castle-rb 4.1.0 → 6.0.0

data/lib/castle/api/request.rb

@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  module API
-    # this class is responsible for making requests to api
-    module Request
-      # Default headers that we add to passed ones
-      DEFAULT_HEADERS = {
-        'Content-Type' => 'application/json'
-      }.freeze
-
-      private_constant :DEFAULT_HEADERS
-
-      class << self
-        def call(command, api_secret, headers)
-          Castle::API::Session.get.request(
-            build(
-              command,
-              headers.merge(DEFAULT_HEADERS),
-              api_secret
-            )
-          )
-        end
-
-        def build(command, headers, api_secret)
-          request_obj = Net::HTTP.const_get(
-            command.method.to_s.capitalize
-          ).new("#{Castle.config.url_prefix}/#{command.path}", headers)
-
-          unless command.method == :get
-            request_obj.body = ::Castle::Utils.replace_invalid_characters(
-              command.data
-            ).to_json
-          end
-
-          request_obj.basic_auth('', api_secret)
-          request_obj
-        end
-      end
-    end
-  end
-end

data/lib/castle/api/session.rb

@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-require 'singleton'
-
-module Castle
-  module API
-    # this class keeps http config object
-    # and provides start/finish methods for persistent connection usage
-    # when there is a need of sending multiple requests at once
-    class Session
-      include Singleton
-
-      attr_accessor :http
-
-      def initialize
-        reset
-      end
-
-      def reset
-        @http = Net::HTTP.new(Castle.config.host, Castle.config.port)
-        @http.read_timeout = Castle.config.request_timeout / 1000.0
-
-        if Castle.config.port == 443
-          @http.use_ssl = true
-          @http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        end
-
-        @http
-      end
-
-      class << self
-        # @return [Net::HTTP]
-        def get
-          instance.http
-        end
-      end
-    end
-  end
-end

data/lib/castle/commands/impersonate.rb

@@ -1,26 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  module Commands
-    # builder for impersonate command
-    class Impersonate
-      def initialize(context)
-        @context = context
-      end
-
-      def build(options = {})
-        Castle::Validators::Present.call(options, %i[user_id])
-        context = Castle::Context::Merger.call(@context, options[:context])
-        context = Castle::Context::Sanitizer.call(context)
-
-        Castle::Validators::Present.call(context, %i[user_agent ip])
-
-        Castle::Command.new(
-          'impersonate',
-          options.merge(context: context, sent_at: Castle::Utils::Timestamp.call),
-          options[:reset] ? :delete : :post
-        )
-      end
-    end
-  end
-end

data/lib/castle/extractors/headers.rb

@@ -1,45 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  module Extractors
-    # used for extraction of cookies and headers from the request
-    class Headers
-      # Headers that we will never scrub, even if they land on the configuration blacklist.
-      ALWAYS_WHITELISTED = %w[User-Agent].freeze
-
-      # Headers that will always be scrubbed, even if whitelisted.
-      ALWAYS_BLACKLISTED = %w[Cookie Authorization].freeze
-
-      private_constant :ALWAYS_WHITELISTED, :ALWAYS_BLACKLISTED
-
-      # @param headers [Hash]
-      def initialize(headers)
-        @headers = headers
-        @no_whitelist = Castle.config.whitelisted.empty?
-      end
-
-      # Serialize HTTP headers
-      # @return [Hash]
-      def call
-        @headers.each_with_object({}) do |(name, value), acc|
-          acc[name] = header_value(name, value)
-        end
-      end
-
-      private
-
-      # scrub header value
-      # @param name [String]
-      # @param value [String]
-      # @return [TrueClass | FalseClass | String]
-      def header_value(name, value)
-        return true if ALWAYS_BLACKLISTED.include?(name)
-        return value if ALWAYS_WHITELISTED.include?(name)
-        return true if Castle.config.blacklisted.include?(name)
-        return value if @no_whitelist || Castle.config.whitelisted.include?(name)
-
-        true
-      end
-    end
-  end
-end

