castle-rb 4.2.0 → 6.0.1

data/lib/castle/commands/end_impersonation.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # builder for impersonate command
+    class EndImpersonation
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[user_id])
+          context = Castle::Context::Sanitize.call(options[:context])
+
+          Castle::Validators::Present.call(context, %i[user_agent ip])
+
+          Castle::Command.new(
+            'impersonate',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :delete
+          )
+        end
+  end
+    end
+  end
+end

data/lib/castle/commands/get_device.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the GET devices/#{device_token} request
+    class GetDevice
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[device_token])
+          Castle::Command.new(
+            "devices/#{options[:device_token]}",
+            nil,
+            :get
+          )
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/get_devices_for_user.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the GET users/#{user_id}/devices request
+    class GetDevicesForUser
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[user_id])
+          Castle::Command.new(
+            "users/#{options[:user_id]}/devices",
+            nil,
+            :get
+          )
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/identify.rb

@@ -3,20 +3,19 @@
 module Castle
   module Commands
     class Identify
-      def initialize(context)
-        @context = context
-      end
-
-      def build(options = {})
-        Castle::Validators::NotSupported.call(options, %i[properties])
-        context = Castle::Context::Merger.call(@context, options[:context])
-        context = Castle::Context::Sanitizer.call(context)
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::NotSupported.call(options, %i[properties])
+          context = Castle::Context::Sanitize.call(options[:context])
 
-        Castle::Command.new(
-          'identify',
-          options.merge(context: context, sent_at: Castle::Utils::Timestamp.call),
-          :post
-        )
+          Castle::Command.new(
+            'identify',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
       end
     end
   end

data/lib/castle/commands/report_device.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the PUT devices/#{device_token}/report request
+    class ReportDevice
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[device_token])
+          Castle::Command.new(
+            "devices/#{options[:device_token]}/report",
+            nil,
+            :put
+          )
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/review.rb

@@ -2,11 +2,14 @@
 
 module Castle
   module Commands
+    # Generates the payload for the GET reviews/#{review_id} request
     class Review
       class << self
-        def build(review_id)
-          Castle::Validators::Present.call({ review_id: review_id }, %i[review_id])
-          Castle::Command.new("reviews/#{review_id}", nil, :get)
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[review_id])
+          Castle::Command.new("reviews/#{options[:review_id]}", nil, :get)
         end
       end
     end

data/lib/castle/commands/start_impersonation.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # builder for impersonate command
+    class StartImpersonation
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[user_id])
+          context = Castle::Context::Sanitize.call(options[:context])
+
+          Castle::Validators::Present.call(context, %i[user_agent ip])
+
+          Castle::Command.new(
+            'impersonate',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
+  end
+    end
+  end
+end

data/lib/castle/commands/track.rb

@@ -3,20 +3,19 @@
 module Castle
   module Commands
     class Track
-      def initialize(context)
-        @context = context
-      end
-
-      def build(options = {})
-        Castle::Validators::Present.call(options, %i[event])
-        context = Castle::Context::Merger.call(@context, options[:context])
-        context = Castle::Context::Sanitizer.call(context)
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[event])
+          context = Castle::Context::Sanitize.call(options[:context])
 
-        Castle::Command.new(
-          'track',
-          options.merge(context: context, sent_at: Castle::Utils::Timestamp.call),
-          :post
-        )
+          Castle::Command.new(
+            'track',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
       end
     end
   end

data/lib/castle/configuration.rb

@@ -1,16 +1,13 @@
 # frozen_string_literal: true
 
+require 'uri'
+
 module Castle
   # manages configuration variables
   class Configuration
-    include Singleton
-
-    HOST = 'api.castle.io'
-    PORT = 443
-    URL_PREFIX = '/v1'
-    FAILOVER_STRATEGY = :allow
-    REQUEST_TIMEOUT = 500 # in milliseconds
-    FAILOVER_STRATEGIES = %i[allow deny challenge throw].freeze
+    # API endpoint
+    BASE_URL = 'https://api.castle.io/v1'
+    REQUEST_TIMEOUT = 1000 # in milliseconds
     # regexp of trusted proxies which is always appended to the trusted proxy list
     TRUSTED_PROXIES = [/
       \A127\.0\.0\.1\Z|
@@ -21,9 +18,9 @@ module Castle
       \Aunix:
     /ix].freeze
 
