authbox 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/authbox.rb +196 -0
- metadata +84 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: e141dfb9225bbe2ab57222f2a20c8ccffc55470a
|
4
|
+
data.tar.gz: b344c19419a40d1dc730b638c35c19fd79ad8ec9
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: df7933e149fe281b4be2b2044c9cb3e5f3555d10471da2bd9561c3e3fa2d7a600bfabde2ce6ccb0ada9ab18b16f7d022c7408720e6b534f24a9d7d30a1437f32
|
7
|
+
data.tar.gz: cfc3346953eede700e6f5ed4f5764ac24982b5e893eb22cd09e0e7b8f919594df2ccccafda980e2081c6003e189f80e7b5a80e955c338d510722e7eb5c690e5d
|
data/lib/authbox.rb
ADDED
@@ -0,0 +1,196 @@
|
|
1
|
+
require 'active_support/concern'
|
2
|
+
require 'digest'
|
3
|
+
require 'json'
|
4
|
+
require 'net/http'
|
5
|
+
require 'securerandom'
|
6
|
+
require 'thread'
|
7
|
+
require 'thread/pool'
|
8
|
+
require 'uri'
|
9
|
+
|
10
|
+
##
|
11
|
+
# This module adds support for Authbox to your Rails controller. We recommend
|
12
|
+
# you add it to +app/controllers/application_controller.rb+ like this:
|
13
|
+
#
|
14
|
+
# require 'authbox'
|
15
|
+
#
|
16
|
+
# class ApplicationController < ActionController::Base
|
17
|
+
# include Authbox
|
18
|
+
# end
|
19
|
+
#
|
20
|
+
# Once this is included in your controller, you'll need to add your credentials.
|
21
|
+
# Add them to config/application.rb like this:
|
22
|
+
#
|
23
|
+
# config.authbox = {
|
24
|
+
# :api_key => 'yourApiKey',
|
25
|
+
# :secret_key => 'yourSecret'
|
26
|
+
# }
|
27
|
+
#
|
28
|
+
# That's it! Authbox can start logging basic metadata immediately.
|
29
|
+
#
|
30
|
+
# To get the most out of Authbox you should tell us who your users are. You do
|
31
|
+
# this by overriding the authbox_get_request_data() method on the controller.
|
32
|
+
# Here's how you would tell Authbox about your users while using Devise:
|
33
|
+
#
|
34
|
+
# class ApplicationController < ActionController::Base
|
35
|
+
# include Authbox
|
36
|
+
#
|
37
|
+
# def authbox_get_request_data
|
38
|
+
# return {
|
39
|
+
# '$user' => {
|
40
|
+
# '$creationTime' => current_user.created_at,
|
41
|
+
# '$userIDs' => [
|
42
|
+
# {'$type' => '$email', '$key' => current_user.email}
|
43
|
+
# ]
|
44
|
+
# }
|
45
|
+
# }
|
46
|
+
# end
|
47
|
+
# end
|
48
|
+
|
49
|
+
module Authbox
|
50
|
+
extend ActiveSupport::Concern
|
51
|
+
|
52
|
+
##
|
53
|
+
# Report a custom action to Authbox.
|
54
|
+
# If this is not called during a request, an $unknown action
|
55
|
+
# will be logged. See the documentation for what information
|
56
|
+
# you can pass here in the features hash.
|
57
|
+
def authbox_log(features={})
|
58
|
+
return authbox_request(features, true)
|
59
|
+
end
|
60
|
+
|
61
|
+
##
|
62
|
+
# Override me to inject a custom HTTP POST library
|
63
|
+
def authbox_post_form(uri, body)
|
64
|
+
req = Net::HTTP::Post.new(uri.path, initheader = {'Content-Type' =>'application/json'})
|
65
|
+
req.body = body.to_json
|
66
|
+
|
67
|
+
return Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
|
68
|
+
begin
|
69
|
+
http.request(req)
|
70
|
+
rescue => e
|
71
|
+
logger.warn 'AUTHBOX: HTTP request error: #{e}'
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
##
|
77
|
+
# Override me to return additional data for the request
|
78
|
+
# (like the user)
|
79
|
+
def authbox_get_request_data
|
80
|
+
return {}
|
81
|
+
end
|
82
|
+
|
83
|
+
private
|
84
|
+
|
85
|
+
def self.authbox_pool
|
86
|
+
if @authbox_pool.nil?
