castle-rb 4.2.0 → 6.0.1

data/spec/lib/castle/configuration_spec.rb

@@ -2,146 +2,17 @@
 
 describe Castle::Configuration do
   subject(:config) do
-    described_class.instance
+    described_class.new
   end
 
-  describe 'host' do
-    context 'with default' do
-      it { expect(config.host).to be_eql('api.castle.io') }
-    end
+  it_behaves_like 'configuration_host'
+  it_behaves_like 'configuration_request_timeout'
+  it_behaves_like 'configuration_allowlisted'
+  it_behaves_like 'configuration_denylisted'
+  it_behaves_like 'configuration_failover_strategy'
+  it_behaves_like 'configuration_api_secret'
 
-    context 'with setter' do
-      before { config.host = 'api.castle.dev' }
-
-      it { expect(config.host).to be_eql('api.castle.dev') }
-    end
-  end
-
-  describe 'post' do
-    context 'with default' do
-      it { expect(config.port).to be_eql(443) }
-    end
-
-    context 'with setter' do
-      before { config.port = 3001 }
-
-      it { expect(config.port).to be_eql(3001) }
-    end
-  end
-
-  describe 'api_secret' do
-    context 'with env' do
-      let(:secret_key_env) { 'secret_key_env' }
-      let(:secret_key) { 'secret_key' }
-
-      before do
-        allow(ENV).to receive(:fetch).with(
-          'CASTLE_API_SECRET', ''
-        ).and_return(secret_key_env)
-        config.reset
-      end
-
-      it do
-        expect(config.api_secret).to be_eql(secret_key_env)
-      end
-
-      context 'when key is overwritten' do
-        before { config.api_secret = secret_key }
-
-        it do
-          expect(config.api_secret).to be_eql(secret_key)
-        end
-      end
-    end
-
-    context 'with setter' do
-      let(:value) { 'new_secret' }
-
-      before do
-        config.api_secret = value
-      end
-
-      it do
-        expect(config.api_secret).to be_eql(value)
-      end
-    end
-
-    it do
-      expect(config.api_secret).to be_eql('secret')
-    end
-  end
-
-  describe 'request_timeout' do
-    it do
-      expect(config.request_timeout).to be_eql(500)
-    end
-
-    context 'with setter' do
-      let(:value) { 50.0 }
-
-      before do
-        config.request_timeout = value
-      end
-
-      it do
-        expect(config.request_timeout).to be_eql(value)
-      end
-    end
-  end
-
-  describe 'whitelisted' do
-    it do
-      expect(config.whitelisted.size).to be_eql(0)
-    end
-
-    context 'with setter' do
-      before do
-        config.whitelisted = ['header']
-      end
-
-      it do
-        expect(config.whitelisted).to be_eql(['Header'])
-      end
-    end
-  end
-
-  describe 'blacklisted' do
-    it do
-      expect(config.blacklisted.size).to be_eql(0)
-    end
-
-    context 'with setter' do
-      before do
-        config.blacklisted = ['header']
-      end
-
-      it do
-        expect(config.blacklisted).to be_eql(['Header'])
-      end
-    end
-  end
-
-  describe 'failover_strategy' do
-    it do
-      expect(config.failover_strategy).to be_eql(:allow)
-    end
-
-    context 'with setter' do
-      before do
-        config.failover_strategy = :deny
-      end
-
-      it do
-        expect(config.failover_strategy).to be_eql(:deny)
-      end
-    end
-
-    context 'when broken' do
-      it do
-        expect do
-          config.failover_strategy = :unicorn
-        end.to raise_error(Castle::ConfigurationError)
-      end
-    end
+  it do
+    expect(config.api_secret).to be_eql('')
   end
 end

data/spec/lib/castle/context/{default_spec.rb → get_default_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Default do
+describe Castle::Context::GetDefault do
   subject { described_class.new(request, nil) }
 
   let(:ip) { '1.2.3.4' }
@@ -31,7 +31,6 @@ describe Castle::Context::Default do
   end
 
   it { expect(default_context[:active]).to be_eql(true) }
-  it { expect(default_context[:origin]).to be_eql('web') }
   it { expect(default_context[:headers]).to be_eql(result_headers) }
   it { expect(default_context[:ip]).to be_eql(ip) }
   it { expect(default_context[:client_id]).to be_eql(client_id) }

data/spec/lib/castle/context/{merger_spec.rb → merge_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Merger do
+describe Castle::Context::Merge do
   let(:first) { { test: { test1: { c: '4' } } } }
 