data/lib/castle/extractors/ip.rb

@@ -1,68 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  module Extractors
-    # used for extraction of ip from the request
-    class IP
-      # ordered list of ip headers for ip extraction
-      DEFAULT = %w[X-Forwarded-For Client-Ip Remote-Addr].freeze
-      # default header fallback when ip is not found
-      FALLBACK = 'Remote-Addr'
-
-      private_constant :FALLBACK, :DEFAULT
-
-      # @param headers [Hash]
-      def initialize(headers)
-        @headers = headers
-        @ip_headers = Castle.config.ip_headers + DEFAULT
-        @proxies = Castle.config.trusted_proxies + Castle::Configuration::TRUSTED_PROXIES
-      end
-
-      # Order of headers:
-      #   .... list of headers defined by ip_headers
-      #   X-Forwarded-For
-      #   Client-Ip is
-      #   Remote-Addr
-      # @return [String]
-      def call
-        @ip_headers.each do |ip_header|
-          ip_value = calculate_ip(ip_header)
-          return ip_value if ip_value
-        end
-
-        @headers[FALLBACK]
-      end
-
-      private
-
-      # @param header [String]
-      # @return [String]
-      def calculate_ip(header)
-        ips = ips_from(header)
-        remove_proxies(ips).first
-      end
-
-      # @param ips [Array<String>]
-      # @return [Array<String>]
-      def remove_proxies(ips)
-        ips.reject { |ip| proxy?(ip) }
-      end
-
-      # @param ip [String]
-      # @return [Boolean]
-      def proxy?(ip)
-        @proxies.any? { |proxy| proxy.match(ip) }
-      end
-
-      # @param header [String]
-      # @return [Array<String>]
-      def ips_from(header)
-        value = @headers[header]
-
-        return [] unless value
-
-        value.strip.split(/[,\s]+/).reverse
-      end
-    end
-  end
-end

data/lib/castle/failover_auth_response.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  # generate failover authentication response
-  class FailoverAuthResponse
-    def initialize(user_id, strategy: Castle.config.failover_strategy, reason:)
-      @strategy = strategy
-      @reason = reason
-      @user_id = user_id
-    end
-
-    def generate
-      {
-        action: @strategy.to_s,
-        user_id: @user_id,
-        failover: true,
-        failover_reason: @reason
-      }
-    end
-  end
-end

data/lib/castle/headers_filter.rb

@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  # used for preparing valuable headers list
-  class HeadersFilter
-    # headers filter
-    # HTTP_ - this is how Rack prefixes incoming HTTP headers
-    # CONTENT_LENGTH - for responses without Content-Length or Transfer-Encoding header
-    # REMOTE_ADDR - ip address header returned by web server
-    VALUABLE_HEADERS = /^
-      HTTP(?:_|-).*|
-      CONTENT(?:_|-)LENGTH|
-      REMOTE(?:_|-)ADDR
-    $/xi.freeze
-
-    private_constant :VALUABLE_HEADERS
-
-    # @param request [Rack::Request]
-    def initialize(request)
-      @request_env = request.env
-      @formatter = HeadersFormatter
-    end
-
-    # Serialize HTTP headers
-    # @return [Hash]
-    def call
-      @request_env.keys.each_with_object({}) do |header_name, acc|
-        next unless header_name.match(VALUABLE_HEADERS)
-
-        formatted_name = @formatter.call(header_name)
-        acc[formatted_name] = @request_env[header_name]
-      end
-    end
-  end
-end

data/lib/castle/headers_formatter.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  # formats header name
-  class HeadersFormatter
-    class << self
-      # @param header [String]
-      # @return [String]
-      def call(header)
-        format(header.to_s.gsub(/^HTTP(?:_|-)/i, ''))
-      end
-
-      private
-
-      # @param header [String]
-      # @return [String]
-      def format(header)
-        header.split(/_|-/).map(&:capitalize).join('-')
-      end
-    end
-  end
-end

data/lib/castle/review.rb

@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  class Review
-    def self.retrieve(review_id)
-      Castle::API.request(
-        Castle::Commands::Review.build(review_id)
-      )
-    end
-  end
-end