|
87
|
+
@authbox_pool = Thread.pool(Rails.configuration.authbox[:threads] || 5)
|
88
|
+
end
|
89
|
+
return @authbox_pool
|
90
|
+
end
|
91
|
+
|
92
|
+
def authbox_get_cookie(cookie_type)
|
93
|
+
sha256 = Digest::SHA256.new
|
94
|
+
return sha256.hexdigest(
|
95
|
+
'authbox:' + cookie_type + ':' + Rails.configuration.authbox[:api_key]
|
96
|
+
)
|
97
|
+
end
|
98
|
+
|
99
|
+
def authbox_get_endpoint
|
100
|
+
return Rails.configuration.authbox[:endpoint] || 'https://api.authbox.io/api'
|
101
|
+
end
|
102
|
+
|
103
|
+
def authbox_request(features, async)
|
104
|
+
if @authbox_requested
|
105
|
+
logger.warn 'authbox_log() already called'
|
106
|
+
return
|
107
|
+
end
|
108
|
+
|
109
|
+
@authbox_requested = true
|
110
|
+
|
111
|
+
cookie_name = authbox_get_cookie('local_machine_id')
|
112
|
+
|
113
|
+
if cookies[cookie_name].blank?
|
114
|
+
local_machine_id = SecureRandom.hex(32)
|
115
|
+
@authbox_insert_pixel = true
|
116
|
+
else
|
117
|
+
local_machine_id = cookies[cookie_name]
|
118
|
+
end
|
119
|
+
|
120
|
+
cookies[cookie_name] = {
|
121
|
+
:value => local_machine_id,
|
122
|
+
:expires => 2.years.from_now,
|
123
|
+
:httponly => true,
|
124
|
+
:domain => :all
|
125
|
+
}
|
126
|
+
|
127
|
+
if cookies[authbox_get_cookie('did_get_pixel')].blank?
|
128
|
+
@authbox_insert_pixel = true
|
129
|
+
end
|
130
|
+
|
131
|
+
remote_ip = request.remote_ip
|
132
|
+
|
133
|
+
body = {
|
134
|
+
'$actionName' => '$unknown',
|
135
|
+
'$localMachineID' => local_machine_id,
|
136
|
+
'$userAgent' => request.user_agent,
|
137
|
+
'$ipAddress' => remote_ip,
|
138
|
+
'$apiKey' => Rails.configuration.authbox[:api_key],
|
139
|
+
'$secretKey' => Rails.configuration.authbox[:secret_key]
|
140
|
+
}
|
141
|
+
|
142
|
+
body.merge!(authbox_get_request_data())
|
143
|
+
body.merge!(features)
|
144
|
+
|
145
|
+
base_uri = authbox_get_endpoint()
|
146
|
+
uri = URI(base_uri + '/action')
|
147
|
+
|
148
|
+
if async
|
149
|
+
Authbox.authbox_pool.process do
|
150
|
+
authbox_post_form(uri, body)
|
151
|
+
end
|
152
|
+
return
|
153
|
+
end
|
154
|
+
|
155
|
+
response = authbox_post_form(uri, body)
|
156
|
+
|
157
|
+
begin
|
158
|
+
return JSON.parse(response.body)
|
159
|
+
rescue => e
|
160
|
+
logger.warn "AUTHBOX: Error decoding body: #{e}"
|
161
|
+
|
162
|
+
# Fail open
|
163
|
+
return {'type' => 'ALLOW', 'info' => 'Error from server'}
|
164
|
+
end
|
165
|
+
end
|
166
|
+
|
167
|
+
included do
|
168
|
+
before_filter :authbox_before
|
169
|
+
after_filter :authbox_after
|
170
|
+
end
|
171
|
+
|
172
|
+
def authbox_before
|
173
|
+
@authbox_requested = false
|
174
|
+
@authbox_insert_pixel = rand() < 0.01
|
175
|
+
end
|
176
|
+
|
177
|
+
def authbox_after
|
178
|
+
if not @authbox_requested
|
179
|
+
authbox_log({})
|
180
|
+
|
181
|
+