   describe '#call' do

data/spec/lib/castle/context/prepare_spec.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+describe Castle::Context::Prepare do
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+  let(:ua) { 'Chrome' }
+  let(:env) do
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_USER_AGENT' => ua,
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh"
+    )
+  end
+  let(:request) { Rack::Request.new(env) }
+  let(:context) do
+    {
+      client_id: 'abcd',
+      active: true,
+      user_agent: ua,
+      headers: headers,
+      ip: ip,
+      library: { name: 'castle-rb', version: '6.0.0' }
+    }
+  end
+
+  let(:headers) do
+    {
+      'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true
+    }
+  end
+
+  before do
+    stub_const('Castle::VERSION', '6.0.0')
+  end
+
+  describe '#call' do
+    subject(:generated) { described_class.call(request) }
+
+    context 'when active true' do
+      it { is_expected.to eql(context) }
+    end
+  end
+end

data/spec/lib/castle/context/{sanitizer_spec.rb → sanitize_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Sanitizer do
+describe Castle::Context::Sanitize do
   let(:paylod) { { test: 'test' } }
 
   describe '#call' do

data/spec/lib/castle/core/get_connection_spec.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+describe Castle::Core::GetConnection do
+  describe '.call' do
+    subject(:class_call) { described_class.call }
+
+    context 'when ssl false' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 3002 }
+      let(:api_url) { '/test' }
+
+      before do
+        Castle.config.base_url = 'http://localhost:3002'
+
+        allow(Net::HTTP)
+          .to receive(:new)
+          .with(localhost, port)
+          .and_call_original
+      end
+
+      it do
+        class_call
+
+        expect(Net::HTTP)
+          .to have_received(:new)
+          .with(localhost, port)
+      end
+
+      it do
+        expect(class_call).to be_an_instance_of(Net::HTTP)
+      end
+    end
+
+    context 'when ssl true' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 443 }
+
+      before do
+        Castle.config.base_url = 'https://localhost'
+      end
+
+      context 'with block' do
+        let(:api_url) { '/test' }
+        let(:request) { Net::HTTP::Get.new(api_url) }
+
+        before do
+          allow(Net::HTTP)
+            .to receive(:new)
+            .with(localhost, port)
+            .and_call_original
+        end
+
+        it do
+          expect(class_call).to be_an_instance_of(Net::HTTP)
+        end
+      end
+    end
+  end
+end

data/spec/lib/castle/{api/response_spec.rb → core/process_response_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::API::Response do
+describe Castle::Core::ProcessResponse do
   describe '#call' do
     subject(:call) { described_class.call(response) }
 
@@ -10,6 +10,61 @@ describe Castle::API::Response do
       it { expect(call).to eql(user: 1) }
     end
 
+    describe 'authenticate' do
+      context 'when allow without any additional props' do
+        let(:response) { OpenStruct.new(body: '{"action":"allow","user_id":"12345"}', code: 200) }
+
+        it { expect(call).to eql({ action: 'allow', user_id: '12345' }) }
+      end
+
+      context 'when allow with additional props' do
+        let(:response) do
+          OpenStruct.new(body: '{"action":"allow","user_id":"12345","internal":{}}', code: 200)
+        end
+
+        it { expect(call).to eql({ action: 'allow', user_id: '12345', internal: {} }) }
+      end
+
+      context 'when deny without risk policy' do
+        let(:response) do
+          OpenStruct.new(body: '{"action":"deny","user_id":"1","device_token":"abc"}', code: 200)
+        end
+
+        it { expect(call).to eql({ action: 'deny', user_id: '1', device_token: 'abc' }) }
+      end
+
+      context 'when deny with risk policy' do
+        let(:body) do
+          '{"action":"deny","user_id":"1","device_token":"abc",
+          "risk_policy":{"id":"123","revision_id":"abc","name":"def","type":"bot"}}'
+        end
+        let(:response) do
+          OpenStruct.new(
+            {
+              body: body,
+              code: 200
+            }
+          )
+        end
+
+        let(:result) do
+          {
+            action: 'deny',
+            user_id: '1',
+            device_token: 'abc',
+            risk_policy: {
+              id: '123',
+              revision_id: 'abc',
+              name: 'def',
+              type: 'bot'
+            }
+          }
+        end
+
+        it { expect(call).to eql(result) }
+      end
+    end
+
     context 'when response empty' do
       let(:response) { OpenStruct.new(body: '', code: 200) }
 

