(authbox_get_request_data())
+    body.merge!(features)
+
+    base_uri = authbox_get_endpoint()
+    uri = URI(base_uri + '/action')
+
+    if async
+      Authbox.authbox_pool.process do
+        authbox_post_form(uri, body)
+      end
+      return
+    end
+
+    response = authbox_post_form(uri, body)
+
+    begin
+      return JSON.parse(response.body)
+    rescue => e
+      logger.warn "AUTHBOX: Error decoding body: #{e}"
+
+      # Fail open
+      return {'type' => 'ALLOW', 'info' => 'Error from server'}
+    end
+  end
+
+  included do
+    before_filter :authbox_before
+    after_filter :authbox_after
+  end
+
+  def authbox_before
+    @authbox_requested = false
+    @authbox_insert_pixel = rand() < 0.01
+  end
+
+  def authbox_after
+    if not @authbox_requested
+      authbox_log({})
+
+      if @authbox_insert_pixel and Rails.configuration.authbox.fetch(:enable_tracking_pixel, true)
+        endpoint = authbox_get_endpoint()
+        local_machine_id = cookies[authbox_get_cookie('local_machine_id')]
+        pixel_markup = "<iframe src='#{endpoint}/pixel?LMID=#{local_machine_id}' width='0' height='0' style='border: none' />"
+
+        prev_length = response.body.length
+        response.body = response.body.gsub(/(<\/body>)/i, pixel_markup + '\1')
+
+        if response.body.length > prev_length
+          # we actually inserted the pixel, so send the cookie
+          cookies[authbox_get_cookie('did_get_pixel')] = '1'
+        end
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,84 @@
+--- !ruby/object:Gem::Specification
+name: authbox
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Authbox, Inc.
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-11-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: thread
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.4
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.4
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.4
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.1.2
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.1.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.1.2
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.1.2
+description: Authbox client
+email: pete@authbox.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/authbox.rb
+homepage: http://authbox.io/
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Authbox
+test_files: []