if @authbox_insert_pixel and Rails.configuration.authbox.fetch(:enable_tracking_pixel, true)
|
182
|
+
endpoint = authbox_get_endpoint()
|
183
|
+
local_machine_id = cookies[authbox_get_cookie('local_machine_id')]
|
184
|
+
pixel_markup = "<iframe src='#{endpoint}/pixel?LMID=#{local_machine_id}' width='0' height='0' style='border: none' />"
|
185
|
+
|
186
|
+
prev_length = response.body.length
|
187
|
+
response.body = response.body.gsub(/(<\/body>)/i, pixel_markup + '\1')
|
188
|
+
|
189
|
+
if response.body.length > prev_length
|
190
|
+
# we actually inserted the pixel, so send the cookie
|
191
|
+
cookies[authbox_get_cookie('did_get_pixel')] = '1'
|
192
|
+
end
|
193
|
+
end
|
194
|
+
end
|
195
|
+
end
|
196
|
+
end
|
metadata
ADDED
@@ -0,0 +1,84 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: authbox
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Authbox, Inc.
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-11-20 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: thread
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 0.1.4
|
20
|
+
- - ">="
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: 0.1.4
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
requirements:
|
27
|
+
- - "~>"
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 0.1.4
|
30
|
+
- - ">="
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 0.1.4
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
name: rdoc
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
36
|
+
requirements:
|
37
|
+
- - "~>"
|
38
|
+
- !ruby/object:Gem::Version
|
39
|
+
version: 4.1.2
|
40
|
+
- - ">="
|
41
|
+
- !ruby/object:Gem::Version
|
42
|
+
version: 4.1.2
|
43
|
+
type: :development
|
44
|
+
prerelease: false
|
45
|
+
version_requirements: !ruby/object:Gem::Requirement
|
46
|
+
requirements:
|
47
|
+
- - "~>"
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
version: 4.1.2
|
50
|
+
- - ">="
|
51
|
+
- !ruby/object:Gem::Version
|
52
|
+
version: 4.1.2
|
53
|
+
description: Authbox client
|
54
|
+
email: pete@authbox.io
|
55
|
+
executables: []
|
56
|
+
extensions: []
|
57
|
+
extra_rdoc_files: []
|
58
|
+
files:
|
59
|
+
- lib/authbox.rb
|
60
|
+
homepage: http://authbox.io/
|
61
|
+
licenses:
|
62
|
+
- MIT
|
63
|
+
metadata: {}
|
64
|
+
post_install_message:
|
65
|
+
rdoc_options: []
|
66
|
+
require_paths:
|
67
|
+
- lib
|
68
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
69
|
+
requirements:
|
70
|
+
- - ">="
|
71
|
+
- !ruby/object:Gem::Version
|
72
|
+
version: '0'
|
73
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
74
|
+
requirements:
|
75
|
+
- - ">="
|
76
|
+
- !ruby/object:Gem::Version
|
77
|
+
version: '0'
|
78
|
+
requirements: []
|
79
|
+
rubyforge_project:
|
80
|
+
rubygems_version: 2.2.2
|
81
|
+
signing_key:
|
82
|
+
specification_version: 4
|
83
|
+
summary: Authbox
|
84
|
+
test_files: []
|