data/spec/lib/castle/core/process_webhook_spec.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+describe Castle::Core::ProcessWebhook do
+  describe '#call' do
+    subject(:call) { described_class.call(webhook) }
+
+    let(:webhook_body) do
+      {
+        api_version: 'v1',
+        app_id: '12345',
+        type: '$incident.confirmed',
+        created_at: '2020-12-18T12:55:21.779Z',
+        data: {
+          id: 'test',
+          device_token: 'token',
+          user_id: '',
+          trigger: '$login.succeeded',
+          context: {},
+          location: {},
+          user_agent: {}
+        },
+        user_traits: {},
+        properties: {},
+        policy: {}
+      }.to_json
+    end
+
+    let(:webhook) { OpenStruct.new(body: StringIO.new(webhook_body)) }
+
+    context 'when success' do
+      it { expect(call).to eql(webhook_body) }
+    end
+
+    context 'when webhook empty' do
+      let(:webhook) { OpenStruct.new(body: StringIO.new('')) }
+
+      it { expect { call }.to raise_error(Castle::ApiError, 'Invalid webhook from Castle API') }
+    end
+
+    context 'when webhook nil' do
+      let(:webhook) { OpenStruct.new(body: StringIO.new) }
+
+      it { expect { call }.to raise_error(Castle::ApiError, 'Invalid webhook from Castle API') }
+    end
+  end
+end

data/spec/lib/castle/core/send_request_spec.rb

@@ -0,0 +1,102 @@
+# frozen_string_literal: true
+
+describe Castle::Core::SendRequest do
+  let(:config) { Castle.config }
+
+  describe '#call' do
+    let(:command) { Castle::Commands::Track.build(event: '$login.succeeded') }
+    let(:headers) { {} }
+    let(:request_build) { {} }
+    let(:expected_headers) { { 'Content-Type' => 'application/json' } }
+    let(:http) { instance_double('Net::HTTP') }
+
+    context 'without http arg provided' do
+      subject(:call) { described_class.call(command, headers, nil, config) }
+
+      let(:http) { instance_double('Net::HTTP') }
+      let(:command) { Castle::Commands::Track.build(event: '$login.succeeded') }
+      let(:headers) { {} }
+      let(:request_build) { {} }
+      let(:expected_headers) { { 'Content-Type' => 'application/json' } }
+
+      before do
+        allow(Castle::Core::GetConnection).to receive(:call).and_return(http)
+        allow(http).to receive(:request)
+        allow(described_class).to receive(:build).and_return(request_build)
+        call
+      end
+
+      it do
+        expect(described_class).to have_received(:build).with(
+          command, expected_headers, config
+        )
+      end
+
+      it { expect(http).to have_received(:request).with(request_build) }
+    end
+
+    context 'with http arg provided' do
+      subject(:call) { described_class.call(command, headers, http, config) }
+
+      before do
+        allow(Castle::Core::GetConnection).to receive(:call)
+        allow(http).to receive(:request)
+        allow(described_class).to receive(:build).and_return(request_build)
+        call
+      end
+
+      it { expect(Castle::Core::GetConnection).not_to have_received(:call) }
+
+      it do
+        expect(described_class).to have_received(:build).with(
+          command, expected_headers, config
+        )
+      end
+
+      it { expect(http).to have_received(:request).with(request_build) }
+    end
+  end
+
+  describe '#build' do
+    subject(:build) { described_class.build(command, headers, config) }
+
+    let(:headers) { { 'SAMPLE-HEADER' => '1' } }
+    let(:api_secret) { 'secret' }
+
+    context 'when get' do
+      let(:command) { Castle::Commands::Review.build({ review_id: review_id }) }
+      let(:review_id) { SecureRandom.uuid }
+
+      it { expect(build.body).to be_nil }
+      it { expect(build.method).to eql('GET') }
+      it { expect(build.path).to eql("/v1/#{command.path}") }
+      it { expect(build.to_hash).to have_key('authorization') }
+      it { expect(build.to_hash).to have_key('sample-header') }
+      it { expect(build.to_hash['sample-header']).to eql(['1']) }
+    end
+
+    context 'when post' do
+      let(:time) { Time.now.utc.iso8601(3) }
+      let(:command) do
+        Castle::Commands::Track.build(event: '$login.succeeded', name: "\xC4")
+      end
+      let(:expected_body) do
+        {
+          event: '$login.succeeded',
+          name: '�',
+          context: {},
+          sent_at: time
+        }
+      end
+
+      before { allow(Castle::Utils::GetTimestamp).to receive(:call).and_return(time) }
+
+      it { expect(build.body).to be_eql(expected_body.to_json) }
+      it { expect(build.method).to eql('POST') }
+      it { expect(build.path).to eql("/v1/#{command.path}") }
+      it { expect(build.to_hash).to have_key('authorization') }
+      it { expect(build.to_hash).to have_key('sample-header') }
+      it { expect(build.to_hash['sample-header']).to eql(['1']) }
+    end
+  end
+end