data/lib/castle/utils.rb

@@ -1,55 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  module Utils
-    class << self
-      # Returns a new hash with all keys converted to symbols, as long as
-      # they respond to +to_sym+. This includes the keys from the root hash
-      # and from all nested hashes and arrays.
-      #
-      #   hash = { 'person' => { 'name' => 'Rob', 'age' => '28' } }
-      #
-      #   Castle::Hash.deep_symbolize_keys(hash)
-      #   # => {:person=>{:name=>"Rob", :age=>"28"}}
-      def deep_symbolize_keys(object, &block)
-        case object
-        when Hash
-          object.each_with_object({}) do |(key, value), result|
-            result[key.to_sym] = deep_symbolize_keys(value, &block)
-          end
-        when Array
-          object.map { |e| deep_symbolize_keys(e, &block) }
-        else
-          object
-        end
-      end
-
-      def deep_symbolize_keys!(object, &block)
-        case object
-        when Hash
-          object.keys.each do |key|
-            value = object.delete(key)
-            object[key.to_sym] = deep_symbolize_keys!(value, &block)
-          end
-          object
-        when Array
-          object.map! { |e| deep_symbolize_keys!(e, &block) }
-        else
-          object
-        end
-      end
-
-      def replace_invalid_characters(arg)
-        if arg.is_a?(::String)
-          arg.encode('UTF-8', invalid: :replace, undef: :replace)
-        elsif arg.is_a?(::Hash)
-          arg.each_with_object({}) { |(k, v), h| h[k] = replace_invalid_characters(v) }
-        elsif arg.is_a?(::Array)
-          arg.map(&method(:replace_invalid_characters))
-        else
-          arg
-        end
-      end
-    end
-  end
-end

data/lib/castle/utils/cloner.rb

@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  module Utils
-    class Cloner
-      def self.call(object)
-        Marshal.load(Marshal.dump(object))
-      end
-    end
-  end
-end

data/lib/castle/utils/timestamp.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-module Castle
-  module Utils
-    # generates proper timestamp
-    class Timestamp
-      def self.call
-        Time.now.utc.iso8601(3)
-      end
-    end
-  end
-end

data/spec/lib/castle/api/request_spec.rb

@@ -1,72 +0,0 @@
-# frozen_string_literal: true
-
-describe Castle::API::Request do
-  describe '#call' do
-    subject(:call) { described_class.call(command, api_secret, headers) }
-
-    let(:session) { instance_double('Castle::API::Session') }
-    let(:http) { instance_double('Net::HTTP') }
-    let(:command) { Castle::Commands::Track.new({}).build(event: '$login.succeeded') }
-    let(:headers) { {} }
-    let(:api_secret) { 'secret' }
-    let(:request_build) { {} }
-    let(:expected_headers) { { 'Content-Type' => 'application/json' } }
-
-    before do
-      allow(Castle::API::Session).to receive(:instance).and_return(session)
-      allow(session).to receive(:http).and_return(http)
-      allow(http).to receive(:request)
-      allow(described_class).to receive(:build).and_return(request_build)
-      call
-    end
-
-    it do
-      expect(described_class).to have_received(:build).with(command, expected_headers, api_secret)
-    end
-
-    it { expect(http).to have_received(:request).with(request_build) }
-  end
-
-  describe '#build' do
-    subject(:build) { described_class.build(command, headers, api_secret) }
-
-    let(:headers) { { 'SAMPLE-HEADER' => '1' } }
-    let(:api_secret) { 'secret' }
-
-    context 'when get' do
-      let(:command) { Castle::Commands::Review.build(review_id) }
-      let(:review_id) { SecureRandom.uuid }
-
-      it { expect(build.body).to be_nil }
-      it { expect(build.method).to eql('GET') }
-      it { expect(build.path).to eql("/v1/#{command.path}") }
-      it { expect(build.to_hash).to have_key('authorization') }
-      it { expect(build.to_hash).to have_key('sample-header') }
-      it { expect(build.to_hash['sample-header']).to eql(['1']) }
-    end
-
-    context 'when post' do
-      let(:time) { Time.now.utc.iso8601(3) }
-      let(:command) do
-        Castle::Commands::Track.new({}).build(event: '$login.succeeded', name: "\xC4")
-      end
-      let(:expected_body) do
-        {
-          event: '$login.succeeded',
-          name: '�',
-          context: {},
-          sent_at: time
-        }
-      end
-
-      before { allow(Castle::Utils::Timestamp).to receive(:call).and_return(time) }
-
-      it { expect(build.body).to be_eql(expected_body.to_json) }
-      it { expect(build.method).to eql('POST') }
-      it { expect(build.path).to eql("/v1/#{command.path}") }
-      it { expect(build.to_hash).to have_key('authorization') }
-      it { expect(build.to_hash).to have_key('sample-header') }
-      it { expect(build.to_hash['sample-header']).to eql(['1']) }
-    end
-  end
-end