-    # @note this value is not assigned as we don't recommend using a whitelist. If you need to use
+    # @note this value is not assigned as we don't recommend using a allowlist. If you need to use
     #   one, this constant is provided as a good default.
-    DEFAULT_WHITELIST = %w[
+    DEFAULT_ALLOWLIST = %w[
       Accept
       Accept-Charset
       Accept-Datetime
@@ -33,46 +30,59 @@ module Castle
       Connection
       Content-Length
       Content-Type
+      Dnt
       Host
       Origin
       Pragma
       Referer
-      TE
+      Sec-Fetch-Dest
+      Sec-Fetch-Mode
+      Sec-Fetch-Site
+      Sec-Fetch-User
+      Te
       Upgrade-Insecure-Requests
+      User-Agent
       X-Castle-Client-Id
+      X-Requested-With
     ].freeze
 
-    attr_accessor :host, :port, :request_timeout, :url_prefix
-    attr_reader :api_secret, :whitelisted, :blacklisted, :failover_strategy, :ip_headers, :trusted_proxies
+    attr_accessor :request_timeout, :trust_proxy_chain, :logger
+    attr_reader :api_secret, :allowlisted, :denylisted, :failover_strategy, :ip_headers,
+                :trusted_proxies, :trusted_proxy_depth, :base_url
 
     def initialize
-      @formatter = Castle::HeadersFormatter
+      @header_format = Castle::Headers::Format
       @request_timeout = REQUEST_TIMEOUT
       reset
     end
 
     def reset
-      self.failover_strategy = FAILOVER_STRATEGY
-      self.host = HOST
-      self.port = PORT
-      self.url_prefix = URL_PREFIX
-      self.whitelisted = [].freeze
-      self.blacklisted = [].freeze
+      self.failover_strategy = Castle::Failover::Strategy::ALLOW
+      self.base_url = BASE_URL
+      self.allowlisted = [].freeze
+      self.denylisted = [].freeze
       self.api_secret = ENV.fetch('CASTLE_API_SECRET', '')
       self.ip_headers = [].freeze
       self.trusted_proxies = [].freeze
+      self.trust_proxy_chain = false
+      self.trusted_proxy_depth = nil
+      self.logger = nil
+    end
+
+    def base_url=(value)
+      @base_url = URI(value)
     end
 
     def api_secret=(value)
       @api_secret = value.to_s
     end
 
-    def whitelisted=(value)
-      @whitelisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
+    def allowlisted=(value)
+      @allowlisted = (value ? value.map { |header| @header_format.call(header) } : []).freeze
     end
 
-    def blacklisted=(value)
-      @blacklisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
+    def denylisted=(value)
+      @denylisted = (value ? value.map { |header| @header_format.call(header) } : []).freeze
     end
 
     # sets ip headers
@@ -80,23 +90,30 @@ module Castle
     def ip_headers=(value)
       raise Castle::ConfigurationError, 'ip headers must be an Array' unless value.is_a?(Array)
 
-      @ip_headers = value.map { |header| @formatter.call(header) }.freeze
+      @ip_headers = value.map { |header| @header_format.call(header) }.freeze
     end
 
     # sets trusted proxies
-    # @param value [Array<String|Regexp>]
+    # @param value [Array<String,Regexp>]
     def trusted_proxies=(value)
       raise Castle::ConfigurationError, 'trusted proxies must be an Array' unless value.is_a?(Array)
 
       @trusted_proxies = value
     end
 
+    # @param value [String,Number,NilClass]
+    def trusted_proxy_depth=(value)
+      @trusted_proxy_depth = value.to_i
+    end
+
     def valid?
-      !api_secret.to_s.empty? && !host.to_s.empty? && !port.to_s.empty?
+      !api_secret.to_s.empty? && !base_url.host.to_s.empty? && !base_url.port.to_s.empty?
     end
 
     def failover_strategy=(value)
-      @failover_strategy = FAILOVER_STRATEGIES.detect { |strategy| strategy == value.to_sym }
+      @failover_strategy = Castle::Failover::STRATEGIES.detect do |strategy|
+        strategy == value.to_sym
+      end
       raise Castle::ConfigurationError, 'unrecognized failover strategy' if @failover_strategy.nil?
     end
 

data/lib/castle/context/{default.rb → get_default.rb}

@@ -2,9 +2,9 @@
 
 module Castle
   module Context
-    class Default
+    class GetDefault
       def initialize(request, cookies = nil)
-        @pre_headers = HeadersFilter.new(request).call
+        @pre_headers = Castle::Headers::Filter.new(request).call
         @cookies = cookies || request.cookies
         @request = request
       end
@@ -13,7 +13,6 @@ module Castle
         {
           client_id: client_id,
           active: true,
-          origin: 'web',
           headers: headers,
           ip: ip,
           library: {
@@ -40,18 +39,18 @@ module Castle
 
       # @return [String]
       def ip
-        Extractors::IP.new(@pre_headers).call
+        Castle::IPs::Extract.new(@pre_headers).call
       end
 
       # @return [String]
       def client_id
-        Extractors::ClientId.new(@pre_headers, @cookies).call
+        Castle::ClientId::Extract.new(@pre_headers, @cookies).call
       end
 
       # formatted and filtered headers
       # @return [Hash]
       def headers
-        Extractors::Headers.new(@pre_headers).call
+        Castle::Headers::Extract.new(@pre_headers).call
       end
     end
   end

data/lib/castle/context/{merger.rb → merge.rb}

@@ -2,11 +2,11 @@
 
 module Castle
   module Context
-    class Merger
+    class Merge
       class << self
         def call(initial_context, request_context)
-          main_context = Castle::Utils::Cloner.call(initial_context)
-          Castle::Utils::Merger.call(main_context, request_context || {})
+          main_context = Castle::Utils::Clone.call(initial_context)
+          Castle::Utils::Merge.call(main_context, request_context || {})
         end
       end
     end

data/lib/castle/context/prepare.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Castle
+  module Context
+    # prepares the context from the request
+    module Prepare
+      class << self
+        # @param request [Request]
+        # @param options [Hash]
+        # @return [Hash]
+        def call(request, options = {})
+          default_context = Castle::Context::GetDefault.new(request, options[:cookies]).call
+          Castle::Context::Merge.call(default_context, options[:context])
+        end
+      end
+    end
+  end
+end

data/lib/castle/context/{sanitizer.rb → sanitize.rb}

@@ -3,7 +3,7 @@
 module Castle
   module Context
     # removes not proper active flag values
-    class Sanitizer
+    class Sanitize
       class << self
         def call(context)
           sanitized_active_mode(context) || {}

data/lib/castle/core/get_connection.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Castle
+  module Core
+    # this module returns a new configured Net::HTTP object
+    module GetConnection
+      HTTPS_SCHEME = 'https'
+
+      class << self
+        # @param config [Castle::Configuration, Castle::SingletonConfiguration]
+        def call(config = Castle.config)
+          http = Net::HTTP.new(config.base_url.host, config.base_url.port)
+          http.read_timeout = config.request_timeout / 1000.0
+
+          if config.base_url.scheme == HTTPS_SCHEME
+            http.use_ssl = true
+            http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+          end
+
+          http
+        end
+      end
+    end
+  end
+end